From: jungle b. <jun...@gm...> - 2017-01-10 03:39:55
|
On 01/02/2017 02:19 PM, Kevin Zheng wrote: > Hi there, > > A lot of work to get SSHGuard working with new log sources (journalctl, > macOS log) and backends (firewalld, ipset) has happened in 2.0. > > The new version also uses a configuration file. > > Some deprecated backends have been resurrected (hosts, ipfilter). > > Most importantly, SSHGuard has been split into several processes piped > into one another (sshg-logmon | sshg-parser | sshg-blocker | sshg-fw). > sshg-parser can run with capsicum(4) and pledge(2). sshg-blocker can be > sandboxed in its default configuration (without pid file, whitelist, > blacklisting) and has not been tested sandboxed in other configurations. > > The sshguard program is now a driver script that glues everything > together. It's probably still a little fragile. > > Some cleanup work remains. Documentation is also being updated. > > I encourage package maintainers and people with suitable test > environments to give the new code a shot and provide feedback. > > The experimental code is available on SourceForge as 1.99.0 [1]. > I'm not a packages maintainer but I tested this out on an OpenBSD machine I have. Aside from the known start up issues[0], I was able to install and use sshguard without any issues. > Thanks, > Kevin > > [1] https://sourceforge.net/projects/sshguard/files/sshguard/1.99.0/ > Thanks, jb [0] http://marc.info/?l=openbsd-ports&m=148396223206682&w=2 |