Date: Fri, 25 Nov 2016 15:12:18 -0500 From: Anton Yuzhaninov <citrin+bsd@citrin.ru> To: freebsd-questions@freebsd.org Subject: blacklistd(8) - entries don't removed Message-ID: <5ee1dcc7-643b-a7b1-7d1c-1017599bdfe5@citrin.ru>
next in thread | raw e-mail | index | archive | help
Hi all.
I started to use blacklistd(8) to protect sshd from bruteforce.
Entries are added to ipfw table via controlprog but never removed.
Blocked hosts after some time are removed from state database but even in
blacklistd -C /usr/local/libexec/blacklistd-helper -r -d -v
I see no attempts to run blacklistd-helper rem
Database contains stale entries:
$ blacklistctl dump -ar
address/ma:port id nfail remaining time
92.217.66.103/32:22 4/-1 -21d-38h-21m-38s
92.76.193.217/32:22 4/-1 -11d-57h-2m-26s
92.50.166.71/32:22 40/-1 -12d-29h-39m-57s
but ipfw table contains much more hosts...
Right now I have no time to debug this myself, but curious - does
anybody see same problems with blacklistd?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5ee1dcc7-643b-a7b1-7d1c-1017599bdfe5>