29 lines
1020 B
Plaintext
29 lines
1020 B
Plaintext
NOTES:
|
|
|
|
The denyhost fork merged back with the original denyhosts, so this port name
|
|
is an anachronism.
|
|
The nftables project is featureful enough to make this port obsolete anyway,
|
|
so it's being marked unmaintained to give current users a chance to
|
|
replace their denyhosts setup with the nftables equivalent (dynamically
|
|
updated sets).
|
|
|
|
REQUIREMENTS:
|
|
|
|
python2, for now. There's an open pull request that promises python3
|
|
compatibility, but it hasn't received enough code review compared to the
|
|
easier alternative: replicate the desired functionality using nftables.
|
|
|
|
POST-INSTALL:
|
|
|
|
Edit /etc/denyhosts/denyhosts.conf as needed.
|
|
|
|
Edit /etc/inetd.conf, for example:
|
|
|
|
#<service_name> <sock_type> <proto> <flags> <user> <server_path> <args>
|
|
sshd stream tcp nowait root /usr/sbin/sshd in.sshd
|
|
|
|
Add inetd and denyhosts to services array on /etc/rc.conf, after net and
|
|
before all the services supervised by denyhost and inetd (not sure if this
|
|
is necessary but it might be wise to allow protection before the services
|
|
start).
|