Re: [Sshguard-users] New ipfw backend

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Greetings,

On 06/21/2015 23:43, SASAKI Katuhiro wrote:
> 1. In the viewpoint of ipfw , tables are specified by number (0 to 
> 65535). We can't assign the name like "sshguard" for tables. It 
> became necessary to replace "sshguard" with some number (22, for 
> example).

Thanks for pointing this out; I realized this eventually. The
implementation currently in the 'master' branch is correct.

> 2. Command "ipfw table [table number] add" can receive only one
> target (IP address, and some other search keys) at a time. Using
> loop in "COMMAND_BLOCK_LIST" looks reasonable for me.

I believe the original intent for using COMMAND_BLOCK_LIST was to
reduce the number of calls to system(), thus reducing the number of
shells that are spawned. So far this isn't an issue, so I'm erring on
the side of keeping this simple.

Thanks,
Kevin Zheng

- -- 
Kevin Zheng
kev...@gm... | ke...@kd... | PGP: 0xC22E1090
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJViBd0AAoJEOrPD3bCLhCQN4AIAJGLFd0XEZaPug2ki8DSlIFv
xVN6Ha4sAOadGIu7/Nlq7dTTFuADW2o0FvlMeRW1UiRUZ+mfKzgS5bHZtwUtcxa3
SAjNj/N2sCslYZZIpQSSexlLLWNBQtQvjF/yIycXGYfnnKxD6OIem3kbkzGMFhKt
hpbt9bDPRtFECXOG2xQCjbXp4fzokjgG6P4DORrzUmE/KFywG6rom4dVnNAmYqjn
tlJ5la80Rre8IlR1O8i6wGd6HG/hy3Bph5th3Mb3Ql2A1RrVRS6H6SzNl6xkuN80
0T7+WPGNDkyxxD4UPRGvFKNsPOsYRE/ImtKsgK68ZiMpapDCIVmVMJGgNnymUwA=
=El8h
-----END PGP SIGNATURE-----

Re: [Sshguard-users] New ipfw backend

Intelligently block brute-force attacks by aggregating system logs

Re: [Sshguard-users] New ipfw backend