[Sshguard-users] startup

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Here's what I use on a debian system.  You'd need to modify the
startGuard function if you want to use the log sucker.
#-----8><----------8><----------8><----------8><----------8><----------8><----------8><----------8><----------8><----------8><----------8><----------8><----------8><-----
#! /bin/sh
### BEGIN INIT INFO
# Provides:          sshguard
# Required-Start:    $syslog
# Required-Stop:     $local_fs $remote_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Example initscript
# Description:       This file should be used to construct scripts to be
#                    placed in /etc/init.d.
### END INIT INFO

PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="ssh guard service"
NAME=sshguard
PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
WHITELIST=/etc/sshguard.whitelist
LOG=/var/log/auth.log
. /lib/init/vars.sh
. /lib/lsb/init-functions
[ -f /etc/default/$NAME ] && . /etc/default/$NAME

function startGuard {
    [ -e $WHITELIST ] && ARGS="$ARGS -w $WHITELIST"
    sh -c "echo \$\$ > $PIDFILE && exec tail -n0 -f $LOG" |
/usr/local/sbin/sshguard $ARGS > /dev/null
    return $?
    }

do_start()
{
    [ -e $PIDFILE ] && return 1
    iptables -N sshguard
    iptables -I INPUT 1 -p tcp --dport 22 -j sshguard
    ip6tables -N sshguard
    ip6tables -A INPUT -p tcp --dport 22 -j sshguard
    startGuard &
    [ 0 -ne $? ] && return 2 || return 0
}

do_stop()
{
    kill `cat $PIDFILE`
    RETVAL=$?
    sleep 1
    iptables -D INPUT -p tcp --dport 22 -j sshguard
    iptables -F sshguard
    iptables -X sshguard
    ip6tables -D INPUT -p tcp --dport 22 -j sshguard
    ip6tables -F sshguard
    ip6tables -X sshguard
	# Return
	#   0 if daemon has been stopped
	#   1 if daemon was already stopped
	#   2 if daemon could not be stopped
	#   other if a failure occurred
	rm -f $PIDFILE
	return "$RETVAL"
}

case "$1" in
  start)
	log_daemon_msg "Starting $DESC" "$NAME"
	do_start
	case "$?" in
		0|1)	log_end_msg 0 ;;
		2) 	log_end_msg 1 ;;
	esac
	;;
  stop)
	log_daemon_msg "Stopping $DESC" "$NAME"
	do_stop
	case "$?" in
		0|1)	log_end_msg 0 ;;
		2)	log_end_msg 1 ;;
	esac
	;;
  restart|force-reload)
	log_daemon_msg "Restarting $DESC" "$NAME"
	do_stop
	case "$?" in
	  0|1)
		do_start
		case "$?" in
			0) log_end_msg 0 ;;
			1) log_end_msg 1 ;; # Old process is still running
			*) log_end_msg 1 ;; # Failed to start
		esac
		;;
	  *)
	  	# Failed to stop
		log_end_msg 1
		;;
	esac
	;;
  *)
	echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
	exit 3
	;;
esac
#-----8><----------8><----------8><----------8><----------8><----------8><----------8><----------8><----------8><----------8><----------8><----------8><----------8><-----

[Sshguard-users] startup

Intelligently block brute-force attacks by aggregating system logs

[Sshguard-users] startup