Hi René, Thanks for your reply.
On Wednesday 19 March 2008, René Berber wrote: > Joop Beris wrote: > > I have a question about how to remove a certain host from the blocking > > process. I have followed the documented procedure as I have found it on > > the website and explained here on the mailing list archive, and I think I > > did everything the right way, yet the host is still automatically added > > to /etc/hosts.deny. > > Easy way out: add your work IP to /etc/hosts.allow, with the proper > syntax of course. Yes, that is the easy way out. However, I think there should be a (straightforward) way to accomplish this with Denyhosts, since that is the program that is doing the blocking in the first place. > > - Stop the denyhosts daemon. > > - Remove the host from /etc/hosts.deny > > - Added the host to /[WORK-DIR]/allowed-hosts > > - Removed the host from all other files in /[WORK-DIR] > > - Removed the offending lines from the syslog so it would not be picked > > up again by denyhosts > > This step may be the problem: if you manually change the log file > denyhosts detects that it changed and scans it again. If I did not do this step, Denyhosts would pick up the IP address again from /var/log/messages, where my syslog leaves its logging. At least, that is what I thought. Also, with this host no longer being IN /var/log/messages, after starting the Denyhosts daemon, how did Denyhosts pick the IP address up again? I think the above steps get rid of any trace that this host was/should be blocked? > > - Started the denyhosts daemon > Where did you see the step that changes the log? If it is in the FAQ, I > think it should be corrected. It's not in the FAQ. After I did it the FAQ way, the IP address got dumped back in /etc/hosts.deny almost right away. The only way that was possible, or so I thought, was if Denyhosts re-scanned /var/log/messages, discovered the IP and blocked it again. So I followed the FAQ again and removed the lines from /var/log/messages. So without the IP address being present in /var/log/messages, and without the IP address being present in any file in the work-dir EXCEPT allowed-hosts, how did the host get added back to /etc/hosts.deny?? Any thoughts? Thanks, Joop ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
