| commit | author | age | ||
| 10195c | 1 | vilain |
| T | 2 | ====== |
| 3 | ||
| 77f371 | 4 | Mimic fail2ban with pf for OpenBSD. |
| T | 5 | |
| 6 | Inspired from http://www.vincentdelft.be/post/post_20161106 | |
| 10195c | 7 | |
| T | 8 | Installation : |
| 9 | --------------- | |
| 10 | ||
| 11 | Download the repository, then run | |
| 12 | ||
| 13 | make install | |
| 14 | ||
| 15 | This will put `vilain` script in /usr/local/bin, `vilain.py` in | |
| 16 | /usr/local/sbin and add a rc script. | |
| 17 | ||
| 18 | Install python-3.* | |
| 19 | ||
| 20 | pkg_add python-3.6.2 | |
| 21 | ||
| 77f371 | 22 | |
| 3a37e6 | 23 | In pf.conf, add according to your configuration : |
| 77f371 | 24 | |
| T | 25 | table <vilain_bruteforce> persist |
| 26 | block quick from <vilain_bruteforce> | |
| 27 | ||
| 28 | You might want to add a cron task to remove old banned IP. As example, to ban for one day max : | |
| 29 | ||
| 30 | pfctl -t vilain_bruteforce -T expire 86400 | |
| 31 | ||
| 32 | To see banned IP : | |
| 33 | ||
| 34 | pfctl -t vilain_bruteforce -T show | |
| 35 | ||
| 10195c | 36 | |
| T | 37 | Run vilain |
| 38 | --------------- | |
| 39 | ||
| 40 | Run vilain manually or via rc script : | |
| 41 | ||
| 42 | rcctl enable vilain | |
| 43 | rcctl start vilain | |
