Menu
▾
▴
Re: [Sshguard-users] Is sshguard working?
|
From: Willem J. W. <wj...@di...> - 2015-08-10 18:05:36
|
On 10-8-2015 19:05, Kevin Zheng wrote: > Hi Mark, > > On 08/10/2015 11:11, Mark Felder wrote: >> Kevin, is this the patch in question? >> >> https://bitbucket.org/sshguard/sshguard/commits/da561435cc29c22ee3b545b61e76aa318ec8fd0f/raw/ > > I've attached the patch that fixes 'ipfw' support. You can generate this > yourself by running: > > $ git diff v1.6.1 origin/1.6 > > Most of this diff consists of deletions. You can safely ignore the hunk > that deletes 'src/fwalls/ipfw.c' if you're putting this in ports. > > Keep in mind that in order to use this, users will have to add a rule to > their 'ipfw' ruleset that blocks addresses from table 22: > > # ipfw add 50000 deny ip from table\(22\) to me 50000 is a very high number, while you would like to lock out bad guys as early as possible.... For me it is like the 6th or 7th rule in the firewall > This will likely change in 1.7, where I think I'll have sshguard insert > this rule automatically. I would consider that a real bad design.... IMHO Stuffing automagical things in a firewall is asking for a lot of unexpected trouble... --WjW |
