sshguard 1.6.1+git: add recipe

SSHguard protects hosts from brute-force attacks against SSH and other
services.

This recipe uses iptables as blocker backend and journald as log backend.

When it's working it will look like this in syslog:

Sep 03 19:35:29 soekris sshguard[27044]: Started with danger threshold=40 ; minimum block=420 seconds
Sep 03 19:35:29 soekris sshguard[27044]: Blocking 24.234.171.90:4 for >630secs: 40 danger in 4 attacks over 0 seconds (all: 40d in 1 abuses over 0s).
Sep 03 19:35:29 soekris sshguard[27044]: Blocking 61.182.15.194:4 for >630secs: 40 danger in 4 attacks over 0 seconds (all: 40d in 1 abuses over 0s).
Sep 03 19:35:29 soekris sshguard[27044]: Blocking 115.58.38.53:4 for >630secs: 40 danger in 4 attacks over 0 seconds (all: 40d in 1 abuses over 0s).

And the iptable rules:

root@soekris:~# iptables -L sshguard --line-numbers
Chain sshguard (1 references)
num  target     prot opt source               destination
1    DROP       all  --  hn.kd.ny.adsl        anywhere
2    DROP       all  --  61.182.15.194        anywhere
3    DROP       all  --  wsip-24-234-171-90.lv.lv.cox.net  anywhere

Signed-off-by: Koen Kooi <koen@dominion.thruhere.net>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>

1 files changed, 2 insertions, 0 deletions

diff --git a/meta-networking/recipes-support/sshguard/sshguard/sshguard-journalctl b/meta-networking/recipes-support/sshguard/sshguard/sshguard-journalctl
new file mode 100644
index 0000000000..e7c615b95c
--- /dev/null
+++ b/meta-networking/recipes-support/sshguard/sshguard/sshguard-journalctl
@@ -0,0 +1,2 @@
+#!/bin/sh
+/bin/journalctl -fb -t sshd -n100 | /usr/sbin/sshguard -l- "$@"