Crash on blacklist load using ipfw
Issue #14
resolved
Although it is said to be fixed, I still encounter crashes on the blacklist db. Deleting the blacklist db file and restarting sshguard service helps for a certain amount of time. Can't say for how long. At first it crashed at 18 lines in the blacklist file. Today I discovered it had crashed again with 78 lines in the db. And agian, deleting the blacklist file and restarting the service helped.
My system is FreeBSD 10.1-RELEASE-p16 SSHGuard installed from binary package, version 1.6.1, IPFW
On another FreeBSD system (10.2-RELEASE) and same version of SSHGuard, the service crashed with 25 lines in the blacklist db. Same story here. Deleting the db file and restarting worked (until the next crash)
I also noticed that the IPFW blocking rules for all those IP addresses in the blacklist db where gone. I assume these have been removed while the service was running.
Comments (5)
-
-
reporter
Thanks for your feedback. When do you think this will be available? By 'some setup' do you mean creating some space for ipfw rules in the 5000+ range?
-
As soon as I get my act together and write the setup documentation. It shouldn't be much; notably, the new backend now uses
ipfwtables, which requires you to add a rule in your firewall to match attacks in the table. -
- changed title to Crash on blacklist load using ipfw
-
assigned issue to
Kevin Zheng
-
- changed status to resolved
Fix available in v1.6.2.
- Log in to comment
This issue was fixed by rewriting the
ipfwbackend, but did not make it to 1.6.1. I'm considering releasing 1.6.2 with this change, but the new backend requires some set up inipfw.