Je 2017-10-29 02:20, x9p skribis:
Hi,
Coming from the Linux world, I wonder if there is a better alternative
to fail2ban, already being used in OpenBSD servers by the majority.
cheers.
x9p
Hello,
jca imported sshlockout from dragonflybsd. It's in security/sshlockout.
It's dead simple, here is an extract of the man page :
# in /etc/pf.conf
table <lockout> persist { }
# and later in /etc/pf.conf - see below
block in quick on $ext_if proto tcp from <lockout> to any port 22
# in /etc/syslog.conf
auth.info;authpriv.info |exec /usr/sbin/sshlockout -pf lockout
# in root's crontab
3 3 * * * pfctl -tlockout -T expire 86400