This shows you the differences between two versions of the page.
|
bruteblock [2009/12/23 01:40] samm |
bruteblock [2009/12/23 02:05] (current) samm |
||
|---|---|---|---|
| Line 20: | Line 20: | ||
| ===== Installation ===== | ===== Installation ===== | ||
| - | To compile the program run `make` in bruteblock directory. After compilation, copy bruteblock and bruteblockd files into system binary directory (/usr/local/sbin). Copy bruteblock-ssh.conf into directory where configuration files are located (/usr/local/etc) and edit it to make it suit your needs. Edit /etc/syslog.conf and add the following entry: | + | To compile the program run `make` in bruteblock directory. After compilation, copy bruteblock and bruteblockd files into system binary directory (/usr/local/sbin). Copy bruteblock/ssh.conf into directory where configuration files are located (/usr/local/etc) and edit it to make it suit your needs. Edit /etc/syslog.conf and add the following entry: |
| - | auth.info;authpriv.info |exec /usr/local/sbin/bruteblock -f /usr/local/etc/bruteblock-ssh.conf | + | auth.info;authpriv.info |exec /usr/local/sbin/bruteblock -f /usr/local/etc/bruteblock/ssh.conf |
| then restart syslogd (/etc/rc.d/syslogd restart). Run bruteblockd, specifying the same ipfw2 table number as in config file (with -t parameter, e.g. '''# /usr/local/bin/bruteblockd -t 1'''). Finally, add ipfw rules to block any packets from addresses that match the table, like this: | then restart syslogd (/etc/rc.d/syslogd restart). Run bruteblockd, specifying the same ipfw2 table number as in config file (with -t parameter, e.g. '''# /usr/local/bin/bruteblockd -t 1'''). Finally, add ipfw rules to block any packets from addresses that match the table, like this: | ||