RE: Setup Fail2Ban on FreeBSD
I only have one problem with this. Ports is disabled in FreeNAS, and so I performed the install through pkg_add. When I run the /usr/local/etc/rc.d/fail2ban start, I get "command not found" Aaron Software Research Intern aaron.j.ba...@saic.com From: Chris Rees Sent: Sat 4/24/2010 11:32 AM To: Bauer, Aaron J. Cc: freebsd-questions@freebsd.org Subject: Re: Setup Fail2Ban on FreeBSD On 23 April 2010 18:49, Bauer, Aaron J. wrote: > I am currently using FreeNAS 0.7 for a file server. I have multiple SSH > bruteforce attacks each week, and wish to use fail2ban to prevent this. > > I don't have much experience with BSD, and am having trouble getting > everything to work. I ran pkg_add -r python25 and pkg_add -r py25-fail2ban. > I now have all the files for Fail2Ban, and did the cp jail.conf jail.local as > the other distro's for linux use. > > However, how do I start using fail2ban? I have configured it for CentOS and > Ubuntu, and it starts in init.d. I don't know how to add it to /etc/rc.d to > get it to work correctly.. > > Any help is greatly appreciated. If you need more info, please let me know. > > Aaron > Software Research Intern > aaron.j.ba...@saic.com What everyone else has missed out is that ports install their rc files into /usr/local/etc/rc.d, rather than /etc which is reserved for the base system. Fail2ban already installs an rc.d script, so you don't need to do anything. So, /etc/rc.conf can be used, and add fail2ban_enable="YES" Then from the prompt run: # /usr/local/etc/rc.d/fail2ban start Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Setup Fail2Ban on FreeBSD
On 23 April 2010 18:49, Bauer, Aaron J. wrote: > I am currently using FreeNAS 0.7 for a file server. I have multiple SSH > bruteforce attacks each week, and wish to use fail2ban to prevent this. > > I don't have much experience with BSD, and am having trouble getting > everything to work. I ran pkg_add -r python25 and pkg_add -r py25-fail2ban. > I now have all the files for Fail2Ban, and did the cp jail.conf jail.local as > the other distro's for linux use. > > However, how do I start using fail2ban? I have configured it for CentOS and > Ubuntu, and it starts in init.d. I don't know how to add it to /etc/rc.d to > get it to work correctly.. > > Any help is greatly appreciated. If you need more info, please let me know. > > Aaron > Software Research Intern > aaron.j.ba...@saic.com What everyone else has missed out is that ports install their rc files into /usr/local/etc/rc.d, rather than /etc which is reserved for the base system. Fail2ban already installs an rc.d script, so you don't need to do anything. So, /etc/rc.conf can be used, and add fail2ban_enable="YES" Then from the prompt run: # /usr/local/etc/rc.d/fail2ban start Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Setup Fail2Ban on FreeBSD
On 4/23/2010 8:03 PM, Zhu Jing wrote: > On Sat, Apr 24, 2010 at 1:49 AM, Bauer, Aaron J. > wrote: > >> I am currently using FreeNAS 0.7 for a file server. I have multiple SSH >> bruteforce attacks each week, and wish to use fail2ban to prevent this. >> >> I don't have much experience with BSD, and am having trouble getting >> everything to work. I ran pkg_add -r python25 and pkg_add -r py25-fail2ban. >> I now have all the files for Fail2Ban, and did the cp jail.conf jail.local >> as the other distro's for linux use. >> >> However, how do I start using fail2ban? I have configured it for CentOS >> and Ubuntu, and it starts in init.d. I don't know how to add it to >> /etc/rc.d to get it to work correctly.. >> >> Any help is greatly appreciated. If you need more info, please let me >> know. >> >> Aaron >> Software Research Intern >> aaron.j.ba...@saic.com I came up with another approach to this problem that involves dynamic control of TCP Wrappers. It's freely available at: http://www.tundraware.com/Software/tperimeter/ Tim Daneliuk tun...@tundraware.com PGP Key: http://www.tundraware.com/PGP/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Setup Fail2Ban on FreeBSD
On Sat, Apr 24, 2010 at 1:49 AM, Bauer, Aaron J. wrote: > I am currently using FreeNAS 0.7 for a file server. I have multiple SSH > bruteforce attacks each week, and wish to use fail2ban to prevent this. > > I don't have much experience with BSD, and am having trouble getting > everything to work. I ran pkg_add -r python25 and pkg_add -r py25-fail2ban. > I now have all the files for Fail2Ban, and did the cp jail.conf jail.local > as the other distro's for linux use. > > However, how do I start using fail2ban? I have configured it for CentOS > and Ubuntu, and it starts in init.d. I don't know how to add it to > /etc/rc.d to get it to work correctly.. > > Any help is greatly appreciated. If you need more info, please let me > know. > > Aaron > Software Research Intern > aaron.j.ba...@saic.com > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscr...@freebsd.org" > http://www.freebsd.org/doc/en/books/handbook/configtuning-rcd.html --- t is easy to check if a service is enabled in /etc/rc.conf by running the appropriate rc.d script with the option rcvar. Thus, an administrator can check that sshd is in fact enabled in /etc/rc.conf by running: # /etc/rc.d/sshd rcvar # sshd $sshd_enable=YES ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Setup Fail2Ban on FreeBSD
On Fri, Apr 23, 2010 at 12:49 PM, Bauer, Aaron J. wrote: > I am currently using FreeNAS 0.7 for a file server. I have multiple SSH > bruteforce attacks each week, and wish to use fail2ban to prevent this. > > I don't have much experience with BSD, and am having trouble getting > everything to work. I ran pkg_add -r python25 and pkg_add -r py25-fail2ban. > I now have all the files for Fail2Ban, and did the cp jail.conf jail.local as > the other distro's for linux use. > > However, how do I start using fail2ban? I have configured it for CentOS and > Ubuntu, and it starts in init.d. I don't know how to add it to /etc/rc.d to > get it to work correctly.. > add the line: fail2ban_enable="YES" to /etc/rc.conf ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Setup Fail2Ban on FreeBSD
I am currently using FreeNAS 0.7 for a file server. I have multiple SSH bruteforce attacks each week, and wish to use fail2ban to prevent this. I don't have much experience with BSD, and am having trouble getting everything to work. I ran pkg_add -r python25 and pkg_add -r py25-fail2ban. I now have all the files for Fail2Ban, and did the cp jail.conf jail.local as the other distro's for linux use. However, how do I start using fail2ban? I have configured it for CentOS and Ubuntu, and it starts in init.d. I don't know how to add it to /etc/rc.d to get it to work correctly.. Any help is greatly appreciated. If you need more info, please let me know. Aaron Software Research Intern aaron.j.ba...@saic.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"