mail at ozzmosis.com
Wed Jun 15 17:17:36 UTC 2011
A recent FreeBSD ports change upgrades sshguard to 1.5. I'm not sure
about other variants, but with sshguard-ipfw at least, from what I can
tell, installing the port erroneously comments-out the following
existing line from /etc/syslog.conf:
auth.info;authpriv.info | exec /usr/local/sbin/sshguard
To get sshguard-ipfw to work again you need to uncomment the above
line and restart syslogd, eg. "sudo service syslogd restart".
Incidentally version 1.5 is somewhat more "noisy" than the previous
version, sending this to /var/log/messages once every few hours:
Jun 16 01:00:00 blizzard sshguard: Got exit signal, flushing blocked addresses and exiting...
Jun 16 01:00:00 blizzard sshguard: Started successfully [(a,p,s)=(40, 420, 1200)], now ready to scan.
(obviously a separate issue to the syslog.conf problem above)
More information about the freebsd-ports