Finish my Denyhosts package [$20]

tommyboy180

Ok. I looked at it, as far as I can tell its working fine.

Great work. Please send me a PM where I can send the money and complete the bounty. :)

pakjebakmeel

This package doesn't work on Nano-BSD? I'm getting some errors. If you say it should run on this platform I can post the errors.

tommyboy180

Post them my friend.

pakjebakmeel

@tommyboy180:

Post them my friend.

It installs fine, then it shows the following log:

2009-09-03 14:42:05,505 - denyhosts   : INFO     DenyHosts launched with the following args:
2009-09-03 14:42:05,506 - denyhosts   : INFO        /usr/local/bin/denyhosts.py --config /usr/local/etc/denyhosts.conf --daemon
2009-09-03 14:42:05,507 - prefs       : INFO     DenyHosts configuration settings:
2009-09-03 14:42:05,508 - prefs       : INFO        ADMIN_EMAIL: [None]
2009-09-03 14:42:05,509 - prefs       : INFO        AGE_RESET_INVALID: [864000]
2009-09-03 14:42:05,510 - prefs       : INFO        AGE_RESET_RESTRICTED: [2160000]
2009-09-03 14:42:05,511 - prefs       : INFO        AGE_RESET_ROOT: [2160000]
2009-09-03 14:42:05,512 - prefs       : INFO        AGE_RESET_VALID: [432000]
2009-09-03 14:42:05,512 - prefs       : INFO        ALLOWED_HOSTS_HOSTNAME_LOOKUP: [no]
2009-09-03 14:42:05,513 - prefs       : INFO        BLOCK_SERVICE: [sshd]
2009-09-03 14:42:05,514 - prefs       : INFO        DAEMON_LOG: [/var/log/denyhosts]
2009-09-03 14:42:05,515 - prefs       : INFO        DAEMON_LOG_MESSAGE_FORMAT: [%(asctime)s - %(name)-12s: %(levelname)-8s %(message)s]
2009-09-03 14:42:05,516 - prefs       : INFO        DAEMON_LOG_TIME_FORMAT: [None]
2009-09-03 14:42:05,517 - prefs       : INFO        DAEMON_PURGE: [3600]
2009-09-03 14:42:05,518 - prefs       : INFO        DAEMON_SLEEP: [30]
2009-09-03 14:42:05,518 - prefs       : INFO        DENY_THRESHOLD_INVALID: [5]
2009-09-03 14:42:05,519 - prefs       : INFO        DENY_THRESHOLD_RESTRICTED: [1]
2009-09-03 14:42:05,520 - prefs       : INFO        DENY_THRESHOLD_ROOT: [1]
2009-09-03 14:42:05,521 - prefs       : INFO        DENY_THRESHOLD_VALID: [10]
2009-09-03 14:42:05,522 - prefs       : INFO        FAILED_ENTRY_REGEX: [None]
2009-09-03 14:42:05,523 - prefs       : INFO        FAILED_ENTRY_REGEX2: [None]
2009-09-03 14:42:05,524 - prefs       : INFO        FAILED_ENTRY_REGEX3: [None]
2009-09-03 14:42:05,524 - prefs       : INFO        FAILED_ENTRY_REGEX4: [None]
2009-09-03 14:42:05,525 - prefs       : INFO        FAILED_ENTRY_REGEX5: [None]
2009-09-03 14:42:05,526 - prefs       : INFO        FAILED_ENTRY_REGEX6: [None]
2009-09-03 14:42:05,527 - prefs       : INFO        FAILED_ENTRY_REGEX7: [None]
2009-09-03 14:42:05,528 - prefs       : INFO        HOSTNAME_LOOKUP: [NO]
2009-09-03 14:42:05,529 - prefs       : INFO        HOSTS_DENY: [/etc/hosts.deniedssh]
2009-09-03 14:42:05,530 - prefs       : INFO        LOCK_FILE: [/var/run/denyhosts.pid]
