SSHgaurd and PF
Justin V.
vic at yeaguy.com
Tue Nov 2 18:42:11 UTC 2010
On Tue, 2 Nov 2010, Rob Farmer wrote:
> On Tue, Nov 2, 2010 at 10:40, Justin V. <vic at yeaguy.com> wrote:
>> Actually this was installed after the port completed:
>>
>>
>> yeaguy# grep sshg /etc/syslog.conf
>> auth.info;authpriv.info |exec /usr/local/sbin/sshguard
>>
>> But it is not exactly what the HOWTO ways, the HOWTO does not mention the
>> "exec" part.
>
> Could be that the docs are written for Linux or another version of
> syslog. The port and the man page say include the exec, so I would go
> with that.
>
>>
>> Put this line high into this file:
>>
>> auth.info;authpriv.info |/usr/local/sbin/sshguard
>
> Ok - if that isn't working, then check to see if your ftp server is
> logging to syslog under auth or authpriv. If not you'll need to change
> the setup to get the logs from the right place.
>
> --
> Rob Farmer
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
So i added this:
auth.info;authpriv.info;ftp.info /var/log/auth.log
This is existing:
ftp.info /var/log/xferlog
I see my failed attempts going to auth.log and sshguard is still not
blocking or logging..
I restarted both syslog and sshguard.. I feel like we are almost there
thanks,
jv
More information about the freebsd-questions
mailing list