security/bruteblock/files/pkg-message.in


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

===>  CONFIGURATION NOTE:

  Configuration of the bruteblock is done via configuration files
  located at %%PREFIX%%/etc/bruteblock/

  To run the script, append following lines to /etc/syslog.conf:

!*
auth.info;authpriv.info                         |exec %%PREFIX%%/sbin/bruteblock -f %%PREFIX%%/etc/bruteblock/ssh.conf

  and restart syslogd.

  Also you should add ipfw2 table and the corresponding deny rule.
  For example,

# ipfw add deny ip from table(1) to any

  Next, you'll want to setup periodical cleanup of ipfw2 table.  Add following
  lines to /etc/rc.conf:

     bruteblockd_enable="YES"
     bruteblockd_table="1"
     bruteblockd_flags="-s 5"

  and start bruteblockd: %%PREFIX%%/etc/rc.d/bruteblockd.sh start

See bruteblock(8) for more details.