Menu
▾
▴
Re: [SSHGuard-users] Asterisk support
|
From: Kevin Z. <kev...@gm...> - 2020-05-14 18:19:21
|
Hi David, On 5/14/20 11:14 AM, David Moore wrote: > I am an asterisk administrator and developer and I am fed up with > fail2ban. I have been following SSHGuard for some time, hoping for > asterisk support, but still clinging to mostly-working fail2ban. That > has changed, I now have a mandate to replace fail2ban. I have done some > searching, I found [1] and [2] - [1] indicates that support was added at > some point, but grepping the source tree makes me think that it is no > longer there. I imagine this is because it was incomplete. [2] indicates > 'Defer until fail2ban backend is available' Just curious -- why do you have a mandate to replace fail2ban? The 'fail2ban' backend didn't happen. That was supposed to borrow only the attack parsers from fail2ban, so you could use them with SSHGuard. Mostly, there was lack of time/interest. > I am willing to do development work to enable asterisk support in > SSHGuard. I'm wondering what the 'fail2ban backend' is, and whether it's > available yet? I would love to read more details about the required > process to get asterisk integrated into SSHGuard See "Add New Signatures" in CONTRIBUTING.rst, found in the repo or linked online here: https://bitbucket.org/sshguard/sshguard/src/master/CONTRIBUTING.rst#rst-header-add-new-signatures Steps 3-6 could use some fleshing-out; I'm also available to help. Alternatively, you can replace sshg-parser entirely; all it has to do is take lines via stdin and spit out attacks in the format expected by SSHGuard on stdout. Let me know how you'd like to try to proceed. -- Kevin Zheng kev...@gm... | ke...@be... XMPP: ke...@ee... |
