Date: Mon, 17 Apr 2023 13:51:59 -0700 From: Pete Wright <pete@nomadlogic.org> To: questions@freebsd.org Subject: Re: Blacklistd Issues Message-ID: <e28d3882-9584-8f57-228b-1e0db8cf9c1c@nomadlogic.org> In-Reply-To: <C632EC86-6745-42F9-A5EE-FE604C7A8599@sermon-archive.info> References: <C632EC86-6745-42F9-A5EE-FE604C7A8599@sermon-archive.info>
next in thread | previous in thread | raw e-mail | index | archive | help
On 4/17/23 13:38, Doug Hardie wrote: > I have been implementing blacklistd. It works fine with postfix and > my web server. However, sshd is not working. I have enabled the > UseBlacklistd configuration line. However, no amount of invalid > id/passwords generate an entry in either blacklistd or pf. Running > ktrace with invalid web requests on blacklistd shows that it obtains > the endpoints properly and calls the helper to do the work. However, > when sending invalid id/passwords via ssh, blacklistd does receive the > proper packets from sshd and it obtains the endpoints, but just ends. > It never calls the helper. I have the entry in blacklistd.conf for > that port, and blacklistd has been restarted many times. Any ideas > what I need to do to get blacklistd to record the calls. There is no > table in pf for that port. However, it appears there needs to be at > least one call to make the table appear. > > -- Doug > shot in the dark - did you set: UseBlacklist yes in /etc/ssh/sshd_conf then restart sshd? -pete -- Pete Wright pete@nomadlogic.org @nomadlogicLA
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?e28d3882-9584-8f57-228b-1e0db8cf9c1c>