Index: head/security/sshguard/Makefile
===================================================================
--- head/security/sshguard/Makefile	(revision 414461)
+++ head/security/sshguard/Makefile	(revision 414462)
@@ -1,44 +1,44 @@
 # Created by: Mij <mij@bitchx.it>
 # $FreeBSD$
 
 PORTNAME=	sshguard
 PORTVERSION=	1.6.4
-PORTREVISION=	0
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	SF/sshguard/sshguard/${PORTVERSION}
 
 MAINTAINER=	feld@FreeBSD.org
 COMMENT?=	Protect hosts from brute force attacks against ssh and other services
 
 LICENSE=	BSD2CLAUSE
 
 CONFLICTS?=	sshguard-ipfilter-1.* sshguard-ipfw-1.* sshguard-pf-1.* sshguard-null-1.*
 
 USES=		autoreconf
 
 PLIST_FILES=	sbin/sshguard man/man8/sshguard.8.gz
 
 USE_RC_SUBR=	sshguard
 MAKE_ARGS+=	ACLOCAL="${TRUE}" AUTOCONF="${TRUE}" AUTOMAKE="${TRUE}"
 GNU_CONFIGURE=	yes
 CONFIGURE_ARGS+=--with-firewall=${SSHGUARDFW}
 
 SUB_LIST+=	PKGMSG_FWBLOCK=${PKGMSG_FWBLOCK}
 SUB_FILES=	pkg-message
 
 # backend type in { hosts, ipfw, null, pf }
 SSHGUARDFW?=	hosts
 
 .if ${SSHGUARDFW} == pf
 PKGMSG_FWBLOCK="  To activate or configure PF see http://www.sshguard.net/docs/setup/firewall/pf/"
 .elif ${SSHGUARDFW} == ipfw
 PKGMSG_FWBLOCK="  IPFW support has been rewritten. Sshguard will now add entries to table 22."
 .elif ${SSHGUARDFW} == hosts
 PKGMSG_FWBLOCK="  Sshguard is going to use /etc/hosts.allow. Please remember to touch /etc/hosts.allow\!"
 .elif ${SSHGUARDFW} == ipfilter
 PKGMSG_FWBLOCK="  Sshguard will use /etc/ipf.rules as ruleset."
 .elif ${SSHGUARDFW} == null
 PKGMSG_FWBLOCK="  Sshguard null backend requires you provide your own script with the \"-e\" argument."
 .endif
 
 .include <bsd.port.mk>
Index: head/security/sshguard/files/patch-man_sshguard.8
===================================================================
--- head/security/sshguard/files/patch-man_sshguard.8	(revision 414461)
+++ head/security/sshguard/files/patch-man_sshguard.8	(revision 414462)
@@ -1,20 +1,27 @@
---- man/sshguard.8.orig	2016-05-02 15:44:01 UTC
+--- man/sshguard.8.orig	2016-03-17 08:01:48 UTC
 +++ man/sshguard.8
 @@ -84,7 +84,7 @@ at \fI\%http://www.sshguard.net/\fP\&.
  .SH OPTIONS
  .INDENT 0.0
  .TP
 -.B \fB\-a\fP \fIthresh\fP (default 40)
 +.B \fB\-a\fP \fIthresh\fP (default 30)
  Block an attacker when its dangerousness exceeds \fIthresh\fP\&. Each attack
  pattern that is matched contributes a fixed dangerousness of 10.
  .TP
-@@ -112,7 +112,7 @@ monitor instead. \fBsshguard\fP transpar
+@@ -112,13 +112,13 @@ monitor instead. \fBsshguard\fP transpar
  using this option, standard input is ignored, but can be re\-added by
  giving \(aq\fB\-l\fP \-\(aq.
  .TP
 -.B \fB\-p\fP \fIinterval\fP (default 420 secs, or 7 minutes)
 +.B \fB\-p\fP \fIinterval\fP (default 120 secs, or 2 minutes)
  Wait at least \fIinterval\fP seconds before releasing a blocked address.
  Repeat attackers are blocked for 1.5 times longer after each attack.
  Because \fBsshguard\fP unblocks attackers only at infrequent intervals,
+ this parameter is inexact (actual blocks will be longer).
+ .TP
+-.B \fB\-s\fP \fIinterval\fP (default 1200 secs, or 20 minutes)
++.B \fB\-s\fP \fIinterval\fP (default 1800 secs, or 30 minutes)
+ Forget about an attacker \fIinterval\fP seconds after its last attempt. Its
+ dangerousness will be reset to zero.
+ .TP
Index: head/security/sshguard/files/sshguard.in
===================================================================
--- head/security/sshguard/files/sshguard.in	(revision 414461)
+++ head/security/sshguard/files/sshguard.in	(revision 414462)
@@ -1,104 +1,104 @@
 #!/bin/sh
 #-
 # Copyright (c) 2012 iXsystems, Inc.
 # All rights reserved.
 #
 # Written by: Xin Li <delphij@FreeBSD.org>
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions
 # are met:
 # 1. Redistributions of source code must retain the above copyright
 #    notice, this list of conditions and the following disclaimer.
 # 2. Redistributions in binary form must reproduce the above copyright
 #    notice, this list of conditions and the following disclaimer in the
 #    documentation and/or other materials provided with the distribution.
 #
 # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 # SUCH DAMAGE.
 #
 # $FreeBSD$
 #
 
