Netgate SG-1000 microFirewall

Author Topic: Feed banned host from FreeBSD mailserver to pfsense? (fail2ban)  (Read 221 times)

0 Members and 1 Guest are viewing this topic.

Offline Koenig

  • Jr. Member
  • **
  • Posts: 59
  • Karma: +1/-0
    • View Profile
Feed banned host from FreeBSD mailserver to pfsense? (fail2ban)
« on: December 14, 2017, 11:26:23 am »
Is there any good way to get the banned hosts from my mail-server to get blocked already at the firewall?

Today I have a mailserver on linux, but I have set almost everything up on a FreeBSD installation and the intention is to migrate to that but not until I have setup fail2ban properly, and that got me thinking that I actually don't want the blocked hosts on my LAN at all.

So is there any good way to set this up?

Offline motific

  • Jr. Member
  • **
  • Posts: 57
  • Karma: +6/-0
    • View Profile
Re: Feed banned host from FreeBSD mailserver to pfsense? (fail2ban)
« Reply #1 on: December 14, 2017, 12:06:10 pm »
My first thought would be to make the list of IPs available via something that pfBlockerNG can use...  http server on the Linux box serving up plaintext list of offending IPs for example.

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 15761
  • Karma: +1502/-210
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Feed banned host from FreeBSD mailserver to pfsense? (fail2ban)
« Reply #2 on: December 14, 2017, 12:12:19 pm »
You don't need pfblocker for something like this.  Simple storing of the IPs in a list that pfsense can access, and then use of the alias pointing to that url.

https://doc.pfsense.org/index.php/Aliases#URL_Table_Aliases
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.3-RELEASE (work)
1x SG-3100 2.4.3-RELEASE (work)
1x SG-4860 2.4.3-RELEASE (home)

Offline biggsy

  • Hero Member
  • *****
  • Posts: 672
  • Karma: +21/-0
    • View Profile
Re: Feed banned host from FreeBSD mailserver to pfsense? (fail2ban)
« Reply #3 on: December 14, 2017, 03:15:23 pm »
I use OpenBGPD to send banned IPs from my FreeBSD/postfix mail server to an alias on pfSense.  Using postfix is pretty central to the way I'm doing this, though.

Once I got fail2ban working and updating a local pf table, my thoughts about having them get past the front door were exactly the same.

 I also did the same for a friend and drew a picture to help explain it to hiim.  I'll see if I can find it.


Offline Koenig

  • Jr. Member
  • **
  • Posts: 59
  • Karma: +1/-0
    • View Profile
Re: Feed banned host from FreeBSD mailserver to pfsense? (fail2ban)
« Reply #4 on: December 15, 2017, 12:54:23 am »
I use OpenBGPD to send banned IPs from my FreeBSD/postfix mail server to an alias on pfSense.  Using postfix is pretty central to the way I'm doing this, though.

Once I got fail2ban working and updating a local pf table, my thoughts about having them get past the front door were exactly the same.

 I also did the same for a friend and drew a picture to help explain it to hiim.  I'll see if I can find it.

That would be much appreciated!

I'm really "new" to *nix, meaning I can follow guides on Internet to set things up (and the more you do it the more you understand) but I'm far from even a mediocre user.

Offline biggsy

  • Hero Member
  • *****
  • Posts: 672
  • Karma: +21/-0
    • View Profile
Re: Feed banned host from FreeBSD mailserver to pfsense? (fail2ban)
« Reply #5 on: December 15, 2017, 02:37:53 am »
The diagram was more for me to talk to while I tried to explain to my friend.  Not much useful content.

Sent you a PM.