2009-09-03 14:42:05,530 - prefs       : INFO        PLUGIN_DENY: [None]
2009-09-03 14:42:05,531 - prefs       : INFO        PLUGIN_PURGE: [None]
2009-09-03 14:42:05,532 - prefs       : INFO        PURGE_DENY: [None]
2009-09-03 14:42:05,533 - prefs       : INFO        PURGE_THRESHOLD: [0]
2009-09-03 14:42:05,534 - prefs       : INFO        RESET_ON_SUCCESS: [no]
2009-09-03 14:42:05,535 - prefs       : INFO        SECURE_LOG: [/var/log/system.log]
2009-09-03 14:42:05,535 - prefs       : INFO        SMTP_DATE_FORMAT: [%a, %d %b %Y %H:%M:%S %z]
2009-09-03 14:42:05,536 - prefs       : INFO        SMTP_FROM: [DenyHosts <nobody@localhost>]
2009-09-03 14:42:05,537 - prefs       : INFO        SMTP_HOST: [localhost]
2009-09-03 14:42:05,538 - prefs       : INFO        SMTP_PASSWORD: [None]
2009-09-03 14:42:05,539 - prefs       : INFO        SMTP_PORT: [25]
2009-09-03 14:42:05,540 - prefs       : INFO        SMTP_SUBJECT: [DenyHosts Report]
2009-09-03 14:42:05,541 - prefs       : INFO        SMTP_USERNAME: [None]
2009-09-03 14:42:05,541 - prefs       : INFO        SSHD_FORMAT_REGEX: [None]
2009-09-03 14:42:05,542 - prefs       : INFO        SUCCESSFUL_ENTRY_REGEX: [None]
2009-09-03 14:42:05,543 - prefs       : INFO        SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS: [YES]
2009-09-03 14:42:05,544 - prefs       : INFO        SYNC_DOWNLOAD: [yes]
2009-09-03 14:42:05,545 - prefs       : INFO        SYNC_DOWNLOAD_RESILIENCY: [18000]
2009-09-03 14:42:05,546 - prefs       : INFO        SYNC_DOWNLOAD_THRESHOLD: [3]
2009-09-03 14:42:05,547 - prefs       : INFO        SYNC_INTERVAL: [3600]
2009-09-03 14:42:05,548 - prefs       : INFO        SYNC_SERVER: [http://xmlrpc.denyhosts.net:9911]
2009-09-03 14:42:05,548 - prefs       : INFO        SYNC_UPLOAD: [yes]
2009-09-03 14:42:05,549 - prefs       : INFO        SYSLOG_REPORT: [no]
2009-09-03 14:42:05,550 - prefs       : INFO        WORK_DIR: [/usr/local/share/denyhosts/data]
2009-09-03 14:42:05,552 - denyhosts   : INFO     restricted: set([])
2009-09-03 14:42:05,556 - denyhosts   : INFO     launching DenyHosts daemon (version 2.6)...
2009-09-03 14:42:05,568 - denyhosts   : INFO     DenyHosts daemon is now running, pid: 7654
2009-09-03 14:42:05,570 - denyhosts   : INFO     send daemon process a TERM signal to terminate cleanly
2009-09-03 14:42:05,571 - denyhosts   : INFO       eg.  kill -TERM 7654
2009-09-03 14:42:05,573 - denyhosts   : INFO     monitoring log: /var/log/system.log
2009-09-03 14:42:05,574 - denyhosts   : INFO     sync_time: 3600
2009-09-03 14:42:05,575 - denyhosts   : INFO     purging of /etc/hosts.deniedssh is disabled
2009-09-03 14:42:05,578 - denyhosts   : INFO     sync_time:      : 3600
2009-09-03 14:42:05,579 - denyhosts   : INFO     sync_sleep_ratio: 120</nobody@localhost> 
```After a while it displays some errors. I will post them in an hour or so as they appear.

