Le Tue, Sep 10, 2024 at 09:09:22AM +0200, Theo Buehler a écrit :
> On Tue, Sep 10, 2024 at 08:22:25AM +0200, Landry Breuil wrote:
> > hi,
> > 
> > here's a port for https://reaction.ppom.me/, which is a lightweight
> > fail2ban-like, currently written in go (but uses few modules and builds
> > quickly) and pending a rewrite in rust (per
> > https://framagit.org/ppom/reaction/-/issues/103)
> > 
> > the configuration can be in jsonnet or yaml format (cf
> > https://blog.ppom.me/en-reaction/), i've included under files/ an
> > authlog.jsonnet sample that upstream provides to add ssh bots to a
> > blocked_ssh table, one only needs to append two lines to pf.conf to
> > block those (a MESSAGE files advises so).
> 
> If I understand correctly, this needs to run as root since the authlog
> script issues pfctl commands.

yeah, that's the idea.. even if not great :)

> I'd replace the 'cp -r' in the Makefile with ${INSTALL_DATA}. Other than
> that this looks ok (haven't tested more than packaging on amd64).

thanks ! will see if there's more testing coming, and do more real-life
tests.