Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
[SOLVED] Temporary ip blacklist
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] Temporary ip blacklist (Read 4958 times)
Maarten
Jr. Member
Posts: 67
Karma: 6
[SOLVED] Temporary ip blacklist
«
on:
October 21, 2015, 10:18:47 am »
Hi, On a linux server I'm running I'm using a temporary blacklist. When I detect misbehaving clients I put their ip in a blacklist. This blacklist holds the ip for a few hours or so. I use IPSET for this functionality.
What I would like to do is to temporary register such an ip in a blacklist on the router, so everything is blocked for this misbehaving ip. Is there something similar in OPNsense? I know there is a blacklist feature, but that is just way to static. The ip must be blocked right away.
Thanks.
«
Last Edit: October 23, 2015, 08:41:16 am by franco
»
Logged
AdSchellevis
Administrator
Hero Member
Posts: 907
Karma: 184
Re: Temporary ip blacklist
«
Reply #1 on:
October 22, 2015, 10:09:17 am »
Hi Maarten,
You can use aliasses for that, just create a new one in
Firewall -> Aliases ( and choose IP when creating a new one)
Next create a firewall rule attached to this alias to block your clients on the correct interface.
Regards,
Ad
Logged
franco
Administrator
Hero Member
Posts: 17660
Karma: 1611
Re: Temporary ip blacklist
«
Reply #2 on:
October 23, 2015, 08:41:03 am »
Someone was working on improving a daemon to do arbitrary (temporary) lockouts using
https://github.com/opnsense/sshlockout_pf
as the base. We use this utility to blacklist GUI and SSH access in case of bad logins and it's fully automated.
Logged
Maarten
Jr. Member
Posts: 67
Karma: 6
Re: [SOLVED] Temporary ip blacklist
«
Reply #3 on:
October 23, 2015, 08:43:11 am »
Thanks franco, I'm going to check it out.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
[SOLVED] Temporary ip blacklist