Mihai T. Lazarescu wrote: > On Sat, Mar 20, 2010 at 05:24:34PM -0500, Larry Vaden wrote: > > >> On Sat, Mar 20, 2010 at 5:17 PM, Vadkan Jozsef <jozsi.avadkan at gmail.com> wrote: >> >>> What's the best method to ban that ip [what is bruteforcig a server] >>> what was logged on the logger? >>> I need to ban the ip on the router pc. >>> >> http://www.fail2ban.org/wiki/index.php/Main_Page but you may have to >> run fail2ban on the server instead of on the logger. >> > > You can forward a copy of the syslog messages to the router > and instruct fail2ban to act upon them instead of the default > ssh log. > How about using a read-only NFS share of the log directory from the logger for fail2ban to read from the router? -- Bowie