In article <[email protected]>, Jan Danielsson <[email protected]> wrote: >Hello, > > Two questions regarding blacklistd[.conf]: > > 1) Is it possible to block the host, not specifically the service? >I.e. if host A.B.C.D keeps in trying to dictionary attack ssh, is it >possible to block A.B.C.D not limited to port 22?
No, there is no way to currently do that. I could add it, but the original intention was to protect at the service level. > 2) When I try to set the block duration to 30d in blacklistd.conf, it >only seems to block 5-6 days. A visual inspection of getsecs() in >conf.c doesn't yield an obvious explicit limitation. Should 30d work, >or is there a limit imposed elsewhere? I don't see one, but there could be a bug... christos
