From owner-freebsd-questions@freebsd.org Sat Jun 22 15:50:07 2019 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 36AD915D7210 for ; Sat, 22 Jun 2019 15:50:07 +0000 (UTC) (envelope-from dave.mehler@gmail.com) Received: from mail-wm1-x335.google.com (mail-wm1-x335.google.com [IPv6:2a00:1450:4864:20::335]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4F5C182415 for ; Sat, 22 Jun 2019 15:50:06 +0000 (UTC) (envelope-from dave.mehler@gmail.com) Received: by mail-wm1-x335.google.com with SMTP id h19so11105241wme.0 for ; Sat, 22 Jun 2019 08:50:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=/AFli8RNY1cZ5UVKdaBqYbtHBWpfZeEcwK76/RWcHhs=; b=VrzPJ3pk8LrrPPrgAr6VUdeLwyFMuupwKWHx3edUvSUf3cQAUMcbBsLtUfURS137uR 5MoPp6Hdzga9TnMaVQ/eXgiSES6+ZypYRHYx8kEtNcXbZ53fG9RnwXYZFRP0mAJHd7Lt FI5CcC5SEsSelAPLQD2Ay/MOpHeYfK+/NpcVxp9Ob50wi5MrJhWJynLro+5Q06vfjC1r 5U0SuhrJPpnrp8TstJ77HXCHjQ9SGqBFl5hZ0ZisJvtMq2eEVfohyncO6kA89uX4ZUrJ qwduzOZ8k1EqqQd3U32FapayWE4WW0lqN2KEyeQcKexLOVqmmDwVJAj7XC8JWlahJ5Uy 0MBA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=/AFli8RNY1cZ5UVKdaBqYbtHBWpfZeEcwK76/RWcHhs=; b=dznLsIOgqc130joxGgmE+RVFsshY1fS3koauUqEaR1HL6UU6eYLf6nn6kFH4Cn5xxQ X5x+H5q6lNI4pAJdjcDnOOIFB9z9bCQqCimmEXzM+RWgIeV5ZUC7AzwcBpUH+lstWrGg 9ZcErwjIWBZi5uvgVgXsvk2BYdouGhSva22dzra4rYnTSnhDX5T+gfxmAwPEII3vHJ4J slcFg8r4cRR7F4kEEWqwuwJKHlg3xZg3vccclhz19HOlzqSq/bbu3u5KD3dccSwiLKUE mykpEbYCI+pCnDtkkjuGP1EiY0HWtY2OGGpYOy8Dq46amCIf/zyDJ7VhJu6mjQ5vGRou Ayng== X-Gm-Message-State: APjAAAVkquQokfejo+34fbzC3aeXB8Jc/wRGqWSJRhEOljJ8/KmTHCLW 4wiFpgRgnHAse7omtFRH5gtWpT0skoQnQKpiPlM09lyU X-Google-Smtp-Source: APXvYqyjqUE86mq93LdPZOqxBtSjqbro6UnbkxJmDL0FyxaBYPc9kZc+F4Uwfhxot57F/FDtf+OBb/Bpx/l3qFm/uKs= X-Received: by 2002:a1c:67c2:: with SMTP id b185mr7975861wmc.98.1561218604946; Sat, 22 Jun 2019 08:50:04 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:adf:a314:0:0:0:0:0 with HTTP; Sat, 22 Jun 2019 08:50:04 -0700 (PDT) From: David Mehler Date: Sat, 22 Jun 2019 11:50:04 -0400 Message-ID: Subject: mail server in jail, host pf, and fail2ban To: freebsd-questions Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 4F5C182415 X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=VrzPJ3pk; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of davemehler@gmail.com designates 2a00:1450:4864:20::335 as permitted sender) smtp.mailfrom=davemehler@gmail.com X-Spamd-Result: default: False [-6.86 / 15.00]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; RCVD_COUNT_THREE(0.00)[3]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; NEURAL_HAM_SHORT(-0.96)[-0.959,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; RCVD_TLS_LAST(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[5.3.3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.5.4.1.0.0.a.2.list.dnswl.org : 127.0.5.0]; IP_SCORE(-2.89)[ip: (-9.54), ipnet: 2a00:1450::/32(-2.54), asn: 15169(-2.33), country: US(-0.06)] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Jun 2019 15:50:07 -0000 Hello, I've got a pf/fail2ban/jail/postscreen question. I'm running a mail system in a FreeBSD jail, and on the host system i'm using the pf firewall. What I'm getting are connections to my jail's postscreen port 25, what i'd like to get done is to try to get those ips scanned for on the host and banned by fail2ban and pf. Suggestions welcome. Thanks. Dave.