Current-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: blacklistd is now available for current (comments?)
christos%zoulas.com@localhost (Christos Zoulas) writes:
>
> You can get it from http://www.netbsd.org/~christos/blacklistd.tar.gz
>
> Appended is the README file. I wrote this over the weekend, it seems to
> work :-) Please let me know what you think? Is it useful? Should I commit
> it to the base system? Do you have any suggestions to improve it?
[ ... ]
> The configuration file contains entries of the form:
>
> # Blacklist rule
> # Port type protocol owner nfail disable
> ssh stream tcp * 6 60m
> ssh stream tcp6 * 6 60m
What about hosts with multiple addresses and multiple instances
of the same daemon? I.e. an ssh daemon for ordinary login on IP
address a.b.c.d, and an anoncvs ssh daemon on a.b.c.e, and you
want different policies for how to blacklist remote clients?
Maybe do something like postfix, and allow a.b.c.d:ssh as a
service specifier instead of just a port number/name?
-jarle
--
"Crime in multi-storey car parks. That is wrong on so many different levels."
-- Tim Vine
Home |
Main Index |
Thread Index |
Old Index