search

mrash / psad

psad: Intrusion Detection and Log Analysis with iptables
http://www.cipherdyne.org/psad/
GNU General Public License v2.0
391 stars 76 forks source link

psad --Status flushes ips #40

Closed hurricanehrndz closed 7 years ago

hurricanehrndz commented 7 years ago

Whenever I execute psad --Status it writes to socket the ips, removing them from the block. Why?

hurricanehrndz commented 7 years ago

Okay apparently 

    iptables auto-blocked IPs:
      x.x.x.x (unlimited timeout)
            [expired timeout, sending cleanup message]

Unlimited timeout. Hmm. So how can unlimited timeout?

mrash commented 7 years ago

I have reproduced this, will publish a fix soon.

mrash commented 7 years ago

This has been fixed in psad-2.4.4.