From ecf58dbcf660740d7046e6b63b489536cca4e777 Mon Sep 17 00:00:00 2001 From: Darren 'Tadgy' Austin Date: Sat, 21 Mar 2026 20:36:56 +0000 Subject: [PATCH] sshguard configuration. --- .gitattributesdb | 5 ++++- etc/sshguard/.gitignore | 1 + etc/sshguard/sshguard.conf | 12 ++++++------ 3 files changed, 11 insertions(+), 7 deletions(-) create mode 100644 etc/sshguard/.gitignore diff --git a/.gitattributesdb b/.gitattributesdb index 3d36535..7363e2b 100644 --- a/.gitattributesdb +++ b/.gitattributesdb @@ -466,7 +466,10 @@ c3No - - ZXRjL3NzaC9zc2hkX2NvbmZpZw== 1758202229.000000000 1757606896.000000000 root:root 0644 - - ZXRj 1774124129.988147011 1771501908.000000000 root:root 0755 - - c3NoZ3VhcmQ= - - -ZXRjL3NzaGd1YXJkL3NzaGd1YXJkLmNvbmY= 1774105733.111818452 1758050700.000000000 root:root 0644 - - +ZXRjL3NzaGd1YXJkLy5naXRpZ25vcmU= 1774125137.895659238 1774125137.895659238 root:root 0644 - - +ZXRj 1774124129.988147011 1771501908.000000000 root:root 0755 - - +c3NoZ3VhcmQ= - - +ZXRjL3NzaGd1YXJkL3NzaGd1YXJkLmNvbmY= 1774125374.863787370 1758050700.000000000 root:root 0644 - - ZXRj 1774124129.988147011 1771501908.000000000 root:root 0755 - - c3NoZ3VhcmQ= - - ZXRjL3NzaGd1YXJkL3doaXRlbGlzdA== 1758050235.000000000 1758050235.000000000 root:root 0644 - - diff --git a/etc/sshguard/.gitignore b/etc/sshguard/.gitignore new file mode 100644 index 0000000..94d12f0 --- /dev/null +++ b/etc/sshguard/.gitignore @@ -0,0 +1 @@ +/blacklist diff --git a/etc/sshguard/sshguard.conf b/etc/sshguard/sshguard.conf index 8dedc93..3dd8717 100644 --- a/etc/sshguard/sshguard.conf +++ b/etc/sshguard/sshguard.conf @@ -2,10 +2,10 @@ # sshguard.conf -- SSHGuard configuration # Full path to backend executable (required, no default) -BACKEND="/usr/libexec/sshg-fw-iptables" +BACKEND="/usr/libexec/sshguard/sshg-fw-iptables" # Space-separated list of log files to monitor. (optional, no default) -FILES="/var/log/core.slackware.uk.net/auth" +FILES="/var/log/auth" # Shell command that provides logs on standard output. (optional, no default) # Example 1: ssh and sendmail from systemd journal: @@ -26,21 +26,21 @@ BLOCK_TIME=86400 DETECTION_TIME=28800 # Size of IPv6 subnet to block. Defaults to a single address, CIDR notation. (optional, default to 128) -IPV6_SUBNET=128 +IPV6_SUBNET=64 # Size of IPv4 subnet to block. Defaults to a single address, CIDR notation. (optional, default to 32) -IPV4_SUBNET=32 +IPV4_SUBNET=24 # Full path to PID file (optional, no default) PID_FILE=/run/sshguard.pid # Colon-separated blacklist threshold and full path to blacklist file. # (optional, no default) -BLACKLIST_FILE=10:/var/lib/sshguard/blacklist +BLACKLIST_FILE=10:/etc/sshguard/blacklist # IP addresses listed in the WHITELIST_FILE are considered to be # friendlies and will never be blocked. -WHITELIST_FILE=/etc/sshguard.whitelist +WHITELIST_FILE=/etc/sshguard/whitelist # If PARSER is unset, SSHGuard will use the installed sshg-parser as its # parser. Setting PARSER overrides this, so that you can use your own parser.