[security/sshguard] Are default intervals toggled?

Boris Samorodov bsam at passap.ru
Fri Nov 23 17:05:50 UTC 2012

Hi All,

there are two valuse at the port's RC script:
# sshguard_pardon_min_interval (int):
#                               Minimum pardon interval.  Set to "1200"
#                               by default.
# sshguard_prescribe_interval (int):
#                               Prescribe interval.  Set to "420" by
#                               default.

This seems to contradict with the man and sources:
/* default: minimum seconds after which unblocking a blocked IP. Max is
(min*3/2) */
#define DEFAULT_PARDON_THRESHOLD    (7 * 60)
/* default seconds after which forgiving a cracker candidate */
#define DEFAULT_STALE_THRESHOLD     (20 * 60)

The man page:
     -p secs  release a blocked address no sooner than secs seconds after
              being blocked for the first time.  sshguard will release the
              address between X and 3/2 * X seconds after blocking it.
              (Default: 7*60)

     -s secs  forget about an address after secs seconds. If host A
issues one
              attack every this many seconds, it will never be blocked.
              (Default: 20*60)

If I'm not mistaken those two values should be toggled at the RC script.
Or am I lost with those therms/variable names?

WBR, Boris Samorodov (bsam)
FreeBSD Committer, http://www.FreeBSD.org The Power To Serve

More information about the freebsd-ports mailing list