[asterisk-users] [OT] fail2ban and pf
Randy R
randulo2008 at gmail.com
Wed Jul 28 12:44:53 CDT 2010
On Wed, Jul 28, 2010 at 9:03 AM, Kyle Kienapfel <doctor.whom at gmail.com> wrote:
> On Wed, Jul 28, 2010 at 6:38 AM, Randy R <randulo2008 at gmail.com> wrote:
>> Hi,
>>
>> Since f2b is one of the topics du jour here, I was wondering if
>> someone would mind telling me what these pf stats mean:
>> Evaluations: 964303 Packets: 12176 Bytes: 648408 States: 0
> 80 or so blocked hosts?
> 964303/12176=~79.19
>
> evaluations being more than packets looks like its going through
> multiple rules to think about packets. White listing your itsp and
> other traffic you know you like; before the list of banned computers
> might reduce that a bit.
80-100 certainly sound about right. While the essentials (MTA,
important users, me...) are listed you're right, I should whitelist
blocks and frequent accessors I know to be ok. There is a known good
list already.
Thanks!
/r
More information about the asterisk-users
mailing list