Menu
▾
▴
[Sshguard-users] sshguard 1.4rc4 on Mac OS X Server 10.5.7
|
From: Jim T. <jt...@gm...> - 2009-05-26 22:55:14
|
I downloaded the 1.4rc4, compiled it with the IPFW option and set the rule range to 11000-11999, make'd and make installed with no problems. I used the tail | sshguard method and tested with an invalid username and garbage password. Sure enough, sshguard generated an IPFW rule blocking the computer I was coming from (192.168.0.198). services:~ me: sudo ipfw list Password: 01000 allow ip from any to any via lo0 01010 deny ip from any to 127.0.0.0/8 01020 deny ip from 224.0.0.0/4 to any in 01030 deny tcp from any to 224.0.0.0/4 in 11136 deny ip from 192.168.0.198 to me 12300 allow tcp from any to any established 12301 allow tcp from any to any out 12302 allow tcp from any to any dst-port 22 12302 allow udp from any to any dst-port 22 12303 allow udp from any to any out keep-state 12304 allow tcp from any to any dst-port 53 out keep-state 12304 allow udp from any to any dst-port 53 out keep-state 12305 allow udp from any to any in frag 12306 allow tcp from any to any dst-port 311 12307 allow tcp from any to any dst-port 625 12308 allow udp from any to any dst-port 626 12309 allow icmp from any to any icmptypes 8 12310 allow icmp from any to any icmptypes 0 12311 allow igmp from any to any 65534 deny ip from any to any 65535 allow ip from any to any But oddly, the firewall is not blocking access from that computer (I can pull up the web page hosted by the server, continue to ssh, etc) I'm suspecting the "me" token is being misinterpreted by the version of IPFW running here. Can anyone else share their experiences with sshguard on OS X Server? |
