-
I have no idea how patches are incorporated into the official repository (wherever that may be). Version 2.7 is apparently done, but has not yet been released. I sent a message to Phil Schwartz about this today, but haven't received a response yet.
I have full confidence in my logic, but I'm unsure of its integration with the rest of DenyHosts. In particular, I'm sure I broke something with...
2009-10-31 01:50:40 UTC by mruffalo
-
Great! Thanks! Sorry for my ignorance, but how do patches normally get incorporated into the official repository? I'm using this on production systems so ideally I would just be able to update via my package manager but I that's a long way out I'd expect.
At this point are you looking for people to test it out and find problems before submitting it as a potential patch for the denyhosts...
2009-10-30 22:07:55 UTC by turb0chrg
-
Oops, forgot to log in before posting that comment.
2009-10-22 17:10:28 UTC by mruffalo
-
The test code for the IP trie (prefix tree) implementation is available at
http://vorlon.case.edu/~mmr15/ip-trie.tar.gz
The code in the archive is identical to the changes I made to allowedhosts.py. Run 'regex.py' from the archive to test everything.
It tests:
* Matching IP addresses and subnet masks with the ALLOWED_REGEX_MASK regex
* Assuming a subnet mask length of 32 bits if no subnet...
2009-10-22 17:02:50 UTC by nobody
-
I have set up an unofficial DenyHosts Git repository on github. To get the code, run
git clone git://github.com/mruffalo/denyhosts.git
The 'master' branch contains all publicly available archives of DenyHosts, from version 0.5 to version 2.6. My changes are on the allow-hosts-mask branch, and have not been fully tested. I changed the AllowedHosts class to be a prefix tree for matching IP...
2009-10-21 21:23:42 UTC by mruffalo
-
Here's what I think is missing in the documentation in order to add vsftpd tracking to denyhosts. Step 1: add a USERDEF_FAILED_ENTRY_REGEX entry as described in the faq. This one works for vsftpd-2.0.7-2.fc10.x86_64:
USERDEF_FAILED_ENTRY_REGEX=.*\(vsftpd:auth\).* authentication failure.* ruser=(?P\S+)\s+rhost=(?P\S+)
Step 2: override the SSHD_FORMAT_REGEX to include the vsftpd...
2009-10-18 04:01:26 UTC by toddbrunhoff2
-
I'm expieriencing deadlock situations between the startup process and the purge routine which prevents my servers to come up after a reboot
2302 ? S 0:00 /usr/bin/python /usr/share/denyhosts/denyhosts_ctl.py start --purge --config=/etc/denyhosts.conf
2303 ? S 0:01 python /usr/sbin/denyhosts --daemon --purge --config=/etc/denyhosts.conf --config=/etc/denyhosts.conf.
2009-10-12 14:54:31 UTC by nobody
-
Is this the same issue as bug ID:2741691?.
2009-10-06 16:13:06 UTC by nobody
-
The general solution is to allow any subnet mask to be specified as a wildcard. To maintain compatibility, entries without a subnet mask should match /32.
For example:
10.0.0.0/24
192.168.1.0/255.255.255.0
1.1.1.2/32
I've started to work on a patch to allow this; I might have it in a day or two.
2009-10-06 09:58:35 UTC by mruffalo
-
I installed and am trying run DenyHosts but I am getting the following error:
starting DenyHosts: /usr/bin/env python /usr/local/bin/denyhosts.py --daemon
--config=/usr/local/denyhosts/denyhosts.cfg
Traceback (most recent call last):
File "/usr/local/bin/denyhosts.py", line 15, in
from DenyHosts.deny_hosts import DenyHosts
File...
2009-08-11 17:24:01 UTC by robertbutler