Summary: | blacklistd entry's vanishes after ~1m | ||
---|---|---|---|
Product: | Base System | Reporter: | Gian-Simon Purkert <gspurki> |
Component: | bin | Assignee: | freebsd-bugs (Nobody) <bugs> |
Status: | Closed Works As Intended | ||
Severity: | Affects Only Me | CC: | chris, zarychtam |
Priority: | --- | ||
Version: | 12.2-RELEASE | ||
Hardware: | amd64 | ||
OS: | Any |
Description
Gian-Simon Purkert
2021-06-29 08:34:34 UTC
It's not a bug but a misconfiguration. Please try adding your custom port to blacklistd.conf and try to reproduce, otherwise default rule will be applied: * * * * * 4 60 If it helps, please consider closing this PR. (In reply to Marek Zarychta from comment #1) the entry is there with the correct custom port, but vanishes >If it helps, please consider closing this PR. No, i does not help. (In reply to Gian-Simon Purkert from comment #2) Works for me as intended, including custom ports. I must be misconfiguration, does "anchor "blacklistd/*" in on $EXT_IF" apply to VPN traffic? (In reply to Marek Zarychta from comment #3) I used the vpn to make the attack. It's a bit like this bug: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=247309 (In reply to Gian-Simon Purkert from comment #4) Indeed, the documentation is not one of the strengths here. Could you please past the output from commands: sockstat -lP tcp |grep sshd cat /etc/blacklistd.conf (In reply to Marek Zarychta from comment #5) It works now, i commented out the * * * * * 4 60 rule. It now blocks the right port and ip. Thanks for the help! (In reply to Gian-Simon Purkert from comment #6) >It works now, i commented out the >* * * * * 4 60 This one can be left, but has to be the last one |