sshguard 2.0 issues with sshguard.conf on freebsd

Create issue
Issue #78 invalid
Christos Chatzaras created an issue

sshguard 2.0 requires /usr/local/etc/sshguard.conf to exist to be able to start sshguard.

My /etc/rc.conf contains:

sshguard_enable="YES"
sshguard_watch_logs="/var/log/auth.log:/var/log/maillog:/var/log/xferlog"
sshguard_blacklist=""

I remove the last 2 lines and keep only:

sshguard_enable="YES"

Then I edit sshguard.conf and replace:

FILES="/var/log/auth.log /var/log/maillog"

with:

FILES="/var/log/auth.log /var/log/maillog /var/log/xferlog"

The problem is that it ignores all changes in sshguard.conf and I think the only change it works is the BACKEND option.

Then I add back in rc.conf the lines:

sshguard_watch_logs="/var/log/auth.log:/var/log/maillog:/var/log/xferlog"
sshguard_blacklist=""

and restart sshguard and running "ps -ax | grep sshguard" I get:

51567  -  Is     0:00.00 /bin/sh /usr/local/sbin/sshguard -l /var/log/auth.log -l /var/log/maillog -l /var/log/xferlog -a 30 -p 120 -s 1800 -w /usr/local/etc/sshguard.whitelist -i /var/run/sshguard.pid
51569  -  S      0:00.00 /usr/local/libexec/sshg-parser
51570  -  S      0:00.14 /usr/local/libexec/sshg-blocker -a 30 -i /var/run/sshguard.pid -p 120 -s 1800 -w /usr/local/etc/sshguard.whitelist
51571  -  I      0:00.00 /bin/sh /usr/local/sbin/sshguard -l /var/log/auth.log -l /var/log/maillog -l /var/log/xferlog -a 30 -p 120 -s 1800 -w /usr/local/etc/sshguard.whitelist -i /var/run/sshguard.pid
51572  -  I      0:00.00 /bin/sh /usr/local/libexec/sshg-fw-ipfw

Is it normal for sshguard process to run 2 times?

Comments (5)

  1. Log in to comment