On 10 October 2013 16:08, Yehuda Katz <[email protected]> wrote: > We use Fail2Ban with pfSense with a custom php script (on the firewall) > that adds the appropriate firewall rules. > We have fail2ban set up with multiple levels - so the action to ban in > pfSense only happens after several attempts at other services on one > machine. That way we can assume the ban should be permanent. > > Talk about a real API has come up before, but last time I looked into it, > the current authentication system would make it very difficult. >
Hello, I've talked to the development team about this in the past, and what I was told back then was this: with 1.3, you could achieve an API like behavior with using curl or similar tools, but this would be close to impossible with the new authentication system introduced in 2.0. I understood that they wanted to implement an API at some time, so that external tools could communicate directly with pfSense, but that this wasn't high on the list of priorities. Since then, I've heard no talks about this so I don't know if this wish still exists among the developers or not, or even on a list. But I know this, several pfSense would welcome such a feature addition with *OPEN* arms and big smiles on their lips. -- Yours sincerely Jostein Elvaker Haande "A free society is a place where it is safe to be unpopular" - Adlai Stevenson http://tolecnal.net -- tolecnal at tolecnal dot net
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
