Date: Thu, 01 Dec 2016 14:10:00 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 214980] blacklistd and sshd incorrect counting of failed login attempts Message-ID: <bug-214980-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D214980 Bug ID: 214980 Summary: blacklistd and sshd incorrect counting of failed login attempts Product: Base System Version: 11.0-STABLE Hardware: amd64 OS: Any Status: New Severity: Affects Only Me Priority: --- Component: bin Assignee: freebsd-bugs@FreeBSD.org Reporter: azhegalov@gmail.com CC: freebsd-amd64@FreeBSD.org CC: freebsd-amd64@FreeBSD.org Created attachment 177576 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D177576&action= =3Dedit some output from ssh, blacklistd and blacklistctl Every one failed ssh login attempt generates several counts in blacklistd.d= b. After two attempts ssh -b 10.10.0.1 test@192.168.4.75 Password for test@192.168.4.75: Password for test@192.168.4.75: i got: blacklistctl dump -a address/ma:port id nfail last access 10.10.0.1/32:22 OK 6/5 2016/12/01 16:55:48 And /usr/libexec/blacklistd-helper script does not check ipfw rule existence before adding it. It generates excess rules like: ipfw show 02022 27 2244 deny tcp from table(port22) to any dst-port 22 02022 0 0 deny tcp from table(port22) to any dst-port 22 <----- 02022 0 0 deny tcp from table(port22) to any dst-port 22 <----- 02022 0 0 deny tcp from table(port22) to any dst-port 22 <----- 65535 799979 77763414 allow ip from any to any --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-214980-8>