- edited description
It seems that SSHGuard does not work with Firewalld.
The SSHGuard version is 2.4.2.
I followed Archwiki's guidelines, but only got bug reports.
Some users in the ArchLinux community seem to have encountered the same failure.
Comments (5)
-
reporter -
- changed status to open
Do the instructions in the last forum post solve the issue for you?
Manually add the ipsets to /usr/lib/sshguard/sshg-fw-firewalld:
firewall-cmd --permanent --new-ipset="sshguard4" --type="hash:net" --option="family=inet" firewall-cmd --permanent --new-ipset="sshguard6" --type="hash:net" --option="family=inet6"
-
reporter It seems that the Archwiki tutorial is too old, it seems that only need to modify BACKEND to make SSHGuard and firewalld work together.
-
That seems to be what’s going on. Unfortunately, I don’t have a Linux machine with firewalld on which I can test my changes.
Would you mind putting together a patch against sshg-fw-firewalld that works for you, that I can review and commit?
Do you also happen to know if the new syntax is backwards compatible with older versions of firewalld?
-
reporter It seems that firewalld has indeed changed some commands, and some distributions do use the old firewalld. Because I use a rolling distribution, I am not particularly clear about how the old firewalld is used, and I started using sshguard in the past week, so It might be better to ask the developers of firewalld directly.
- Log in to comment