On Tue, 22 May 2018, Mike Pumford wrote:
On 21/05/2018 18:03, Mayuresh wrote:
On Mon, May 21, 2018 at 10:20:22PM +0530, Mayuresh wrote:
# /etc/rc.d/sshguard start
Starting sshguard.
# /etc/rc.d/sshguard status
sshguard is not running.
# /etc/rc.d/sshguard rcvar
# sshguard
$sshguard=YES
Ok, here is a clue:
# sshguard
sh: cannot open /etc/ipf.conf: no such file
Could not init firewall. Terminating.
Created a blank /etc/ipf.conf and did:
# /etc/rc.d/ipfilter start
Enabling ipfilter.
Still:
# sshguard
Could not init firewall. Terminating.
It needs some placeholder markers in the ipf.conf file
##sshguard-begin##
##sshguard-end##
However even if yuo do that you will find that sshguard will fail to start at
boot as its not written properly. It doesn't really daemonise so at the end
of init it terminates when it receives SIGHUP.
While it worked okay I found that the number of firewall rules it produced
crept up to be stupidly large over time. This plus the startup anoyance made
me switch to blacklistd. I'm still using ipf as a firewall so I cooked my own
custom script to integrate it with ipf (it defaults to npf) based on the
scripts that FreeBSD provides.
Nice, care to share your ipf-interfacing script (and/or make it
commitable)?
--
Stephen
