*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Seth Arnold (seth-arnold):
sshguard 2.3.1-1ubuntu1; focal /lib/systemd/system/sshguard.service has: ExecStartPre=-/sbin/iptables -N sshguard ExecStartPre=-/sbin/ip6tables -N sshguard ExecStopPost=-/sbin/iptables -X sshguard ExecStopPost=-/sbin/ip6tables -X sshguard iptables and ip6tables are now in /usr/sbin, not /sbin. So the sshguard chain never gets created/deleted. sshg-fw-iptables assumes that this chain exists, so it fails to actually block any attacker: Jun 23 22:54:18 fenrir sshguard[677248]: Attack from "192.0.2.1" on service 110 with danger 10. Jun 23 22:54:18 fenrir sshguard[677248]: Blocking "192.0.2.1/32" for 122880 secs (3 attacks in 1 secs, after 11 abuses over 184099 secs.) Jun 23 22:54:18 fenrir sshguard[1191669]: iptables: No chain/target/match by that name. Jun 23 23:46:49 fenrir sshguard[1198650]: iptables: Bad rule (does a matching rule exist in that chain?). ** Affects: sshguard (Ubuntu) Importance: Undecided Status: New -- sshguard.service uses wrong path for iptables; nothing actually gets blocked https://bugs.launchpad.net/bugs/1884848 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs