From owner-freebsd-stable@FreeBSD.ORG  Thu Dec 21 14:38:30 2006
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: freebsd-stable@freebsd.org
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 3743316A417
	for <freebsd-stable@freebsd.org>; Thu, 21 Dec 2006 14:38:30 +0000 (UTC)
	(envelope-from wmoran@collaborativefusion.com)
Received: from mx00.pub.collaborativefusion.com
	(mx00.pub.collaborativefusion.com [206.210.89.199])
	by mx1.freebsd.org (Postfix) with ESMTP id DDED013C471
	for <freebsd-stable@freebsd.org>; Thu, 21 Dec 2006 14:38:29 +0000 (UTC)
	(envelope-from wmoran@collaborativefusion.com)
Received: from vanquish.pgh.priv.collaborativefusion.com
	(vanquish.pgh.priv.collaborativefusion.com [192.168.2.61])
	(SSL: TLSv1/SSLv3,256bits,AES256-SHA)
	by wingspan with esmtp; Thu, 21 Dec 2006 09:38:29 -0500
	id 00056428.458A9C65.000051A8
Date: Thu, 21 Dec 2006 09:38:28 -0500
From: Bill Moran <wmoran@collaborativefusion.com>
To: "Suhail Choudhury" <suhailc@gmail.com>
Message-Id: <20061221093828.00708f62.wmoran@collaborativefusion.com>
In-Reply-To: <ca7cee960612201250s5056b050w4d48a96d2c52e081@mail.gmail.com>
References: <ca7cee960612201250s5056b050w4d48a96d2c52e081@mail.gmail.com>
Organization: Collaborative Fusion
X-Mailer: Sylpheed version 2.2.10 (GTK+ 2.10.6; i386-portbld-freebsd6.1)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Cc: freebsd-stable@freebsd.org
Subject: Re: Block IP
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Dec 2006 14:38:30 -0000

In response to "Suhail Choudhury" <suhailc@gmail.com>:

> Hi all,
> 
> I'm using IPFW as my firewall.
> 
> What's the easiest way to add an IP such as 80.192.49.213 to block it?

ipfw add deny all from 80.192.49.213 to me

Although you need to take into consideration your existing IPFW rules,
as this will not work if a previous rule allows the connection.

> Also how do I block out IPs after a certain number of invalid login
> attempts to prevent brute forcing?

There are a number of ports that provide this functionality.  I believe
the most popular is called denyhosts.

-- 
Bill Moran
Collaborative Fusion Inc.