https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=214980
Bug ID: 214980
Summary: blacklistd and sshd incorrect counting of failed login
attempts
Product: Base System
Version: 11.0-STABLE
Hardware: amd64
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: bin
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected]
CC: [email protected]
Created attachment 177576
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=177576&action=edit
some output from ssh, blacklistd and blacklistctl
Every one failed ssh login attempt generates several counts in blacklistd.db.
After two attempts
ssh -b 10.10.0.1 [email protected]
Password for [email protected]:
Password for [email protected]:
i got:
blacklistctl dump -a
address/ma:port id nfail last access
10.10.0.1/32:22 OK 6/5 2016/12/01 16:55:48
And /usr/libexec/blacklistd-helper script does not check ipfw rule existence
before adding it. It generates excess rules like:
ipfw show
02022 27 2244 deny tcp from table(port22) to any dst-port 22
02022 0 0 deny tcp from table(port22) to any dst-port 22 <-----
02022 0 0 deny tcp from table(port22) to any dst-port 22 <-----
02022 0 0 deny tcp from table(port22) to any dst-port 22 <-----
65535 799979 77763414 allow ip from any to any
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-amd64
To unsubscribe, send any mail to "[email protected]"
