Date: Mon, 6 Nov 2017 11:35:40 +0000 From: Carmel NY <carmel_ny@outlook.com> To: FreeBSD <freebsd-questions@freebsd.org> Subject: Re: How to setup IPFW working with blacklistd Message-ID: <BN6PR2001MB1730ECF2B323549698C4566180500@BN6PR2001MB1730.namprd20.prod.outlook.com> In-Reply-To: <CAKV%2BxLBoxGRXHQZa7kcgnFcw9Q9%2Bf2j9G4LF4ZCb8mwgqGLi=g@mail.gmail.com> References: <CAKV%2BxLBoxGRXHQZa7kcgnFcw9Q9%2Bf2j9G4LF4ZCb8mwgqGLi=g@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 6 Nov 2017 09:38:40 +0100, Cos Chan stated: >I would run IPFW with blacklistd, my FreeBSD is 11.1-RELEASE-p1. > >my blacklistd is working fine to get sshd failed login attempts. >The out put: > >$ sudo blacklistctl dump -b > address/ma:port id nfail last access > 1.1.1.1/32:22 3/-1 2017/11/05 01:05:34 > 2.2.2.2/32:22 3/-1 2017/11/05 13:22:53 > >but I can't find information how to use the blacklistd database in IPFW >from IPFW manpage > >would anybody explain that to me? I have no personal knowledge of "blacklistd"; however, it seems that there should be a way of using "blacklistctl dump" in conjunction with "sed" or perhaps "awk" to create a list that could then be fed to "ipfw". If you could send me the output of a "blacklistctl dump -bn", I could take = a look at it for you. --=20 Carmel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BN6PR2001MB1730ECF2B323549698C4566180500>