Date: Mon, 05 Dec 2016 08:53:23 +0800 From: Ernie Luzar <luzar722@gmail.com> To: Anton Yuzhaninov <citrin+bsd@citrin.ru> Cc: freebsd-questions@freebsd.org Subject: Re: blacklistd(8) - entries don't removed Message-ID: <5844BA83.8030601@gmail.com> In-Reply-To: <5ee1dcc7-643b-a7b1-7d1c-1017599bdfe5@citrin.ru> References: <5ee1dcc7-643b-a7b1-7d1c-1017599bdfe5@citrin.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Anton Yuzhaninov wrote: > Hi all. > > I started to use blacklistd(8) to protect sshd from bruteforce. > > Entries are added to ipfw table via controlprog but never removed. > > Blocked hosts after some time are removed from state database but even in > blacklistd -C /usr/local/libexec/blacklistd-helper -r -d -v > I see no attempts to run blacklistd-helper rem > > Database contains stale entries: > $ blacklistctl dump -ar > address/ma:port id nfail remaining time > 92.217.66.103/32:22 4/-1 -21d-38h-21m-38s > 92.76.193.217/32:22 4/-1 -11d-57h-2m-26s > 92.50.166.71/32:22 40/-1 -12d-29h-39m-57s > > but ipfw table contains much more hosts... > > Right now I have no time to debug this myself, but curious - does > anybody see same problems with blacklistd? Seems your the first person to use this new function in 11.0. Read its man page for email of person who ported this from openbsd and contact him directly.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5844BA83.8030601>