thanks so far!  8)

pakjebakmeel

2009-09-03 14:42:05,505 - denyhosts   : INFO     DenyHosts launched with the following args:
2009-09-03 14:42:05,506 - denyhosts   : INFO        /usr/local/bin/denyhosts.py --config /usr/local/etc/denyhosts.conf --daemon
2009-09-03 14:42:05,507 - prefs       : INFO     DenyHosts configuration settings:
2009-09-03 14:42:05,508 - prefs       : INFO        ADMIN_EMAIL: [None]
2009-09-03 14:42:05,509 - prefs       : INFO        AGE_RESET_INVALID: [864000]
2009-09-03 14:42:05,510 - prefs       : INFO        AGE_RESET_RESTRICTED: [2160000]
2009-09-03 14:42:05,511 - prefs       : INFO        AGE_RESET_ROOT: [2160000]
2009-09-03 14:42:05,512 - prefs       : INFO        AGE_RESET_VALID: [432000]
2009-09-03 14:42:05,512 - prefs       : INFO        ALLOWED_HOSTS_HOSTNAME_LOOKUP: [no]
2009-09-03 14:42:05,513 - prefs       : INFO        BLOCK_SERVICE: [sshd]
2009-09-03 14:42:05,514 - prefs       : INFO        DAEMON_LOG: [/var/log/denyhosts]
2009-09-03 14:42:05,515 - prefs       : INFO        DAEMON_LOG_MESSAGE_FORMAT: [%(asctime)s - %(name)-12s: %(levelname)-8s %(message)s]
2009-09-03 14:42:05,516 - prefs       : INFO        DAEMON_LOG_TIME_FORMAT: [None]
2009-09-03 14:42:05,517 - prefs       : INFO        DAEMON_PURGE: [3600]
2009-09-03 14:42:05,518 - prefs       : INFO        DAEMON_SLEEP: [30]
2009-09-03 14:42:05,518 - prefs       : INFO        DENY_THRESHOLD_INVALID: [5]
2009-09-03 14:42:05,519 - prefs       : INFO        DENY_THRESHOLD_RESTRICTED: [1]
2009-09-03 14:42:05,520 - prefs       : INFO        DENY_THRESHOLD_ROOT: [1]
2009-09-03 14:42:05,521 - prefs       : INFO        DENY_THRESHOLD_VALID: [10]
2009-09-03 14:42:05,522 - prefs       : INFO        FAILED_ENTRY_REGEX: [None]
2009-09-03 14:42:05,523 - prefs       : INFO        FAILED_ENTRY_REGEX2: [None]
2009-09-03 14:42:05,524 - prefs       : INFO        FAILED_ENTRY_REGEX3: [None]
2009-09-03 14:42:05,524 - prefs       : INFO        FAILED_ENTRY_REGEX4: [None]
2009-09-03 14:42:05,525 - prefs       : INFO        FAILED_ENTRY_REGEX5: [None]
2009-09-03 14:42:05,526 - prefs       : INFO        FAILED_ENTRY_REGEX6: [None]
2009-09-03 14:42:05,527 - prefs       : INFO        FAILED_ENTRY_REGEX7: [None]
2009-09-03 14:42:05,528 - prefs       : INFO        HOSTNAME_LOOKUP: [NO]
2009-09-03 14:42:05,529 - prefs       : INFO        HOSTS_DENY: [/etc/hosts.deniedssh]
2009-09-03 14:42:05,530 - prefs       : INFO        LOCK_FILE: [/var/run/denyhosts.pid]
2009-09-03 14:42:05,530 - prefs       : INFO        PLUGIN_DENY: [None]
2009-09-03 14:42:05,531 - prefs       : INFO        PLUGIN_PURGE: [None]
2009-09-03 14:42:05,532 - prefs       : INFO        PURGE_DENY: [None]
2009-09-03 14:42:05,533 - prefs       : INFO        PURGE_THRESHOLD: [0]
2009-09-03 14:42:05,534 - prefs       : INFO        RESET_ON_SUCCESS: [no]
2009-09-03 14:42:05,535 - prefs       : INFO        SECURE_LOG: [/var/log/system.log]
2009-09-03 14:42:05,535 - prefs       : INFO        SMTP_DATE_FORMAT: [%a, %d %b %Y %H:%M:%S %z]
2009-09-03 14:42:05,536 - prefs       : INFO        SMTP_FROM: [DenyHosts <nobody@localhost>]
2009-09-03 14:42:05,537 - prefs       : INFO        SMTP_HOST: [localhost]
2009-09-03 14:42:05,538 - prefs       : INFO        SMTP_PASSWORD: [None]
2009-09-03 14:42:05,539 - prefs       : INFO        SMTP_PORT: [25]
2009-09-03 14:42:05,540 - prefs       : INFO        SMTP_SUBJECT: [DenyHosts Report]
2009-09-03 14:42:05,541 - prefs       : INFO        SMTP_USERNAME: [None]
2009-09-03 14:42:05,541 - prefs       : INFO        SSHD_FORMAT_REGEX: [None]
2009-09-03 14:42:05,542 - prefs       : INFO        SUCCESSFUL_ENTRY_REGEX: [None]
2009-09-03 14:42:05,543 - prefs       : INFO        SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS: [YES]
2009-09-03 14:42:05,544 - prefs       : INFO        SYNC_DOWNLOAD: [yes]
2009-09-03 14:42:05,545 - prefs       : INFO        SYNC_DOWNLOAD_RESILIENCY: [18000]
2009-09-03 14:42:05,546 - prefs       : INFO        SYNC_DOWNLOAD_THRESHOLD: [3]
2009-09-03 14:42:05,547 - prefs       : INFO        SYNC_INTERVAL: [3600]
2009-09-03 14:42:05,548 - prefs       : INFO        SYNC_SERVER: [http://xmlrpc.denyhosts.net:9911]
2009-09-03 14:42:05,548 - prefs       : INFO        SYNC_UPLOAD: [yes]
2009-09-03 14:42:05,549 - prefs       : INFO        SYSLOG_REPORT: [no]
2009-09-03 14:42:05,550 - prefs       : INFO        WORK_DIR: [/usr/local/share/denyhosts/data]
2009-09-03 14:42:05,552 - denyhosts   : INFO     restricted: set([])
2009-09-03 14:42:05,556 - denyhosts   : INFO     launching DenyHosts daemon (version 2.6)...
2009-09-03 14:42:05,568 - denyhosts   : INFO     DenyHosts daemon is now running, pid: 7654
2009-09-03 14:42:05,570 - denyhosts   : INFO     send daemon process a TERM signal to terminate cleanly
2009-09-03 14:42:05,571 - denyhosts   : INFO       eg.  kill -TERM 7654
2009-09-03 14:42:05,573 - denyhosts   : INFO     monitoring log: /var/log/system.log
2009-09-03 14:42:05,574 - denyhosts   : INFO     sync_time: 3600
2009-09-03 14:42:05,575 - denyhosts   : INFO     purging of /etc/hosts.deniedssh is disabled
2009-09-03 14:42:05,578 - denyhosts   : INFO     sync_time:      : 3600
2009-09-03 14:42:05,579 - denyhosts   : INFO     sync_sleep_ratio: 120
2009-09-03 15:42:07,378 - sync        : ERROR    [Errno 2] No such file or directory: '/usr/local/share/denyhosts/data/sync-timestamp'
2009-09-03 15:42:08,069 - sync        : ERROR    global name 'e' is not defined
Traceback (most recent call last):
  File "/usr/local/lib/python2.5/site-packages/DenyHosts/sync.py", line 119, in receive_new_hosts
    self.set_sync_timestamp(timestamp)
  File "/usr/local/lib/python2.5/site-packages/DenyHosts/sync.py", line 58, in set_sync_timestamp
    except e:
NameError: global name 'e' is not defined
2009-09-03 16:42:09,615 - sync        : ERROR    [Errno 2] No such file or directory: '/usr/local/share/denyhosts/data/sync-timestamp'
2009-09-03 16:42:10,251 - sync        : ERROR    global name 'e' is not defined
Traceback (most recent call last):
  File "/usr/local/lib/python2.5/site-packages/DenyHosts/sync.py", line 119, in receive_new_hosts
    self.set_sync_timestamp(timestamp)
  File "/usr/local/lib/python2.5/site-packages/DenyHosts/sync.py", line 58, in set_sync_timestamp
    except e:
NameError: global name 'e' is not defined
2009-09-03 17:42:12,336 - sync        : ERROR    [Errno 2] No such file or directory: '/usr/local/share/denyhosts/data/sync-timestamp'
2009-09-03 17:42:13,040 - sync        : ERROR    global name 'e' is not defined
Traceback (most recent call last):
  File "/usr/local/lib/python2.5/site-packages/DenyHosts/sync.py", line 119, in receive_new_hosts
    self.set_sync_timestamp(timestamp)
  File "/usr/local/lib/python2.5/site-packages/DenyHosts/sync.py", line 58, in set_sync_timestamp
    except e:
NameError: global name 'e' is not defined</nobody@localhost> 

Also, at which interval does it run through the logs? I see a lot of invalid logons but nothing gets blocked?

Sep 3 16:16:27	sshd[18671]: Invalid user sybase from 222.236.47.135
Sep 3 16:16:23	sshd[18669]: Invalid user user1 from 222.236.47.135
Sep 3 16:16:20	sshd[18666]: Invalid user notes from 222.236.47.135
Sep 3 16:16:17	sshd[18662]: Invalid user jobs from 222.236.47.135
Sep 3 16:16:09	sshd[18660]: Invalid user user2 from 222.236.47.135
Sep 3 16:16:07	sshd[18657]: Invalid user kid from 222.236.47.135
Sep 3 16:16:03	sshd[18654]: Invalid user setup from 222.236.47.135
Sep 3 16:16:03	sshd[18638]: Invalid user candice from 222.236.47.135
Sep 3 16:16:00	sshd[18640]: Invalid user lawrence from 222.236.47.135
Sep 3 16:15:53	sshd[18554]: Invalid user download from 222.236.47.135
Sep 3 16:15:53	sshd[18552]: Invalid user candi from 222.236.47.135
Sep 3 16:15:50	sshd[18550]: Invalid user software from 222.236.47.135
Sep 3 16:15:47	sshd[18547]: Invalid user candace from 222.236.47.135
Sep 3 16:15:44	sshd[18543]: Invalid user marketing from 222.236.47.135
Sep 3 16:15:44	sshd[18542]: Invalid user camryn from 222.236.47.135
Sep 3 16:15:39	sshd[18537]: Invalid user media from 222.236.47.135
Sep 3 16:15:39	sshd[18540]: Invalid user cammie from 222.236.47.135
Sep 3 16:15:36	sshd[18535]: Invalid user camille from 222.236.47.135
Sep 3 16:15:34	sshd[18533]: Invalid user user from 222.236.47.135
Sep 3 16:15:33	sshd[18531]: Invalid user camilla from 222.236.47.135
Sep 3 16:15:31	sshd[18528]: Invalid user project from 222.236.47.135
Sep 3 16:15:30	sshd[18526]: Invalid user camile from 222.236.47.135
Sep 3 16:15:28	sshd[18523]: Invalid user tempuser from 222.236.47.135
Sep 3 16:15:26	sshd[18518]: Invalid user camie from 222.236.47.135
Sep 3 16:15:24	sshd[18520]: Invalid user student1 from 222.236.47.135
Sep 3 16:15:20	sshd[18511]: Invalid user spamtest from 222.236.47.135
Sep 3 16:15:19	sshd[18516]: Invalid user cameryn from 222.236.47.135
Sep 3 16:15:17	sshd[18513]: Invalid user cameren from 222.236.47.135
Sep 3 16:15:14	sshd[18509]: Invalid user calypso from 222.236.47.135
Sep 3 16:15:12	sshd[18506]: Invalid user info from 222.236.47.135
Sep 3 16:15:11	sshd[18504]: Invalid user cally from 222.236.47.135
Sep 3 16:15:09	sshd[18497]: Invalid user office from 222.236.47.135
Sep 3 16:15:08	sshd[18501]: Invalid user callista from 222.236.47.135
Sep 3 16:15:05	sshd[18498]: Invalid user calliope from 222.236.47.135
Sep 3 16:15:02	sshd[18483]: Invalid user callie from 222.236.47.135
Sep 3 16:14:58	sshd[18481]: Invalid user calli from 222.236.47.135
Sep 3 16:14:57	sshd[18469]: Invalid user nagios from 222.236.47.135
Sep 3 16:14:55	sshd[18467]: Invalid user calla from 222.236.47.135
Sep 3 16:14:52	sshd[18379]: Invalid user calista from 222.236.47.135
Sep 3 16:14:51	sshd[18381]: Invalid user college from 222.236.47.135
Sep 3 16:14:48	sshd[18376]: Invalid user portal from 222.236.47.135
Sep 3 16:14:47	sshd[18374]: Invalid user calina from 222.236.47.135
Sep 3 16:14:44	sshd[18372]: Invalid user testuser from 222.236.47.135
Sep 3 16:14:43	sshd[18370]: Invalid user calhoun from 222.236.47.135
Sep 3 16:14:41	sshd[18367]: Invalid user temp from 222.236.47.135
