diff options
Diffstat (limited to 'main/sshguard')
| -rw-r--r-- | main/sshguard/APKBUILD | 51 | ||||
| -rw-r--r-- | main/sshguard/parser.patch | 11 | ||||
| -rw-r--r-- | main/sshguard/sshguard.confd | 22 | ||||
| -rw-r--r-- | main/sshguard/sshguard.initd | 25 |
4 files changed, 109 insertions, 0 deletions
diff --git a/main/sshguard/APKBUILD b/main/sshguard/APKBUILD new file mode 100644 index 0000000000..a337bbfc63 --- /dev/null +++ b/main/sshguard/APKBUILD @@ -0,0 +1,51 @@ +# Contributor: Natanael Copa <ncopa@alpinelinux.org> +# Maintainer: Natanael Copa <ncopa@alpinelinux.org> +pkgname=sshguard +pkgver=1.5 +pkgrel=1 +pkgdesc="Log monitor that blocks with iptables on bad behaviour" +url="http://www.sshguard.net/" +arch="all" +license="BSD" +depends="iptables" +depends_dev="" +makedepends="$depends_dev flex bison" +install="" +subpackages="$pkgname-doc" +source="http://downloads.sourceforge.net/project/sshguard/sshguard/sshguard-$pkgver/sshguard-$pkgver.tar.bz2 + sshguard.initd + sshguard.confd + parser.patch" + +_builddir="$srcdir"/sshguard-$pkgver +prepare() { + local i + cd "$_builddir" + for i in $source; do + case $i in + *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; + esac + done +} + +build() { + cd "$_builddir" + ./configure --prefix=/usr \ + --with-firewall=iptables \ + || return 1 + make || return 1 +} + +package() { + cd "$_builddir" + make DESTDIR="$pkgdir" install || return 1 + install -Dm755 "$srcdir"/sshguard.initd \ + "$pkgdir"/etc/init.d/sshguard || return 1 + install -Dm755 "$srcdir"/sshguard.confd \ + "$pkgdir"/etc/conf.d/sshguard || return 1 +} + +md5sums="11b9f47f9051e25bdfe84a365c961ec1 sshguard-1.5.tar.bz2 +13eb7c7e7a91cc347dbd6ff111d662c4 sshguard.initd +02dc914d310ea759a66ebb136f495e4e sshguard.confd +84ff8858abb8d5a673037cf592bb6794 parser.patch" diff --git a/main/sshguard/parser.patch b/main/sshguard/parser.patch new file mode 100644 index 0000000000..51f9915e18 --- /dev/null +++ b/main/sshguard/parser.patch @@ -0,0 +1,11 @@ +--- sshguard-1.5/src/parser/attack_scanner.l ++++ sshguard-1.5-mod/src/parser/attack_scanner.l +@@ -107,7 +107,7 @@ + */ + + /* handle entries with PID and without PID from processes other than sshguard */ +-{TIMESTAMP_SYSLOG}[ ]+([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+{PROCESSNAME}"["{NUMBER}"]: "{SOLARIS_MSGID_TAG}? { ++{TIMESTAMP_SYSLOG}[ ]+([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+{PROCESSNAME}"["{NUMBER}"]: "{SOLARIS_MSGID_TAG}? { + /* extract PID */ + yylval.num = getsyslogpid(yytext, yyleng); + return SYSLOG_BANNER_PID; diff --git a/main/sshguard/sshguard.confd b/main/sshguard/sshguard.confd new file mode 100644 index 0000000000..050c2f3589 --- /dev/null +++ b/main/sshguard/sshguard.confd @@ -0,0 +1,22 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/sshguard/files/sshguard.confd,v 1.3 2011/04/23 16:59:59 jer Exp $ + +# Config file for /etc/init.d/sshguard +# See SSHGUARD(8) for details. + +# Initial (empty) options. +SSHGUARD_OPTS="" + +# Files to monitor +# -l <source> +SSHGUARD_OPTS="${SSHGUARD_OPTS} -l /var/log/messages" + +# White listing +# -w <addr/host/block/file> +#SSHGUARD_OPTS="${SSHGUARD_OPTS} -w 192.168.0.0/24" + +# Define how long in milliseconds start-stop-daemon waits to check that +# sshguard is still running before calling success or failure. +# Values lower than the default of 999 are probably not useful. +SSHGUARD_WAIT="999" diff --git a/main/sshguard/sshguard.initd b/main/sshguard/sshguard.initd new file mode 100644 index 0000000000..89ec7d592c --- /dev/null +++ b/main/sshguard/sshguard.initd @@ -0,0 +1,25 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/sshguard/files/sshguard.initd,v 1.3 2011/04/25 04:59:43 jer Exp $ + +depend() { + after iptables + use logger +} + +SSHGUARD_PIDFILE=${SSHGUARD_PIDFILE:-/var/run/${SVCNAME}.pid} + +start() { + ebegin "Starting sshguard" + [[ -z ${SSHGUARD_WAIT} ]] && SSHGUARD_WAIT=999 + start-stop-daemon --start --wait ${SSHGUARD_WAIT} --background --quiet --exec \ + /usr/sbin/sshguard -- -i ${SSHGUARD_PIDFILE} ${SSHGUARD_OPTS} + eend $? +} + +stop() { + ebegin "Stopping sshguard" + start-stop-daemon --stop -p ${SSHGUARD_PIDFILE} + eend $? +} |