Hello,
I have an HAproxy running on a pfsense router pointing to an nginx webserver in FreeBSD jail. I want fail2ban running on the FreeBSD server to block remote clients reaching to the webserver.
I came across this blog post http://centos.tips/fail2ban-behind-a-proxyload-balancer/ on how to use iptables to do packet introspection and block the remote client. The key command is this
What would be the equivalent command in ipfw to do this?
Thanks
I have an HAproxy running on a pfsense router pointing to an nginx webserver in FreeBSD jail. I want fail2ban running on the FreeBSD server to block remote clients reaching to the webserver.
I came across this blog post http://centos.tips/fail2ban-behind-a-proxyload-balancer/ on how to use iptables to do packet introspection and block the remote client. The key command is this
Code:
actionban = iptables -I fail2ban-<name> 1 -p tcp --dport 80 -m string --algo bm --string 'X-Forwarded-For: <ip>' -j DROP
What would be the equivalent command in ipfw to do this?
Thanks