Sverker Abrahamsson wrote:
> I can't get RESET_ON_SUCCESS to work, i.e. that a successful login
> resets the failed attempts counter. The operating system is CentOS 5 and
> a log entry of a successful login looks like this:
>
> Oct 24 09:28:43 lime2 sshd[9657]: Accepted password for root from
> 213.112.92.77 port 1139 ssh2
> The regexp for detectint successful logins looks like this:
>
> Accepted (?P<method>.*) for (?P<user>.*?) from
> (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
> I tested to set SUCCESSFUL_ENTRY_REGEX in the config file but no change.
> As far as I can see that regexp should match the log entry but still the
> ip isn't purged from hosts.deny.
DenyHosts doesn't purge it immediately, the reset is to the counter (of failed
attempts), the purge comes after PURGE_DENY has elapsed.
> What could be the cause and how to solve it?
If your IP is already on hosts.deny, then you have two ways to whitelist it, OK
it's 2 + 1 not using white lists:
1. Wait until it is purged (conf. PURGE_DENY);
2. Follow the cleanup procedure (the message from Phil Schwartz, just before
yours, details once again how to do it);
3. White list it permanently by adding the IP to hosts.allow .
--
René Berber
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Denyhosts-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/denyhosts-user
