Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Logs for Addresses Using and Interface?

    General pfSense Questions
    2
    2
    231
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JRA last edited by

      Hi all - I'm sorry if this question is either painful or done to death; I'm a bit green/n00bly when it comes to all this.

      Have a (inherited I should say) pfsense firewall, which passes traffic to a Varnish web cache server, which serves our website.

      Recently we've been getting some password brute-force attempts at the website itself, and I'd like to know the IP address they originate from so I can block it.

      Is this easily enough determined this from pfsense somehow?

      Thanks for any and all replies!

      :)

      1 Reply Last reply Reply Quote 0
      • Gertjan
        Gertjan last edited by

        @JRA:

        Recently we've been getting some password brute-force attempts at the website itself, and I'd like to know the IP address they originate from so I can block it.

        Ask the 'varnish' admin, or even better : the web server admin. These have extended logs (normally) and they will show you the IP of the offending clients.
        If you use the "good old web server setup" then blocking becomes easily.

        No "help me" PM's please. Use the forum.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post