Skip to content

LEDE running latest dropbear, some log can not trigger iptable ban  #9

New issue
New issue
Open
Open
LEDE running latest dropbear, some log can not trigger iptable ban #9
@Cye3s

Description

@Cye3s
Cye3s
opened on Sep 18, 2017

LEDE 17.01.2
dropbear 2017.75-3 with option '-T' , can set max auth tries

my config
config bearDropper
option defaultMode entire
option attemptCount 5
option attemptPeriod 12h

Need to add log scanning regexs?

Mon Sep 18 05:56:48 2017 authpriv.info dropbear[29286]: Child connection from 14.17.121.130:43422
Mon Sep 18 05:56:48 2017 authpriv.info dropbear[29286]: Exit before auth (user 'root', 1 fails): Exited normally
Mon Sep 18 05:56:48 2017 authpriv.info dropbear[29295]: Child connection from 14.17.121.130:45913
Mon Sep 18 05:56:49 2017 authpriv.info dropbear[29295]: Exit before auth (user 'root', 1 fails): Exited normally
Mon Sep 18 05:56:49 2017 authpriv.info dropbear[29302]: Child connection from 14.17.121.130:47965
Mon Sep 18 05:56:50 2017 authpriv.info dropbear[29302]: Exit before auth (user 'root', 1 fails): Exited normally
Mon Sep 18 05:56:50 2017 authpriv.info dropbear[29311]: Child connection from 14.17.121.130:52259
Mon Sep 18 05:56:51 2017 authpriv.info dropbear[29311]: Exit before auth (user 'root', 1 fails): Exited normally
Mon Sep 18 05:56:51 2017 authpriv.info dropbear[29320]: Child connection from 14.17.121.130:54620
Mon Sep 18 05:56:52 2017 authpriv.info dropbear[29327]: Child connection from 14.17.121.130:56559
Mon Sep 18 05:56:52 2017 authpriv.info dropbear[29320]: Exit before auth (user 'root', 1 fails): Exited normally
Mon Sep 18 05:56:53 2017 authpriv.info dropbear[29336]: Child connection from 14.17.121.130:57249
Mon Sep 18 05:56:53 2017 authpriv.info dropbear[29327]: Exit before auth (user 'root', 1 fails): Exited normally
Mon Sep 18 05:56:53 2017 authpriv.info dropbear[29336]: Exit before auth (user 'root', 1 fails): Exited normally
Mon Sep 18 05:56:53 2017 authpriv.info dropbear[29348]: Child connection from 14.17.121.130:60785
Mon Sep 18 05:56:54 2017 authpriv.info dropbear[29348]: Exit before auth (user 'root', 1 fails): Exited normally
Mon Sep 18 05:56:54 2017 authpriv.info dropbear[29358]: Child connection from 14.17.121.130:34012
Mon Sep 18 05:56:55 2017 authpriv.info dropbear[29363]: Child connection from 14.17.121.130:36250
Mon Sep 18 05:56:55 2017 authpriv.info dropbear[29358]: Exit before auth (user 'root', 1 fails): Exited normally
Mon Sep 18 05:56:55 2017 authpriv.info dropbear[29363]: Exit before auth (user 'root', 1 fails): Exited normally
Mon Sep 18 05:56:55 2017 authpriv.info dropbear[29374]: Child connection from 14.17.121.130:37629
Mon Sep 18 05:56:56 2017 authpriv.info dropbear[29374]: Exit before auth (user 'root', 1 fails): Exited normally

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions