Package: sshguard Version: 1.6.4-1 Severity: normal Dear Maintainer,
When restarting sshguard, I see error messages: $ /etc/init.d/sshguard restart [....] Restarting SSHGuard Server: sshguardiptables: No chain/target/match by that name. ip6tables: No chain/target/match by that name. . ok I traced this back to the following commands in /usr/lib/sshguard/firewall, which is called from the sshguard init script: if [ "$OS" = "Linux" ]; then # # Function that enables firewall # do_enable_firewall() { # creating sshguard chain iptables -w -N sshguard 2> /dev/null ip6tables -w -N sshguard 2> /dev/null # block traffic from abusers iptables -L input|grep -q sshguard || iptables -w -I INPUT -j sshguard 2> /dev/null ip6tables -L input|grep -q sshguard || ip6tables -w -I INPUT -j sshguard 2> /dev/null } The issue is that there is no "input" chain/target/match. I think the last two lines should instead be: iptables -L INPUT|grep -q sshguard || iptables -w -I INPUT -j sshguard 2> /dev/null ip6tables -L INPUT|grep -q sshguard || ip6tables -w -I INPUT -j sshguard 2> /dev/null So with "input" changed to "INPUT". -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.4.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages sshguard depends on: ii init-system-helpers 1.31 ii iptables 1.6.0-2 ii libc6 2.22-7 sshguard recommends no packages. sshguard suggests no packages. -- Configuration Files: /etc/default/sshguard changed [not included] /etc/sshguard/whitelist changed [not included] -- no debconf information