Site Navigation

Date:      Wed, 15 Nov 2017 22:27:53 +0100
From:      Cos Chan <rosettas@gmail.com>
To:        Kurt Lidl <lidl@freebsd.org>
Cc:        Ian Smith <smithi@nimnet.asn.au>, freebsd-questions <freebsd-questions@freebsd.org>,  Michael Ross <gmx@ross.cx>
Subject:   Re: How to setup IPFW working with blacklistd
Message-ID:  <CAKV%2BxLBoDoG%2BYOVkX-PMBoZZw7Zv8db=U9j5KQxxT%2BayfNtGmw@mail.gmail.com>
In-Reply-To: <e2fdef2f-b1d9-00e6-6ea9-0f1b8d4217ed@FreeBSD.org>
References:  <mailman.87.1509969603.28633.freebsd-questions@freebsd.org> <20171106235944.U9710@sola.nimnet.asn.au> <CAKV%2BxLCizjt5M%2BmJmTZj-cr=D6rhXRwDjCkE=6Q-VQX73iY%2B4A@mail.gmail.com> <20171107033226.M9710@sola.nimnet.asn.au> <CAKV%2BxLBWgU6zmc7tQNA=0%2B=2aF23C1QfJ2i3q1gKYDttwsCTkg@mail.gmail.com> <20171107162914.G9710@sola.nimnet.asn.au> <CAKV%2BxLDQQcG3bvo1b2nUAu7oOVhdNzDDrPWTVp2qOmkWVV89BQ@mail.gmail.com> <20171108012948.A9710@sola.nimnet.asn.au> <CAKV%2BxLCQ9NE6%2BEg6NvHZuEED8Cf6ZX74unvk9ajfLyG-yA2rXA@mail.gmail.com> <CAKV%2BxLAkfiQCLXfgZOtQGUXOW8gYN7sjOD5uWezv-N%2BTBjybMQ@mail.gmail.com> <20171111213759.I72828@sola.nimnet.asn.au> <CAKV%2BxLDicLze3Dvd2i7HGWJUxCdSLjvhuWWZUJ65pMi%2Bx483=A@mail.gmail.com> <CAKV%2BxLAt4Ciqmg2w1iJK42jq6f%2BnumASKMQ=UL6dT%2BCdGYujVQ@mail.gmail.com> <CAKV%2BxLD_KE938JnmjDE=CmfZ7bOJ1CaqvWuQ%2B0jDzQNWM%2B6yLg@mail.gmail.com> <20171115192830.R72828@sola.nimnet.asn.au> <CAKV%2BxLB99A8RxyWh5vCnGweOXrCjmPw5r34-tXj=hhJkKcz1=w@mail.gmail.com> <e2fdef2f-b1d9-00e6-6ea9-0f1b8d4217ed@FreeBSD.org>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

On Wed, Nov 15, 2017 at 5:02 PM, Kurt Lidl <lidl@freebsd.org> wrote:

> On 11/15/17 6:46 AM, Cos Chan wrote:
>
> blacklistd.log:
>> Nov 15 12:13:42 res blacklistd[22100]: blocked 132.148.128.234/32:22 <
>> http://132.148.128.234/32:22>; for -1 seconds
>> Nov 15 12:15:40 res blacklistd[22100]: rule exists OK
>> Nov 15 12:15:40 res blacklistd[22100]: blocked 132.148.128.234/32:22 <
>> http://132.148.128.234/32:22>; for -1 seconds
>>
>
> The "-1 seconds" looks fishy to me.
>
> What is the /etc/blacklistd.conf on this machine?


the blacklistd.conf was here under while I got above logs:

# adr/mask:port type    proto   owner           name    nfail   disable
[local]
ssh             stream  *       *               *       2       *
ftp             stream  *       *               *       2       *
smtp            stream  *       *               *       2       *

# adr/mask:port type    proto   owner           name    nfail   disable
[remote]


>
>
> -Kurt
>
>


-- 
with kind regards

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAKV%2BxLBoDoG%2BYOVkX-PMBoZZw7Zv8db=U9j5KQxxT%2BayfNtGmw>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact