Customizing sshlockout



  • Probably already been covered, but searching for 'sshlockout' returns a LOT of posts, all of which are unrelated to what I'm trying to accomplish, which is basically this: I want the sshlockout table to be static, meaning that once an IP is added to that table, it never gets removed. Ever. I've kinda sorta accomplished this already by removing the corresponding refresh time in cron, so that the IP addresses stay in there forever, but I've noticed that the table flushes on reboot. I can already hear many people saying that what I am trying to do is dangerous and a potential DoS waiting to happen, but considering my current implimentation of pfSense, I have zero concerns about this. I have 24/7 access to the firewall, and can easily edit the table by hand if someone locks me out of the LAN ip. Which will be never. As far as the public side goes, if I happen to lock myself out, well, I can deal with it ;)


Log in to reply