OPNsense Forum
English Forums => General Discussion => Topic started by: Maarten on October 21, 2015, 10:18:47 am
-
Hi, On a linux server I'm running I'm using a temporary blacklist. When I detect misbehaving clients I put their ip in a blacklist. This blacklist holds the ip for a few hours or so. I use IPSET for this functionality.
What I would like to do is to temporary register such an ip in a blacklist on the router, so everything is blocked for this misbehaving ip. Is there something similar in OPNsense? I know there is a blacklist feature, but that is just way to static. The ip must be blocked right away.
Thanks.
-
Hi Maarten,
You can use aliasses for that, just create a new one in
Firewall -> Aliases ( and choose IP when creating a new one)
Next create a firewall rule attached to this alias to block your clients on the correct interface.
Regards,
Ad
-
Someone was working on improving a daemon to do arbitrary (temporary) lockouts using https://github.com/opnsense/sshlockout_pf as the base. We use this utility to blacklist GUI and SSH access in case of bad logins and it's fully automated.
-
Thanks franco, I'm going to check it out.