From f60680e0d7f35f68292c3fd6514f67603ae3d363 Mon Sep 17 00:00:00 2001
From: Ben Grabham <git@chillichef.com>
Date: Mon, 15 Mar 2021 11:05:05 +0000
Subject: [PATCH] Filter journal on sshd

Without this, it blacklists an IP instantly
---
 start-sshguard.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/start-sshguard.sh b/start-sshguard.sh
index 3f8ef98..67f46b8 100755
--- a/start-sshguard.sh
+++ b/start-sshguard.sh
@@ -3,7 +3,7 @@
 set -eu
 
 BACKEND=${BACKEND:-/usr/lib/x86_64-linux-gnu/sshg-fw-ipset}
-LOGREADER=${LOGREADER:-LANG=C /bin/journalctl -afb -p info -n1 -D /var/log/journal -o cat SYSLOG_FACILITY=4 SYSLOG_FACILITY=10}
+LOGREADER=${LOGREADER:-LANG=C /bin/journalctl -afb -p info -n1 -D /var/log/journal -u sshd -o cat SYSLOG_FACILITY=4 SYSLOG_FACILITY=10}
 THRESHOLD=${THRESHOLD:-30}
 BLOCK_TIME=${BLOCK_TIME:-120}
 DETECTION_TIME=${DETECTION_TIME:-1800}