====================================================== FreeBSD fail2ban ------------------------------------------------------ by o1 FreeBSD condo 13.1-RELEASE-p7 FreeBSD 13.1-RELEASE-p7 GENERIC amd64 ====================================================== Setup IPFW ------------------------------------------------------ https://www.genunix.com/o1/freebsd_ipfw.txt ====================================================== install fail2ban ------------------------------------------------------ pkg install py39-fail2ban ====================================================== /usr/local/etc/fail2ban/fail2ban.local ------------------------------------------------------ [DEFAULT] allowipv6 = no ====================================================== /usr/local/etc/fail2ban/jail.local ------------------------------------------------------ [INCLUDES] before = paths-freebsd.conf [DEFAULT] action = bsd-ipfw banaction = bsd-ipfw ignoreip = 127.0.0.0/8 10.10.0.0/16 192.168.28.0/24 123.123.123.123/32 bantime = 1234567 findtime = 123456 maxretry = 2 [sshd] enabled = true [apache-auth] enabled = true logpath = /var/log/httpd-error.log /more/sites/*/*/logs/*-error.log [wordpress] enabled = true logpath = /var/log/httpd-access.log /more/sites/*/*/logs/*-access.log [named-refused] enabled = true logpath = /var/log/messages [sendmail-auth] enabled = true [sendmail-reject] enabled = true [dovecot] enabled = true [roundcube-auth] enabled = true logpath = /usr/local/www/roundcube/logs/errors.log ====================================================== /etc/rc.conf ------------------------------------------------------ fail2ban_enable="YES" ====================================================== commands to learn and create useful scripts ------------------------------------------------------ ipfw table all list ipfw table all info ipfw table all detail fail2ban-client fail2ban-client status fail2ban-client status sshd fail2ban-client set sshd banip 222.222.222.222 fail2ban-client set sshd unbanip 222.222.222.0/24