SSHguard & IPFW
Alexandre
axelbsd at ymail.com
Tue Oct 6 08:03:14 UTC 2015
________________________________
> From: nino80 at gmail.com
> Date: Wed, 30 Sep 2015 09:41:55 +0200
> Subject: Re: SSHguard & IPFW
> To: axelbsd at ymail.com
> CC: freebsd-questions at freebsd.org
>
> On Tue, Sep 29, 2015 at 4:24 PM, Alexandre
> <axelbsd at ymail.com<mailto:axelbsd at ymail.com>> wrote:
>
> >> About the blocking rules reservation in IPFW (from rule 55000 to
> >> 55050), anyone experienced yet full use of these rules?
> >> By default, fifteen addresses can be blocked together. But how SSHGUARD
> >> works in this case for the newest one (51th)?
> >>
> >> Thank you in advance for your clarifications.
> >> Alexandre
>
> To answer your second question, IPFW has no problem using the same rule
> number for multiple rules. Thus sshguard is not limited to 50
> addresses.
>
> Also, next version of sshguard won't use IPFW rules, but rather an IPFW
> table to insert IP addresses to be blocked. Thus it will only need a
> single deny rule.
>
> I'm currently using development version of sshguard which uses IPFW
> table and it works fine for me.
>
> Regards,
> --
> Nino
>
Hi Nino,
I encounter now an issue with IPFW and blacklist functionnality: when I restart sshguard service (or reboot the machine), I need to delete /var/db/sshguard/blacklist.db before launch sshguard service again.
It is a know issue as described here http://sourceforge.net/p/sshguard/mailman/message/34146342/
Do you know when the next security/sshguard-ipfw version will be in FreeBSD ports?
Thank you.
Regards.
Alexandre
More information about the freebsd-questions
mailing list