i know .but consider that this was not my request. i was just answering a question and giving a suggestion.
so i have no intentions to implement this on my side

Am 21.05.2021 um 16:56 schrieb Hans Harder:
You can add some small code  in svr_main.c for allowing/denying remote
servers based on their ip address

                         getaddrstring(&remoteaddr, &remote_host, NULL, 0);
/* HH hostallow start */
                        /* Check if remote host is allowed */
                         if (hostallow_check(remote_host) == 0) {
                             fprintf(stderr,"Not allowed, closing 
connection\n");
                             goto out;
                         }
/* HH hostallow end */
                         /* Limit the number of unauthenticated
connections per IP */
                         num_unauthed_for_addr = 0;
                         num_unauthed_total = 0;
                         for (j = 0; j < MAX_UNAUTH_CLIENTS; j++) {

just add something like this in svr_main.c in the  the main_noinetd function
I check in the hostallow_check function if there is a certain file
like  host_<remote_host>.allow in a certain directory
if not it will close the connection.

Hans


On Thu, May 20, 2021 at 5:05 PM Sebastian Gottschall
<s.gottsch...@dd-wrt.com> wrote:
what about a feature like blocking a client for N minutes if more than N
times of failed logins. its relativily easy to implement and lows down
brute force attacks

Am 20.05.2021 um 16:44 schrieb Matt Johnston:
On Thu, May 20, 2021 at 02:29:20PM +0000, Walter Harms wrote:
Thx for the fast response,
for the background: little system, far-far-away land, but some script-kiddie is 
filling the log ...
so no iptables or other fancy stuff. Seems i have to change that, somehow.

@matt:
in case i get something working ...
i am thinking about fnmatch and inet_ntoa would that be acceptable ?
I'm not really sure it's the job of Dropbear to be doing
that filtering. Though I wonder if it might make sense to
optionally not bother logging failed SSH auth attempts,
given how many there are...

Cheers,
Matt

Reply via email to