Hi,
I installed and configured IPFW on my box. I installed security/sshguard-ipfw to block unwanted SSH connections.
I search and read a lot of thing on Internet, but I did not found reply to the following question : the line sshguard_enable="YES" in /etc/rc.conf is requested or not with this port?
Without this line in /etc/rc.conf, IP addresses seem to be blocked as expected:
With the command
I assume the line sshguard_enable="YES" is requested only if I install the port security/sshguard. Am I right?
About the blocking rules reservation in IPFW (from rule 55000 to 55050), anyone experienced yet full use of these rules? I mean fifteen addresses are blocked together and how SSHGUARD works in this case for the newest one?
Thank you in advance.
I installed and configured IPFW on my box. I installed security/sshguard-ipfw to block unwanted SSH connections.
I search and read a lot of thing on Internet, but I did not found reply to the following question : the line sshguard_enable="YES" in /etc/rc.conf is requested or not with this port?
Without this line in /etc/rc.conf, IP addresses seem to be blocked as expected:
Code:
Sep 25 18:39:27 BoxName sshguard[7243]: Blocking 62.212.230.2:4 for >945secs: 40 danger in 4 attacks over 514 seconds (all: 80d in 2 abuses over 2059s). $ sudo ipfw list I can see the blocked IP adresse in the deny list
Code:
55031 deny ip from 62.212.230.2 to meAbout the blocking rules reservation in IPFW (from rule 55000 to 55050), anyone experienced yet full use of these rules? I mean fifteen addresses are blocked together and how SSHGUARD works in this case for the newest one?
Thank you in advance.