summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Pagano <mpagano@gentoo.org>2006-07-24 19:45:21 +0000
committerMike Pagano <mpagano@gentoo.org>2006-07-24 19:45:21 +0000
commit29776e4d8ac5c0cc96ddbd857233d83080c4a039 (patch)
tree161bebdced81e4e896e479ba0d5452bd57f7be83 /net-misc/blocksshd
parentadd two missing bug IDs (diff)
downloadsunrise-29776e4d8ac5c0cc96ddbd857233d83080c4a039.tar.gz
sunrise-29776e4d8ac5c0cc96ddbd857233d83080c4a039.tar.bz2
sunrise-29776e4d8ac5c0cc96ddbd857233d83080c4a039.zip
Initial revision of blocksshd. Reviewed by genstef
svn path=/sunrise/; revision=695
Diffstat (limited to 'net-misc/blocksshd')
-rw-r--r--net-misc/blocksshd/ChangeLog10
-rw-r--r--net-misc/blocksshd/blocksshd-0.6.ebuild58
-rwxr-xr-xnet-misc/blocksshd/files/blocksshd-0.6.conf-dir-change.patch26
-rwxr-xr-xnet-misc/blocksshd/files/blocksshd-0.6.etc-dir-change.patch11
-rwxr-xr-xnet-misc/blocksshd/files/blocksshd.init30
-rw-r--r--net-misc/blocksshd/metadata.xml5
6 files changed, 140 insertions, 0 deletions
diff --git a/net-misc/blocksshd/ChangeLog b/net-misc/blocksshd/ChangeLog
new file mode 100644
index 000000000..cd36b5e76
--- /dev/null
+++ b/net-misc/blocksshd/ChangeLog
@@ -0,0 +1,10 @@
+# ChangeLog for net-misc/blocksshd
+# Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2
+# $Header: $
+
+ 24 Jul 2006; Michael Pagano <mpagano@gmail.com> +blocksshd-0.6.ebuild,
+ +files/blocksshd-0.6.conf-dir-change.patch,
+ +files/blocksshd-0.6.etc-dir-change.patch, +files/blocksshd.init,
+ +metadata.xml:
+ New ebuild for bug 141347. Reviewed by genstef.
+
diff --git a/net-misc/blocksshd/blocksshd-0.6.ebuild b/net-misc/blocksshd/blocksshd-0.6.ebuild
new file mode 100644
index 000000000..96da64d51
--- /dev/null
+++ b/net-misc/blocksshd/blocksshd-0.6.ebuild
@@ -0,0 +1,58 @@
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+inherit eutils
+
+DESCRIPTION="Protects computers from SSH brute force attacks by dynamically blocking IP addresses by adding iptables rules."
+HOMEPAGE="http://sourceforge.net/projects/blocksshd"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
+
+LICENSE="GPL-1"
+SLOT="0"
+
+KEYWORDS="~x86"
+IUSE=""
+
+DEPEND=""
+RDEPEND=">=perl-core/Sys-Syslog-0.16
+ >=dev-perl/Sys-Hostname-Long-1.2
+ >=dev-perl/File-Tail-0.99.1
+ >=dev-perl/Net-DNS-0.53-r1
+ >=dev-perl/Proc-Daemon-0.03
+ >=dev-perl/Proc-PID-File-1.24
+ >=perl-core/Getopt-Long-2.34
+ >=net-firewall/iptables-1.3.5-r1"
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+
+ # convert CRLF to LF
+ edos2unix blocksshd blocksshd.conf
+
+ #apply patches
+ epatch ${FILESDIR}/blocksshd-0.6.conf-dir-change.patch
+ epatch ${FILESDIR}/blocksshd-0.6.etc-dir-change.patch
+}
+
+src_install() {
+ dosbin blocksshd || die "dosbin failed"
+ dodoc CHANGELOG CREDITS INSTALL README VERSION blocksshd.conf
+
+ newinitd ${FILESDIR}/blocksshd.init blocksshd
+
+ insinto /etc/blocksshd
+ newins blocksshd.conf blocksshd.conf.sample
+}
+
+pkg_postinst() {
+ echo
+ einfo
+ ewarn "The configuration file ${ROOT}etc/blocksshd/blocksshd.conf.sample"
+ ewarn "must be renamed before blocksshd will run."
