[問題] dropbear加入安全機制
各位版上前輩好,
我想用dropbear加入以下功能,
連續三次登入未能成功則阻擋該IP 30分鐘,
目前已下載dropbear souce code更改,
更改svr-auth.c與svr-main.c
svr-auth更改如下
if (ses.authstate.failcount >= MAX_AUTH_TRIES) {
char * userstr;
/* XXX - send disconnect ? */
TRACE(("Max auth tries reached, exiting"))
if (ses.authstate.pw_name == NULL) {
userstr = "is invalid";
} else {
userstr = ses.authstate.pw_name;
}
dropbear_exit("Max auth tries reached - user '%s' from %s",
userstr, svr_ses.addrstring);
}
svr-main.c更改如下
/* child */
#ifdef DEBUG_FORKGPROF
extern void _start(void), etext(void);
monstartup((u_long)&_start, (u_long)&etext);
#endif /* DEBUG_FORKGPROF */
getaddrstring(&remoteaddr, NULL, &remote_port, 0);
dropbear_log(LOG_INFO, "Child connection from %s:%s",
remote_host, remote_port);
///Ignore connection here for 30 mins if you found 3 times login failure
m_free(remote_host);
m_free(remote_port);
#ifndef DEBUG_NOFORK
if (setsid() < 0) {
dropbear_exit("setsid: %s", strerror(errno));
}
#endif
/* make sure we close sockets */
for (i = 0; i < listensockcount; i++) {
m_close(listensocks[i]);
}
m_close(childpipe[0]);
/* start the session */
svr_session(childsock, childpipe[1]);
/* don't return */
dropbear_assert(0);
}
以上compile過後都未能新增這功能,
stack overflow則是有建議安裝fail2ban,
但我在openwrt底下這套軟體太過肥大暫不考慮
想請教版上前輩是否能指點我哪裡更改錯誤呢? 請多多指教 謝謝
--
※ 發信站: 批踢踢實業坊(ptt.cc), 來自: 60.248.56.185
※ 文章網址: https://www.ptt.cc/bbs/Linux/M.1423212976.A.703.html
推
02/06 19:46, , 1F
02/06 19:46, 1F
→
02/06 19:47, , 2F
02/06 19:47, 2F
→
02/11 15:05, , 3F
02/11 15:05, 3F
→
02/11 15:05, , 4F
02/11 15:05, 4F