From owner-freebsd-questions@FreeBSD.ORG  Fri Jul  1 14:15:18 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0749216A41C
	for <freebsd-questions@freebsd.org>;
	Fri,  1 Jul 2005 14:15:18 +0000 (GMT)
	(envelope-from john@day-light.com)
Received: from joseph.day-light.net (gabriel.day-light.net [209.145.160.141])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C88A743D4C
	for <freebsd-questions@freebsd.org>;
	Fri,  1 Jul 2005 14:15:17 +0000 (GMT)
	(envelope-from john@day-light.com)
Received: from w1 (unknown [10.1.5.36])
	by joseph.day-light.net (Postfix) with SMTP
	id 584114F40B; Fri,  1 Jul 2005 09:15:17 -0500 (CDT)
From: "John Brooks" <john@day-light.com>
To: "Hornet" <hornetmadness@gmail.com>,
	"John Cholewa" <freebsd-questions@jc-news.com>
Date: Fri, 1 Jul 2005 09:15:24 -0500
Message-ID: <NHBBKEEMKJDINKDJBJHGCEDCJJAD.john@day-light.com>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0)
In-Reply-To: <f42935a6050701071012cbba8a@mail.gmail.com>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
Importance: Normal
Cc: freebsd-questions@freebsd.org
Subject: RE: autoblocking many ssh failed logins from the same IP....
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: john@day-light.com
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Jul 2005 14:15:18 -0000

he is using 4.8, unless things have changed, pf is not available
on 4.x

PS:  Oh, yeah ... "FreeBSD 4.8-RELEASE #0: Thu Apr  3 10:53:38 GMT 2003" ;
openssh-3.6.1_5 ; openssl-0.9.7d_1


--
John Brooks
john@day-light.com

> -----Original Message-----
> From: owner-freebsd-questions@freebsd.org
> [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Hornet
> Sent: Friday, July 01, 2005 9:10 AM
> To: John Cholewa
> Cc: freebsd-questions@freebsd.org
> Subject: Re: autoblocking many ssh failed logins from the same IP....
>
>
> Below (and atached) is a script I wrote do exactly what you are
> talking about.
> It's commented, so edit to your taste. I have been using to for
> about 4 months.
>
> Since I am using PF as my firewall, it is customized for that. If you
> are using something other then PF, again... edit to your taste.
>
> -Erik-
>
>>>>>snip<<<<<<