First, take my advice and don't. Use fail2ban. It's much nicer, more robust and a commonly available package for most distributions. If you insist though:
sudo apt-get install build-essential
wget http://internap.dl.sourceforge.net/sourceforge/sshguard/sshguard-1.0.tar.bz2
tar -xf sshguard-1.0.tar.bz2
cd sshguard-1.0
sudo apt-get install build-essential autoconf
try ./configure --with-firewall=iptables
If it still wont compile:
sudo apt-get install linux-headers-generic
./configure --with-firewall=iptables
sudo make
sudo make install
//copy sshguard script to /etc/init.d, chmod +x it if necessary,
//convert to unix format if necessary (see my previous post,
//or Google for info on how to do this)
sudo update-rc.d sshguard defaults
sudo iptables -N sshguard
sudo iptables -A INPUT -p tcp --dport 22 -j sshguard
sudo ip6tables -N sshguard
sudo ip6tables -A INPUT -p tcp --dport 22 -j sshguard
sudo iptables-save > iptables.conf (assuming I'm in ~/)
sudo ip6tables-save > ip6tables.conf (assuming I'm in ~/)
sudo nano /etc/rc.local
add line: iptables-restore < /home/[user]/iptables.conf
add line: ip6tables-restore < /home/[user]/ip6tables.conf
No comments:
Post a Comment