How to automate the IP blocking using IPFW in FreeBSD and DirectAdmin Brute Force Monitor
In this article we will try to automate the IP blocking using IPFW in FreeBSD and Brute Force Management System of DirectAdmin. You will have additional management interfaces in DirectAdmin which would give you the possibility of unblocking or whitelisting the IPs inside the DirectAdmin management area.
IP Block/unblock using IPFW in FreeBSD and DirectAdmin BruteForce Monitor
First make sure that IPFW with tables support in installed on your FreeBSD server. If not, please click on below article to install it:
>> How to Install IPFW on FreeBSD 8, 9, 11 in DirectAdmin
1- Creating the necessary DirectAdmin Block/Unblock scripts
# cd /usr/local/directadmin/scripts/custom
# touch block_ip.sh unblock_ip.sh brute_force_notice_ip.sh show_blocked_ips.sh
# chmod 755 block_ip.sh unblock_ip.sh brute_force_notice_ip.sh show_blocked_ips.sh
2 Creating block_ip.sh
#!/bin/sh
echo "Blocking IP: $ip
";
/sbin/ipfw -q table 10 add $ip
echo "
Result:";
echo "
/sbin/ipfw table 10 list
echo "";
exit 0;
3 Creating unblock_ip.sh
#!/bin/sh
echo "Unblocking IP: $ip
";
/sbin/ipfw -q table 10 delete $ip/32
exit 0;
4 Creating brute_force_notice_ip.sh
#!/bin/sh
SCRIPT=/usr/local/directadmin/scripts/custom/block_ip.sh
ip=$value $SCRIPT
exit $?;
5 Creating show_blocked_ips.sh
#!/bin/sh
/sbin/ipfw table 10 list | sed 's/\/32 0//g'
exit 0;