# FreeBSD equivalent of lastb command?



## digioz (Jun 22, 2010)

Hello All,

Does anyone know the FreeBSD equivalent of the Linux "lastb" command or the location of the failed login attempts log file? (both would be nice)

The Server runs FreeBSD version 7.0-STABLE. What I am trying to do is to block the IP address of the failed login attempts on the server. Not sure if the iptable command below works on FreeBSD:


```
iptables -A INPUT -s [IP Address] -j DROP
```

Thanks,
Pete


----------



## hydra (Jun 22, 2010)

Check out security/py-fail2ban or security/denyhosts.


----------



## digioz (Jun 22, 2010)

Thanks. So does that mean there is no "lastb" equivilant in FreeBSD?

Pete


----------



## hydra (Jun 22, 2010)

/var/log/auth.log


----------



## digioz (Jun 22, 2010)

I will take that as a no. 
I will just view the log file directly.

Thanks,
Pete


----------



## phoenix (Jun 22, 2010)

It's called just last(1), on both Linux and FreeBSD.  "lastb" on Linux is just an alias for last.

Both Linux and FreeBSD use /var/log/wtmp and /var/run/utmp to store this info.  Linux also uses a bunch of other *tmp files, although who knows why.  

/var/log/auth.log and /var/log/security and /var/log/messages are also useful.

Thankfully, no other OS uses iptables.  FreeBSD uses ipfw(8) and pf(8) for packet filtering (and ipfw has been ported to Linux so there's finally a usable packet filter on Linux).


----------

