This article applies to:
Question:
- Why are my X Strikes lockouts not preserved if the filter is rebooted?
Reply:
X Strikes lockouts are removed when the filter is rebooted because these lockouts are generated in response to events - namely, a user hitting too many Strike sites within the specified time frame. These lockouts are then simply added into the profile daemon, and not kept in an external list file or anything like that.
X Strikes are generally meant for temporary lockouts based on recent actions - if you want to create a more permanent lockout for a user or IP, it is generally better to do this via an individual IP or LDAP profile.
Notes:
X Strikes blocks users based on IP addresses and not usernames, so if a user is locked out and that user leaves the workstation, the workstation will remain locked for the next user unless the "Reset the X-Strike count upon authentication" option is enabled.