Menu
▾
▴
Re: [Sshguard-users] Problem with blocking "strings" not being IPs
|
From: Kevin Z. <kev...@gm...> - 2014-11-27 23:47:50
|
Hi Peter, Sorry for the follow-up email. SSHGuard uses regular expressions in its lexer to match attack signatures and IP addresses. This means that if you feed it an invalid IP address it shouldn't even try to block it. Would it be possible for you to try using the "log sucker" option by specifying a log file on the command line? I'm wondering if this is something funny happening with syslog-ng. Incorrect string handling sounds troubling; do you have snippets of logs that we can take a look at and test? Thanks, Kevin Zheng -- Kevin Zheng kev...@gm... | ke...@kd... | PGP: 0xC22E1090 |
