Menu
▾
▴
[SSHGuard-users] sshguard restart and ipfw table 22 rewritten
|
From: chebo <it...@ch...> - 2016-06-10 12:38:33
|
<div>Hello. I use a translator.<br /><br />My apologies if I'm doing something wrong. The first time I use a mailing list in this situation. </div><div><span data-align="222:229">I found</span><span> </span><span data-align="230:250">a similar problem</span><span>, </span><span data-align="252:269">but the final</span><span> </span><span data-align="270:276">answer</span><span> </span><span data-align="277:284">is not there</span><span> </span><span data-align="285:344">https://sourceforge.net/p/sshguard/mailman/message/35119986</span><span>/</span></div><div>I wanted to write directly to the author of the last letter, but his address closed.<br />______________<br />My problem.<br /><br />1. The guard blocked my host and added it to the blacklist.<br />2. I can see it in the blacklist and with the command: ipfw table 22 list.<br />3. I removed the host from the blacklist (vi /var/db/sshguard/blacklist.db) and then removed from the table 22 (table 22 ipfw delete 192.168.0.1).<br />4. After every reboot of the computer or just restarting the daemon. The host again 5. appears in table 22 and disappears from there after 5 minutes.<br /><br />Why? From there he is taken if the blacklist is empty. </div><div> </div><div>____________</div><div>I installed from the latest ports sshguard-ipfw-1.6.4_1<br />OS - Freebsd 10.3<br /><br />I tried to use the defaults and changed.<br /><br />sshguard_enable="yes"<br />sshguard_watch_logs="/var/log/auth.log"<br />sshguard_danger_thresh="30"<br />sshguard_blacklist="100:/var/db/sshguard/blacklist.db"<br />sshguard_release_interval="120"<br />#sshguard_reset_interval="1800"<br />#sshguard_whitelistfile=/var/db/sshguard/whitelist.db<br />#shguard_flags=""</div><div> </div><div>-- </div> |
