Project

General

Profile

Feature #9222

Add sshguard log when release an IP

Added by Joshua Sign 9 months ago. Updated about 1 month ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Authentication
Target version:
-
Start date:
12/26/2018
Due date:
% Done:

0%

Estimated time:

Description

Actually systems logs show us when sshguard is blocking an IP, but we never known when it release this IP.
It should be very usefull to know when sshguard release an IP, as we can see that it works as expected.

I dont know what is the best way to do that, but adding a logger line in backend file "/usr/local/libexec/sshg-fw-pf" seems to do the job :

fw_release() {
    logger -t sshguard "Release \"$1/$3\" from $table table" 
    pfctl -q -t $table -T del $1/$3
}

You need to go in "Advanced settings" and save, to be effective.

History

#1 Updated by Jim Pingle about 1 month ago

  • Category set to Authentication

Also available in: Atom PDF