>> Some of my pfsense boxes get a lot of SSH bruteforces; is there a package >> like fail2ban out there which could automatically blacklist IPs after x bad >> logins? > b) limit the connection-rate to a preferred useful value in the filter-rules
This works reasonably well. Unfortunately, the entire rule gets locked down when the rate is exceeded, so you may lock yourself out too. (It automatically unlocks when the hammering stops and your rate interval expires, and most hammer scripts move on to a new IP when it stops responding, so it's not the end of the world). Request: It would be really nice if pfsense could limit the connection-rate *per IP*. Regards, -Jeppe
