Crash on blacklist load using ipfw

Issue #14 resolved
gteley created an issue

Although it is said to be fixed, I still encounter crashes on the blacklist db. Deleting the blacklist db file and restarting sshguard service helps for a certain amount of time. Can't say for how long. At first it crashed at 18 lines in the blacklist file. Today I discovered it had crashed again with 78 lines in the db. And agian, deleting the blacklist file and restarting the service helped.

My system is FreeBSD 10.1-RELEASE-p16 SSHGuard installed from binary package, version 1.6.1, IPFW

On another FreeBSD system (10.2-RELEASE) and same version of SSHGuard, the service crashed with 25 lines in the blacklist db. Same story here. Deleting the db file and restarting worked (until the next crash)

I also noticed that the IPFW blocking rules for all those IP addresses in the blacklist db where gone. I assume these have been removed while the service was running.

Comments (5)

  1. Kevin Zheng

    This issue was fixed by rewriting the ipfw backend, but did not make it to 1.6.1. I'm considering releasing 1.6.2 with this change, but the new backend requires some set up in ipfw.

  2. gteley reporter

    Thanks for your feedback. When do you think this will be available? By 'some setup' do you mean creating some space for ipfw rules in the 5000+ range?

  3. Kevin Zheng

    As soon as I get my act together and write the setup documentation. It shouldn't be much; notably, the new backend now uses ipfw tables, which requires you to add a rule in your firewall to match attacks in the table.

  4. Log in to comment