On Wed, 2004-08-11 at 12:44, Gabor E. Tusnady wrote:

Sziasztok!

Meg lehet csinalni a zorp-pal, hogy ha valahonnan pasword scannel probalkoznak ssh-n, akkor a rovid idon belul ismetlodo tobbszori ssh kapcsolodast ne engedelyezze? Minden infot elore is koszonok,

mindent lehet :-), de pontosan mit szeretnel elerni? mondjuk ha egy adott IP 1 percnel rovidebb session-t nyitott az elmult 3 percben legalabb 3-szor, akkor csapja le a kapcsolatot ugyanarrol az IP-rol a kovetkezo 10 percben? Valahogy igy lehet (a short_sessions lockolasa hianyzik): import time short_sessions = {} class MySSHPlugProxy(PlugProxy): def config(self): global short_sessions PlugProxy.config(self) ip = self.session.client_address.ip_s now = time.time() try: (last_attempt, count) = short_sessions[ip] except KeyError: last_attempt = now count = 0 if now > last_attempt + 600: # last attempt more than 10 minutes ago, it is allowed again last_attempt = now count = 0 count = count + 1 if count > 3 and now < last_attempt + 180: # more than 3 attempts in the last 3 minutes raise DACException, "Connections over limit" short_sessions[ip] = (now, count) self.started_time = now def shutDown(self): global short_sessions PlugProxy.shutDown(self) now = time.time() if now - self.started_time > 60: # this was a session longer than 60 seconds, it was not a # real short session ip = self.session.client_address.ip_s (last_attempt, count) = short_sessions[ip] short_sessions[ip] = (last_attempt, count - 1) -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1