# SSH Guard won't start after update



## xy16644 (Apr 9, 2014)

So after updating my SSHGuard port today I couldn't start the service afterwards. I checked /usr/ports/UPDATING but didn't find anything in there.

I changed /usr/local/etc/rc.d/sshguard as follows:


```
command_args="-cf ${actual_command} -b .....
```

to:


```
command_args="-c ${actual_command} -b .....
```

Just so I could get some kind of error as when I try to start the service manually otherwise it quietly exits. Now when I start the service it says:


```
Warning! Sshguard now uses *attack dangerousness*, not occurrences, to gauge threats.
Default dangerousness per attack is 10, default threshold is 40.
sshguard: option requires an argument -- i
Usage:
sshguard [-b <thr:file>] [-w <whlst>]{0,n} [-a num] [-p sec] [-s sec]
        [-l <source>] [-f <srv:pidfile>]{0,n} [-i <pidfile>] [-v]
        -b      Blacklist: thr = number of abuses before blacklisting, file = blacklist filename.
        -a      Number of hits after which blocking an address (40)
        -p      Seconds after which unblocking a blocked address (420)
        -w      Whitelisting of addr/host/block, or take from file if starts with "/" or "." (repeatable)
        -s      Seconds after which forgetting about a cracker candidate (1200)
        -l      Add the given log source to Log Sucker's monitored sources (off)
        -f      "authenticate" service's logs through its process pid, as in pidfile
        -i      When started, save PID in the given file; useful for startup scripts (off)
        -v      Dump version message to stderr, supply this when reporting bugs

        The SSHGUARD_DEBUG environment variable enables debugging mode (verbosity + interactivity).
```

My /etc/rc.conf has the following options set:


```
sshguard_enable="YES"
sshguard_watch_logs="/var/log/auth/auth.log:/var/log/system/messages"
sshguard_safety_thresh="3"
sshguard_pardon_min_interval="43200"
sshguard_prescribe_interval="7200"
sshguard_blacklist="40:/var/db/sshguard/blacklist.db"
```

So what do I need to do to get the service to start again?  :q


----------



## Chris_H (Apr 9, 2014)

xy16644 said:
			
		

> So after updating my SSHGuard port today I couldn't start the service afterwards. I checked /usr/ports/UPDATING but didn't find anything in there.
> 
> I changed /usr/local/etc/rc.d/sshguard as follows:
> 
> ...


While I have no experience with this application...



			
				xy16644 said:
			
		

> ```
> Warning! Sshguard now uses *attack dangerousness*, not occurrences, to gauge threats.
> Default dangerousness per attack is 10, default threshold is 40.
> sshguard: option requires an argument -- i
> ```


_seems_ to be telling you


			
				xy16644 said:
			
		

> ```
> Usage:
> sshguard [-b <thr:file>] [-w <whlst>]{0,n} [-a num] [-p sec] [-s sec]
> [-l <source>] [-f <srv:pidfile>]{0,n} [-i <pidfile>] [-v]
> ...


NOTE THE FOLLOWING:


			
				xy16644 said:
			
		

> ```
> -i      When started, save PID in the given file; useful for startup scripts (off)
> ```


In other words; using the `-c` switch, also requires the `-i` switch.
So I'm guessing you need to do something like; `-ci <path-and-name-of-PIDFILE>`

HTH

--Chris



			
				xy16644 said:
			
		

> ```
> -v      Dump version message to stderr, supply this when reporting bugs
> 
> The SSHGUARD_DEBUG environment variable enables debugging mode (verbosity + interactivity).
> ...


----------



## xy16644 (Apr 9, 2014)

I tried adding the following to /etc/rc.conf:


```
sshguard_pidfile="/var/run/sshguard.pid"
```

But it still doesn't let me start the service. I'm not having much luck finding anything in the logs.


----------



## Chris_H (Apr 9, 2014)

Again, no experience with this application; but you might try using just the PIDFILE name. Also, it might possibly be a permission problem (can't write to /var/run?). Anyway. I should probably defer to someone with more/any experience with this application. Cause I have none. 

Best wishes.

--Chris


----------



## gedge (Apr 10, 2014)

This patch gets my sshguard running:

https://gist.github.com/gedge/10349046


----------



## xy16644 (Apr 10, 2014)

gedge said:
			
		

> This patch gets my sshguard running:
> 
> https://gist.github.com/gedge/10349046



That worked perfectly, thanks!


----------



## wblock@ (Apr 10, 2014)

Please submit a PR for this.


----------



## xy16644 (Apr 10, 2014)

wblock@ said:
			
		

> Please submit a PR for this.



Done  :e  My first PR!

Edit...PR link:

http://www.freebsd.org/cgi/query-pr.cgi?pr=188436


----------

