Date: Tue, 09 Apr 2019 10:31:11 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 237151] blacklistd(8) doesn't respect IPv6 address pools whitelisting Message-ID: <bug-237151-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=237151 Bug ID: 237151 Summary: blacklistd(8) doesn't respect IPv6 address pools whitelisting Product: Base System Version: 11.2-STABLE Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: zarychtam@plan-b.pwste.edu.pl Blacklistd(8) is a great tool and can be easily adapted to limit ssh probes. It supports whitelisting address pools what is quite a handy feature because users from trusted networks are allowed to mistype their passwords without being banned. This feature (whitelisting) doesn't work for IPv6 address pools. The daemon accepts IPv6 whitelisting in /etc/blacklistd.conf, but doesn't respect it. In the example given bellow only first, IPv4 pool is whitelisted, IPv6 pool is ignored. # adr/mask:port type proto owner name nfail disable [remote] x.x.x.0/24:ssh * * * = * * [2001:x:x::/48]:ssh * * * = * * -- You are receiving this mail because: You are the assignee for the bug.help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-237151-227>