ports/115210: port security/sshit not work when hostname not IP
Alex Keda
admin at lissyara.su
Sun Aug 5 07:30:01 UTC 2007
>Number: 115210
>Category: ports
>Synopsis: port security/sshit not work when hostname not IP
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Aug 05 07:30:01 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: Alex Keda
>Release: 6.2
>Organization:
USSR
>Environment:
FreeBSD ussr.lissyara.int.otradno.ru 6.2-RELEASE-p5 FreeBSD 6.2-RELEASE-p5 #1: Sat Jul 7 12:39:24 MSD 2007 root at ussr.lissyara.int.otradno.ru:/usr/obj/usr/src/sys/color-console i386
>Description:
log:
Jul 31 22:26:27 mail ftpd[54426]: FTP LOGIN FAILED FROM c-71-235-187-254.hsd1.ma.comcast.net, Administrator
Jul 31 22:26:51 mail ftpd[54433]: FTP LOGIN FAILED FROM c-71-235-187-254.hsd1.ma.comcast.net, Administrator
Jul 31 22:27:17 mail ftpd[54459]: FTP LOGIN FAILED FROM c-71-235-187-254.hsd1.ma.comcast.net, Administrator
Jul 31 22:27:17 mail sshit: BLOCKING c with ipfw2
Jul 31 22:27:25 mail ftpd[54459]: FTP LOGIN FAILED FROM c-71-235-187-254.hsd1.ma.comcast.net, Administrator
Jul 31 22:27:25 mail sshit: block for c not working!
>How-To-Repeat:
always
>Fix:
patch http://lissyara.su/patch/patch-for-sshit-v2.diff
Patch attached with submission follows:
diff -Nru sshit.orig/Makefile sshit/Makefile
--- sshit.orig/Makefile Mon Jul 2 12:36:13 2007
+++ sshit/Makefile Sun Aug 5 11:04:22 2007
@@ -7,7 +7,7 @@
PORTNAME= sshit
PORTVERSION= 0.6
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= security
MASTER_SITES= http://anp.ath.cx/sshit/ \
${MASTER_SITE_LOCAL}
diff -Nru sshit.orig/files/patch-sshit.diff sshit/files/patch-sshit.diff
--- sshit.orig/files/patch-sshit.diff Mon Jul 2 12:36:13 2007
+++ sshit/files/patch-sshit.diff Sun Aug 5 11:04:22 2007
@@ -1,11 +1,11 @@
---- sshit.orig Sun Jul 1 22:13:45 2007
-+++ sshit Sun Jul 1 22:14:46 2007
+--- sshit.orig Sun Aug 5 10:56:39 2007
++++ sshit Sun Aug 5 10:59:03 2007
@@ -317,7 +317,7 @@
while (<>) {
chomp;
- if (/(failed|Invalid user) .*from (\d+\.\d+\.\d+\.\d+|[\da-fA-F:]+)/i ) { # IPv4 & IPv6
-+ if (/(failed|error|Invalid user) .*from (\d+\.\d+\.\d+\.\d+|[\da-fA-F:]+)/i ) { # IPv4 & IPv6
++ if (/(failed|error|Invalid user) .*from (\d+\.\d+\.\d+\.\d+|([a-z-]+\.)+[a-z]{2,4}|[\da-fA-F:]+)/i ) { # IPv4 & IPv6
$ip = $2;
if ($list{$ip}{name}) {
if ($list{$ip}{n} >= $MAX_COUNT) {
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list