+ ewarn "Please review this configuration file for settings that might"
+ ewarn "be appropiate for your setup."
+ einfo
+}
+
diff --git a/net-misc/blocksshd/files/blocksshd-0.6.conf-dir-change.patch b/net-misc/blocksshd/files/blocksshd-0.6.conf-dir-change.patch
new file mode 100755
index 000000000..f2b11a5da
--- /dev/null
+++ b/net-misc/blocksshd/files/blocksshd-0.6.conf-dir-change.patch
@@ -0,0 +1,26 @@
+--- blocksshd.conf.org 2006-07-19 06:57:06.000000000 -0400
++++ blocksshd.conf 2006-07-21 14:31:43.000000000 -0400
+@@ -3,18 +3,18 @@
+ $cfg = {
+ os => 'linux', # Target OS - either linux or bsd
+ chain => 'blocksshd', # Name of iptables or pf chain
+- logfile => '/var/log/secure', # Log file to monitor
++ logfile => '/var/log/messages', # Log file to monitor
+ logcheck => '10', # How often to check the log file
+ max_attempts => '4', # Max number of failures
+ timeout => '360', # Reset IP count if no activity after time out in seconds
+- unblock => '1', # Enable unblocking
++ unblock => '0', # Enable unblocking
+ unblock_timeout => '43200', # Time in seconds after which to unblock a blocked IP address
+ restore_blocked => '0', # Turn on checking for previously blocked IPs
+- log_ips => '/usr/local/etc/blocksshd.list', # Log file for blocked IPs
++ log_ips => '/etc/blocksshd/blocksshd.list', # Log file for blocked IPs
+ pid_file => '/var/run/blocksshd.pid', # Location of PID file
+- send_email => '1', # Enable the sending of email notifications
++ send_email => '0', # Enable the sending of email notifications
+ email => 'root', # Email address to send notifications
+- mail => '/bin/mail', # Location of mail binary
++ mail => '/bin/mail', # Location of mail binary
+ iptables => '/sbin/iptables', # Location of iptables binary - only for Linux
+ pfctl => '/sbin/pfctl', # Location of pfctl binary - only for BSD
+ whitelist => [qw{
diff --git a/net-misc/blocksshd/files/blocksshd-0.6.etc-dir-change.patch b/net-misc/blocksshd/files/blocksshd-0.6.etc-dir-change.patch
new file mode 100755
index 000000000..f8067af60
--- /dev/null
+++ b/net-misc/blocksshd/files/blocksshd-0.6.etc-dir-change.patch
@@ -0,0 +1,11 @@
+--- blocksshd.org 2006-07-19 06:13:39.000000000 -0400
++++ blocksshd 2006-07-20 20:12:06.000000000 -0400
+@@ -41,7 +41,7 @@
+ our $cfg;
+
+ # this is where configuration file is located
+-require '/usr/local/etc/blocksshd.conf';
++require '/etc/blocksshd/blocksshd.conf';
+
+ my $work = {
+ ipv4 => '(?:\d{1,3}\.){3}\d{1,3}', # regexp to match ipv4 address
diff --git a/net-misc/blocksshd/files/blocksshd.init b/net-misc/blocksshd/files/blocksshd.init
new file mode 100755
index 000000000..7f55803ae
--- /dev/null
+++ b/net-misc/blocksshd/files/blocksshd.init
@@ -0,0 +1,30 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header:$
+
+depend() {
+ need net
+}
+
+checkconfig() {
+ if [ ! -e /etc/blocksshd/blocksshd.conf ] ; then
+ eerror "You need a /etc/blocksshd/blocksshd.conf file to run blocksshd"
+ eerror "There is a sample file in /etc/blocksshd/"
+ return 1
+ fi
+
+}
+
+start() {
+ checkconfig || return 1
+ ebegin "Starting BlockSSHD"
+ /usr/sbin/blocksshd --start
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping BlockSSHD"
+ start-stop-daemon --verbose --stop --pidfile /var/run/blocksshd.pid
+ eend $?
+}
diff --git a/net-misc/blocksshd/metadata.xml b/net-misc/blocksshd/metadata.xml
new file mode 100644
index 000000000..7e3286984
--- /dev/null
+++ b/net-misc/blocksshd/metadata.xml
@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>maintainer-wanted</herd>
+</pkgmetadata>