OPNsense Forum
Archive => 21.1 Legacy Series => Topic started by: errored out on May 26, 2021, 07:45:02 pm
-
Does anyone know where the information for firewall access regarding locking-out time-frames and attempts is located (using local authentication)?
Looking for information how to change the attempts count before lock-out and the duration.
-
View contents of lockout table via
# pfctl -t sshlockout -T show
The script taking care of accounting for lockouts is /usr/local/opnsense/scripts/syslog/lockout_handler but it doesn't support dumping runtime information on partial/future lockouts.
Cheers,
Franco
-
How can the script be modified as to not be overwritten during an update/upgrade?
Would it be possible to add these options into the system settings tab?
Thank you Franco
-
Hi,
I don't think these are mission critical tasks by any means, but that does not mean contribution are not welcome.
One would have to modify the script to dump this information into a text file and then read it from the widget or a status page. It's quite some work all things considered.
Suffice to say you can't overwrite a script permanently while simultaneously retaining it on updates.
Practically you could use an override to the syslog-ng configuration that invokes the script via template and use a different script but there are no guarantees that this override will not cause out of sync issues with future updates.
Cheers,
Franco