aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorwxs <wxs@FreeBSD.org>2011-06-11 10:08:40 +0800
committerwxs <wxs@FreeBSD.org>2011-06-11 10:08:40 +0800
commit744030c5c9e421d32e786c518886100231fc7ab1 (patch)
tree5f3af913d87662742d2d928ae48895f3ac52aacf /security
parent3db8555a124cd8fd313bc9aa6b682ea7d78165db (diff)
downloadfreebsd-ports-gnome-744030c5c9e421d32e786c518886100231fc7ab1.tar.gz
freebsd-ports-gnome-744030c5c9e421d32e786c518886100231fc7ab1.tar.zst
freebsd-ports-gnome-744030c5c9e421d32e786c518886100231fc7ab1.zip
- Include configuration file for pf.
- Add patch for supporting syslogd -v or -vv. PR: ports/157318 Submitted by: Nick Hilliard <nick@foobar.org> Approved by: maintainer timeout
Diffstat (limited to 'security')
-rw-r--r--security/py-fail2ban/Makefile1
-rw-r--r--security/py-fail2ban/files/patch-common.conf17
-rw-r--r--security/py-fail2ban/files/patch-pf.conf59
-rw-r--r--security/py-fail2ban/pkg-plist1
4 files changed, 78 insertions, 0 deletions
diff --git a/security/py-fail2ban/Makefile b/security/py-fail2ban/Makefile
index 1ccdc5f08d74..f71b312d681e 100644
--- a/security/py-fail2ban/Makefile
+++ b/security/py-fail2ban/Makefile
@@ -7,6 +7,7 @@
PORTNAME= fail2ban
PORTVERSION= 0.8.4
+PORTREVISION= 1
CATEGORIES= security python
MASTER_SITES= SF/${PORTNAME}/${PORTNAME}-stable/${PORTNAME}-${PORTVERSION}
PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX}
diff --git a/security/py-fail2ban/files/patch-common.conf b/security/py-fail2ban/files/patch-common.conf
new file mode 100644
index 000000000000..9cf5a4098aa1
--- /dev/null
+++ b/security/py-fail2ban/files/patch-common.conf
@@ -0,0 +1,17 @@
+--- config/filter.d/common.conf.orig 2011-05-25 14:25:33.000000000 +0100
++++ config/filter.d/common.conf 2011-05-25 14:25:42.000000000 +0100
+@@ -32,10 +32,13 @@
+ # EXAMPLES: sshd[31607], pop(pam_unix)[4920]
+ __daemon_combs_re = (?:%(__pid_re)s?:\s+%(__daemon_re)s|%(__daemon_re)s%(__pid_re)s?:)
+
++# Logging facility and priority for BSD "-v" verbose mode
++__bsd_verbose_mode = (?:\s*\<\S+\.\S+\>\s*)
++
+ #
+ # Common line prefixes (beginnings) which could be used in filters
+ #
+ # [hostname] [vserver tag] daemon_id spaces
+ # this can be optional (for instance if we match named native log files)
+-__prefix_line = \s*(?:\S+ )?(?:@vserver_\S+ )?%(__daemon_combs_re)s?\s*
++__prefix_line = \s*%(__bsd_verbose_mode)s(?:\S+ )?(?:@vserver_\S+ )?%(__daemon_combs_re)s?\s*
+
diff --git a/security/py-fail2ban/files/patch-pf.conf b/security/py-fail2ban/files/patch-pf.conf
new file mode 100644
index 000000000000..dbb6bb99d321
--- /dev/null
+++ b/security/py-fail2ban/files/patch-pf.conf
@@ -0,0 +1,59 @@
+--- /dev/null 2010-01-12 16:33:00.000000000 -0500
++++ ./config/action.d/pf.conf 2010-01-12 16:26:51.000000000 -0500
+@@ -0,0 +1,56 @@
++# Fail2Ban configuration file
++#
++# OpenBSD pf ban/unban
++#
++# Author: Nick Hilliard <nick@foobar.org>
++#
++#
++
++[Definition]
++
++# Option: actionstart
++# Notes.: command executed once at the start of Fail2Ban.
++# Values: CMD
++#
++# we don't enable PF automatically, as it will be enabled elsewhere
++actionstart =
++
++
++# Option: actionstop
++# Notes.: command executed once at the end of Fail2Ban
++# Values: CMD
++#
++# we don't disable PF automatically either
++actionstop =
++
++
++# Option: actioncheck
++# Notes.: command executed once before each actionban command
++# Values: CMD
++#
++actioncheck =
++
++
++# Option: actionban
++# Notes.: command executed when banning an IP. Take care that the
++# command is executed with Fail2Ban user rights.
++# Tags: <ip> IP address
++# <failures> number of failures
++# <time> unix timestamp of the ban time
++# Values: CMD
++#
++actionban = /sbin/pfctl -t fail2ban -T add <ip>/32
++
++
++# Option: actionunban
++# Notes.: command executed when unbanning an IP. Take care that the
++# command is executed with Fail2Ban user rights.
++# Tags: <ip> IP address
++# <failures> number of failures
++# <time> unix timestamp of the ban time
++# Values: CMD
++#
++# note -r option used to remove matching rule
++actionunban = /sbin/pfctl -t fail2ban -T delete <ip>/32
++
++[Init]
diff --git a/security/py-fail2ban/pkg-plist b/security/py-fail2ban/pkg-plist
index 72164591fdeb..b3758e367d6c 100644
--- a/security/py-fail2ban/pkg-plist
+++ b/security/py-fail2ban/pkg-plist
@@ -14,6 +14,7 @@
%%ETCDIR%%/action.d/mail-whois.conf
%%ETCDIR%%/action.d/mail.conf
%%ETCDIR%%/action.d/mynetwatchman.conf
+%%ETCDIR%%/action.d/pf.conf
%%ETCDIR%%/action.d/sendmail-buffered.conf
%%ETCDIR%%/action.d/sendmail-whois-lines.conf
%%ETCDIR%%/action.d/sendmail-whois.conf