Menu
▾
▴
Re: [Sshguard-users] using sshguard to block attempts at hpn enabled publickey only server
|
From: Willem J. W. <wj...@di...> - 2015-01-21 10:35:34
|
On 2015-01-21 1:21, Kevin Zheng wrote: > On 01/20/2015 03:06, Willem Jan Withagen wrote: >>> Thanks for bringing this to my attention. Unfortunately right now >>> bugs/reports that are submitted wind up in what essentially amounts to a >>> black hole -- a non-public bug database that nobody can see. >>> >>> I've applied the patch in the development repository. >> >> Which explains that all the things I've suggested thru the website >> actually go into nowhere... > > Actually, they do go into a database which the admins can see, but that > means it takes a while for developers to act on them. It might be > worthwhile to look at making the database public. > >> I'll see if I can get some of those suggestions back to you (or the >> list) Especially syslogd on FreeBSD can have extra fields, which make >> sshguard ingore everything. > > For the time being the best place for patches is the mailing list. > > I'm running FreeBSD, too. Quite frankly, I haven't been paying attention > to what SSHGuard has been picking up or not, but I'd be more than happy > to look at/test patches. Right, I'm using FreeBSD ipfw but in a different way other than sshguard-ipfw, which was easy to do with the dev version. I build sshguard with none backend, and now use a script which I hacked: /usr/local/sbin/sshguard-ipfwtable to do the ipfw work. That script uses a table to insert and delete blocked ipnrs. The advantage of that is that one can insert the ipfw add deny any from table(xx) to any anywhere in the firewall code. So it is no longer fixed at 5000, or something like that. The 2nd advantage of that is that the list survives a 'service ipfw restart' --WjW |
