svn commit: r471012 - in head/security/sshguard: . files

Adam Weinberger adamw at FreeBSD.org
Mon May 28 01:30:41 UTC 2018 

Author: adamw
Date: Mon May 28 01:30:39 2018
New Revision: 471012
URL: https://svnweb.freebsd.org/changeset/ports/471012

Log:
  Increase the default blacklist threshold from 30 to 120, which is the upstream
  default. 30 makes it far too easy to get locked out of your own server. 120 is
  simply a safer starting point.
  
  PR:		227016
  Submitted by:	Dan McGregor (maintainer)
  MFH:		2018Q2

Modified:
  head/security/sshguard/Makefile
  head/security/sshguard/files/patch-examples-sshguard.conf.sample
  head/security/sshguard/files/sshguard.in

Modified: head/security/sshguard/Makefile
==============================================================================
--- head/security/sshguard/Makefile	Sun May 27 22:23:01 2018	(r471011)
+++ head/security/sshguard/Makefile	Mon May 28 01:30:39 2018	(r471012)
@@ -3,6 +3,7 @@
 
 PORTNAME=	sshguard
 PORTVERSION=	2.1.0
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	SF/sshguard/sshguard/${PORTVERSION}
 

Modified: head/security/sshguard/files/patch-examples-sshguard.conf.sample
==============================================================================
--- head/security/sshguard/files/patch-examples-sshguard.conf.sample	Sun May 27 22:23:01 2018	(r471011)
+++ head/security/sshguard/files/patch-examples-sshguard.conf.sample	Mon May 28 01:30:39 2018	(r471012)
@@ -25,7 +25,7 @@
  # Colon-separated blacklist threshold and full path to blacklist file.
  # (optional, no default)
 -#BLACKLIST_FILE=90:/var/lib/sshguard/enemies
-+#BLACKLIST_FILE=30:/var/db/sshguard/blacklist.db
++#BLACKLIST_FILE=120:/var/db/sshguard/blacklist.db
  
  # IP addresses listed in the WHITELIST_FILE are considered to be
  # friendlies and will never be blocked.

Modified: head/security/sshguard/files/sshguard.in
==============================================================================
--- head/security/sshguard/files/sshguard.in	Sun May 27 22:23:01 2018	(r471011)
+++ head/security/sshguard/files/sshguard.in	Mon May 28 01:30:39 2018	(r471012)
@@ -67,7 +67,7 @@ rcvar=sshguard_enable
 load_rc_config sshguard
 
 : ${sshguard_enable:=NO}
-: ${sshguard_blacklist=30:/var/db/sshguard/blacklist.db}
+: ${sshguard_blacklist=120:/var/db/sshguard/blacklist.db}
 : ${sshguard_danger_thresh=}
 : ${sshguard_release_interval=}
 : ${sshguard_reset_interval=}

More information about the svn-ports-all mailing list