From 35246c6f168229e7f48f7ae11433aaf87f33ebf0 Mon Sep 17 00:00:00 2001
From: pav <pav@FreeBSD.org>
Date: Thu, 26 May 2005 21:14:58 +0000
Subject: bruteforceblocker is a script that checks sshd's auth.log for Failed
 login attemtps and cooperates with pf firewall. When given IP gains specific
 number of fails, bruteforceblocker adds this IP to the pf's table. This is
 useful for people who are getting large number of these attempts.

PR:		ports/80211
Submitted by:	Daniel Gerzo <danger@rulez.sk>
---
 security/Makefile                                  |  1 +
 security/bruteforceblocker/Makefile                | 43 ++++++++++++++++++++++
 security/bruteforceblocker/distinfo                |  2 +
 .../files/bruteforceblocker.sh.in                  | 33 +++++++++++++++++
 security/bruteforceblocker/files/pkg-message.in    |  8 ++++
 security/bruteforceblocker/pkg-descr               | 10 +++++
 6 files changed, 97 insertions(+)
 create mode 100644 security/bruteforceblocker/Makefile
 create mode 100644 security/bruteforceblocker/distinfo
 create mode 100644 security/bruteforceblocker/files/bruteforceblocker.sh.in
 create mode 100644 security/bruteforceblocker/files/pkg-message.in
 create mode 100644 security/bruteforceblocker/pkg-descr

(limited to 'security')

diff --git a/security/Makefile b/security/Makefile
index 872dc5e7d1a8..cd9980d5bd38 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -34,6 +34,7 @@
     SUBDIR += borzoi
     SUBDIR += botan
     SUBDIR += bro
+    SUBDIR += bruteforceblocker
     SUBDIR += bubblegum
     SUBDIR += bugs
     SUBDIR += ca-roots
diff --git a/security/bruteforceblocker/Makefile b/security/bruteforceblocker/Makefile
new file mode 100644
index 000000000000..0452b970432e
--- /dev/null
+++ b/security/bruteforceblocker/Makefile
@@ -0,0 +1,43 @@
+# New ports collection makefile for:	bruteforceblocker
+# Date created:				20 April 2005
+# Whom:					Daniel Gerzo <danger@rulez.sk>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	bruteforceblocker
+PORTVERSION=	1.0
+CATEGORIES=	security
+MASTER_SITES=	http://danger.rulez.sk/projects/bruteforceblocker/ \
+		${MASTER_SITE_LOCAL}
+MASTER_SITE_SUBDIR=	pav
+
+MAINTAINER=	danger@rulez.sk
+COMMENT=	Checks for failed login attempts and blocks given IPs
+
+RUN_DEPENDS=	${SITE_PERL}/File/Tail.pm:${PORTSDIR}/devel/p5-File-Tail
+
+NO_BUILD=	yes
+USE_PERL5_RUN=	yes
+USE_RC_SUBR=	${PORTNAME}.sh
+
+WRKSRC=		${WRKDIR}
+PLIST_FILES=	bin/${PORTNAME}.pl
+PKGMESSAGE=	${WRKDIR}/pkg-message
+SUB_FILES=	pkg-message
+
+.include <bsd.port.pre.mk>
+
+.if ${PERL_LEVEL} < 500600
+IGNORE=		Perl 5.6 or newer required. Install lang/perl5 or lang/perl5.8 and try again.
+.endif
+
+.if ${OSVERSION} < 502106
+IGNORE=		requires at least FreeBSD 5.2
+.endif
+
+do-install:
+	${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME}.pl ${PREFIX}/bin/${PORTNAME}.pl
+	@${CAT} ${PKGMESSAGE}
+
+.include <bsd.port.post.mk>
diff --git a/security/bruteforceblocker/distinfo b/security/bruteforceblocker/distinfo
new file mode 100644
index 000000000000..1fd785da9093
--- /dev/null
+++ b/security/bruteforceblocker/distinfo
@@ -0,0 +1,2 @@
+MD5 (bruteforceblocker-1.0.tar.gz) = e82fc32fe3fbde2a4291cbdeada188c7
+SIZE (bruteforceblocker-1.0.tar.gz) = 1845
diff --git a/security/bruteforceblocker/files/bruteforceblocker.sh.in b/security/bruteforceblocker/files/bruteforceblocker.sh.in
new file mode 100644
index 000000000000..86e76655df4f
--- /dev/null
+++ b/security/bruteforceblocker/files/bruteforceblocker.sh.in
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+# PROVIDE: bruteforceblocker
+# REQUIRE: LOGIN
+# KEYWORD: FreeBSD shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable bruteforceblocker:
+#
+# bruteforceblocker_enable="YES"
+#
+
+. %%RC_SUBR%%
+
+name="bruteforceblocker"
+rcvar=`set_rcvar`
+load_rc_config $name
+
+command="%%PREFIX%%/bin/bruteforceblocker.pl"
+pidfile="/var/run/bruteforceblocker.pid"
+procname="/usr/bin/perl"
+
+stop_postcmd=stop_postcmd
+
+stop_postcmd()
+{
+	rm -f $pidfile
+}
+
+# set defaults
+bruteforceblocker_enable=${bruteforceblocker_enable:-"NO"}
+
+run_rc_command "$1"
diff --git a/security/bruteforceblocker/files/pkg-message.in b/security/bruteforceblocker/files/pkg-message.in
new file mode 100644
index 000000000000..5dadbe11c672
--- /dev/null
+++ b/security/bruteforceblocker/files/pkg-message.in
@@ -0,0 +1,8 @@
+===>  CONFIGURATION NOTE:
+
+To setup bruteforceblocker, you should check main script
+located at %%PREFIX%%/bin/bruteforceblocker.pl
+
+when you are done, you will also need to add to /etc/rc.conf
+bruteforceblocker_enable="YES", so you will be able to start
+bruteforceblocker via rcNG script.
diff --git a/security/bruteforceblocker/pkg-descr b/security/bruteforceblocker/pkg-descr
new file mode 100644
index 000000000000..2a4d5ba8322b
--- /dev/null
+++ b/security/bruteforceblocker/pkg-descr
@@ -0,0 +1,10 @@
+BruteForceBlocker is a script, that works along with pf - OpenBSD's firewall.
+When this script is running, it checks sshd's auth log for Failed Password
+attempts and counts it's number. When given IP reaches specified number of
+fails, script adds this IP to the pf's table and block any other traffic to
+the given box. If you are bored of those automated auth tries, you will be
+happy with this script. It also includes a simple rc script.
+
+WWW: http://danger.rulez.sk/projects/bruteforceblocker/
+
+- Daniel Gerzo <danger@rulez.sk>
-- 
cgit