Sources or package?
Sshguard runs on a variety of systems, many of which already provide a ready-made package for it. Whenever you can install directly from your OS's package management system, go that way: it's just simpler and faster.
There are some instances where you may need to install from sources. If your package manager does not provide sshguard, or provides an outdated version, or one compiled without some options you need.
Compiling and installing
The process goes as follows:
- you fetch the source code
- you pick the appropriate firewall system for your OS
- you compile and install
Your options are (either/or):
Which to choose? The latest stable is easier to fetch, and unlikely to give surprises. The code from the repository, on the other hand, may contain newer features.
If you want to get the repository code (you need the SubVersion client: check for the svn command), run these commands:
mkdir sshguard cd sshguard svn checkout https://sshguard.svn.sourceforge.net/svnroot/sshguard/trunk/ ./
You can browse the repository from the web interface as well.
Decompress first the source package sshguard-X.Y.tar.bz2 and get into the source root.
Decide which blocking backend you are going to use. These are the typical associations of backends with operating systems:
|MacOS X||FreeBSD IPFirewall||ipfw|
|many BSDs||the OpenBSD Packet Filter||pf|
|IBM AIX||AIX firewall||aix|
|others or no firewall||tcp wrappers' /etc/hosts.allow||hosts|
The complete list of firewall backends is:
If you have no idea which backend to choose, hosts is the most portable choice.
Configure the source code:
e.g., for linux:
Some customizations are available for the configuration process (see also ./configure --help):
- --prefix=dir install sshguard under a non-default directory
- --with-pfctl=path Specify the full path for the pfctl command (Default: autodetect from PATH)
- --with-ipfw=path Specify the full path for the ipfw command (Default: autodetect from PATH)
- --with-ipfw-rules-range=MIN-MAX Specify the IDs range in which sshguard can put its block rules (Default: "55000-55050")
- --with-iptables=path Specify the full path of the iptables command (Default: autodetect from PATH)
- --with-hostsfile=file Specify what file to use as hosts.allow (Default: /etc/hosts.allow)
Finally, compile the source code and install the result the usual way:
make make installThis will install the sshguard binary into /usr/local/sbin (or what other PREFIX you indicated), and the sshguard man page sshguard(8).
Latest Releases View all»
F.A.Q. View all»
- What is sshguard?Sshguard is a small program that monitors services running on your machine from the log files. When it ...
- I use IPFW and IPs are not successfully blockedFor minimizing the intrusiveness, sshguard puts blocking rules very low in the IPFW chain (with IDs from 55000 ...
- Sshguard does not workYou have one of these problems: sshguard is not given logs correctly sshguard cannot run the commands for ...