Sep 3 16:14:40	sshd[18365]: Invalid user caley from 222.236.47.135
Sep 3 16:14:39	sshd[18363]: Invalid user sameer from 222.236.47.135
Sep 3 16:14:37	sshd[18360]: Invalid user caleigh from 222.236.47.135
Sep 3 16:14:36	sshd[18358]: Invalid user feedback from 222.236.47.135
Sep 3 16:14:35	sshd[18351]: Invalid user calantha from 222.236.47.135
Sep 3 16:14:33	sshd[18355]: Invalid user oracle from 222.236.47.135
Sep 3 16:14:30	sshd[18349]: Invalid user photo from 222.236.47.135
Sep 3 16:14:29	sshd[18342]: Invalid user navy from 222.236.47.135
Sep 3 16:14:27	sshd[18346]: Invalid user test from 222.236.47.135
Sep 3 16:14:25	sshd[18343]: Invalid user calandra from 222.236.47.135
Sep 3 16:14:24	sshd[18340]: Invalid user testing from 222.236.47.135
Sep 3 16:14:22	sshd[18330]: Invalid user calan from 222.236.47.135
Sep 3 16:14:22	sshd[18333]: Invalid user marine from 222.236.47.135
Sep 3 16:14:21	sshd[18337]: Invalid user tester from 222.236.47.135
Sep 3 16:14:18	sshd[18334]: Invalid user mysql from 222.236.47.135
Sep 3 16:14:14	sshd[18328]: Invalid user cala from 222.236.47.135
Sep 3 16:14:13	sshd[18326]: Invalid user postgres from 222.236.47.135
Sep 3 16:14:13	sshd[18321]: Invalid user marine from 222.236.47.135
Sep 3 16:14:11	sshd[18319]: Invalid user caitlyn from 222.236.47.135
Sep 3 16:14:10	sshd[18317]: Invalid user apache from 222.236.47.135
Sep 3 16:14:10	sshd[18312]: Invalid user marine from 222.236.47.135
Sep 3 16:14:08	sshd[18311]: Invalid user caitlin from 222.236.47.135
Sep 3 16:14:07	sshd[18308]: Invalid user demo from 222.236.47.135
Sep 3 16:14:05	sshd[18304]: Invalid user marine from 222.236.47.135
Sep 3 16:14:05	sshd[18306]: Invalid user caimile from 222.236.47.135
Sep 3 16:14:04	sshd[18302]: Invalid user postmaster from 222.236.47.135
Sep 3 16:14:02	sshd[18298]: Invalid user cailine from 222.236.47.135
Sep 3 16:14:02	sshd[18295]: Invalid user marine from 222.236.47.135
Sep 3 16:14:01	sshd[18293]: Invalid user jboss from 222.236.47.135
Sep 3 16:14:00	sshd[18290]: Invalid user cailin from 222.236.47.135
Sep 3 16:13:59	sshd[18287]: Invalid user marine from 222.236.47.135
Sep 3 16:13:58	sshd[18284]: Invalid user upload from 222.236.47.135
Sep 3 16:13:57	sshd[18281]: Invalid user cai from 222.236.47.135
Sep 3 16:13:56	sshd[18278]: Invalid user marine from 222.236.47.135
Sep 3 16:13:54	sshd[18267]: Invalid user global from 222.236.47.135
Sep 3 16:13:54	sshd[18262]: Invalid user cady from 222.236.47.135
Sep 3 16:13:53	sshd[18261]: Invalid user marine from 222.236.47.135
Sep 3 16:13:51	sshd[18177]: Invalid user tomcat from 222.236.47.135
Sep 3 16:13:50	sshd[18174]: Invalid user cadi from 222.236.47.135
Sep 3 16:13:50	sshd[18173]: Invalid user marine from 222.236.47.135
Sep 3 16:13:48	sshd[18171]: Invalid user condor from 222.236.47.135
Sep 3 16:13:47	sshd[18168]: Invalid user marine from 222.236.47.135
Sep 3 16:13:45	sshd[18166]: Invalid user globus from 222.236.47.135

cybrsrfr

I'm sure this will not work correctly in a read only environment such as the nano. Read only will prevent it from creating the block list. DenyHosts would need to manage the block list in memory.

