Comment 1 Andreas Schürch 2010-01-13 12:34:33 UTC

It compiles and runs through the testsuite, but fails to parse my auth.log from the recent stable syslog-ng! It also does this with the latest beta-version of sshguard, but it works with the 1.0 version which is currently stable here on x86... I will ask the mailing-list upstream.

Comment 2 Peter Volkov (RETIRED) 2010-02-01 08:20:26 UTC

Andreas, did you manage to resolve that problem. Have you contacted upstream?

Comment 3 Andreas Schürch 2010-02-01 19:28:51 UTC

I've some contact upstream, but haven't found a solution yet... The problem is that a brute-force on existing accounts (root, cron and so on) doesn't get detected. This isn't a problem with the current stable version.

Comment 4 Andreas Schürch 2010-02-09 14:03:26 UTC

Ok, it is now fixed in the svn upstream! :-)

Here is a comment from the dev:
>So, expect about 1-2 months for 1.5-stable.
>If I had to do it, I'd probably wait. Otherwise, you add these
>src/parser/attack_scanner.l
>src/parser/attack_scanner.c
>
>and recompile. Or, you fetch r172 from the SVN and package that.

I just made a patch from those two files, but it seems that it's not so easy, as too much has changed around those Files and it won't compile anymore...
Either we have to wait or go with svn!

Comment 5 Christian Faulhammer (RETIRED) 2010-03-04 08:20:49 UTC

We will go for a newer version where this failure is fixed.