Menu
▾
▴
Re: [Sqlgrey-users] [RELEASE] 1.3.6
|
From: Derek B. <de...@ba...> - 2004-12-01 04:33:47
|
On Tue, November 30, 2004 14:08, Lionel Bouton said: > Hi, > > 1.3.6 is available on sourceforge. > > New features : > - 2 new greylisting algorithms, use "greymethod =3D <value>" in > /etc/sqlgrey/sqlgrey.conf to select the algorithm (Hi Derek !). > - more verbosity control (quiet, verbose, debug), see > /etc/sqlgrey/sqlgrey.conf. > > Attention ; > switching the greylisting algorithms can be done as often as you want, > but SQLgrey will lose at least parts of its auto-whitelist entries and > generate new ones. > > If you don't want to lose any auto-whitelisting entry you can specify > "greymethod =3D full", this is the old greylisting algorithm. > The new ones are : > - "classc" : instead of detecting reconnects from one IP address it onl= y > considers the class C network (ie: it drops the last byte from the IP > address). > - "smart" : same as classc but switch to "full" if the rdns is home-use= r > alike (ie : the last 2 bytes of the IP address are in the rdns). Just upgraded to 1.3.6 and specified 'smart' for the algorithm. New connections to the server are adding just the first three bytes of the IP address to the connect table, as expected, but the old entries in the connect and *_awl tables still contain the full four bytes for the IP address. Do I need to delete/update those entries? Since the four byte entries weren't updated on the upgrade I assume this means that reconnect= s for the four byte entries will not match (unless I manually update the tables)? As an aside, if anyone uses Trustix Secure Linux 2.2 and wants an RPM or SRPM for 1.3.6 on TSL 2.2 I built them and they're available at: http://www.battams.ca/software/tsl22/ - Derek |
