libpam-shield 配置允许某些 IP 地址

libpam-shield 配置允许某些 IP 地址

libpam-shield的配置文件中/etc/security/shield.conf有一行内容是allow HOSTNAME.的页面man表示shield.conf(8)可以HOSTNAME是名称、IP 地址、网络/掩码或 CIDR 中的网络。为了测试这一点,我添加了 allow 192.168.52.3.文件中shield.confmax_conns3.在第三次失败的尝试中192.168.52.3,该计算机被阻止,而日志中的较早行似乎表明libpam-shield已了解该 IP 将被列入白名单。

May 20 22:48:38 access1 PAM-shield[2322]: logging debug info
May 20 22:48:38 access1 PAM-shield[2322]: allowing from localhost
May 20 22:48:38 access1 PAM-shield[2322]: allowing from 127.0.0.1/255.0.0.0
May 20 22:48:38 access1 PAM-shield[2322]: allowing from 192.168.52.3/255.255.255.255
May 20 22:48:38 access1 PAM-shield[2322]: done reading config file, 0 errors
May 20 22:48:38 access1 PAM-shield[2322]: user <redacted>
May 20 22:48:38 access1 PAM-shield[2322]: remotehost 192.168.52.3
May 20 22:48:38 access1 PAM-shield[2322]: missing DNS entry for 192.168.52.3 (allowed)
May 20 22:48:38 access1 PAM-shield[2322]: remoteip 192.168.52.3
May 20 22:48:38 access1 PAM-shield[2322]: 3 times from 192.168.52.3
May 20 22:48:38 access1 PAM-shield[2322]: running command 'add 192.168.52.3'
May 20 22:48:38 access1 shield-trigger[2325]: blocking 192.168.52.3

我正在使用libpam-shieldDebian Stretch(稳定)中的 (0.9.6-1.2+b1),使用apt install.

添加:即使有多次失败的身份验证尝试,我如何告诉libpam-shield特定的 IP 地址(或其中的一系列地址)?allow

相关内容