bearDropper for dorpbear sshd

在openwrt上，為了尋找sshguard / fail2ban之類的IPS工具，經過尋找後原來有簡單的ash腳本撰寫的 bearDropper ，thanks to robzr ，that’s awesome。

身為一個使用者，只要簡單的讓openwrt可以抓https

opkg install libustream-openssl ca-certificates ca-bundle

然後跑作者寫的安裝腳本（真貼心！！）

wget -qO- http://rawgit.com/robzr/bearDropper/master/install.sh | sh

調整一下/etc/config/bearDropper

config bearDropper
   # mode used if no mode is specified on command line; see bearDropper -h for help.
         option  defaultMode             entire

  # failure attempts from a given IP required to trigger a ban
         option  attemptCount            5

  # time period during which attemptCount must be exceeded in order to trigger a ban
         option  attemptPeriod           12h

  # how long a ban exist once the attempt threshold is exceeded
         option  banLength               1w

然後把記錄檔加大，vi /etc/config/system

config system
         option ttylogin '0'
         option log_size '256'

接著啟動服務

/etc/init.d/bearDropper start