Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 26 Apr 2010 10:09:07 -0700
From:      "Bauer, Aaron J." <AARON.J.BAUER@saic.com>
To:        <utisoft@gmail.com>
Cc:        "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org>
Subject:   RE: Setup Fail2Ban on FreeBSD
Message-ID:  <6D7CCDF5-E96F-4CEA-A08C-8E916DDC81F8@mimectl>
In-Reply-To: <p2qb79ecaef1004241132iae4e545fz7a13355252644957@mail.gmail.com>
References:  <FFD86018-E200-4471-B65D-A4CDC0505BE4@mimectl>, <p2qb79ecaef1004241132iae4e545fz7a13355252644957@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
I only have one problem with this.  Ports is disabled in FreeNAS, and so I =
performed the install through pkg_add.  When I run the /usr/local/etc/rc.d/=
fail2ban start, I get "command not found"

Aaron=20
Software Research Intern=20
Aaron.J.Bauer@SAIC.com




From: Chris Rees
Sent: Sat 4/24/2010 11:32 AM
To: Bauer, Aaron J.
Cc: freebsd-questions@freebsd.org
Subject: Re: Setup Fail2Ban on FreeBSD


On 23 April 2010 18:49, Bauer, Aaron J. <AARON.J.BAUER@saic.com> wrote:
> I am currently using FreeNAS 0.7 for a file server.  I have multiple SSH =
bruteforce attacks each week, and wish to use fail2ban to prevent this.
>
> I don't have much experience with BSD, and am having trouble getting ever=
ything to work.  I ran pkg_add -r python25 and pkg_add -r py25-fail2ban.  I=
 now have all the files for Fail2Ban, and did the cp jail.conf jail.local a=
s the other distro's for linux use.
>
> However, how do I start using fail2ban?  I have configured it for CentOS =
and Ubuntu, and it starts in init.d.  I don't know how to add it to /etc/rc=
.d to get it to work correctly..
>
> Any help is greatly appreciated.  If you need more info, please let me kn=
ow.
>
> Aaron
> Software Research Intern
> Aaron.J.Bauer@SAIC.com


What everyone else has missed out is that ports install their rc files
into /usr/local/etc/rc.d, rather than /etc which is reserved for the
base system. Fail2ban already installs an rc.d script, so you don't
need to do anything.

So, /etc/rc.conf can be used, and add

fail2ban_enable=3D"YES"

Then from the prompt run:

# /usr/local/etc/rc.d/fail2ban start

Chris

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6D7CCDF5-E96F-4CEA-A08C-8E916DDC81F8>