pakjebakmeel

@mcrane:

I'm sure this will not work correctly in a read only environment such as the nano. Read only will prevent it from creating the block list. DenyHosts would need to manage the block list in memory.

Too bad  :-[ I REALLY like this package.. Perhaps someone who has the skills can make it work on embedded  :-\ I get this when uninstalling too:

[code]Warning: rename(/tmp/crontab,/etc/crontab): Read-only file system in /etc/inc/pkg-utils.inc on line 929

cybrsrfr

With some work the phpservice package to do the same job but run the block list in memory (RAM). The PHP service package simply runs PHP continously in a loop so that it can run as a service. The package allows anyone any php code that is defined in the interface to run in that loop. As long as the code is carefully optimized it will run great.

ToxIcon

After install Denyhosts service is disable and wont start after entering

$ /usr/local/etc/rc.d/denyhosts.sh start I get the error below

$ /usr/local/etc/rc.d/denyhosts.sh start
Missing configuration parameter: DENY_THRESHOLD_INVALID

Note: The configuration parameter DENY_THRESHOLD has been renamed
      DENY_THRESHOLD_INVALID.  Please update your DenyHosts configuration
      file to reflect this change.
Missing configuration parameter: DENY_THRESHOLD_VALID
Missing configuration parameter: DENY_THRESHOLD_ROOT
Missing configuration parameter: DENY_THRESHOLD_RESTRICTED

Note: DENY_THRESHOLD_RESTRICTED has not been defined. Setting this
value to DENY_THRESHOLD_ROOT

how can i fix thanks

thetoaster

I am getting errors on startup.
I followed the setup in 2nd posting exactly.

# /usr/local/etc/rc.d/denyhosts.sh start
Traceback (most recent call last):
  File "/usr/local/bin/denyhosts.py", line 5, in <module>import DenyHosts.python_version
ImportError: No module named DenyHosts.python_version</module> 

tommyboy180

Were you able to correct the issue, or is this a problem with the script?

newmember

What exactly does this package block?
I want to create a rdr for a server in my DMZ, will this package block all hosts in denyhosts hitting my WAN NIC even though its being redirected to an internal host?
Can I create white and black lists?
Does this package report back to denyhosts with new attack information?

OK I see that this is blocking all traffic from the denyhosts lists.
$ pfctl -s all | grep ssh
block drop in log quick proto tcp from <sshlockout>to any port = ssh label "sshlockout"
Should this only block port 22?

Thanks

I'm not sure if this would have been some help.
http://www.mail-archive.com/denyhosts-user@lists.sourceforge.net/msg00360.html</sshlockout>

xternal

I got this working, what i had to do was remove the most current version of python (2.5_51 or what ever it is), and install this exact version

http://forum.pfsense.org/index.php/topic,18948.msg100099.html#msg100099

Then i followed these instructions at the top of the thread to get it load.

$ cp /usr/local/share/denyhosts/denyhosts.cfg-dist /usr/local/etc/denyhosts.conf

Then edit /usr/local/etc/denyhosts.conf to set the parameters:

SECURE_LOG = /var/log/system.log
  BLOCK_SERVICE  = sshd

DenyHosts should  work after that.

However, it still doesnt "work". It loads properly now and runs, but it does not monitor the system.log at all. It says its doing it, but when i test with incorrect logins it does nothing. This seems to be a common issue for others who have it running on pfsense.

cybrsrfr

I don't like python much if I ever get time to work on this I will write an alternative php script that could run from my 'PHP Service' pfsense package.

tommyboy180

We can move this to the completed Bounty section. Payment has been made.

Thank you again Mcrane for your work. I had fun working with you.