The RESET doesn't effect /etc/hosts.deny-- so if the IP is already in
there, although the WORK_DIR files will be updated to reset the IP,
/etc/hosts.deny won't be. You need to manually remove the IP from there
(or wait for the PURGE to remove it).
The reason is... if an IP is already in /etc/hosts.deny then you won't be
able to successfully login so RESET_ON_SUCCESS won't apply.
Phil
On Thu, 25 Oct 2007, Sverker Abrahamsson wrote:
> Hi,
> I can't get RESET_ON_SUCCESS to work, i.e. that a successful login resets the
> failed attempts counter. The operating system is CentOS 5 and a log entry of
> a successful login looks like this:
>
> Oct 24 09:28:43 lime2 sshd[9657]: Accepted password for root from
> 213.112.92.77 port 1139 ssh2
>
> The regexp for detectint successful logins looks like this:
>
> Accepted (?P<method>.*) for (?P<user>.*?) from
> (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
>
> I tested to set SUCCESSFUL_ENTRY_REGEX in the config file but no change. As
> far as I can see that regexp should match the log entry but still the ip
> isn't purged from hosts.deny.
>
> What could be the cause and how to solve it? There is a FAQ entry on this
> topic, 2.16, but it doesn't seam to show the correct answer but instead how
> to match a failed entry.
> /Sverker
--
Regards,
Phil Schwartz
- http://www.phil-schwartz.com
Open Source Projects:
- DenyHosts: http://www.denyhosts.net
- Kodos: http://kodos.sourceforge.net
- ReleaseForge: http://releaseforge.sourceforge.net
- Scratchy: http://scratchy.sourceforge.net
- FAQtor: http://faqtor.sourceforge.net
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Denyhosts-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/denyhosts-user
