#45347: sshguard respawn throttled --------------------------+--------------------- Reporter: lionteeth@… | Owner: nefar@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.1 Resolution: | Keywords: Port: sshguard | --------------------------+--------------------- Comment (by lionteeth@…): I found out what the problem was by looking at what the wrapper does and running the command directly: }}} /opt/local/sbin/sshguard -l /var/log/system.log -w /opt/local/etc/sshguard/whitelist -b 5:/opt/local/var/db/sshguard/blacklist.db Doesn't make sense to have a blacklist threshold lower than one abuse (40). Terminating. }}} To make sshguard more aggressive, I had modified options to use {{{ -l /var/log/system.log -w /opt/local/etc/sshguard/whitelist -b 5:/opt/local/var/db/sshguard/blacklist.db }}} as I was seeing lots of attacks and nothing was added to the blacklist. But -b is not the number of attacks to tolerate, as in denyhosts, but a "danger" measure that is poorly documented in the man page. Running the command directly gives me {{{ Doesn't make sense to have a blacklist threshold lower than one abuse (40). Terminating. }}} It would be very useful if the wrapper could allow this error message to pass through to system.log. Now, the man page says "per-attack danger is 10", so it's unclear how 40 represents one abuse, and I still don't know how much abuse -b 50 is. Anyway, bad documentation isn't macport's problem, so please close. Cheers, Dave -- Ticket URL: <https://trac.macports.org/ticket/45347#comment:3> MacPorts <http://www.macports.org/> Ports system for OS X