[MacPorts] #45347: sshguard respawn throttled
MacPorts
noreply at macports.org
Mon Oct 13 07:50:11 PDT 2014
#45347: sshguard respawn throttled
--------------------------+---------------------
Reporter: lionteeth@… | Owner: nefar@…
Type: defect | Status: new
Priority: Normal | Milestone:
Component: ports | Version: 2.3.1
Resolution: | Keywords:
Port: sshguard |
--------------------------+---------------------
Comment (by lionteeth@…):
I found out what the problem was by looking at what the wrapper does and
running the command directly:
}}}
/opt/local/sbin/sshguard -l /var/log/system.log -w
/opt/local/etc/sshguard/whitelist -b
5:/opt/local/var/db/sshguard/blacklist.db
Doesn't make sense to have a blacklist threshold lower than one abuse
(40). Terminating.
}}}
To make sshguard more aggressive, I had modified options to use
{{{
-l /var/log/system.log
-w /opt/local/etc/sshguard/whitelist
-b 5:/opt/local/var/db/sshguard/blacklist.db
}}}
as I was seeing lots of attacks and nothing was added to the blacklist.
But -b is not the number of attacks to tolerate, as in denyhosts, but a
"danger" measure that is poorly documented in the man page. Running the
command directly gives me
{{{
Doesn't make sense to have a blacklist threshold lower than one abuse
(40). Terminating.
}}}
It would be very useful if the wrapper could allow this error message to
pass through to system.log.
Now, the man page says "per-attack danger is 10", so it's unclear how 40
represents one abuse, and I still don't know how much abuse -b 50 is.
Anyway, bad documentation isn't macport's problem, so please close.
Cheers,
Dave
--
Ticket URL: <https://trac.macports.org/ticket/45347#comment:3>
MacPorts <http://www.macports.org/>
Ports system for OS X
More information about the macports-tickets
mailing list