Setting option flags from sshguard.conf

Create issue
Issue #47 resolved
Daniel Aleksandersen created an issue

The existing option flags should be configurable from sshguard.conf. It's easier and more transparent for end-users when all configuration happens in their conf files. Easier to deploy the same configuration across multiple systems.

The current option flags are:

   -a thresh
   -b thresh:file
   -i pidfile
   -p interval (default 120 secs, or 2 minutes)
   -s interval (default 1800 secs, or 30 minutes)
   -w address | file

Which should work out to THRESHOLD, TRESHOLD_FILE, PID_FILE, BLOCK_TIME, DETECTION_TIME, and WHITELIST.

Distributions can then ship a customized sshguard.conf for their environments without having to include not-as-easily-configured options in service files (systemd).

Comments (5)

  1. Daniel Aleksandersen reporter

    @Partmedia, command line options should be treated as run-time options and override any saved configuration. So, use command line options and when they’re missing use options from configuration file instead. Don’t output errors complaining about missing command line flags, but default to instruct users to make changes in configuration instead. This is the behavior seen in most programs, is it not?

  2. Log in to comment