Menu
▾
▴
[SSHGuard-users] sshguard 2.0 issues with sshguard.conf on freebsd
|
From: Christos C. <ch...@cr...> - 2017-07-21 16:00:13
|
Hello, sshguard 2.0 requires /usr/local/etc/sshguard.conf to exist to be able to start sshguard. My /etc/rc.conf contains: sshguard_enable="YES" sshguard_watch_logs="/var/log/auth.log:/var/log/maillog:/var/log/xferlog" sshguard_blacklist="" I remove the last 2 lines and keep only: sshguard_enable="YES" Then I edit sshguard.conf and replace: #FILES="/var/log/auth.log /var/log/maillog" with: FILES="/var/log/auth.log /var/log/maillog /var/log/xferlog" The problem is that it ignores all changes in sshguard.conf and I think the only change it works is the BACKEND option. Then I add back in rc.conf the lines: sshguard_watch_logs="/var/log/auth.log:/var/log/maillog:/var/log/xferlog" sshguard_blacklist="" and restart sshguard and running "ps -ax | grep sshguard" I get: 51567 - Is 0:00.00 /bin/sh /usr/local/sbin/sshguard -l /var/log/auth.log -l /var/log/maillog -l /var/log/xferlog -a 30 -p 120 -s 1800 -w /usr/local/etc/sshguard.whitelist -i /var/run/sshguard.pid 51569 - S 0:00.00 /usr/local/libexec/sshg-parser 51570 - S 0:00.14 /usr/local/libexec/sshg-blocker -a 30 -i /var/run/sshguard.pid -p 120 -s 1800 -w /usr/local/etc/sshguard.whitelist 51571 - I 0:00.00 /bin/sh /usr/local/sbin/sshguard -l /var/log/auth.log -l /var/log/maillog -l /var/log/xferlog -a 30 -p 120 -s 1800 -w /usr/local/etc/sshguard.whitelist -i /var/run/sshguard.pid 51572 - I 0:00.00 /bin/sh /usr/local/libexec/sshg-fw-ipfw Is it normal for sshguard process to run 2 times? Kind regards, Christos Chatzaras |
