Date: Tue, 2 Nov 2010 11:25:03 -0700 (PDT) From: "Justin V." <vic@yeaguy.com> To: Rob Farmer <rfarmer@predatorlabs.net> Cc: freebsd-questions@freebsd.org Subject: Re: SSHgaurd and PF Message-ID: <alpine.BSF.2.00.1011021124170.20165@yeaguy.com> In-Reply-To: <AANLkTi=29TVb%2BFm6o8Weom_9r6g9_J5vohqOJ=Ngn28f@mail.gmail.com> References: <alpine.BSF.2.00.1011020930390.17971@yeaguy.com> <AANLkTikq%2BgYWD=SEY4nKboV7QUTk9DQdj2bkJ_CRpoAv@mail.gmail.com> <alpine.BSF.2.00.1011021001001.18489@yeaguy.com> <AANLkTi=e5b0OTqbxky_bgYnH3gNeRyKBeYu1McypRmGV@mail.gmail.com> <alpine.BSF.2.00.1011021038080.19472@yeaguy.com> <AANLkTi=29TVb%2BFm6o8Weom_9r6g9_J5vohqOJ=Ngn28f@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --623271173-1257277227-1288722304=:20165 Content-Type: TEXT/PLAIN; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8BIT On Tue, 2 Nov 2010, Rob Farmer wrote: > On Tue, Nov 2, 2010 at 10:40, Justin V. <vic@yeaguy.com> wrote: >> Actually this was installed after the port completed: >> >> >> yeaguy# grep sshg /etc/syslog.conf >> auth.info;authpriv.info |exec /usr/local/sbin/sshguard >> >> But it is not exactly what the HOWTO ways, the HOWTO does not mention the >> "exec" part. > > Could be that the docs are written for Linux or another version of > syslog. The port and the man page say include the exec, so I would go > with that. > >> >> Put this line high into this file: >> >> auth.info;authpriv.info |/usr/local/sbin/sshguard > > Ok - if that isn't working, then check to see if your ftp server is > logging to syslog under auth or authpriv. If not you'll need to change > the setup to get the logs from the right place. > > -- > Rob Farmer > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > I do not see ftp going to auth: yeaguy# grep -i pure /var/log/auth.log yeaguy# grep -i ftp /var/log/auth.log Oct 30 07:36:49 yeaguy sshd[74718]: subsystem request for sftp Oct 30 08:37:25 yeaguy sshd[74942]: subsystem request for sftp Oct 30 08:51:20 yeaguy sshd[74984]: subsystem request for sftp Oct 30 12:49:04 yeaguy sshd[2301]: subsystem request for sftp Oct 30 12:49:56 yeaguy sshd[2308]: subsystem request for sftp Nov 2 08:44:42 yeaguy sshd[17190]: subsystem request for sftp Nov 2 08:46:14 yeaguy sshd[17241]: subsystem request for sftp yeaguy# But I dont have pure-ftp looking at pam so that makes sense right? Probably wouldnt show up there then? I am doing virtual user for pure-ftp. Here is the passwd db for pure: yeaguy# grep pure /etc/inetd.conf ftp stream tcp nowait root /usr/local/sbin/pure-ftpd pure-ftpd -l puredb:/usr/local/etc/pureftpd.pdb yeaguy# so i need to pipe the pure db to auth? thanks, justin --623271173-1257277227-1288722304=:20165--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1011021124170.20165>