kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/mail/rabl_server/files/patch-rabl_server.conf
Pav Lucistnik c7ca51e815 The RABL (pronounced "rabble") server is a statistical, machine-automated and 
up-to-the-second blackhole list server designed to monitor global network
activity and make decisions based on network spread and infection rate -
that is, abuse from an address which has been reported by a number of
participating networks. This is in far contrast to how most other
blacklists function, where fallable humans (many with political agendas) must
process thousands of reports and make decisions - many times after the fact.
The RABL is fully reactive to new threats and can block addresses within
seconds of widespread infection - good to know in this world of drone PCs
and stolen accounts. The RABL server blacklists addresses until they have
cleared a minimum duration (an hour by default) without any additional
reporting, making the appeals process as simple as "fix your junk". The RABL
is designed to function via automated machine-learning spam filters, such as
Bayesian filters. Each participating network is granted write authentication
in the blackhole list, to prevent abuse. A client tool is also provided.

PR:		ports/88446
Submitted by:	Ion-Mihai "IOnut" Tetcu <itetcu@people.tecnik93.com>
2005-11-09 17:38:12 +00:00

32 lines
942 B
Text
Raw Blame History

--- rabl_server.conf.dist Tue Oct 25 17:51:52 2005
+++ rabl_server.conf Tue Oct 25 19:00:18 2005
@@ -3,7 +3,7 @@
##
# Logfile
-Logfile rabl.log
+Logfile /var/log/rabl.log
# Connection Queue Size
Queue 32
@@ -21,11 +21,17 @@
Life 86400
# Command to execute if being DoSed
-DoSCMD "echo 'block in quick from %s/32 to any' | ipf -f -"
+### be sure to tailor this to your setup befor un-commenting one of them
+# ipf
+# DoSCMD "echo 'block in quick from %s/32 to any' | ipf -f -"
+# ipfw
+# DoSCMD "ipfw add deny ip from %s/32 to any"
+# pf
+# DoSCMD "echo "block quick from %s/32 to any" | pfctl -mf -"
# Zone file writing
-ZoneTemplate /var/named/rabl.mydomain.com.template
-ZoneOutput /var/named/rabl.mydomain.com
+ZoneTemplate /etc/namedb/master/rabl.example.com.template
+ZoneOutput /etc/namedb/master/rabl.example.com
# Users (Clients with the ability to report a spamming host)
# USER <uid> <secret> <acl> <permissions>
Reference in a new issue View git blame Copy permalink