Hi Will.
On 22 Apr 2014, at 3:01 am, Will Nordmeyer, WnA Consulting Services
<[email protected]> wrote:
> On my server, it seems that one mistake entering the admin password (and
> maybe site admin passwords) blocks the offending IP. Since I have a rather
> complex admin password, I'd like to tweak dfix/dfix2 to give me a slightly
> wider allowance.
>
> I've reviewed dfix2.sh but that just has a start/stop process - the start
> process makes sure the iptables lists exist, and sets up a list of trusted
> IPs from the ifconfig & resolv.conf file.
>
> dfix.sh appears to do all the work but I haven't managed to track exactly
> where the limit for bad password is set.
>
> I'd also like to improve the logging so that when it blocks an IP, it gives
> the reason behind it.
>
Initially, have a look at /var/log/sec to see details of a reason for block.
There are rule names like ssh-b1... Let me know which one is hitting your log
file in this situation, and I can tell you how to tweak.
Note: I am away travelling, but I'll get you a response asap.
Greg.
_______________________________________________
Blueonyx mailing list
[email protected]
http://mail.blueonyx.it/mailman/listinfo/blueonyx
