Menu
▾
▴
Re: [Sshguard-users] sshguard-1.5-r1 on gentoo: log entries missed
|
From: Mij <mi...@ss...> - 2010-03-18 22:04:39
|
On Mar 17, 2010, at 21:58 , Robert S wrote: > Thanks. > > I left sshguard running overnight with the above config and recorded hundreds of attempts to log in that were not blocked. It appears that the syslog-ng config is not sending messages to sshguard. > > I have just downgraded sshguard to 1.4.4 and the logging is appearing again my my system log: Combining the two pieces of information: if syslog-ng doesn't pass stuff to sshguard, it may not activate the destination at all, that is, not start sshguard. In turn this may explain the absence of logs. What about running 1.5 with log sucking? The log sucker saves the syslog configuration hassle. See http://www.sshguard.net/docs/setup/getlogs/log-sucker/ > > Mar 18 07:48:23 hostname syslog-ng[30304]: Configuration reload request received, reloading configuration; > Mar 18 07:48:23 hostname sshguard[27966]: authenticating service 100 with process ID from /var/run/sshd.pid > Mar 18 07:48:23 hostname sshguard[27966]: whitelist: add block: 192.168.2.0 with mask 24. > Mar 18 07:48:23 hostname sshguard[27966]: whitelist: add '127.0.0.1' as plain IPv4. > Mar 18 07:48:23 hostname sshguard[27966]: whitelist: add plain ip 127.0.0.1. > Mar 18 07:48:23 hostname sshguard[27966]: Run command "iptables -L": exited 0. > Mar 18 07:48:23 hostname sshguard[27966]: Blacklist loaded, 0 addresses. > Mar 18 07:48:23 hostname sshguard[27966]: Started successfully [(a,p,s)=(4, 420, 1200)], now ready to scan. > > > ------------------------------------------------------------------------------ > Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev_______________________________________________ > Sshguard-users mailing list > Ssh...@li... > https://lists.sourceforge.net/lists/listinfo/sshguard-users |
