| commit | author | age | ||
| 77f371 | 1 | # vilain |
| T | 2 | Mimic fail2ban with pf for OpenBSD. |
| 3 | ||
| 4 | Inspired from http://www.vincentdelft.be/post/post_20161106 | |
| 5 | ||
| 3a37e6 | 6 | In pf.conf, add according to your configuration : |
| 77f371 | 7 | |
| T | 8 | table <vilain_bruteforce> persist |
| 9 | block quick from <vilain_bruteforce> | |
| 10 | ||
| 11 | You might want to add a cron task to remove old banned IP. As example, to ban for one day max : | |
| 12 | ||
| 13 | pfctl -t vilain_bruteforce -T expire 86400 | |
| 14 | ||
| 15 | To see banned IP : | |
| 16 | ||
| 17 | pfctl -t vilain_bruteforce -T show | |
| 18 | ||
| 19 | ||
| 3a37e6 | 20 | To start vilain at boot, add this in ``/etc/rc.local`` |
| 77f371 | 21 | |
| 3a37e6 | 22 | ``` |
| T | 23 | /usr/bin/tmux new -s vilain -d /usr/local/bin/vilain |
| 24 | ``` | |
| 25 | ||
| 26 | Then, to attach to the tmux session, run : | |
| 27 | ||
| 28 | ``` | |
| 29 | tmux a -t vilain | |
| 30 | ``` | |
