Hi all, We've just noticed a slight issue with Active Response on our FTP servers.
If a child ftp process dies and is picked up in the logs by ossec, it adds the offending IP to the IP Tables DROP list. Is there a way to set it to warn us if it's an FTP error but continue to add the DROP if it is any other protocol? Thanks, PF.
