On 2/21/20 11:49 AM, Ed Maste wrote:
> It seems starting sshd from inetd via tcpd is a reasonable approach
> for folks who want to use it; also, have folks using libwrap looked at
> sshd's Match blocks to see if they provide the desired functionality?
While match blocks can disallow a login from
On 2/14/20 6:37 PM, Ben Woods wrote:
> On Sat, 15 Feb 2020 at 4:27 am, Joey Kelly wrote:
>
>> On Friday, February 14, 2020 01:18:44 PM Ed Maste wrote:
>>> Upstream OpenSSH-portable removed libwrap support in version 6.7,
>>> released in October 2014. We've maintained a patch in our tree to
>>>
I do something related to this with fwlogwatch although it can probably
be adapted to any similar tool; when I hit the 'block' threshold, I
execute something like:
#!/bin/sh
HR=`date +%-k`
/sbin/ipfw table 0 add $3 ${HR}
.. so each entry has a tag indicating the hour at which the block was