Re: fail2ban for NetBSD-based routers & networks

To: "Erik E. Fair" <fair%NetBSD.org@localhost>
Subject: Re: fail2ban for NetBSD-based routers & networks
From: Adrian Steinmann <ast%NetBSD.org@localhost>
Date: Tue, 12 Feb 2013 08:00:50 +0100

You could see if http://www.webgroup.ch/ipfw_ban/ might be
configured/extended for your case. It monitors arbitrary log files
and does the selective blocking on IPs gleaned from them for a
configurable period.

Alas, it is ipfw-based and IPFW_BAN::housekeeping() would need to
be broken out to support an arbitrary user action, like in your
case notifying the router. This could be easily done by letting the
user pass a code reference for the actual block/unblock actions.

If you are so inclined, we can generalize the above and then I'll
put it into pkgsrc/wip - I had written it a while back because
fail2ban was just too unwieldy for my purposes (NIH).

Ast

References:
- fail2ban for NetBSD-based routers & networks
  - From: Erik Fair
- Re: fail2ban for NetBSD-based routers & networks
  - From: Erik E. Fair

Prev by Date: Re: fail2ban for NetBSD-based routers & networks
Next by Date: Re: fail2ban for NetBSD-based routers & networks
Previous by Thread: Re: fail2ban for NetBSD-based routers & networks
Next by Thread: Re: fail2ban for NetBSD-based routers & networks
Indexes:

Home | Main Index | Thread Index | Old Index