sshguard-users

[SSHGuard-users] SSHguard and IPFW

[jason h. <hi...@at...>]

I am running FreeBSD 11 and IPFW.    I have found that every time my log is rotated the contents of Table 22 are cleaned.

I has assume that the blacklist.db was the volatile list and that the real bad guys were added to Table 22 by SSHGuard.  I was therefore adding know offenders to Table 22 .  If SSHGuard is going to cleanup Table 22 then I naturally need a different approach

Any ideas or insight would be appreciated

[SSHGuard-users] SSHguard and IPFW

[jason h. <hi...@at...>]

Removing the pipe stopped Table 22 from being dumped

I guess I was wrong about that being the “permanent” jail 

All appears t be working right now

Re: [SSHGuard-users] SSHguard and IPFW

[Kevin Z. <kev...@gm...>]

On 05/07/2017 10:29, jason hirsh wrote:
> I am running FreeBSD 11 and IPFW.    I have found that every time my log is rotated the contents of Table 22 are cleaned.
> 
> I has assume that the blacklist.db was the volatile list and that the real bad guys were added to Table 22 by SSHGuard.  I was therefore adding know offenders to Table 22 .  If SSHGuard is going to cleanup Table 22 then I naturally need a different approach

It sounds like you might be running 1.7.1.

How do you have logging set up? You should use the '-l' argument to 
SSHGuard instead of piping from syslog, because when syslog rotates log 
files it sends SIGHUP to child processes. SSHGuard will clear out its 
ipfw table before exiting.

-- 
Kevin Zheng
kev...@gm... | ke...@be... | PGP: 0xC22E1090