Hello,
Why not just use a script that reads auth logs and adds abusive hosts to
pf table using some patterns?
And you then decide what to do with addresses in that table and how long
should they stay in that table.
user~$ pfctl -t bad_ips -T show | wc -l
69079
24.03.2021 21:33, jeanpierre п
You could try this: https://github.com/mpfr/pftbld
It uses pf tables instead of anchors to achieve the same goal.
Handling sshd abusers may be accomplished by first using pf source-tracking
to catch them. For example:
-
table persist
block in quick from
pass in on egress proto tcp to egres
How about a distributed setup?
Has anyone thought of a way getting IPs from various servers (say linux
& fail2ban) to the central OpenBSD (pf) firewall?
Ideally with history in order to punish more the frequent abusers.
I had plans on looking to bgp to distribute the IPs around but maybe
the
On Thu, 25 Mar 2021 19:00:52 +0200, Kapetanakis Giannis
wrote:
> How about a distributed setup?
>
> Has anyone thought of a way getting IPs from various servers (say
> linux & fail2ban) to the central OpenBSD (pf) firewall?
>
> Ideally with history in order to punish more the frequent abusers.
Hello,
I just installed an amd64 snapshot and spotted 2 odd things. I see there is
a mail for root, but when i run mail command i get the text No mail for
root.
The other is I login in xenodm to use cwm for the fisrt time after install
and the xenodm is restarted. Second login and future logins ar
On 3/25/21 7:00 PM, Kapetanakis Giannis wrote:
[snip]> I had plans on looking to bgp to distribute the IPs around but maybe
> there is already a better way doing this.
[snip]
I read this one a while back:
"Using OpenBGPD to distribute pf table updates to your servers"
https://www.echothrust.com/b
On 2021-03-23, Ethin Probst wrote:
> Apologies if this is unnecessary sending of this, but I sent this to
> the tech OpenBSD mailing list (which might've not been the right list)
> so I'm re-sending it to this one just in case. (It might've gotten
> lost too.) The original email is below:
It did
On 2021-03-25, Kapetanakis Giannis wrote:
> How about a distributed setup?
Not on OpenBSD yet but there is "crowdsec"
If the tmux server uses the TMux protocol as described in RFC 1692, it
(theoretically) shouldn't be too difficult to build a screen driver
that can interact with it. The pty module uses the pyte terminal
emulator library, so we might even be able to subclass the `Screen`
class it exposes to make it
> If the tmux server uses the TMux protocol as described in RFC 1692, it
Uhm no, that is quite a big misunderstanding.
For the installer, honestly I think the only sane way is to drive it
from another OS with an existing screen reader via serial console.
If Fenrir uses a terminal emulator library itself then it maybe possible
to get it to work with tmux, at least in a single window. It has a
"pipe-pane" command th
Ah, I understand. I can't seem to find the protocol that Tmux uses.
The pipe-pain command might work, though.
On 3/25/21, Stuart Henderson wrote:
> For the installer, honestly I think the only sane way is to drive it
> from another OS with an existing screen reader via serial console.
>
> If Fenr
hi
you can do this with ossec.net
holger
Am 25.03.21 um 18:00 schrieb Kapetanakis Giannis:
How about a distributed setup?
Has anyone thought of a way getting IPs from various servers (say
linux & fail2ban) to the central OpenBSD (pf) firewall?
Ideally with history in order to punish mor
13 matches
Mail list logo
