Menu
▾
▴
Re: [Sshguard-users] Is sshguard working?
|
From: Kevin Z. <kev...@gm...> - 2015-08-10 18:27:25
|
On 08/10/2015 13:04, Willem Jan Withagen wrote: > 50000 is a very high number, while you would like to lock out bad guys > as early as possible.... > For me it is like the 6th or 7th rule in the firewall Right, the intention is to use a high number so that the rules set by SSHGuard do not override the users' own rules. > I would consider that a real bad design.... > IMHO Stuffing automagical things in a firewall is asking for a lot of > unexpected trouble... I share your concern, but it is partially mitigated by the fact that the rule number is so high; more likely than not it will not trample on the users' own rules. There is also precedent: since the 'ipfw' backend was conceived it has always added firewall rules automatically. But I'm open to suggestions on how I can do better. Thanks, Kevin Zheng -- Kevin Zheng kev...@gm... | ke...@kd... | PGP: 0xC22E1090 |