 # PROVIDE: sshguard
 # REQUIRE: LOGIN cleanvar
 # KEYWORD: shutdown
 
 #
 # Add the following lines to /etc/rc.conf to enable sshguard:
 # sshguard_enable (bool):	Set to "NO" by default.
 #				Set it to "YES" to enable sshguard
 # sshguard_pidfile (str):	Path to PID file.
 #				Set to "/var/run/sshguard.pid" by default
 # sshguard_watch_logs (str):	Colon splitted list of logs to watch.
 #				Set to "/var/log/auth.log:/var/log/maillog"
 #				by default.
 # The following options directly maps to their command line options,
 # please read manual page sshguard(8) for detailed information:
 # sshguard_blacklist (str):	[thr:]/path/to/blacklist.
 #				Set to "30:/var/db/sshguard/blacklist.db"
 #				by default.
 # sshguard_danger_thresh (int):	Danger threshold.  Set to "30" by default.
 # sshguard_release_interval (int):
 #				Minimum interval an address remains
 #				blocked.  Set to "120" by default.
 # sshguard_reset_interval (int):
 #				Interval before a suspected attack is
 #				forgotten and danger is reset to 0.
-#				Set to "1200" by default.
+#				Set to "1800" by default.
 # sshguard_whitelistfile (str):	Path to the whitelist.
 #				Set to "%%PREFIX%%/etc/sshguard.whitelist"
 #				by default.
 # sshguard_flags (str):		Set additional command line arguments.
 #
 
 
 . /etc/rc.subr
 
 name=sshguard
 rcvar=sshguard_enable
 
 load_rc_config sshguard
 
 : ${sshguard_enable:=NO}
 : ${sshguard_blacklist=30:/var/db/sshguard/blacklist.db}
 : ${sshguard_danger_thresh=30}
 : ${sshguard_release_interval=120}
-: ${sshguard_reset_interval=1200}
+: ${sshguard_reset_interval=1800}
 : ${sshguard_whitelistfile="%%PREFIX%%/etc/sshguard.whitelist"}
 : ${sshguard_watch_logs=/var/log/auth.log:/var/log/maillog}
 
 pidfile=${sshguard_pidfile:="/var/run/sshguard.pid"}
 
 command=/usr/sbin/daemon
 actual_command="%%PREFIX%%/sbin/sshguard"
 procname="${actual_command}"
 start_precmd=sshguard_prestart
 command_args="-c ${actual_command} \${sshguard_flags} \${sshguard_blacklist_params} \${sshguard_watch_params} -a ${sshguard_danger_thresh} -p ${sshguard_release_interval} -s ${sshguard_reset_interval} -w ${sshguard_whitelistfile} -i ${pidfile}"
 
 sshguard_prestart()
 {
 	# Clear rc_flags so sshguard_flags can be passed to sshguard
 	# instaed of daemon(8)
 	rc_flags=""
 
 	if [ ! -z ${sshguard_blacklist} ]; then
 	    mkdir -p $(dirname ${sshguard_blacklist##*:})
 	    sshguard_blacklist_params="-b ${sshguard_blacklist}"
 	fi
 
 	[ -e ${sshguard_whitelistfile} ] || touch ${sshguard_whitelistfile}
 
 	sshguard_watch_params=$(echo ${sshguard_watch_logs} | tr : \\\n | sed -e s/^/-l\ /g | tr \\\n \ )
 }
 
 run_rc_command "$1"