Menu
▾
▴
Re: [SSHGuard-users] More debugging output
|
From: Kevin Z. <kev...@gm...> - 2018-09-28 17:49:58
|
On 9/28/18 1:28 AM, Frank Steiner wrote: >> Have you tried running sshg-parser in libexec? The output is currently a >> bit cryptic, but it'll tell you which rule was matched. > > Hmm, if I feed journalctl to sshg-parser I only get lines like > 100 x.x.x.x 4 10 > 100 x.x.x.x 4 3 > > These are two different rules, the first one is the unknown user, the > second one the maximum reached as I patched that one to score 3. Sorry, it's not indicating which rule is being matched. 100 is just a code corresponding to a service defined in src/common/attack.h. -- Kevin Zheng kev...@gm... | ke...@be... | PGP: 0xC22E1090 |
