Date: Tue, 29 Sep 2015 14:04:45 +0200 From: Alexandre <axelbsd@ymail.com> To: FreeBSD Questions Mailing List FreeBSD Questions Mailing List <freebsd-questions@freebsd.org> Subject: SSHguard & IPFW Message-ID: <DUB118-W2564316B09E855F03F7D11B44E0@phx.gbl>
next in thread | raw e-mail | index | archive | help
Hi=2C=0A= =0A= I installed and configured IPFW on my box. I installed security/sshguard-ip= fw to block unwanted SSH connections.=0A= I did not added the line sshguard_enable=3D"YES" in /etc/rc.conf.=0A= Without this line in /etc/rc.conf=2C Bots IP addresses seems to be blocked = as expected (/var/log/messages):=0A= =0A= Sep 25 18:39:27 BoxName sshguard[7243]: Blocking 62.212.230.2:4 for>945secs= : 40 danger in 4 attacks over 514 seconds (all: 80d in 2 abuses over 2059s)= .=0A= =0A= With the command $ sudo ipfw list I can see the blocked IP adresse in the = deny list : =0A= 55031 deny ip from 62.212.230.2 to me=0A= =0A= Anyone can confirm (or not if I am wrong) that the line sshguard_enable=3D"= YES" is requested only if I install security/sshguard port?=0A= =0A= =0A= About the blocking rules reservation in IPFW (from rule 55000 to 55050)=2C = anyone experienced yet full use of these rules? =0A= By default=2C fifteen addresses can be blocked together. But how SSHGUARD w= orks in this case for the newest one (51th)?=0A= =0A= Thank you in advance for your clarifications.=0A= Alexandre=0A= =
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DUB118-W2564316B09E855F03F7D11B44E0>