Archive for the tag 'iptables'

BruteForceBlocker for iptables

Dear all,

some time ago I have received an email from Joshua Gimer asking me whether there are any efforst to port my brute force blocking tool to iptables, ipf and ipfw. He has commented that he would be gladly willing to assist in porting efforts as he uses bruteforceblocker in his environment quite successfuly.

Unfortunately I am these days very busy, thus am having almost none free time to spend on bruteforceblocker. I replied saying that I will be interested to see such ports and of course I would be pleased if someone could help me with this work.

After a few days he has send me port of BruteForceBlocker for iptables, which is widely used firewall backage on linux distributions. I promised him to review his code and release it. Well, I really hoped to review his code, but unfortunately this has not happen to date.

As I feel it is my duty and this tool might be helpful for you, I am releasing his port and I will be glad to see your comments whether it works for you, or whether there are any problems with it. This way I would also thank Joshua Gimer for his great work and all credits for this port are going to him.
Please note that I have not reviewed his code and it might contain bugs (not that my code doesn’t :-))

One great addition he has added is CIDR support for whitelists, which seems to be very useful to me. I will presumably adopt these changes to the original pf version.

You can download iptables port of Bruteforceblocker from whithin the download section, or direclty using this link.

Please test and report!