Michael Wulff Nielsen
Contributor
- Joined
- Oct 3, 2013
- Messages
- 182
Hi everyone,
I have a Freenas box that I wish to access from the internet via ssh. So I have enabled port forwarding to port 22. It works perfectly but I am seeing a ton of login attempts from automated scanners.
So being a developer I wrote a little script that scans the auth.logs and generates the appropriate firewall rules.
Please check it out here and give me some feedback: https://github.com/mwulffn/freenas-firewall
On my box it generates the following firewall rules:
I am now looking for suggestions on how to best integrate my script with freenas.
Ohh, and btw this is my first python program ever, so be nice. :)
I have a Freenas box that I wish to access from the internet via ssh. So I have enabled port forwarding to port 22. It works perfectly but I am seeing a ton of login attempts from automated scanners.
So being a developer I wrote a little script that scans the auth.logs and generates the appropriate firewall rules.
Please check it out here and give me some feedback: https://github.com/mwulffn/freenas-firewall
On my box it generates the following firewall rules:
#!/bin/sh
ipfw -q flush
ipfw -q add 65510 deny all from 95.167.180.114 to any
ipfw -q add 65511 deny all from 94.84.218.16 to any
ipfw -q add 65512 deny all from 133.242.229.144 to any
ipfw -q add 65513 deny all from 14.63.168.193 to any
ipfw -q add 65514 deny all from 221.230.54.115 to any
ipfw -q add 65515 deny all from 211.202.2.162 to any
ipfw -q add 65516 deny all from 32.65.254.70 to any
ipfw -q add 65517 deny all from 58.186.109.178 to any
ipfw -q add 65518 deny all from 61.147.74.149 to any
ipfw -q add 65519 deny all from 176.74.184.233 to any
ipfw -q add 65520 deny all from 61.147.116.51 to any
ipfw -q add 65521 deny all from 185.5.96.173 to any
ipfw -q add 65522 deny all from 222.189.239.124 to any
ipfw -q add 65523 deny all from 108.171.246.242 to any
ipfw -q add 65524 deny all from 186.215.158.70 to any
ipfw -q add 65525 deny all from 61.142.106.34 to any
ipfw -q add 65526 deny all from 1.93.49.226 to any
ipfw -q add 65527 deny all from 37.48.67.20 to any
ipfw -q add 65528 deny all from 200.86.77.227 to any
ipfw -q add 65529 deny all from 212.146.83.246 to any
ipfw -q add 65530 deny all from 5.39.35.82 to any
ipfw -q add 65531 deny all from 222.189.239.75 to any
ipfw -q add 65532 deny all from 222.189.239.70 to any
ipfw -q add 65533 deny all from 222.189.239.72 to any
I am now looking for suggestions on how to best integrate my script with freenas.
Ohh, and btw this is my first python program ever, so be nice. :)