| If your hobby firewall rule-set compiler is perl based than custom trigger rules are rather trivial. For a random example, most of these ports will just bind to the default web-server (mitigates loopback attacks etc.): 2021 //tripwire 5 day ban, delay 30s 2022 //SSL tunnel for SSH port on VM, with client source-port range restriction. 2023 //tripwire 5 day ban 2024 //tripwire 5 day ban, delay 130s 2025 //tripwire 5 day ban 2026 //trigger 1: enable trigger 2 for specific IP, 5 second delay to open 2027 //tripwire 5 day ban 2028 //trigger 2: enable trigger 3 for specific IP, 4 second delay to open 2029 //tripwire 5 day ban, delay 19s 2030 //tripwire 5 day ban 2031 //trigger 3: close trigger 2, enable SSL tunnel port for specific IP in 1 second 2032 //tripwire 5 day ban 2033 //close all ports for this client IP, and reset trigger states in 1 second 2034 //tripwire 5 day ban I think the lack of popularity comes from the ease of locking oneself out (initially manual starting a firewall during configuration without rule caching is wise), and lack of client-side automated handshaking scripts on non-*nix systems. Someone should put together a little tutorial given many people seem to have lost this simple skill-set. Most people tend to ignore fail2ban integration options like banning game cheats. Have a wonderful day, =) |