Line
Link Here
|
0 |
-- a/examples/sshguard.conf.sample |
0 |
++ a/examples/sshguard.conf.sample |
Lines 6-21
Link Here
|
6 |
|
6 |
|
7 |
#### REQUIRED CONFIGURATION #### |
7 |
#### REQUIRED CONFIGURATION #### |
8 |
# Full path to backend executable (required, no default) |
8 |
# Full path to backend executable (required, no default) |
9 |
#BACKEND="/usr/local/libexec/sshg-fw-iptables" |
9 |
# Example 1: iptables backend |
|
|
10 |
#BACKEND="/usr/libexec/sshg-fw-iptables" |
11 |
# Example 2: firewalld backend; for firewalld configuration instructions see |
12 |
# https://www.ctrl.blog/entry/how-to-sshguard-firewalld.html#sshguard-section-firewalld |
13 |
#BACKEND="/usr/libexec/sshg-fw-firewalld" |
10 |
|
14 |
|
11 |
# Space-separated list of log files to monitor. (optional, no default) |
15 |
# Space-separated list of log files to monitor. (optional, no default) |
12 |
#FILES="/var/log/auth.log /var/log/authlog /var/log/maillog" |
16 |
#FILES="/var/log/auth.log /var/log/authlog /var/log/maillog" |
13 |
|
17 |
|
14 |
# Shell command that provides logs on standard output. (optional, no default) |
18 |
# Shell command that provides logs on standard output. (optional, no default) |
15 |
# Example 1: ssh and sendmail from systemd journal: |
19 |
# Example 1: ssh and sendmail from systemd journal: |
16 |
#LOGREADER="LANG=C /usr/bin/journalctl -afb -p info -n1 -t sshd -t sendmail -o cat" |
20 |
#LOGREADER="LANG=C journalctl -afb -p info -n1 -t sshd -t sendmail -o cat" |
17 |
# Example 2: ssh from os_log (macOS 10.12+) |
|
|
18 |
#LOGREADER="/usr/bin/log stream --style syslog --predicate '(processImagePath contains \"sshd\")'" |
19 |
|
21 |
|
20 |
#### OPTIONS #### |
22 |
#### OPTIONS #### |
21 |
# Block attackers when their cumulative attack score exceeds THRESHOLD. |
23 |
# Block attackers when their cumulative attack score exceeds THRESHOLD. |