From owner-freebsd-ports@freebsd.org Tue May 9 15:44:22 2017 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D3A86D65EC4 for ; Tue, 9 May 2017 15:44:22 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AD8121C5C for ; Tue, 9 May 2017 15:44:22 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 50A4C207B3 for ; Tue, 9 May 2017 11:44:21 -0400 (EDT) Received: from web4 ([10.202.2.214]) by compute3.internal (MEProxy); Tue, 09 May 2017 11:44:21 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=JB7B3q DoxLsWWrsgGmaVuzVNJJ3Prl5ss1pAuzusdpo=; b=D6dSHJUIXwBro21yRX4vdg yiP4hhKN3GHHaFh4av/psWowXVdA6Q2smnaDwNBCtP8lVf9sWk/mX2twWKGjwxYE 9UbJma1FBEPnrb0uonoeKi6l+8NYU5GhddlIjJBoKEKUJVYheRDK59rQMNkeHXq0 c2cXW8XVIpQjSguV/krGuKXiC4nk1tOcS/D9vhwYB0O1qoksUtl4MGgEJbv569aA qHErOe1K89LakzqIC3tpgpf71J6ObfCaSGChBnBQLW62NULIWStJYYuGINGpia2Y WmMDOFdDnQF/Exqf9WudN+hJrjJ0R8ZkVSHqvlZfueAxv4OeLTgQ4yvfq9jyJbhA == X-ME-Sender: Received: by mailuser.nyi.internal (Postfix, from userid 99) id 10BB9BAB6D; Tue, 9 May 2017 11:44:21 -0400 (EDT) Message-Id: <1494344661.3162227.970925584.48647D64@webmail.messagingengine.com> From: Mark Felder To: FreeBSD Ports MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="utf-8" X-Mailer: MessagingEngine.com Webmail Interface - ajax-6cc55fe1 Date: Tue, 09 May 2017 10:44:21 -0500 References: Subject: Re: Updating sshguard In-Reply-To: X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 May 2017 15:44:22 -0000 On Mon, May 8, 2017, at 05:21, Gerard Seibert wrote: > I was wondering if there was any news regarding updating the "sshguard" > port, specifically the "sshguard-ipfw" one? > > Version 2.0 was released March 7, 2017. The ports system still has > version 1.7.1. Moreover, the new version has a fix for the ipfw backend > on FreeBSD 11. > > -- > Carmel The version in ports works with IPFW in FreeBSD 11, you just have to manually define the sshguard table(22) in your IPFW config. I assume you're already manually choosing where in your firewall rules to block the traffic from these abusers, so just add the table creation to your IPFW config and it will work fine. As Kurt pointed out, the update is non-trivial and I haven't had enough time to dig into it. If I blindly update the port without enough testing and people install the update and it's no longer blocking abusers... that would be bad. -- Mark Felder ports-secteam & portmgr member feld@FreeBSD.org