Projects / autofwd


autofwd is an automated firewalling daemon intended to block hosts performing unwanted acts. While it was designed to be used to thwart hosts running dictionary attacks on logins (of any service), it can be used for just about anything. The external commands it runs are configurable, allowing you to take additional actions against offending hosts such as running an nmap OS fingerprint before firewalling, or just silently logging the event.

Operating Systems

Last announcement

Integration with Nagios 07 Oct 2011 18:27

Niccoló Avico has written a fantastic article on integrating autofwd events with the Nagios alarm console. You can find a link to his article via the Related Links section of the website:

Recent releases

  •  05 May 2011 18:25

    Release Notes: Mail runs are now done in a forked child to prevent any interruption to processing new events. Signal handlers have been installed to ensure clean shutdown. There is a PID file, an autofw.conf(5) man page, better granularity for expunging banned hosts, and more.

    •  13 Apr 2011 22:37

      Release Notes: IPv6 support was added. E-mail alerts were changed to a batch summary at five minute intervals.

      Recent comments

      13 Aug 2011 05:18 danielblair

      Great idea / Great project...


      Project Spotlight


      A Fluent OpenStack client API for Java.


      Project Spotlight

      TurnKey TWiki Appliance

      A TWiki appliance that is easy to use and lightweight.