Author Topic: [solved] Website lock-out information (Read 2005 times)

errored out · « **on:** May 26, 2021, 07:45:02 pm »

Does anyone know where the information for firewall access regarding locking-out time-frames and attempts is located (using local authentication)?

Looking for information how to change the attempts count before lock-out and the duration.

franco · « **Reply #1 on:** May 26, 2021, 07:53:36 pm »

View contents of lockout table via

# pfctl -t sshlockout -T show

The script taking care of accounting for lockouts is /usr/local/opnsense/scripts/syslog/lockout_handler but it doesn't support dumping runtime information on partial/future lockouts.

Cheers,
Franco

errored out · « **Reply #2 on:** May 27, 2021, 12:01:47 am »

How can the script be modified as to not be overwritten during an update/upgrade?

Would it be possible to add these options into the system settings tab?

Thank you Franco

franco · « **Reply #3 on:** May 27, 2021, 08:29:42 am »

Hi,

I don't think these are mission critical tasks by any means, but that does not mean contribution are not welcome.

One would have to modify the script to dump this information into a text file and then read it from the widget or a status page. It's quite some work all things considered.

Suffice to say you can't overwrite a script permanently while simultaneously retaining it on updates.

Practically you could use an override to the syslog-ng configuration that invokes the script via template and use a different script but there are no guarantees that this override will not cause out of sync issues with future updates.

Cheers,
Franco

Author Topic: [solved] Website lock-out information (Read 2005 times)

errored out

[solved] Website lock-out information

franco

Re: Website lock-out information

errored out

Re: Website lock-out information

franco

Re: Website lock-out information