Date: Wed, 30 Sep 2015 09:41:55 +0200 From: Nino J <nino80@gmail.com> To: Alexandre <axelbsd@ymail.com> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: SSHguard & IPFW Message-ID: <CALf6cgZYJxQQA5Dxtu2QKzRC7FebeXte7NNRmGwOa5ma7We=tQ@mail.gmail.com> In-Reply-To: <DUB118-W32603EFCC32F67913C02BEB44E0@phx.gbl> References: <DUB118-W2564316B09E855F03F7D11B44E0@phx.gbl> <1443531575.1236.13.camel@michaeleichorn.com> <DUB118-W32603EFCC32F67913C02BEB44E0@phx.gbl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Sep 29, 2015 at 4:24 PM, Alexandre <axelbsd@ymail.com> wrote: > > >> About the blocking rules reservation in IPFW (from rule 55000 to > >> 55050), anyone experienced yet full use of these rules? > >> By default, fifteen addresses can be blocked together. But how SSHGUARD > >> works in this case for the newest one (51th)? > >> > >> Thank you in advance for your clarifications. > >> Alexandre > To answer your second question, IPFW has no problem using the same rule number for multiple rules. Thus sshguard is not limited to 50 addresses. Also, next version of sshguard won't use IPFW rules, but rather an IPFW table to insert IP addresses to be blocked. Thus it will only need a single deny rule. I'm currently using development version of sshguard which uses IPFW table and it works fine for me. Regards, -- Nino
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CALf6cgZYJxQQA5Dxtu2QKzRC7FebeXte7NNRmGwOa5ma7We=tQ>