Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 17 Oct 2017 20:16:37 +0700
From:      "Alex V. Petrov" <alexvpetrov@gmail.com>
To:        Tommy Scheunemann <net@arrishq.net>
Cc:        theis@gmx.at, ports@FreeBSD.org
Subject:   Re: FreeBSD Port: py27-fail2ban-0.10.1
Message-ID:  <8aa48ea4-4740-539f-6bbe-0b95dba59b5c@gmail.com>
In-Reply-To: <nycvar.OFS.7.76.1710171440310.1189@ybpnyubfg.zl.qbznva>
References:  <49fbc280-f598-6734-0bdb-dfd24de4fa56@gmail.com> <nycvar.OFS.7.76.1710171440310.1189@ybpnyubfg.zl.qbznva>
next in thread | previous in thread | raw e-mail | index | archive | help 
In the old version I did so.


17.10.2017 19:47, Tommy Scheunemann пишет:
> Hi,
> 
> a simple setup that does the job for me:
> 
> In /etc/pf.conf (bge0 is my external interface)
> 
> --- SNIP ---
> int_ext="bge0"
> ...
> table <blocked_hosts>
> ...
> block in quick on $int_ext from <badhosts> to any
> ...
> --- SNIP ---
> 
> And in ${PREFIX}/fail2ban/action.d defining a new "pf" action, e.g. pf.conf
> 
> --- SNIP ---
> [Definition]
> actionban = /usr/local/bin/drop_ban <ip>
> actionunban = /usr/local/bin/drop_unban <ip>
> actioncheck =
> actionstart =
> actionstop =
> 
> [Init]
> --- SNIP ---
> 
> And the "drop_ban" and "drop_unban" scripts:
> 
> for ban:
> 
> --- SNIP ---
> #!/bin/sh
> IP=$1
> /sbin/pfctl -t badhosts -T add $IP
> --- SNIP ---
> 
> for unban
> 
> --- SNIP ---
> #!/bin/sh
> IP=$1
> /sbin/pfctl -t badhosts -T del $IP
> --- SNIP ---
> 
> I'm using scripts instead of directly using actionban / actionunban to
> do some additional things like running a tcpdrop, having some better
> logging.
> 
> Once done with all this, you can use "action = pf" in your jail.conf file.
> 
> Apart this I'd highly recommend to put all this into some configuration
> system (Ansible, Puppet, Cfengine etc.).
> Updating the package / port will overwrite your local changes !
> 
> Have fun & good luck
> 
> On Tue, 17 Oct 2017, Alex V. Petrov wrote:
> 
>> Need a working sample for the new version of the port for pf.
>>
>> -----
>> Alex.
>> _______________________________________________
>> freebsd-ports@freebsd.org mailing list
>> https://lists.freebsd.org/mailman/listinfo/freebsd-ports
>> To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org"
>>
> 
> 

-- 
-----
Alex.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8aa48ea4-4740-539f-6bbe-0b95dba59b5c>