Re: [Sshguard-users] Is sshguard working?

[SASAKI K. <cr...@sa...>]

How is next commnd ?
% sudo ipfw table 22 list

On my FreeBSD 10.1, it looks fine.

On Thu, 20 Aug 2015 19:19:39 -0700
li...@la... wrote:

> Yeah, I had the $ in the actual file, it just didn't make it to the email. ( I've noticed failing to match curly brackets locks up my VPS, but that is another story.) 
> 
> So basically I had entered what you suggested. Who creates this table?
> 
Tables are automatically created. And we can use there.
>From my /etc/rc.ipfw script.
> ...
> # Allow "mandatory" ICMP/ICMP6 in.
> ${fwcmd} add pass icmp from any to any icmptypes 3,4,11 keep-state
> if [ $ipv6_available -eq 0 ]; then
>         ${fwcmd} add pass ipv6-icmp from any to any icmp6type 3 keep-state
> fi
> 
> # New sshguard uses table.
> ${fwcmd} add deny log all from "table(22)" to any
> 
> # Allow packets for which a state has been built.
> ${fwcmd} add check-state
> ...
These rules works fine.


-- 
                     SASAKI Katuhiro

                 mailto: cr...@sa...