After 2.6RC upgrade sshguard exits every 5 min
-
I upgraded from 2.5.2 to 2.6 RC , after that syslog shows, that sshguard is exiting every 5 mins and spams the syslog. There are no logins or whatever. Is this intended?
-
Well, I see the same, but less often
-
Me too.
Random...
-
was seeing that every hour appears to have quit a couple days ago not sure how or why it quit
-
Please provide more details about your configuration:
- Installed packages
/etc/crontabcontent- VPN configuration type
- Any other service configuration
-
crontab:
1,31 0-5 * * * root /usr/bin/nice -n20 adjkerntz -a
1 3 1 * * root /usr/bin/nice -n20 /etc/rc.update_bogons.sh
1 1 * * * root /usr/bin/nice -n20 /etc/rc.dyndns.update
*/60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot
30 12 * * * root /usr/bin/nice -n20 /etc/rc.update_urltables
1 0 * * * root /usr/bin/nice -n20 /etc/rc.update_pkg_metadata
*/1 * * * * root /usr/sbin/newsyslog
1 3 * * * root /etc/rc.periodic daily
15 4 * * 6 root /etc/rc.periodic weekly
30 5 1 * * root /etc/rc.periodic monthlypackages : frr with ospf
3 IPSEC tunnels P2P
services? there are some standard services, no particular others than with pfsense 2.5.2
while searching the i-net, there are some problems with sshguard and logfile rotations ...
-
sshguard monitors the logs for failed connection attempts and it has to restart when the logs are rotated.
If you have the logs set to a very small size or you have something that filling the logs very quickly, like an IPSec tunnel failing to connect, you will see it frequently restarting.I see that here on test boxes that often have broken config for various things. We may need to add something to suppress it's own logs.
Steve
-
@stephenw10 Log size was at 1Mbyte.
Made it 100Mbytes. Lets see if it goes "away" -
@stephenw10
there are no failing tunnels here... setting the log size to 2Mbytes ... -
It might not be the ipsec log causing it. It could be several logs rotating frequently.
It should be pretty easy to check which log has the newsyslog entry at the same time though.Steve
-
Setting the log size from default 512000 Bytes to 2 MBytes helps. No more frequent sshguard exits are logged.
Maybe that default for the log size should be updated for the 2.6 Release. It logs under "authentication" and in the general systemlog. Even that is annoying and should be corrected.Thanks!
-
@stephenw10 said in After 2.6RC upgrade sshguard exits every 5 min:
It might not be the ipsec log causing it. It could be several logs rotating frequently.
It should be pretty easy to check which log has the newsyslog entry at the same time though.Steve
No ip sec here.
Increasing the log size, "solves" it -
I opened a bug to track this: https://redmine.pfsense.org/issues/12747
