Menu
▾
▴
Re: [SSHGuard-users] Call for testing: SSHGuard 1.7.0
|
From: Georg L. <jor...@ma...> - 2016-07-28 17:30:09
|
On 26/07/16 17:22, Kevin Zheng wrote: > On 07/26/2016 15:57, Georg Lehner wrote: >> I tried to step forward with iptables testing, but am unable to compile >> sshguard. After following >> http://www.sshguard.net/docs/setup/compile-install/ I get the below errors. >> >> Note: this has not been an issue about two weeks before. > > Thanks for the report. I've pushed some changes to 'master' that should > fix this issue. I have another report [1] that sshg-fw fails at run-time > with the iptables backend. Let me know if you hit this issue, and if you > know how to fix it. > > Thanks, > Kevin > > [1] https://bitbucket.org/sshguard/sshguard/issues/39/ > Hi! Finally I have come around to pull the changes. sshguard compiles w/o errors now. First tests: GNU/Linux, Debian 7.11, Bison, GCC After make install I run: /usr/local/libexec/sshg-logtail /var/log/socklog/main/current \ |sudo env SSHGUARD_DEBUG=1 /usr/local/sbin/sshguard 2>&1 \ |tee /tmp/sshguard.log - The sshg-fw script stops with syntax error, a patch with some improvements (hopefully) is attached. - Shortly after startup the following error message is shown, processing continues sh: 1: exec: NONE/libexec/sshg-fw: not found - After some processing sshguard stops because of a broken pipe. See the attached sshguard.log for the error messages. My guess: sshg-fw is not run (first error), and when the first attacker should be added the half-open pipe breaks. I recommend to add a 'ping' or 'version' command to the sshg-fw interface, so that sshguard can check for sanity on startup. - - - I noticed, that the sshg-fw script is wrapped together by './configure' and not by 'make'. To rebuild it, you need to 'make distclean' and than './configure' again. I propose either to build the script with make, or document the procedure. - - - Best Regards, Georg Lehner |
