Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Logs for Addresses Using and Interface?

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 2 Posters 318 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JRA
      last edited by

      Hi all - I'm sorry if this question is either painful or done to death; I'm a bit green/n00bly when it comes to all this.

      Have a (inherited I should say) pfsense firewall, which passes traffic to a Varnish web cache server, which serves our website.

      Recently we've been getting some password brute-force attempts at the website itself, and I'd like to know the IP address they originate from so I can block it.

      Is this easily enough determined this from pfsense somehow?

      Thanks for any and all replies!

      :)

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        @JRA:

        Recently we've been getting some password brute-force attempts at the website itself, and I'd like to know the IP address they originate from so I can block it.

        Ask the 'varnish' admin, or even better : the web server admin. These have extended logs (normally) and they will show you the IP of the offending clients.
        If you use the "good old web server setup" then blocking becomes easily.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.