Created attachment 382190 [details, diff] patch for sshguard-1.5-r2.ebuild See http://sourceforge.net/p/sshguard/mailman/message/30545709/ Reproducible: always Steps to reproduce: 1) emerge sshguard 2) env SSHGUARD_DEBUG=foo /usr/sbin/sshguard #this runs sshguard in interactive debug mode 3) #Paste this string into the console and press enter: "Aug 03 17:24:50 [sshd] error: PAM: authentication failure for mario from 6.6.6.0" Expected behavior: There should be a response including the string "Matched address 6.6.6.0:4 attacking service 100, dangerousness 10." Actual behavior: The above string does not appear in the response. Comments: This occurs because the sshguard source has a regex typo that does not recognize 2 digit day numbers starting with 0, so sshguard will fail to recognize metalog logs of ssh brute force attacks on any single-digit day. This very trivial bug has been reported upstream and a patch has been submitted in the sourceforge link above over a year ago, but has not been fixed yet. However, a simple sed command in the ebuild would do the trick. Attached is a patch for the latest ebuild (1.5-r2) that inserts the sed command. Amyas
Comment on attachment 382190 [details, diff] patch for sshguard-1.5-r2.ebuild Please attach a unified diff next time
Applied in -r3. Thanks for the patch!