cannot handle an IPv6 address correctly
Issue #27
resolved
sshguard cannot handle an IPv6 address correctly. It ends up with following syslog message:
Unable to interpret resolution result as IPv6 address: No space left on device.
Giving up entry.
The attached patch should fix the problem.
Comments (5)
-
-
reporter Just doing FTP with wrong password. At that time, following messages are loggied with my patch applied.
Mar 21 11:44:32 saku ftpd[23077]: FTP LOGIN FAILED FROM <REVERSE DNS NAME>, <USER> Mar 21 11:44:32 saku sshguard[8478]: Successfully resolved '<REVERSE DNS NAME>' --> 6:'<IPv6 ADDRESS>'.
I think thre is no reason to exclude an IPv6 address from trigering a name resolution.
-
Ahh, sorry, I assumed it was an IPv6 address that showed up in the logs, and the address was triggering the name resolution. As you indicated it's a hostname that shows up in the logs.
-
- changed status to resolved
Fixed in 960d68a, thanks!
-
-
assigned issue to
-
assigned issue to
- Log in to comment
Your patch is correct, but IPv6 addresses should not trigger a name resolution. What was the attack (or perhaps just the address) that's triggering this issue?