Fail2ban integrates pretty seamlessly with pf. On Thu, May 4, 2017 at 6:43 PM, Aaron LI <aaronly...@outlook.com> wrote:
> > On Fri, May 05, 2017 at 01:16, Sepherosa Ziehau <sepher...@gmail.com> > wrote: > > > On Thu, May 4, 2017 at 7:44 PM, Aaron LI <aaronly...@outlook.com> wrote: > >> Dear Bill, > >> > >> I'm running into problems with the IPFW3, which seems to cause memory > >> leakages and lead to the "objcache(xxx): Exhausted!" warning, and > >> finally the system became unresponsive and need reset. > >> > >> On the same VPS with IPFW3 disabled, it runs rather smoothly (already a > >> week now since last reset); as for my other machine at home, it had very > >> good uptime (>100 days). > >> > >> Therefore, could you please have a look at my bug report #3032 (detailed > >> as below) when it is convenient for you? Thanks! > >> > >> ---------------------------------------- > >> > >> On the other hand, any other Dflyers ever came across such problems? > > > > Since you are not using NAT etc, could you try ipfw? > > Hi sephe, > > Thanks for the suggestion. I don't use NAT, and I will try out the > IPFW, and will report back. > > One reason for my choice of IPFW3 over IPFW, is that IPFW3 supports > *lookup table* which makes it easier to work well with Fail2ban. > > On the other hand, I'm also planning to try PF, which I think also > supports the lookup table feature (??). > > > Cheers, > -- > Aly > -- Sincerely, Zachary Crownover