Menu
▾
▴
[Sshguard-users] sshguard on OSX 10.5 and ipfw (ipv6)
|
From: David H. <dho...@gm...> - 2009-05-09 15:20:39
|
Anyone on this list have access to a OSX 10.5 dev environment that is
willing to test some patches ?
I have a patch for ipfw firewall and ipv6 that I have tested on
FreeBSD 7, and OSX (ppc) 10.4, but I would prefer someone test with
OSX 10.5 or even snow leopard (intel or ppc) as well.
1) Get base code here:
svn co https://sshguard.svn.sourceforge.net/svnroot/sshguard sshguard
2) Get the patches (both) of them from here: (save to the
sshguard/trunk directory from step 1)
https://sourceforge.net/tracker/?func=detail&aid=2777559&group_id=188282&atid=924687
3) Apply patches and configure/build
su root
cd sshguard/trunk
patch <osx_configure_ac_patch.txt
pushd src/fwalls
patch <../../ipfw_ipv6_patch_2.txt
popd
autoreconf
./configure --with-firewall=ipfw
make clean && make
4) If all builds well, try running sshguard with the "-d" parameter
and paste the following attack example:
e.g. src/sshguard -d
Attack Example: (if your email client wraps the string to multiple
lines, make sure it is one line before you paste into the sshguard
debug terminal)
Apr 30 12:19:08 minimac sshd[7097]: Failed keyboard-interactive/pam
for invalid user asdf from 2001:db8::1 port 57453 ssh2
Paste the attack example into the terminal 4 times and you should see
the following at the end:
Running command: '/sbin/ip6fw add 55045 drop ipv6 from 2001:db8::1 to any'.
55045 deny ipv6 from 2001:db8::1 to any
Command exited 0.
First sight of offender '2001:db8::1:6', adding to offenders list.
If you see any other exit code than "Command exited 0.", please paste
the entire output buffer in a response email.
--Thanks!
-_Dave H
|
