I haven't attempted to look in the database, but due to issue #1 and entries not being removed from hosts.deny. I can verify, manual or automatic blacklist will add another entry into hosts.deny.

I suspect it would be wise to verify if an ip is already listed in the file, or with a working cleanup, make sure all copies of the ip is removed.

Two things dealing with autoupdates done on the web. First it doesn't look like there is any authentication of the code that you get on update. No digital signature checking of the code or server makes it possible to hijack the request and replace the code with a malicious version. Second it doesn't look like there's an option to turn off auto updates.

Thanks for the code!

FreeBSD 9.1 amd64 & Perl v5.14.2

as root adding a manual blacklist: (also automatic blacklist works great)
/var/db/sentry # ./sentry.pl --verbose -b --ip=192.168.11.35
installed version is 0.25
ip 192.168.11.35 is valid
setup checks succeeded
using /var/db/sentry/sentry.dbm as database
0 connections from 192.168.11.35 (key: 3232238371)
blacklisting 192.168.11.35

As root, trying to delist any blacklist:
/var/db/sentry # ./sentry.pl --verbose -delist --ip=192.168.11.35
installed version is 0.25
ip 192.168.11.35 is valid
setup checks succeeded
using /var/db/sentry/sentry.dbm as database
0 connections from 192.168.11.35 (key: 3232238371)
and it is blacklisted
unblacklisting 192.168.11.35
file /var/db/sentry/hosts.deny or enclosing dir is not writable!
unwhitelisting 192.168.11.35

permissions:
-rw-r--r-- 1 root wheel 996 Jun 12 13:10 hosts.deny
drwxr-xr-x 2 root wheel 512 Jun 12 13:10 sentry

Obviously blacklisting works, but the entry is never removed from hosts.deny

Really just a question, not an issue.

Sentry version

1.0.5 (on CentOS 8)

Expected behavior

Should whitelist the IP address

Observed behavior

[root@localhost ~]# /var/db/sentry/sentry.pl --ip=N.N.N.N --whitelist
Net::IP not installed. No IPv6 support.
Can't locate object method "new" via package "Net::IP" at /var/db/sentry/sentry.pl line 931.

Steps to reproduce

Installed as per instructions. Ran the above command with a valid IP address.

Previous, the shebang line was hard coded:

#!/usr/bin/perl

And then I updated it because /usr/bin/perl doesn't always work (perl5, /opt/local, /usr/local, etc...). So I switched it to:

#!/usr/bin/env perl

Which should, work more often. But not necessarily so. See this and this.

Solution

When sentry is installed, find the path to perl (using ENV, following symlinks, etc..) and update the shebang line with the fully qualified path to perl.

Sentry version

1.05 (CentOS 8)

Expected behavior

I'd like to remove it since it doesn't seem to work.

Observed behavior

I am now locked out of my server and can't remove the lock

Steps to reproduce

Just ran the installation instructions as per the README

Sentry version

our $VERSION = '1.04';

Expected behavior

sentry --uninstall
Should completely and cleanly remove the module and disconnect it from the system.

Observed behavior

Nothing happens

Steps to reproduce

It would be great to have support for IPv6.