From owner-svn-ports-head@freebsd.org  Mon May 28 01:30:41 2018
Return-Path: <owner-svn-ports-head@freebsd.org>
Delivered-To: svn-ports-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 33078EF34BA;
 Mon, 28 May 2018 01:30:41 +0000 (UTC)
 (envelope-from adamw@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id D9FD475B83;
 Mon, 28 May 2018 01:30:40 +0000 (UTC)
 (envelope-from adamw@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BB365265B2;
 Mon, 28 May 2018 01:30:40 +0000 (UTC)
 (envelope-from adamw@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w4S1UegJ042184;
 Mon, 28 May 2018 01:30:40 GMT (envelope-from adamw@FreeBSD.org)
Received: (from adamw@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id w4S1UeJs042182;
 Mon, 28 May 2018 01:30:40 GMT (envelope-from adamw@FreeBSD.org)
Message-Id: <201805280130.w4S1UeJs042182@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: adamw set sender to
 adamw@FreeBSD.org using -f
From: Adam Weinberger <adamw@FreeBSD.org>
Date: Mon, 28 May 2018 01:30:40 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r471012 - in head/security/sshguard: . files
X-SVN-Group: ports-head
X-SVN-Commit-Author: adamw
X-SVN-Commit-Paths: in head/security/sshguard: . files
X-SVN-Commit-Revision: 471012
X-SVN-Commit-Repository: ports
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-head>, 
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 28 May 2018 01:30:41 -0000

Author: adamw
Date: Mon May 28 01:30:39 2018
New Revision: 471012
URL: https://svnweb.freebsd.org/changeset/ports/471012

Log:
  Increase the default blacklist threshold from 30 to 120, which is the upstream
  default. 30 makes it far too easy to get locked out of your own server. 120 is
  simply a safer starting point.
  
  PR:		227016
  Submitted by:	Dan McGregor (maintainer)
  MFH:		2018Q2

Modified:
  head/security/sshguard/Makefile
  head/security/sshguard/files/patch-examples-sshguard.conf.sample
  head/security/sshguard/files/sshguard.in

Modified: head/security/sshguard/Makefile
==============================================================================
--- head/security/sshguard/Makefile	Sun May 27 22:23:01 2018	(r471011)
+++ head/security/sshguard/Makefile	Mon May 28 01:30:39 2018	(r471012)
@@ -3,6 +3,7 @@
 
 PORTNAME=	sshguard
 PORTVERSION=	2.1.0
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	SF/sshguard/sshguard/${PORTVERSION}
 

Modified: head/security/sshguard/files/patch-examples-sshguard.conf.sample
==============================================================================
--- head/security/sshguard/files/patch-examples-sshguard.conf.sample	Sun May 27 22:23:01 2018	(r471011)
+++ head/security/sshguard/files/patch-examples-sshguard.conf.sample	Mon May 28 01:30:39 2018	(r471012)
@@ -25,7 +25,7 @@
  # Colon-separated blacklist threshold and full path to blacklist file.
  # (optional, no default)
 -#BLACKLIST_FILE=90:/var/lib/sshguard/enemies
-+#BLACKLIST_FILE=30:/var/db/sshguard/blacklist.db
++#BLACKLIST_FILE=120:/var/db/sshguard/blacklist.db
  
  # IP addresses listed in the WHITELIST_FILE are considered to be
  # friendlies and will never be blocked.

Modified: head/security/sshguard/files/sshguard.in
==============================================================================
--- head/security/sshguard/files/sshguard.in	Sun May 27 22:23:01 2018	(r471011)
+++ head/security/sshguard/files/sshguard.in	Mon May 28 01:30:39 2018	(r471012)
@@ -67,7 +67,7 @@ rcvar=sshguard_enable
 load_rc_config sshguard
 
 : ${sshguard_enable:=NO}
-: ${sshguard_blacklist=30:/var/db/sshguard/blacklist.db}
+: ${sshguard_blacklist=120:/var/db/sshguard/blacklist.db}
 : ${sshguard_danger_thresh=}
 : ${sshguard_release_interval=}
 : ${sshguard_reset_interval=}