On 10/10/2013 09:01 AM, Aristedes Maniatis wrote: > We get a lot of attempts to guess weak ftp passwords on our servers. A tool > which we've used before (and is really nice) is fail2ban. In response to a > certain type or number of failed attempts, it can run a script (for example, > to load a firewall rule blocking that user). > > However, we'd ideally like to add those rules at the firewall rather than the > individual ftp servers. Has anyone attempted something similar. Ideally, an > API in pfSense which allowed us to send through ip addresses to add to a > list. They would be added to a deny table and purged after some period of > time. > > Does this sound useful? Has anyone managed a similar problem? > > Ari hi ari
this quite easy to achive -- ip address that are caught by fail2ban can be used by pfBlocker -- install the pfBlocker package on pfSense, and then do a bit of scripting to get the banned ip addresses uploaded via http to pfBlocker. cheers m _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
