sshguard Blocking access to consul servers

sshguard is blocking ssh access to consul servers. It is getting requests from the bastions which it interprets as hostile and adds an iptables rule to block the bastions on the ssh port. This has the effect of locking everyone out. We should either set a timeout that allows traffic again, or use a different method of determining hostile traffic.

sudo iptables -nvL --line

Results in lines like the folowing - sometimes 2 or 3 bastion servers are listed

Chain sshguard (1 references)
num   pkts bytes target     prot opt in     out     source               destination
1    14214  935K DROP       all  --  *      *       10.216.4.4           0.0.0.0/0

The line can be removed with

sudo iptables -D sshguard 1

We should also determine exactly which traffic is triggering this behavior. If it is not being caused by someone with access who has their ssh setup misconfigured, then it is being caused by someone malicious who has gotten access to the bastions.