On 26 Aug 2020, at 14:48, Phil Stracchino <ph...@caerllewys.net> wrote: > On 2020-08-26 16:03, Viktor Dukhovni wrote: >> On Wed, Aug 26, 2020 at 09:59:34PM +0200, Jaroslaw Rafa wrote: >> >>> Dnia 27.08.2020 o godz. 07:53:05 Peter pisze: >>> >>> Or just use fail2ban. >> >> Yes, but the whole point is that fail2ban is rather a hack, and NetBSD >> actually has a decent framework for integrating application events >> directly with the system firewall. > > Not to mention that it has one of the more opaque and unclearly > documented configuration schemes I've ever seen ...
Hmm. I don’t find it particularly difficult to configure. > This is why I keep thinking about writing my own single-purpose tool > that does NOTHING BUT monitor mail.log for abusive IPs and remotely tell > the firewall to banhammer them. Both fail2ban and SSHGuard can pretty easily be configured to do this. (I currently use sshgiard, but I have also used fail2ban) -- If life were to suddenly get fair, I doubt it would happen in high school.