forked from solene/iblock
Documentation enhancement
This commit is contained in:
parent
8d03bbd483
commit
ddcacd328f
19
README.md
19
README.md
|
@ -7,6 +7,8 @@ It is meant to be used to block scanner connecting on unused ports.
|
|||
|
||||
# How to use
|
||||
|
||||
## Configure inetd
|
||||
|
||||
Start inetd service with this in `/etc/inetd.conf`:
|
||||
|
||||
```
|
||||
|
@ -14,6 +16,15 @@ Start inetd service with this in `/etc/inetd.conf`:
|
|||
666 stream tcp6 nowait root /usr/local/bin/iblock iblock
|
||||
```
|
||||
|
||||
You can change the PF table by adding it as a parameter like this:
|
||||
|
||||
```
|
||||
666 stream tcp nowait root /usr/local/bin/iblock iblock blocklist
|
||||
666 stream tcp6 nowait root /usr/local/bin/iblock iblock blocklist
|
||||
```
|
||||
|
||||
## Configure packet filter
|
||||
|
||||
Use this in `/etc/pf.conf`, choose which ports will trigger the ban from the variable:
|
||||
|
||||
```
|
||||
|
@ -27,7 +38,11 @@ pass in quick on egress inet proto tcp to port $blocking_tcp rdr-to 127.0.0.1 po
|
|||
pass in quick on egress inet6 proto tcp to port $blocking_tcp rdr-to ::1 port 666
|
||||
```
|
||||
|
||||
Done! You can see IP banned using `pfctl -t blocked -T show` and iBlock will log blocking too.
|
||||
Don't forget to reload the rules with `pfctl -f /etc/pf.conf`.
|
||||
|
||||
# Get some statistics
|
||||
|
||||
Done! You can see IP banned using `pfctl -t blocked -T show` and iBlock will send blocked addresses to syslog.
|
||||
|
||||
In the example I added a label to the block rule, you can use `pfctl -s labels` to view statistics from this rule, [see documentation for column meaning](https://man.openbsd.org/pfctl#s~8).
|
||||
|
||||
|
@ -36,6 +51,4 @@ In the example I added a label to the block rule, you can use `pfctl -s labels`
|
|||
|
||||
- make install doing something
|
||||
- A proper man page
|
||||
- Support IPv6
|
||||
- make it work with doas
|
||||
- pf table as a parameter
|
||||
|
|
Loading…
Reference in New Issue