MFH: r471012

Increase the default blacklist threshold from 30 to 120, which is the upstream
default. 30 makes it far too easy to get locked out of your own server. 120 is
simply a safer starting point.

PR:		227016
Submitted by:	Dan McGregor (maintainer)

Approved by:	ports-secteam (feld)

3 files changed, 3 insertions, 2 deletions

diff --git a/security/sshguard/Makefile b/security/sshguard/Makefile
index 52ec5ecead39..c906491d138d 100644
--- a/security/sshguard/Makefile
+++ b/security/sshguard/Makefile
@@ -3,6 +3,7 @@
 
 PORTNAME=	sshguard
 PORTVERSION=	2.1.0
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	SF/sshguard/sshguard/${PORTVERSION}
 
diff --git a/security/sshguard/files/patch-examples-sshguard.conf.sample b/security/sshguard/files/patch-examples-sshguard.conf.sample
index 403b21c4706b..15ef37a818a4 100644
--- a/security/sshguard/files/patch-examples-sshguard.conf.sample
+++ b/security/sshguard/files/patch-examples-sshguard.conf.sample
@@ -25,7 +25,7 @@
  # Colon-separated blacklist threshold and full path to blacklist file.
  # (optional, no default)
 -#BLACKLIST_FILE=90:/var/lib/sshguard/enemies
-+#BLACKLIST_FILE=30:/var/db/sshguard/blacklist.db
++#BLACKLIST_FILE=120:/var/db/sshguard/blacklist.db
  
  # IP addresses listed in the WHITELIST_FILE are considered to be
  # friendlies and will never be blocked.
diff --git a/security/sshguard/files/sshguard.in b/security/sshguard/files/sshguard.in
index fb81d592b030..1233a855604f 100644
--- a/security/sshguard/files/sshguard.in
+++ b/security/sshguard/files/sshguard.in
@@ -67,7 +67,7 @@ rcvar=sshguard_enable
 load_rc_config sshguard
 
 : ${sshguard_enable:=NO}
-: ${sshguard_blacklist=30:/var/db/sshguard/blacklist.db}
+: ${sshguard_blacklist=120:/var/db/sshguard/blacklist.db}
 : ${sshguard_danger_thresh=}
 : ${sshguard_release_interval=}
 : ${sshguard_reset_interval=}