[asterisk-users] [OT] fail2ban and pf
Hi, Since f2b is one of the topics du jour here, I was wondering if someone would mind telling me what these pf stats mean: Evaluations: 964303 Packets: 12176 Bytes: 648408 States: 0 Looks like pf examined nearly a million cases from fail2ban in 24h? thanks, /r -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] [OT] fail2ban and pf
On Wed, Jul 28, 2010 at 6:38 AM, Randy R randulo2...@gmail.com wrote: Hi, Since f2b is one of the topics du jour here, I was wondering if someone would mind telling me what these pf stats mean: Evaluations: 964303 Packets: 12176 Bytes: 648408 States: 0 Looks like pf examined nearly a million cases from fail2ban in 24h? thanks, /r -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users 80 or so blocked hosts? 964303/12176=~79.19 evaluations being more than packets looks like its going through multiple rules to think about packets. White listing your itsp and other traffic you know you like; before the list of banned computers might reduce that a bit. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] [OT] fail2ban and pf
On Wed, Jul 28, 2010 at 9:03 AM, Kyle Kienapfel doctor.w...@gmail.com wrote: On Wed, Jul 28, 2010 at 6:38 AM, Randy R randulo2...@gmail.com wrote: Hi, Since f2b is one of the topics du jour here, I was wondering if someone would mind telling me what these pf stats mean: Evaluations: 964303 Packets: 12176 Bytes: 648408 States: 0 80 or so blocked hosts? 964303/12176=~79.19 evaluations being more than packets looks like its going through multiple rules to think about packets. White listing your itsp and other traffic you know you like; before the list of banned computers might reduce that a bit. 80-100 certainly sound about right. While the essentials (MTA, important users, me...) are listed you're right, I should whitelist blocks and frequent accessors I know to be ok. There is a known good list already. Thanks! /r -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
