Menu
▾
▴
Re: [Sshguard-users] Patch to fix blacklist loading with ipfw
|
From: Kevin Z. <kev...@gm...> - 2015-05-29 20:19:04
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 05/26/2015 22:08, Greg Putrich wrote: > It would certainly keep the rules tidier. At 200 rules from > sshguard, that's becoming a mess, but still manageable. For a > popular Internet host, it could easily become thousands/tens of > thousands which becomes silly in trying to manage the other normal > rules. > > I think the table would be a good option to keep order to the rule > set. While we would miss out on seeing which addresses are active, > I don't think that is all of that big of a concern (at worst, clear > the table to start over and the frequent pests would be blocked > quickly again). The new backend is now available in the 'ipfw' branch of the Bitbucket repository. This time I was able to actually test it, and it appears to work reasonably well. In order to use it, you will need a rule like the following in your ipfw ruleset: reset ip from table(22) to me Currently, SSHGuard uses a fixed table number, '22', to store blacklisted addresses. This table is cleared when SSHGuard exits. If there are no issues with this backend, it should appear in the 'master' branch and will be backported to 1.6. Thanks, Kevin Zheng - -- Kevin Zheng kev...@gm... | ke...@kd... | PGP: 0xC22E1090 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJVaMmnAAoJEOrPD3bCLhCQ8M0IAJoxH6K6VeV8bnIO+jHsbajX h4pj24yCg21ADorHQHrMU9JBKVQZXGNjuCYH/q7Fc4MQfofvGwx63WgwYhfq/6O6 /IEtlLuCQ2ri6+pxrzV3np6o0VMajBPZcyWsepGA0aJcqeXFcKnP/9qki7bedTE1 qlL3SWt7nluJRkcgJ29ou0tYQt6x5xNst4/8FU00v+BxY2WEk5XbbJ/bWlS4lxIW t+XJHSLe/cqK9ylRvhXUw4f4Cs5epqWJTlP5fB0v4hTiZZ/hVYbpoVjbrlAHYmxa Lhl/rGjik6URsU9e7XmQDc7TnM2ec8Sl+26zfJm/OvUyzwnwTmKI2SQRikBuW5E= =wHdI -----END PGP SIGNATURE----- |
