sshguard / sshguard / issues / #98 - Not matching Cyrus IMAP on FreeBSD — Bitbucket

Issue #98 resolved

Daniel O'Connor created an issue 2018-08-26

Hi, I have SSHGuard v2.1 on FreeBSD 11 and it isn't matching lines like..

Aug 26 11:44:49 midget imap[96865]: badlogin: [118.144.8.198] plain [SASL(-13): authentication failure: Password verification failed]

I'm not sure why it's different to what is expected (ie badlogin: XYZ [6.6.6.0] XYZ SASL XYZ checkpass failed)

sshguard-cyrus-imap.diff

Comments (7)

Daniel O'Connor reporter
- attached sshguard-cyrus-imap.diff
- 2018-08-26T07:08:14+00:00
Daniel O'Connor reporter
The attached patch works for me but my lex/yacc skills are poor so I have no idea if it's the right approach.
- 2018-08-26T07:08:48+00:00
Kevin Zheng
- edited description
- 2018-09-29T04:24:55+00:00

Kevin Zheng

changed status to open

I couldn't reproduce this using v2.1.0 on FreeBSD 11:

$ uname -v
FreeBSD 11.2-RELEASE-p3 #0: Thu Sep  6 07:14:16 UTC 2018     root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC

$ git describe    
v2.1.0

$ ./sshg-parser      
Aug 26 11:44:49 midget imap[96865]: badlogin: [118.144.8.198] plain [SASL(-13): authentication failure: Password verification failed]
220 118.144.8.198 4 10

SSHGuard correctly reports this as detected.

2018-09-29T04:27:36+00:00

Daniel O'Connor reporter
Hmm, that is quite odd - I tried the sshguard-2.1.0_1 package on another host and it works too.

Sorry for the noise.
- 2018-09-29T07:46:40+00:00
Daniel O'Connor reporter
- changed status to resolved
- 2018-09-29T07:46:57+00:00
Kevin Zheng
- removed version
Removing version: 2.1 (automated comment)
- 2020-05-14T22:18:44+00:00
Log in to comment

Assignee: –

Type: bug

Priority: major

Status: resolved

Component: parser

Votes: 0

Watchers: 1

Jira: the preferred issue tracker for Bitbucket. Join the team!