[Midnightbsd-cvs] mports: mports/security: Add sshguard.
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Tue Apr 29 11:23:54 EDT 2008
Log Message:
-----------
Add sshguard.
Modified Files:
--------------
mports/security:
Makefile (r1.74 -> r1.75)
Added Files:
-----------
mports/security/sshguard:
Makefile (r1.1)
distinfo (r1.1)
pkg-deinstall (r1.1)
pkg-descr (r1.1)
pkg-install (r1.1)
mports/security/sshguard/files:
patch-attack_scanner.l (r1.1)
pkg-message.in (r1.1)
-------------- next part --------------
--- /dev/null
+++ security/sshguard/pkg-install
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+# If:
+# 1) syslog.conf exists
+# 2) it doesn't already contain some (uncommented) sshguard directive
+# then add $SSHGUARDCONFLINE (commented) right at the end of the header
+# comments section in syslog.conf
+
+# real syslog.conf configuration file path
+SYSLOGCONF=/etc/syslog.conf
+# configuration line to add
+SSHGUARDCONFLINE="auth.info;authpriv.info |exec $PKG_PREFIX/sbin/sshguard"
+
+case "$2" in
+ "POST-INSTALL")
+ if test "x$SSHGUARDFW" = xhosts
+ then
+ touch /etc/hosts.allow
+ fi
+ if (test -f "$SYSLOGCONF" && ! grep -q sshguard "$SYSLOGCONF")
+ then
+ # append default sshguard entry in syslog.conf (first line after comments header)
+ TMPFILE=`mktemp -q /tmp/syslogcXX`
+ # make sure our file has the same permissions as the original, since we mv it back
+ cp -p $SYSLOGCONF ${TMPFILE}
+ echo > ${TMPFILE}
+ inheader=1
+ cat "$SYSLOGCONF" | while read cline ;
+ do
+ if (test $inheader -eq 1 && !(echo "$cline" | grep -q "^[[:space:]]*#"))
+ then
+ # got off of header comments
+ inheader=0
+ echo "#$SSHGUARDCONFLINE" >> $TMPFILE
+ fi
+ echo "$cline" >> $TMPFILE
+ done
+ mv $TMPFILE "$SYSLOGCONF"
+ fi
+;;
+esac
--- /dev/null
+++ security/sshguard/pkg-descr
@@ -0,0 +1,12 @@
+Sshguard monitors ssh servers from their logging activity. It reacts to messages
+about dangerous activity by blocking the source address with the local firewall.
+
+Sshguard can operate all the major firewalling systems:
+* PF (OpenBSD, FreeBSD, NetBSD, DragonFly BSD)
+* netfilter/iptables (Linux)
+* IPFIREWALL/ipfw (FreeBSD, Mac OS X)
+
+Sshguard is reliable, easy to set up and demands very few resources to the
+system.
+
+WWW: http://sshguard.sourceforge.net
--- /dev/null
+++ security/sshguard/pkg-deinstall
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+# If:
+# 1) syslog.conf exists
+# 2) it does contain some directive for sshguard
+# then do the following:
+# @ if the directive was the default directive (as installed by pkg-install)
+# then remove it
+# @ if the directive is some custom (uncommented) directive, comment it
+# and reload syslogd eventually.
+
+# real syslog.conf configuration file path
+SYSLOGCONF=/etc/syslog.conf
+# configuration line to add
+SSHGUARDCONFLINE="auth.info;authpriv.info |exec $PKG_PREFIX/sbin/sshguard"
+
+case "$2" in
+ "DEINSTALL")
+ if (test -f "$SYSLOGCONF" && grep -q '^[^#].*sshguard' "$SYSLOGCONF")
+ then
+ TMPFILE=`mktemp -q /tmp/syslogcXX`
+ if grep -qx "$SSHGUARDCONFLINE" "$SYSLOGCONF"
+ then
+ # remove default sshguard entry from syslog.conf
+ echo "I'm removing the default sshguard syslog entry for you..."
+ grep -vx "$SSHGUARDCONFLINE" "$SYSLOGCONF" > $TMPFILE
+ else
+ # comment customized sshguard configuration line
+ echo "I'm commenting your custom sshguard syslog entry for you..."
+ sed "s/^[^#].*sshguard.*/#&/" < "$SYSLOGCONF" > $TMPFILE
+ fi
+ mv $TMPFILE "$SYSLOGCONF"
+ /etc/rc.d/syslogd reload
+ fi
+ ;;
+esac
--- /dev/null
+++ security/sshguard/Makefile
@@ -0,0 +1,63 @@
+# New ports collection makefile for: sshguard
+# Date created: 2007-02-22
+# Whom: Mij <mij at bitchx.it>
+#
+# $MidnightBSD: mports/security/sshguard/Makefile,v 1.1 2008/04/29 15:23:52 laffer1 Exp $
+# $FreeBSD: ports/security/sshguard/Makefile,v 1.7 2008/01/04 20:35:08 arved Exp $
+#
+
+PORTNAME= sshguard
+DISTVERSION= 1.0
+PORTREVISION= 1
+CATEGORIES= security
+MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
+MASTER_SITE_SUBDIR= ${PORTNAME}
+
+MAINTAINER= ports at MidnightBSD.org
+COMMENT?= Protect hosts from brute force attacks against ssh
+LICENSE= gpl2
+#author says bsdl on site, but can't find it. There seems to be GPL code.
