On Wed, 21 Dec 2011 16:33:20 +0000 Alex Scotton alex.scotton@gmail.com allegedly wrote:
No problem - on my second read of my original email I was not clear at all. :(
The problem with VPN is it comes with a whole host of client-end setup on an array of environments.
I would just write a node script to monitor the ssh auth logs and prepend the iptables rules but that would require the node server having the ability to become a SU :S
or I could write a bash script daemon to monitor an output file of a node instance and issue the commands, and again :S
I'm sure an investigation into the source of fail2ban will return some results, I will post back if I answer my own question :)
Alex
Whilst setting up a VPN may seem like a lot of unnecessary faffing about, I strongly recommend that you give its some serious consideration. You /really/ don't want to be writing any setuid scripts to mess with your iptables rules.
Mick
---------------------------------------------------------------------
The text file for RFC 854 contains exactly 854 lines. Do you think there is any cosmic significance in this?
Douglas E Comer - Internetworking with TCP/IP Volume 1
http://www.ietf.org/rfc/rfc854.txt ---------------------------------------------------------------------