From owner-freebsd-questions@freebsd.org Wed Sep 30 09:08:30 2015 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E85BAA0CDCA for ; Wed, 30 Sep 2015 09:08:29 +0000 (UTC) (envelope-from axelbsd@ymail.com) Received: from nm42-vm1.bullet.mail.gq1.yahoo.com (nm42-vm1.bullet.mail.gq1.yahoo.com [67.195.87.152]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B3CAF1335 for ; Wed, 30 Sep 2015 09:08:28 +0000 (UTC) (envelope-from axelbsd@ymail.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ymail.com; s=s2048; t=1443604102; bh=iwNnlMOhm1rkWQa2ol9NEbILekEnu0ioOzN40+GeWH4=; h=From:To:CC:Subject:Date:In-Reply-To:References:From:Subject; b=d1qoPJmbTbKp72MEQmmXM5IfgGZdRBztkDR+jlEutrlfSSF848QxiZ2sSqkXWUD/ApwVBB/bMZZi+E3mz7wk7119RpzPTeDVQtv36krJlBHbjaISQ57eSa/QCa9V2XQPQbo6MtM/iGTlDIjO0+L8iMwrcynv6wpS1CYG94+mS1vb020tpFJazqGbO2Zxz/OkcJENzt3beH6BmKUdojGWsg5ZOGFXsU2t6zO0qaCCdwZQck42edz2awEjReLWfqx9OMtd1K01by9LrUdugR+r8Twgmrrj8TMLWPmnZ4Yzjn+bfx9n3k/qGh4crdEGdflygQeDX/dzsyJxeUMRDglyPw== Received: from [127.0.0.1] by nm42.bullet.mail.gq1.yahoo.com with NNFMP; 30 Sep 2015 09:08:22 -0000 Received: from [98.137.12.60] by nm42.bullet.mail.gq1.yahoo.com with NNFMP; 30 Sep 2015 09:05:29 -0000 Received: from [212.82.98.60] by tm5.bullet.mail.gq1.yahoo.com with NNFMP; 30 Sep 2015 09:05:29 -0000 Received: from [46.228.39.109] by tm13.bullet.mail.ir2.yahoo.com with NNFMP; 30 Sep 2015 09:05:29 -0000 Received: from [127.0.0.1] by smtp146.mail.ir2.yahoo.com with NNFMP; 30 Sep 2015 09:05:29 -0000 X-Yahoo-Newman-Id: 105475.62700.bm@smtp146.mail.ir2.yahoo.com X-Yahoo-Newman-Property: ymail-4 X-YMail-OSG: edM0HuEVM1ntMx3YgGgNwzfon407DWoKKqcWfqAmKP8a13Z WIMeI31_2b3zp1TZZI6F0w4I3FLDRnyOlnBFJzDoRKKRpcPv3nrbbn70Rk66 b_BgyONZP9dBlTkuNqN48R3rCMd9iRzeHntq5HjU7DwOTR9O8aUUK7kSXoP5 bcGtYRNcT5Y1LJGom8vBPi.MNWPpBNRTpbveSS530qks4QaTSYwkOpWliplT 5b9Wc9nfWqLlz0mgJ4N5OuyPMjy_av79ZaewtzAk6wkJjeEv4AFDbCW5O7g5 EjLYTlS0YSMgj9nCYjgtrzFnNQ5S69jm8WTZAVvOdzQ23wp3rqcj78KnJgG_ xuYkEOBwfYqI6Xt.T34XDm1_HqC1MRyTfOChUuvdi6ktcrNpx8kPi9o1okY. O0Lmdutrdy6hAuSniEvWWAj.ZTwyy0sjEm0hfMSwF7VfxiZXV4l.irOqe.hz LMHyZJQ.eIo_fghixiuGNAvyyGaloEXI.q3jcMbt9aWttz3_GtivLNv7Wiau oonCeV3IJ5Y3hV4hw7NzhfOQ.YzETZnTo5ic2T27AnRbirgD0dd2r7i_AjHc LJQ-- X-Yahoo-SMTP: S65s63SswBDjU54Gjqw2GSWlZmfgiEU_X3tN1_9u Received: from DUB118-W29 ([157.56.194.39]) by DUB004-WSS1S1.hotmail.com over TLS secured channel with Microsoft SMTPSVC(7.5.7601.23008); Wed, 30 Sep 2015 02:05:28 -0700 X-TMN: [Yj2cqNeln4Jt0D7cNepGSHZt40jpV6wp] Message-ID: From: Alexandre To: Nino J CC: "freebsd-questions@freebsd.org" Subject: RE: SSHguard & IPFW Date: Wed, 30 Sep 2015 11:05:28 +0200 Importance: Normal In-Reply-To: References: , <1443531575.1236.13.camel@michaeleichorn.com>, , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginalArrivalTime: 30 Sep 2015 09:05:28.0583 (UTC) FILETIME=[26D6F170:01D0FB5F] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Sep 2015 09:08:30 -0000 Thank you Nino for your reply.=0A= Effectively today I can see a line with multiple IP addresses on the same r= ule number. =0A= =0A= About the next version of SSHGuard=2C you mean SSHGuard (for IPFW) will wor= ks the same way than SSHGuard for PF?=0A= =0A= Regards.=0A= Alexandre=0A= =0A= ----------------------------------------=0A= > From: nino80@gmail.com=0A= > Date: Wed=2C 30 Sep 2015 09:41:55 +0200=0A= > Subject: Re: SSHguard & IPFW=0A= > To: axelbsd@ymail.com=0A= > CC: freebsd-questions@freebsd.org=0A= >=0A= > On Tue=2C Sep 29=2C 2015 at 4:24 PM=2C Alexandre wrot= e:=0A= >=0A= >>=0A= >>>> About the blocking rules reservation in IPFW (from rule 55000 to=0A= >>>> 55050)=2C anyone experienced yet full use of these rules?=0A= >>>> By default=2C fifteen addresses can be blocked together. But how SSHGU= ARD=0A= >>>> works in this case for the newest one (51th)?=0A= >>>>=0A= >>>> Thank you in advance for your clarifications.=0A= >>>> Alexandre=0A= >>=0A= >=0A= > To answer your second question=2C IPFW has no problem using the same rule= =0A= > number for multiple rules. Thus sshguard is not limited to 50 addresses.= =0A= >=0A= > Also=2C next version of sshguard won't use IPFW rules=2C but rather an IP= FW=0A= > table to insert IP addresses to be blocked. Thus it will only need a sing= le=0A= > deny rule.=0A= >=0A= > I'm currently using development version of sshguard which uses IPFW table= =0A= > and it works fine for me.=0A= >=0A= > Regards=2C=0A= > --=0A= > Nino=0A= > _______________________________________________=0A= > freebsd-questions@freebsd.org mailing list=0A= > https://lists.freebsd.org/mailman/listinfo/freebsd-questions=0A= > To unsubscribe=2C send any mail to "freebsd-questions-unsubscribe@freebsd= .org"=0A= =