On 2010/08/31 16:37, Todd C. Miller wrote: > sshguard protects hosts from brute force attacks. It supports IPv6, > whitelists and log authentication, interfaces with all the major > firewalling systems, has a remarkably clever log analyzer, and is > independent, fast and lightweight as it's written in C.
> +COMMENT= Protect against brute force attacks on sshd and others lowercase first char > +DISTNAME= sshguard-1.5rc4 > +PKGNAME= ${DISTNAME}p0 drop this PKGNAME line > +# BSD > +PERMIT_PACKAGE_CDROM= Yes > +PERMIT_PACKAGE_FTP= Yes > +PERMIT_DISTFILES_CDROM= Yes > +PERMIT_DISTFILES_FTP= Yes > + needs "WANTLIB += c pthread" here there was a previous port of this which was never imported, I think most things have been incorporated upstream but it had some useful information in MESSAGE about setting up syslogd/pf.conf to work with which is probably worth incorporating somewhere. -- snip -- -- -- Please add the following to /etc/pf.conf: table <sshguard> persist block in quick on $ext_if proto tcp from <sshguard> \ to any port 22 label "ssh bruteforce" Please add this to syslogd.conf: auth.info;authpriv.info |/usr/local/sbin/sshguard -- snip -- -- --