+
+CONFLICTS?= sshguard-ipfw-1.0* sshguard-pf-1.0*
+
+PLIST_FILES= sbin/sshguard
+
+MAN8= sshguard.8
+MANCOMPRESSED= no
+USE_BZIP2= yes
+MAKE_ARGS+= ACLOCAL="${TRUE}" AUTOCONF="${TRUE}" AUTOMAKE="${TRUE}"
+HAS_CONFIGURE= yes
+
+# sublist will be set afterward
+SUB_FILES= pkg-message
+#SUB_LIST=
+
+# backend type in { hosts, ipfw, pf }
+SSHGUARDFW?= hosts
+
+.include <bsd.port.pre.mk>
+
+.if defined(PREFIX)
+CONFIGURE_ARGS+= --prefix=${PREFIX}
+.endif
+
+.if ${SSHGUARDFW} == pf
+PKGMSG_FWBLOCK=" To activate or configure PF see http://sshguard.sf.net/doc/setup/blockingpf.html"
+.elif ${SSHGUARDFW} == ipfw
+PKGMSG_FWBLOCK=" Verify that IPFW is active with \"ipfw show\"."
+.elif ${SSHGUARDFW} == hosts
+PKGMSG_FWBLOCK=" Sshguard is going to use /etc/hosts.allow, I have touched it for you."
+.endif
+
+# for substitution in subfiles
+SUB_LIST+= PKGMSG_FWBLOCK=${PKGMSG_FWBLOCK}
+
+CONFIGURE_ARGS+= --with-firewall=${SSHGUARDFW}
+
+post-install:
+ @PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
+
+pre-deinstall:
+ @PKG_PREFIX=${PREFIX} ${SH} ${PKGDEINSTALL} ${PKGNAME} DEINSTALL
+
+.include <bsd.port.post.mk>
--- /dev/null
+++ security/sshguard/distinfo
@@ -0,0 +1,3 @@
+MD5 (sshguard-1.0.tar.bz2) = 77b5a3a9d74542c487b8d5453d53d572
+SHA256 (sshguard-1.0.tar.bz2) = 33a9fe9d2360e9a5c357e269353d4157270171ff975bcf649f5f99b1aa8dcc08
+SIZE (sshguard-1.0.tar.bz2) = 118988
Index: Makefile
===================================================================
RCS file: /home/cvs/mports/security/Makefile,v
retrieving revision 1.74
retrieving revision 1.75
diff -L security/Makefile -L security/Makefile -u -r1.74 -r1.75
--- security/Makefile
+++ security/Makefile
@@ -70,6 +70,7 @@
SUBDIR += qca-tls
SUBDIR += saint
SUBDIR += secpwgen
+ SUBDIR += sshguard
SUBDIR += smap
SUBDIR += sudo
SUBDIR += tor
--- /dev/null
+++ security/sshguard/files/patch-attack_scanner.l
@@ -0,0 +1,11 @@
+--- src/attack_scanner.l.orig Wed May 23 20:53:53 2007
++++ src/attack_scanner.l Sat Jun 16 17:45:43 2007
+@@ -46,7 +46,7 @@ NUMBER [1-9][0-9]*
+ /* an IPv4 address */
+ (25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]([0-9])?)(\.(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]([0-9])?|0)){3} { yylval.str = yytext; return IPv4; }
+ /* an IPv6 address */
+-((([a-fA-F0-9]{1,4}:){2}(:[a-fA-F0-9]{1,4}){1,5})|(:(:[a-fA-F0-9]{1,4}){1,6}|([a-fA-F0-9]{1,4}:)(:[a-fA-F0-9]{1,4}){1,6}|([a-fA-F0-9]{1,4}:){2}(:[a-fA-F0-9]{1,4}){1,5}|([a-fA-F0-9]{1,4}:){3}(:[a-fA-F0-9]{1,4}){1,4}|([a-fA-F0-9]{1,4}:){4}(:[a-fA-F0-9]{1,4}){1,3}|([a-fA-F0-9]{1,4}:){5}(:[a-fA-F0-9]{1,4}){1,2}|([a-fA-F0-9]{1,4}:){6}:[a-fA-F0-9]{1,4})) { yylval.str = yytext; return IPv6; }
++(([a-fA-F0-9]{1,4}(:[a-fA-F0-9]{1,4}){7})|(([a-fA-F0-9]{1,4}:){2}(:[a-fA-F0-9]{1,4}){1,5})|(:(:[a-fA-F0-9]{1,4}){1,6}|([a-fA-F0-9]{1,4}:)(:[a-fA-F0-9]{1,4}){1,6}|([a-fA-F0-9]{1,4}:){2}(:[a-fA-F0-9]{1,4}){1,5}|([a-fA-F0-9]{1,4}:){3}(:[a-fA-F0-9]{1,4}){1,4}|([a-fA-F0-9]{1,4}:){4}(:[a-fA-F0-9]{1,4}){1,3}|([a-fA-F0-9]{1,4}:){5}(:[a-fA-F0-9]{1,4}){1,2}|([a-fA-F0-9]{1,4}:){6}:[a-fA-F0-9]{1,4})) { yylval.str = yytext; return IPv6; }
+
+ /* an host address (PTR) */
+ localhost|([-a-zA-Z0-9]+\.)+[a-zA-Z]+ { yylval.str = yytext; return HOSTADDR; }
--- /dev/null
+++ security/sshguard/files/pkg-message.in
@@ -0,0 +1,10 @@
+##########################################################################
+ Sshguard installed successfully.
+
+%%PKGMSG_FWBLOCK%%
+
+ Your /etc/syslog.conf has been added a line for sshguard; uncomment it
+ and use "/etc/rc.d/syslogd reload" for activating it.
+
+ See sshguard(8) and http://sshguard.sourceforge.net for additional info.
+##########################################################################
More information about the Midnightbsd-cvs
mailing list