Hello,
Why not just use a script that reads auth logs and adds abusive hosts to
pf table using some patterns?
And you then decide what to do with addresses in that table and how long
should they stay in that table.
user~$ pfctl -t bad_ips -T show | wc -l
69079
24.03.2021 21:33, jeanpierre пишет:
Does there exist an OpenBSD analogue for FreeBSD's blacklistd daemon?
For the sake of completeness: blacklistd is a daemon that, using pf
anchors, blocks connections from abusive hosts to parctiular services
(e.g. sshd) until they start behaving themselves again.
I find it very useful for timming down log files.
Regards,
Jean-Pierre
--
С уважением,
Родин Максим
