MFH: r471012

Increase the default blacklist threshold from 30 to 120, which is the upstream default. 30 makes it far too easy to get locked out of your own server. 120 is simply a safer starting point. PR: 227016 Submitted by: Dan McGregor (maintainer) Approved by: ports-secteam (feld)
svn path=/branches/2018Q2/; revision=471092
2018-05-29 13:04:05 +00:00 · 2018-05-29 13:04:05 +00:00 · 0efcd13acd · 2021-03-31 03:12:20 +00:00
commit 0efcd13acd
parent 3d1ce6403b
3 changed files with 3 additions and 2 deletions
--- a/security/sshguard/Makefile
+++ b/security/sshguard/Makefile
@ -3,6 +3,7 @@

 PORTNAME=	sshguard
 PORTVERSION=	2.1.0
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	SF/sshguard/sshguard/${PORTVERSION}

--- a/security/sshguard/files/patch-examples-sshguard.conf.sample
+++ b/security/sshguard/files/patch-examples-sshguard.conf.sample
@ -25,7 +25,7 @@
 # Colon-separated blacklist threshold and full path to blacklist file.
 # (optional, no default)
 -#BLACKLIST_FILE=90:/var/lib/sshguard/enemies
-+#BLACKLIST_FILE=30:/var/db/sshguard/blacklist.db
+#BLACKLIST_FILE=120:/var/db/sshguard/blacklist.db
 
 # IP addresses listed in the WHITELIST_FILE are considered to be
 # friendlies and will never be blocked.
--- a/security/sshguard/files/sshguard.in
+++ b/security/sshguard/files/sshguard.in
@ -67,7 +67,7 @@ rcvar=sshguard_enable
 load_rc_config sshguard

 : ${sshguard_enable:=NO}
-: ${sshguard_blacklist=30:/var/db/sshguard/blacklist.db}
+: ${sshguard_blacklist=120:/var/db/sshguard/blacklist.db}
 : ${sshguard_danger_thresh=}
 : ${sshguard_release_interval=}
 : ${sshguard_reset_interval=}