How to setup IPFW working with blacklistd
Cos Chan
rosettas at gmail.com
Wed Nov 15 21:27:56 UTC 2017
On Wed, Nov 15, 2017 at 5:02 PM, Kurt Lidl <lidl at freebsd.org> wrote:
> On 11/15/17 6:46 AM, Cos Chan wrote:
>
> blacklistd.log:
>> Nov 15 12:13:42 res blacklistd[22100]: blocked 132.148.128.234/32:22 <
>> http://132.148.128.234/32:22> for -1 seconds
>> Nov 15 12:15:40 res blacklistd[22100]: rule exists OK
>> Nov 15 12:15:40 res blacklistd[22100]: blocked 132.148.128.234/32:22 <
>> http://132.148.128.234/32:22> for -1 seconds
>>
>
> The "-1 seconds" looks fishy to me.
>
> What is the /etc/blacklistd.conf on this machine?
the blacklistd.conf was here under while I got above logs:
# adr/mask:port type proto owner name nfail disable
[local]
ssh stream * * * 2 *
ftp stream * * * 2 *
smtp stream * * * 2 *
# adr/mask:port type proto owner name nfail disable
[remote]
>
>
> -Kurt
>
>
--
with kind regards
More information about the freebsd-questions
mailing list