From owner-freebsd-questions@freebsd.org Mon Feb 10 07:03:57 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 24FFF2305A9 for ; Mon, 10 Feb 2020 07:03:57 +0000 (UTC) (envelope-from hamdi20193d@gmail.com) Received: from mail-vs1-xe31.google.com (mail-vs1-xe31.google.com [IPv6:2607:f8b0:4864:20::e31]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48GH240cq5z452r for ; Mon, 10 Feb 2020 07:03:55 +0000 (UTC) (envelope-from hamdi20193d@gmail.com) Received: by mail-vs1-xe31.google.com with SMTP id x18so3444195vsq.4 for ; Sun, 09 Feb 2020 23:03:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=iM/fid5ll6tS41+dkbiGugzLxltmDvZrrWlv9yXd45c=; b=k+90uKYmvZrdpW2CkehBYFGtbmJokAvM4b32TMTg6n+s/E5D9Rbt18+KlXde2Eh0s6 MytcTx8uzrVk+vmshPenAp0qP+MjbUQx1+9H2UD5JV6NXjrZYeZ3zkBxxVV4By+1n/10 FyBsl/AWTgJkR/sBFo4sCsLozlZzWX3IFAbGVYss8eT56m1M7nC/5tIOrXUW6zI8tJw1 yJt81EdxWblHBc79BcCeqb8O/2UmNUk3IeSiKHtoiFcCX/Ye58VmNLFHnYNeg2c1hplz s5eASr7vDAeja9NOQGQn0x6wPqrs/sN/QgSS/XJd+TLF+hmhkRL6CS7iCQKRlCG9QopT 2ozw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=iM/fid5ll6tS41+dkbiGugzLxltmDvZrrWlv9yXd45c=; b=ZsGuDQSBu7VkOC0tTYVXMkcHuimOJ2/bH0hNzzdJx9EOGdFCZG4/uHHm1FJu1IyKvD 2qnp6l1smJbRlL3tQKjImrGZBzTJUJXacKG/LrvMR4RVCurCFb0WSgAZxUPPAR/RU12I WRssf5DYg9uW1UoS8LvyqnZQp3Qqy09IOOYygAT0Bim1XsrqPeTyMFrCUn0t/ZpB3+iN RggMZBGk/thYKUfQQ8vbtxiQcpgqye53jTTWpb9lTd1E4B6oUDf+ZZcNaKwwsVmBO3qS OmyRGux+5WasVGWSSpUkLVl7OTID3l57im5Nsu4HBroYr+KI1jSpjV2e82e8MpDAoFZI /xeA== X-Gm-Message-State: APjAAAWAkPW4Ra771hNJ4viFbwrCwpEX7AJpBjujSHbh1NG0NqSfQU1p aeAnjnCESJuWPrjUFeYXx8q3YyhlKbKG86jWIQ+ilzGR X-Google-Smtp-Source: APXvYqyAmpYjU5eXUC7VhEfZp3N6bx5NR7TACh9to7XpdR+kh1zMV44UztyHN9ukG9XmQvS/C15nyz+eQcJ2q09NxpU= X-Received: by 2002:a05:6102:485:: with SMTP id n5mr5545768vsa.149.1581318234785; Sun, 09 Feb 2020 23:03:54 -0800 (PST) MIME-Version: 1.0 From: Andreas X Date: Mon, 10 Feb 2020 10:03:44 +0300 Message-ID: Subject: Quickly ban an IP IPFW? To: freebsd-questions@freebsd.org X-Rspamd-Queue-Id: 48GH240cq5z452r X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=k+90uKYm; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of hamdi20193d@gmail.com designates 2607:f8b0:4864:20::e31 as permitted sender) smtp.mailfrom=hamdi20193d@gmail.com X-Spamd-Result: default: False [-2.00 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_DN_NONE(0.00)[]; IP_SCORE_FREEMAIL(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; SUBJECT_ENDS_QUESTION(1.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[1.3.e.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; IP_SCORE(0.00)[ip: (-9.65), ipnet: 2607:f8b0::/32(-1.97), asn: 15169(-1.73), country: US(-0.05)]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Feb 2020 07:03:57 -0000 I have IPFW enabled like follows: firewall_enable="YES" firewall_quiet="YES" firewall_type="workstation" firewall_logdeny="NO" firewall_allowservices="any" firewall_myservices="53/tcp 53/udp 10025/tcp 10024/tcp 25/tcp 993/tcp 995/tcp 465/tcp 587/tcp 5665/tcp 80/tcp 443/tcp 2053/tcp 3306/tcp" (No rules file, the ones above suits my needs perfectly) How to quickly (and permanently) ban an IP using IPFW without having any log? There's an IP address scanning almost all my services 24/7, would like to permanently ban. Thanks.