fail2ban
# portmaster security/py-fail2ban
http://www.fail2ban.org/wiki/index.php/MANUAL_0_8#Configuration
/etc/rc.conf
fail2ban_enable="YES"
/usr/local/etc/fail2ban/
/etc/pf.conf
# echo 'block drop log quick from <fail2ban> to any' >> /etc/pf.conf
/etc/newsyslog.conf
# /var/log/fail2ban.log 600 7 * @T00 JC
start
# /usr/local/etc/rc.d/fail2ban start
sonstiges
anzeigen der Blacklist
# pfctl -t fail2ban -T show
löschen einer IP
# pfctl -t fail2ban -T delete xxx.xxx.xxx.xxx
sperren einer ganzen class-B (hier hotmail.com)
# pfctl -t fail2ban -T add 65.55.0.0/16