On 2010/08/31 16:37, Todd C. Miller wrote:
> sshguard protects hosts from brute force attacks. It supports IPv6,
> whitelists and log authentication, interfaces with all the major
> firewalling systems, has a remarkably clever log analyzer, and is
> independent, fast and lightweight as it's written in C.
> +COMMENT= Protect against brute force attacks on sshd and others
lowercase first char
> +DISTNAME= sshguard-1.5rc4
> +PKGNAME= ${DISTNAME}p0
drop this PKGNAME line
> +# BSD
> +PERMIT_PACKAGE_CDROM= Yes
> +PERMIT_PACKAGE_FTP= Yes
> +PERMIT_DISTFILES_CDROM= Yes
> +PERMIT_DISTFILES_FTP= Yes
> +
needs "WANTLIB += c pthread" here
there was a previous port of this which was never imported, I think
most things have been incorporated upstream but it had some useful
information in MESSAGE about setting up syslogd/pf.conf to work with
which is probably worth incorporating somewhere.
-- snip -- -- --
Please add the following to /etc/pf.conf:
table <sshguard> persist
block in quick on $ext_if proto tcp from <sshguard> \
to any port 22 label "ssh bruteforce"
Please add this to syslogd.conf:
auth.info;authpriv.info |/usr/local/sbin/sshguard
-- snip -- -- --
