author: Mark Felder <feld@FreeBSD.org> 2015-10-13 14:54:55 +0000
committer: Mark Felder <feld@FreeBSD.org> 2015-10-13 14:54:55 +0000
commit: 9b7763fc082dcc9dd0fd062e785bf1b169f7ffbc (patch)
tree: 9e175e87b73ad253cf56d8dcde675efd1d2d4573 /UPDATING
parent: 05cd4e49f50da2d33083f70227033e0317f54838 (diff)
download: ports-9b7763fc082dcc9dd0fd062e785bf1b169f7ffbc.tar.gz
ports-9b7763fc082dcc9dd0fd062e785bf1b169f7ffbc.zip
1 files changed, 19 insertions, 0 deletions
diff --git a/UPDATING b/UPDATING
index aca43671e19b..515a4c22054f 100644
--- a/UPDATING
+++ b/UPDATING
@@ -5,6 +5,25 @@ they are unavoidable.
 You should get into the habit of checking this file for changes each time
 you update your ports collection, before attempting any port upgrades.
 
+20151013:
+  AFFECTS: users of security/sshguard-ipfw
+  AUTHOR: feld@FreeBSD.org
+
+  The sshguard update to 1.6.2 introduces a rewritten IPFW backend. The
+  previous approach was to insert individual block rules with a
+  predefined  numbered range. This does not scale well and is not
+  flexible so the design was scrapped. The new approach utilizes IPFW
+  tables. The sshguard IPFW backend now inserts offenders into hardcoded
+  table 22.
+
+  To continue blocking the attackers effectively you will need to add a
+  block rule like the following:
+
+  ipfw add deny all from 'table(22)' to any
+  
+  The release announcement can be found here:
+    http://sourceforge.net/p/sshguard/mailman/message/34534861/
+
 20151011:
   AFFECTS: users of emulators/qemu-sbruno, emulators/qemu-user-static
   AUTHOR: sbruno@FreeBSD.org
author	Mark Felder <feld@FreeBSD.org>	2015-10-13 14:54:55 +0000
committer	Mark Felder <feld@FreeBSD.org>	2015-10-13 14:54:55 +0000
commit	9b7763fc082dcc9dd0fd062e785bf1b169f7ffbc (patch)
tree	9e175e87b73ad253cf56d8dcde675efd1d2d4573 /UPDATING
parent	05cd4e49f50da2d33083f70227033e0317f54838 (diff)
download	ports-9b7763fc082dcc9dd0fd062e785bf1b169f7ffbc.tar.gz ports-9b7763fc082dcc9dd0fd062e785bf1b169f7ffbc.zip