[BlueOnyx:26296] Re: Saving APF Blacklist opens firewall
John Simpson
john at swajime.com
Thu Jun 15 05:54:53 -05 2023
Thanks for the pointer.
Possibly fail2ban is what I want ... I am not sure.
But the settings page in BlueOnyx is just a long list of checkboxes. No
explanation of how each setting works.
And the wiki link from the settings page says: "This topic does not exist
yet: You've followed a link to a topic that doesn't exist yet. If
permissions allow, you may create it by clicking on “Create this page”."
There is also a settings page for Dfix2 that looks very appropriate. It
says "Dfix2
(DFIX 2 reads data from input sources, matches the data with patterns (like
regular expressions or Perl subroutines) for recognizing input events, and
correlates events according to the rules in its rule files. DFIX 2 can then
maintains firewall rules to block attacks, and produces a log file to
record all intrusion activity.)"
The thing here is there are no settings at all except one checkbox to turn
it on and off.
What I expected to see on the Dfix2 (or possibly fail2ban) settings page
was the ability to choose an input source, enter in the regex(s), and be
done.
If you can advise how to properly do this with Dfix2 or fail2ban, I would
greatly appreciate it. Or if there is a link that is appropriate for how
to do this with BlueOnyx.
Thanks much,
John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20230615/8a56b85c/attachment.html>
More information about the Blueonyx
mailing list