Feature #9165
open
only IPs can be added to sshguard whitelist
0%
Description
The new sshguard list feature (see #8864) does only allow addition of IP addresses. I do have the need to include DNS names, because some of the sources do change IP address over a short period in time.
sshguard itself does process DNS names in white list by just adding it to the file.
Updated by
Updated by Viktor Gurov over 4 years ago
Stefan Beckers wrote:
The new sshguard list feature (see #8864) does only allow addition of IP addresses. I do have the need to include DNS names, because some of the sources do change IP address over a short period in time.
https://web.archive.org/web/20180902011957/https://www.sshguard.net/docs/whitelist/:
When hosts resolve to multiple addresses, all of them are whitelisted. Hosts are resolved to addresses once, when sshguard starts up.
Thus, this does not help in cases where sources change the IP address for a short period of time.
Updated by Stefan Beckers over 4 years ago
Semi-correct for me, as restart of sshguard or reboot will fix the situation without deeper knowledge of the "issue". So in reality, it will "ease" fixing the issue, also with uneducated staff is able to default to the reboot method. And the more educated admin just has to restart sshguard without editing IP lists.
You are definitely right, that this will not improve the situation for dynamic DNS on lines that change their IP on a daily base, os so. In that respect, my text was misleading.
Updated by