[Sshguard-users] sshguard on OpenBSD 4.8

[Pietro L. <le...@di...>]

Hallo, I compiled sshguard 1.5 for openbsd/pf, if I follow the faq XIV it 
works.

I do not understand how logsucker works, if I do not provide any log files 
throught "-l" option ssh work with defaults log files?

I tried launching sshguard in rc.local:

/usr/local/sbin/sshguard -l /var/log/authlog -l /var/log/secure

How can I be sure that sshguard is working? I have several failed login 
attempts in authlog:

Apr 27 19:17:27 hagane sshd[21459]: Failed password for invalid user 
abagnale from 219.235.240.36 port 38991 ssh2
Apr 27 19:29:39 hagane sshd[1762]: Failed password for invalid user 
abagnato from 219.235.240.36 port 48869 ssh2
Apr 27 19:40:50 hagane sshd[3422]: Failed password for invalid user 
abatantuono from 219.235.240.36 port 55981 ssh2
Apr 27 19:46:41 hagane sshd[11022]: Failed password for invalid user abate 
from 219.235.240.36 port 55755 ssh2
Apr 27 19:53:57 hagane sshd[28135]: Failed password for invalid user 
abatecola from 219.235.240.36 port 55147 ssh2
Apr 27 20:06:03 hagane sshd[27095]: Failed password for invalid user 
abategiovanni from 219.235.240.36 port 44748 ssh2
Apr 27 20:12:07 hagane sshd[16368]: Failed password for invalid user 
abatematteo from 219.235.240.36 port 49032 ssh2
Apr 27 20:16:55 hagane sshd[4722]: Failed password for invalid user 
abaterusso from 219.235.240.36 port 43805 ssh2
Apr 27 20:30:11 hagane sshd[2364]: Failed password for invalid user abati 
from 219.235.240.36 port 60845 ssh2
Apr 27 20:42:19 hagane sshd[7750]: Failed password for invalid user 
abatiscianni from 219.235.240.36 port 48578 ssh2
Apr 27 21:00:14 hagane sshd[30122]: Failed password for invalid user 
abbagnale from 219.235.240.36 port 45965 ssh2
Apr 27 21:06:14 hagane sshd[12398]: Failed password for invalid user 
abbagnato from 219.235.240.36 port 39866 ssh2
Apr 27 21:10:57 hagane sshd[30242]: Failed password for invalid user 
abbandonati from 219.235.240.36 port 55473 ssh2
Apr 27 21:18:13 hagane sshd[22701]: Failed password for invalid user 
abbandonato from 219.235.240.36 port 38085 ssh2
Apr 27 22:00:03 hagane sshd[12126]: Failed password for invalid user 
abbategiovanni from 219.235.240.36 port 59464 ssh2
Apr 27 22:04:47 hagane sshd[759]: Failed password for invalid user 
abbatelli from 219.235.240.36 port 44074 ssh2
Apr 27 22:10:47 hagane sshd[20150]: Failed password for invalid user 
abbatematteo from 219.235.240.36 port 50982 ssh2
Apr 27 22:16:49 hagane sshd[6395]: Failed password for invalid user 
abbaterusso from 219.235.240.36 port 49205 ssh2
Apr 27 22:22:46 hagane sshd[18708]: Failed password for invalid user 
abbatescianna from 219.235.240.36 port 60744 ssh2
Apr 27 22:30:06 hagane sshd[25634]: Failed password for invalid user 
abbatescianni from 219.235.240.36 port 40206 ssh2
Apr 27 22:36:08 hagane sshd[17098]: Failed password for invalid user abbati 
from 219.235.240.36 port 49051 ssh2
Apr 27 22:42:09 hagane sshd[8535]: Failed password for invalid user 
abbaticola from 219.235.240.36 port 44652 ssh2
Apr 27 22:48:12 hagane sshd[8188]: Failed password for invalid user 
abbatiscianni from 219.235.240.36 port 54250 ssh2
Apr 27 22:54:13 hagane sshd[7680]: Failed password for invalid user 
abbellito from 219.235.240.36 port 43753 ssh2
Apr 27 22:59:00 hagane sshd[29030]: Failed password for invalid user 
abbiate from 219.235.240.36 port 48461 ssh2
Apr 27 23:05:07 hagane sshd[27663]: Failed password for invalid user 
abbiati from 219.235.240.36 port 36606 ssh2
Apr 27 23:11:10 hagane sshd[11346]: Failed password for invalid user 
abbiento from 219.235.240.36 port 47709 ssh2
Apr 27 23:18:25 hagane sshd[16162]: Failed password for invalid user 
abbisogni from 219.235.240.36 port 38409 ssh2

But sshguard does not block any address.

How can I do?

Thanks, Pietro.