Menu
▾
▴
Re: [SSHGuard-users] Blocked attackers can still access docker containers
|
From: Kevin Z. <kev...@gm...> - 2020-02-08 16:25:34
|
On 2/8/20 3:50 AM, Jos Chrispijn wrote: > On 1-11-19 3:40, gi1...@gm... wrote: >> You could try: >>> 1) changing the blacklist chain to 'hook prerouting' instead of 'hook >>> input', with a higher priority than that of chain PREROURTING, i.e. >>> block the traffic before it even reaches the NAT chain. This should >>> make sshguard block both container- and host-destined traffic. > Kev, could you implement/default that in the next update/grade of SSHGuard? > Have a good weekend y'all! I don't have a machine that I can test that on. Is somebody impacted by this willing to submit a patch that a few on the list can test? -- Kevin Zheng kev...@gm... | ke...@be... XMPP: ke...@ee... |
