afctl rule not added

Question

Level 1

69 points

afctl rule not added

Hello

After a recent clean install of Lion on a shiny new Mini, and applying all software updates, it would appear that afctl is not running. Console shows MULTIPLE (filling up the log file) attempts of a remote host trying to ssh in as root. It was my understanding that the firewall in Lion was supposed to block multiple failed attempts by an attacker? Do I need to turn something on for this to happen? Log excerpt below:

1/17/12 9:18:34.410 AM sshd: error: PAM: authentication error for root from 14.53.10.152 via 10.0.0.2

1/17/12 9:18:34.417 AM emond: Host at 14.53.10.152 will be blocked for at least 15 minutes

1/17/12 9:18:34.439 AM afctl: Firewall not running or managed by another entity, rule not added

How do I turn on afctl, or ipfw, or pf, etc....

B

Posted on Jan 17, 2012 1:45 PM

Reply

Answer 1

May 8, 2012 1:00 PM in response to bernuli

I have the same thing filling up my logs and I have never turned on the firewall service.

5/8/12 12:56:08.435 PM afctl: Firewall not running or managed by another entity, rule not added

Reply