Balázs Mátéffy wrote:
Hi guys,
I'm using bruteforceblocker at the moment on my systems, thanks for this
great utility Daniel!
Can you tweak it to be able to get the ips from proftpd or any other log, or
its working out of the box, you just have to set it up in syslog.conf(didn't
see that feature in the doc.)?
Or for these things sshguard is more appropiate?
Check the /usr/local/sbin/bruteforceblocker file and edit the line which
looks like the following:
if (/.*Failed password.*from
($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) port.*/i || ...
You just need to add any regular expression that meets your requirements
and set the syslog up so that the logs are directed to bruteforceblocker
as well.
--
S pozdravom / Best regards
Daniel Gerzo, FreeBSD committer
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[email protected]"
