On 2018-05-21 18:22, Mayuresh wrote: > I wish to set up a utility that would monitor logs of various services for > a server on the internet and block nasty IPs. > > How do above options compare and which one is more common on NetBSD?
I recommend you watch "Blacklistd by Christos Zoulas" on YouTube: https://www.youtube.com/watch?v=fuuf8G28mjs It's (unsurprisingly) biased towards blacklistd, but - I would argue - not without merit. > So far, I tried using fail2ban and my impressions are: 1. Just too many > dependencies, took long time to build. 2. Using default configuration it > did not appear to do anything precious after watching it for some time > when there were many auth failures seen in authlog. When I set up blacklistd the first time I remember being slightly annoyed by some detail with regards to how the configurations work, but since I forgot what it was it can't have been that important. -- Kind Regards, Jan Danielsson
