Hi Alex, On 10/17/2017 10:35 AM, Alex V. Petrov wrote: > What should be in pf.conf? >
Something as simple has the below should work (edit to however you see fit): # define macros for each network interface ext_if = "em0" icmp_types = "echoreq" allproto = "{ tcp, udp, ipv6, icmp, esp, ipencap }" privnets = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 }" set loginterface $ext_if scrub in on $ext_if no-df random-id > > 17.10.2017 23:15, Janky Jay, III пишет: >> In the new 0.10 version, the action rule creates the tables for you >> based on the jail configuration. If you look at the jail files, you'll >> see that you now call pfctl using additional arguments such as ports >> that are affected and a suffix to add to the default "f2b-" table name. >> >> So, essentially, there is no reason to create tables in the >> pf.conf/pf.rules file anymore. They are automatically created when a >> fail2ban filter is triggered and the IP is then added to it. >
signature.asc
Description: OpenPGP digital signature