sshguard.service

This unit is provided by:

• https://archlinux.org/packages/community/x86_64/sshguard/

• https://packages.debian.org/unstable/sshguard

• https://packages.fedoraproject.org/pkgs/sshguard/

• https://software.opensuse.org/package/sshguard

Options

• [Install]
  • WantedBy=multi-user.target
• [Service]
  • EnvironmentFile=-/etc/sshguard.conf
  • ExecReload=/bin/kill -HUP $MAINPID
  • ExecStart=/usr/sbin/sshguard
  • ExecStart=/usr/sbin/sshguard -a $THRESHOLD -p $BLOCK_TIME -s $DETECTION_TIME -w $WHITELIST_FILE -b $BLACKLIST_FILE
  • ExecStartPre=-/usr/sbin/nft add table ip sshguard -/usr/sbin/nft add table ip6 sshguard
  • ExecStopPost=-/usr/sbin/nft delete table ip sshguard -/usr/sbin/nft delete table ip6 sshguard
  • KillMode=process
  • PIDFile=/run/sshguard.pid
  • PrivateDevices
    Introduced in systemd 209
    =yes
  • ProtectClock
    Introduced in systemd 245
    =yes
  • ProtectControlGroups
    Introduced in systemd 232
    =yes
  • ProtectHome
    Introduced in systemd 214
    =yes
  • ProtectHostname
    Introduced in systemd 242
    =yes
  • ProtectKernelLogs
    Introduced in systemd 244
    =yes
  • ProtectKernelModules
    Introduced in systemd 232
    =yes
  • ProtectKernelTunables
    Introduced in systemd 232
    =yes
  • ProtectSystem
    Introduced in systemd 214
    =full
  • Restart=always
  • RestrictRealtime
    Introduced in systemd 231
    =yes
• [Unit]
  • After=network.target
  • After=syslog.target iptables.service ip6tables.service libvirtd.service firewalld.service nftables.service
  • After=syslog.target iptables.target ip6tables.target libvirtd.service firewalld.service
  • Before=sshd.service
  • Description=SSHGUARD provides automatic attack blocking
  • Description=SSHGuard
  • Description=SSHGuard - blocks brute-force login attempts
  • Documentation=man:sshguard(8)

Additionnal notes

Nothing here.