Menu
▾
▴
Re: [Sshguard-users] Read blacklist.db
|
From: Mij <mi...@ss...> - 2011-10-12 11:31:59
|
On Oct 12, 2011, at 13:21 , Cedric Jeanneret wrote: > Hello! > > How can I read and edit the blacklist db file ? While doing "file > sshguard.db", it tells me it's some odd "raw G3 data, byte-padded", > which seems to be used for fax content... I'me guessing that's not true. In sshguard-1.5 blacklists are in SimCList serialization format, which is binary (see http://mij.oltrelinux.com/devel/simclist/ ). In a recent commit on the SVN, blacklists are stored in human-readable format. Wait some weeks for have that appear in a release, or compile the sources from the SVN as described in http://www.sshguard.net/docs/setup/compile-install/#fetch-code > My final goal is to be able to get blacklisted addresses (and all datas > I can get from this DB) to do some stats. You can extract the IPs with a command such as: strings /path/to/blacklist | grep -Eo "([0-9]+\.){3}[0-9]+" For extracting IPv6 addresses check out the regex in the sshguard sources. |
