[solved] Website lock-out information

Started by errored out, May 26, 2021, 07:45:02 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 26, 2021, 07:45:02 PM Last Edit: August 08, 2021, 01:52:56 AM by errored out
Does anyone know where the information for firewall access regarding locking-out time-frames and attempts is located (using local authentication)?

Looking for information how to change the attempts count before lock-out and the duration. 
May 26, 2021, 07:53:36 PM #1
View contents of lockout table via

# pfctl -t sshlockout -T show

The script taking care of accounting for lockouts is /usr/local/opnsense/scripts/syslog/lockout_handler but it doesn't support dumping runtime information on partial/future lockouts.


Cheers,
Franco
May 27, 2021, 12:01:47 AM #2
How can the script be modified as to not be overwritten during an update/upgrade? 

Would it be possible to add these options into the system settings tab?

Thank you Franco
May 27, 2021, 08:29:42 AM #3
Hi,

I don't think these are mission critical tasks by any means, but that does not mean contribution are not welcome.

One would have to modify the script to dump this information into a text file and then read it from the widget or a status page. It's quite some work all things considered.

Suffice to say you can't overwrite a script permanently while simultaneously retaining it on updates.

Practically you could use an override to the syslog-ng configuration that invokes the script via template and use a different script but there are no guarantees that this override will not cause out of sync issues with future updates.


Cheers,
Franco
Print
Go Up Pages1
User actions