2009/7/21 Jeppe Øland <[email protected]>: >>> Some of my pfsense boxes get a lot of SSH bruteforces; is there a package >>> like fail2ban out there which could automatically blacklist IPs after x >>> bad >>> logins? >> b) limit the connection-rate to a preferred useful value in the >> filter-rules > > This works reasonably well. > Unfortunately, the entire rule gets locked down when the rate is exceeded, > so you may lock yourself out too. (It automatically unlocks when the > hammering stops and your rate interval expires, and most hammer scripts move > on to a new IP when it stops responding, so it's not the end of the world). > Request: It would be really nice if pfsense could limit the connection-rate > *per IP*. > Regards, > -Jeppe
IIRC it is possible to set this per source-IP ;-) -- = = = m i c h a e l - s c h u h . n e t = = = Projektmanagement - IT-Consulting - Professional Services IT Michael Schuh Postfach 10 21 52 66021 Saarbrücken phone: 0681/8319664 mobil: 0175/5616453 @: m i c h a e l . s c h u h @ g m a i l . c o m = = = Ust-ID: DE251072318 = = = --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
