SSH Guard won't start after update

[xy16644]

So after updating my SSHGuard port today I couldn't start the service afterwards. I checked /usr/ports/UPDATING but didn't find anything in there.

I changed /usr/local/etc/rc.d/sshguard as follows:

command_args="-cf ${actual_command} -b .....

to:

command_args="-c ${actual_command} -b .....

Just so I could get some kind of error as when I try to start the service manually otherwise it quietly exits. Now when I start the service it says:

 Warning! Sshguard now uses *attack dangerousness*, not occurrences, to gauge threats.
Default dangerousness per attack is 10, default threshold is 40.
sshguard: option requires an argument -- i
Usage:
sshguard [-b <thr:file>] [-w <whlst>]{0,n} [-a num] [-p sec] [-s sec]
        [-l <source>] [-f <srv:pidfile>]{0,n} [-i <pidfile>] [-v]
        -b      Blacklist: thr = number of abuses before blacklisting, file = blacklist filename.
        -a      Number of hits after which blocking an address (40)
        -p      Seconds after which unblocking a blocked address (420)
        -w      Whitelisting of addr/host/block, or take from file if starts with "/" or "." (repeatable)
        -s      Seconds after which forgetting about a cracker candidate (1200)
        -l      Add the given log source to Log Sucker's monitored sources (off)
        -f      "authenticate" service's logs through its process pid, as in pidfile
        -i      When started, save PID in the given file; useful for startup scripts (off)
        -v      Dump version message to stderr, supply this when reporting bugs

        The SSHGUARD_DEBUG environment variable enables debugging mode (verbosity + interactivity).

My /etc/rc.conf has the following options set:

sshguard_enable="YES"
sshguard_watch_logs="/var/log/auth/auth.log:/var/log/system/messages"
sshguard_safety_thresh="3"
sshguard_pardon_min_interval="43200"
sshguard_prescribe_interval="7200"
sshguard_blacklist="40:/var/db/sshguard/blacklist.db"

So what do I need to do to get the service to start again? :q

 

[Chris_H]

So after updating my SSHGuard port today I couldn't start the service afterwards. I checked /usr/ports/UPDATING but didn't find anything in there.

I changed /usr/local/etc/rc.d/sshguard as follows:

command_args="-cf ${actual_command} -b .....

to:

command_args="-c ${actual_command} -b .....

Just so I could get some kind of error as when I try to start the service manually otherwise it quietly exits. Now when I start the service it says:

While I have no experience with this application...

 Warning! Sshguard now uses *attack dangerousness*, not occurrences, to gauge threats.
Default dangerousness per attack is 10, default threshold is 40.
sshguard: option requires an argument -- i

seems to be telling you

Usage:
sshguard [-b <thr:file>] [-w <whlst>]{0,n} [-a num] [-p sec] [-s sec]
        [-l <source>] [-f <srv:pidfile>]{0,n} [-i <pidfile>] [-v]
        -b      Blacklist: thr = number of abuses before blacklisting, file = blacklist filename.
        -a      Number of hits after which blocking an address (40)
        -p      Seconds after which unblocking a blocked address (420)
        -w      Whitelisting of addr/host/block, or take from file if starts with "/" or "." (repeatable)
        -s      Seconds after which forgetting about a cracker candidate (1200)
        -l      Add the given log source to Log Sucker's monitored sources (off)
        -f      "authenticate" service's logs through its process pid, as in pidfile

NOTE THE FOLLOWING:

        -i      When started, save PID in the given file; useful for startup scripts (off)

In other words; using the -c switch, also requires the -i switch.
So I'm guessing you need to do something like; -ci <path-and-name-of-PIDFILE>

HTH

--Chris

        -v      Dump version message to stderr, supply this when reporting bugs

        The SSHGUARD_DEBUG environment variable enables debugging mode (verbosity + interactivity).

My /etc/rc.conf has the following options set:

sshguard_enable="YES"
sshguard_watch_logs="/var/log/auth/auth.log:/var/log/system/messages"
sshguard_safety_thresh="3"
sshguard_pardon_min_interval="43200"
sshguard_prescribe_interval="7200"
sshguard_blacklist="40:/var/db/sshguard/blacklist.db"

So what do I need to do to get the service to start again? :q

 

[xy16644]

I tried adding the following to /etc/rc.conf:

sshguard_pidfile="/var/run/sshguard.pid"

But it still doesn't let me start the service. I'm not having much luck finding anything in the logs.

 

[Chris_H]

Again, no experience with this application; but you might try using just the PIDFILE name. Also, it might possibly be a permission problem (can't write to /var/run?). Anyway. I should probably defer to someone with more/any experience with this application. Cause I have none.

Best wishes.

--Chris

 

[gedge]

This patch gets my sshguard running:

https://gist.github.com/gedge/10349046

 

[xy16644]

This patch gets my sshguard running:

https://gist.github.com/gedge/10349046

That worked perfectly, thanks!

 

[wblock@]

Please submit a PR for this.

 

[xy16644]

Please submit a PR for this.

Done :e My first PR!

Edit...PR link:

http://www.freebsd.org/cgi/query-pr.cgi?pr=188436