diff options
| author | Mark Felder <feld@FreeBSD.org> | 2015-10-13 14:54:55 +0000 |
|---|---|---|
| committer | Mark Felder <feld@FreeBSD.org> | 2015-10-13 14:54:55 +0000 |
| commit | 9b7763fc082dcc9dd0fd062e785bf1b169f7ffbc (patch) | |
| tree | 9e175e87b73ad253cf56d8dcde675efd1d2d4573 /UPDATING | |
| parent | 05cd4e49f50da2d33083f70227033e0317f54838 (diff) | |
| download | ports-9b7763fc082dcc9dd0fd062e785bf1b169f7ffbc.tar.gz ports-9b7763fc082dcc9dd0fd062e785bf1b169f7ffbc.zip | |
Document security/sshguard-ipfw 1.6.2 changes
Notes
Notes:
svn path=/head/; revision=399196
Diffstat (limited to 'UPDATING')
| -rw-r--r-- | UPDATING | 19 |
1 files changed, 19 insertions, 0 deletions
@@ -5,6 +5,25 @@ they are unavoidable. You should get into the habit of checking this file for changes each time you update your ports collection, before attempting any port upgrades. +20151013: + AFFECTS: users of security/sshguard-ipfw + AUTHOR: feld@FreeBSD.org + + The sshguard update to 1.6.2 introduces a rewritten IPFW backend. The + previous approach was to insert individual block rules with a + predefined numbered range. This does not scale well and is not + flexible so the design was scrapped. The new approach utilizes IPFW + tables. The sshguard IPFW backend now inserts offenders into hardcoded + table 22. + + To continue blocking the attackers effectively you will need to add a + block rule like the following: + + ipfw add deny all from 'table(22)' to any + + The release announcement can be found here: + http://sourceforge.net/p/sshguard/mailman/message/34534861/ + 20151011: AFFECTS: users of emulators/qemu-sbruno, emulators/qemu-user-static AUTHOR: sbruno@FreeBSD.org |