Menu
▾
▴
[SSHGuard-users] Fwd: SSHguard and IPFW
|
From: jason h. <hi...@at...> - 2017-05-07 18:11:28
|
> Begin forwarded message: > > From: jason hirsh <hi...@at...> > Subject: Re: [SSHGuard-users] SSHguard and IPFW > Date: May 7, 2017 at 2:10:52 PM EDT > To: Kevin Zheng <kev...@gm...> > >> >> On May 7, 2017, at 1:52 PM, Kevin Zheng <kev...@gm... <mailto:kev...@gm...>> wrote: >> >> On 05/07/2017 10:29, jason hirsh wrote: >>> I am running FreeBSD 11 and IPFW. I have found that every time my log is rotated the contents of Table 22 are cleaned. >>> >>> I has assume that the blacklist.db was the volatile list and that the real bad guys were added to Table 22 by SSHGuard. I was therefore adding know offenders to Table 22 . If SSHGuard is going to cleanup Table 22 then I naturally need a different approach >> >> It sounds like you might be running 1.7.1. >> >> How do you have logging set up? You should use the '-l' argument to >> SSHGuard instead of piping from syslog, because when syslog rotates log >> files it sends SIGHUP to child processes. SSHGuard will clear out its >> ipfw table before exiting. >> >> -- >> Kevin Zheng >> kev...@gm... <mailto:kev...@gm...> | ke...@be... <mailto:ke...@be...> | PGP: 0xC22E1090 >> >> ——————— > > > Sorry about that. Yes I am running 1.7.1. which is current version in FreeBSD ports > > And I did do this as the SSHGuard install safe suggested > auth.info <http://auth.info/>;authpriv.info <http://authpriv.info/> |exec /path/to/sshguard > > > I saw the part about flushing but I presumed that applied to blacklist not the table > My mistake |
