- edited description
Setting option flags from sshguard.conf
Issue #47
resolved
The existing option flags should be configurable from sshguard.conf. It's easier and more transparent for end-users when all configuration happens in their conf files. Easier to deploy the same configuration across multiple systems.
The current option flags are:
-a thresh
-b thresh:file
-i pidfile
-p interval (default 120 secs, or 2 minutes)
-s interval (default 1800 secs, or 30 minutes)
-w address | file
Which should work out to THRESHOLD, TRESHOLD_FILE, PID_FILE, BLOCK_TIME, DETECTION_TIME, and WHITELIST.
Distributions can then ship a customized sshguard.conf for their environments without having to include not-as-easily-configured options in service files (systemd).
Comments (5)
-
reporter
-
Agreed. Should command-line options be kept or tweaked?
-
- changed status to open
-
reporter
@Partmedia, command line options should be treated as run-time options and override any saved configuration. So, use command line options and when they’re missing use options from configuration file instead. Don’t output errors complaining about missing command line flags, but default to instruct users to make changes in configuration instead. This is the behavior seen in most programs, is it not?
-
- changed status to resolved
Fixed in 6e6212d by reporter.
- Log in to comment
