> with -ll, ftpd still logs failures as auth.log as
> same in ftpd.log
> [The IPs] they are not logged.
I did the three steps I mentioned and have failures with IPs
logged in /var/log/ftpd.log, for example:
connection from 79.165.190.70 (79.165.190.70)
FTP LOGIN FAILED FROM 79.165.190.70
FTP LOGIN FAILED FROM 79.165.190.70, Administrateur
repeated login failures from 79.165.190.70
... because the IP has no PTR
connection from projectvibe.net (205.234.98.200)
FTP LOGIN FAILED FROM projectvibe.net
FTP LOGIN FAILED FROM projectvibe.net, Administrator
IP has PTR, whose domain name is logged.
But you're right, in the second example, the host name is logged,
not the IP, but the IP is always logged in the "connection from"
lines.
"connection from" not the fault we are trying to block reactively.
Did you have any luck parsing the mailing list's archive?
no, neither in my personal archives, nor through google.
thanks
Len
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
