Date: Mon, 6 Jun 2016 22:26:08 +0300 From: Andrey Chernov <ache@freebsd.org> To: Slawa Olhovchenkov <slw@zxy.spb.ru> Cc: Ian Lepore <ian@freebsd.org>, lidl@FreeBSD.org, Matteo Riondato <rionda@gmail.com>, svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r301226 - in head: etc etc/defaults etc/periodic/security etc/rc.d lib lib/libblacklist libexec libexec/blacklistd-helper share/mk tools/build/mk usr.sbin usr.sbin/blacklistctl usr.sbin... Message-ID: <8d160780-470e-f1e4-3eb5-bd460a70d1a7@freebsd.org> In-Reply-To: <20160606175234.GG75625@zxy.spb.ru> References: <201606021906.u52J649H019481@repo.freebsd.org> <BC308CA2-2EE2-448A-9641-0BB769045868@gmail.com> <90df7c5b-7680-3de0-68ba-ab9bd1c9d73e@FreeBSD.org> <1465232404.1188.5.camel@freebsd.org> <9aafd3b8-ebe2-5ac8-e91b-31ffed34eff1@freebsd.org> <1465233764.1188.9.camel@freebsd.org> <ab8b6207-bceb-f5a8-3db8-69cd344677df@freebsd.org> <20160606175234.GG75625@zxy.spb.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On 06.06.2016 20:52, Slawa Olhovchenkov wrote: >> BTW, it is good idea: to check first, is supported firewall enabled, and >> only then enable blacklistd by default. > > What purpose? SUDDENLY lockout access to own host after some mistake > in password? I agree that default 1 day locking is too restricting. I prefer floating scale of fail2ban which have several 15min locks (which is not big lockout for yourself) before one big lock after them, but currently blacklistd can't do that.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8d160780-470e-f1e4-3eb5-bd460a70d1a7>