FreeBSD Bugzilla – Attachment 222508 Details for
Bug 221602
security/sshguard: configuration inconvenience wrt blacklisting
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
0001-security-sshguard-Remove-default-sshguard_blacklist-.patch (text/plain), 2.72 KB, created by
Kevin Zheng
on 2021-02-17 07:39:37 UTC
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Kevin Zheng
Created:
2021-02-17 07:39:37 UTC
Size:
2.72 KB
patch
obsolete
>From ba6cd47f7ebf762f84911ae1617b28434d735170 Mon Sep 17 00:00:00 2001 >From: Kevin Zheng <kevinz5000@gmail.com> >Date: Tue, 16 Feb 2021 23:32:20 -0800 >Subject: [PATCH] security/sshguard: Remove default sshguard_blacklist rcvar > >The sshguard_blacklist rcvar always overrides the setting in >sshguard.conf. Since the rc.d script sets sshguard_blacklist, the >blacklist option in sshguard.conf is never used. > >This patch removes the default rcvar setting, and instead enables >blacklisting in the example sshguard.conf. (Note that this is a >traditional FreeBSD ports default, not an upstream default.) > >New users (with no existing sshguard.conf) will see no change. Users >with existing sshguard.conf will have blacklisting turned off until they >update their sshguard.conf. >--- > security/sshguard/Makefile | 1 + > security/sshguard/files/patch-examples-sshguard.conf.sample | 2 +- > security/sshguard/files/sshguard.in | 2 +- > 3 files changed, 3 insertions(+), 2 deletions(-) > >diff --git a/security/sshguard/Makefile b/security/sshguard/Makefile >index a3e1e1d25998..a7950a5aca5c 100644 >--- a/security/sshguard/Makefile >+++ b/security/sshguard/Makefile >@@ -3,6 +3,7 @@ > > PORTNAME= sshguard > PORTVERSION= 2.4.1 >+PORTREVISION= 1 > PORTEPOCH= 1 > CATEGORIES= security > MASTER_SITES= SF/sshguard/sshguard/${PORTVERSION} >diff --git a/security/sshguard/files/patch-examples-sshguard.conf.sample b/security/sshguard/files/patch-examples-sshguard.conf.sample >index a9abccad5bbf..ec71817bc561 100644 >--- a/security/sshguard/files/patch-examples-sshguard.conf.sample >+++ b/security/sshguard/files/patch-examples-sshguard.conf.sample >@@ -25,7 +25,7 @@ > # Colon-separated blacklist threshold and full path to blacklist file. > # (optional, no default) > -#BLACKLIST_FILE=90:/var/lib/sshguard/enemies >-+#BLACKLIST_FILE=120:/var/db/sshguard/blacklist.db >++BLACKLIST_FILE=120:/var/db/sshguard/blacklist.db > > # IP addresses listed in the WHITELIST_FILE are considered to be > # friendlies and will never be blocked. >diff --git a/security/sshguard/files/sshguard.in b/security/sshguard/files/sshguard.in >index e9b8a0105b84..78b6eff280b0 100644 >--- a/security/sshguard/files/sshguard.in >+++ b/security/sshguard/files/sshguard.in >@@ -63,7 +63,7 @@ > name=sshguard > rcvar=sshguard_enable > >-set_rcvar sshguard_blacklist "120:/var/db/sshguard/blacklist.db" "Blacklisting threshold and path to blacklist file (colon-separated)" >+set_rcvar sshguard_blacklist "" "Blacklisting threshold and path to blacklist file (colon-separated)" > set_rcvar sshguard_danger_thresh "" "Attack threshold" > set_rcvar sshguard_pidfile "/var/run/sshguard.pid" "Path to PID file" > set_rcvar sshguard_release_interval "" "Time before releasing first-time attackers (s)" >-- >2.30.0 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 221602
:
222508
|
228131