Menu
▾
▴
Re: [Sshguard-users] abort when reinstating blacklist on OS X
|
From: Jin C. <jin...@me...> - 2011-10-25 08:47:21
|
I looked into this a little further. It looks like the code actually expects that this might be a problem; line 135 of ipfw.c in fw_block() has the comment
/* insert rules under this rule number (in chunks of max_addresses_per_rule) */
but there is no code to actually break the number of addresses up into chunks, nor is there mention of max_addresses_per_rule anywhere else in the codebase. So as soon as you get more blacklisted users than the system limit, which appears to be 15 for me (OS X Lion), sshguard will fail to start up properly.
I've attached a patch which implements the chunking, which works for me. Please consider it.
|
