ports/119467: [NEW PORT] security/fail2ban: Python script that Bans IPs that make too many password failures
Naram Qashat
cyberbotx at cyberbotx.com
Tue Jan 8 20:20:02 UTC 2008
>Number: 119467
>Category: ports
>Synopsis: [NEW PORT] security/fail2ban: Python script that Bans IPs that make too many password failures
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Tue Jan 08 20:20:02 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Naram Qashat
>Release: FreeBSD 6.2-RELEASE-p8 i386
>Organization:
>Environment:
System: FreeBSD kirby.cyberbotx.com 6.2-RELEASE-p8 FreeBSD 6.2-RELEASE-p8 #12: Sun Oct 14 16:14:35 EDT 2007
>Description:
Fail2Ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and
bans IPs that makes too many password failures. It updates firewall rules to
reject the IP address or executes user defined commands.
WWW: http://fail2ban.org/wiki/index.php/Main_Page
- Naram Qashat
cyberbotx at cyberbotx.com
Note:
- I found that the ipfw action does not function as it should, but I have
not been able to figure out a reason why. For FreeBSD, I would recommend
using hosts.deny when using fail2ban.
>How-To-Repeat:
>Fix:
(I wasn't able to send the PR via send-pr(1) on my system, Comcast wouldn't allow the entire e-mail to go through.)
I'm attaching the .shar file to this PR.
Patch attached with submission follows:
# This is a shell archive. Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file". Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
# fail2ban
# fail2ban/Makefile
# fail2ban/distinfo
# fail2ban/files
# fail2ban/pkg-descr
# fail2ban/pkg-plist
# fail2ban/files/fail2ban.in
# fail2ban/files/patch-client-configreader.py
# fail2ban/files/patch-fail2ban-client
# fail2ban/files/patch-fail2ban-regex
# fail2ban/files/patch-fail2ban-server
# fail2ban/files/patch-setup.cfg
# fail2ban/files/patch-setup.py
#
echo c - fail2ban
mkdir -p fail2ban > /dev/null 2>&1
echo x - fail2ban/Makefile
sed 's/^X//' >fail2ban/Makefile << 'END-of-fail2ban/Makefile'
X# New ports collection makefile for: fail2ban
X# Date created: 5 Janurary 2008
X# Whom: Naram Qashat <cyberbotx at cyberbotx.com>
X#
X# $FreeBSD$
X#
X
XPORTNAME= fail2ban
XPORTVERSION= 0.8.1
XCATEGORIES= security
XMASTER_SITES= SF
X
XMAINTAINER= cyberbotx at cyberbotx.com
XCOMMENT= Python script that Ban IPs that make too many password failure
X
XUSE_BZIP2= yes
XUSE_PYTHON= 2.4+
XUSE_PYDISTUTILS= yes
XPYDISTUTILS_NOEGGINFO= yes
X
XMAN1= fail2ban-client.1 fail2ban-regex.1 fail2ban-server.1
X
XOPTIONS= GAMIN "Enable Gamin Support" Off
X
XUSE_RC_SUBR= ${PORTNAME}
XSUB_LIST+= PYTHON_CMD=${PYTHON_CMD}
X
XCONF_FILES= fail2ban.conf jail.conf
XACTION_D_CONF_FILES= hostsdeny.conf ipfw.conf iptables-allports.conf iptables-multiport.conf \
X iptables-new.conf iptables.conf mail-buffered.conf mail-whois-lines.conf \
X mail-whois.conf mail.conf sendmail-buffered.conf sendmail-whois-lines.conf \
X sendmail-whois.conf sendmail.conf shorewall.conf
XFILTER_D_CONF_FILES= apache-auth.conf apache-badbots.conf apache-noscript.conf courierlogin.conf \
X couriersmtp.conf exim.conf named-refused.conf postfix.conf proftpd.conf \
X pure-ftpd.conf qmail.conf sasl.conf sshd-ddos.conf sshd.conf vsftpd.conf \
X webmin-auth.conf wuftpd.conf
X
X.include <bsd.port.pre.mk>
X
X.if defined(WITH_GAMIN)
XUSE_FAM= yes
XWANT_FAM_SYSTEM= gamin
X.endif
X
Xpost-extract:
X @for i in ${CONF_FILES} ; do \
X ${MV} ${WRKSRC}/config/$$i ${WRKSRC}/config/$$i.sample ; \
X done
X @for i in ${ACTION_D_CONF_FILES} ; do \
X ${MV} ${WRKSRC}/config/action.d/$$i ${WRKSRC}/config/action.d/$$i.sample ; \
X done
X @for i in ${FILTER_D_CONF_FILES} ; do \
X ${MV} ${WRKSRC}/config/filter.d/$$i ${WRKSRC}/config/filter.d/$$i.sample ; \
X done
X
Xpost-patch:
X @${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/client/configreader.py
X @${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|g' -e 's|/usr/bin/python|${PYTHON_CMD}|g' ${WRKSRC}/fail2ban-*
X @${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/setup.cfg
X @${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/setup.py
X
Xpost-install:
X @for i in ${MAN1} ; do \
X ${INSTALL_MAN} ${WRKSRC}/man/$$i ${MANPREFIX}/man/man1/$$i ; \
X done
X @for i in ${CONF_FILES} ; do \
X if [ ! -e ${PREFIX}/etc/fail2ban/$$i ]; then \
X ${CP} -p ${PREFIX}/etc/fail2ban/$$i.sample ${PREFIX}/etc/fail2ban/$$i ; \
X fi ; \
X done
X @for i in ${ACTION_D_CONF_FILES} ; do \
X if [ ! -e ${PREFIX}/etc/fail2ban/action.d/$$i ]; then \
X ${CP} -p ${PREFIX}/etc/fail2ban/action.d/$$i.sample ${PREFIX}/etc/fail2ban/action.d/$$i ; \
X fi ; \
X done
X @for i in ${FILTER_D_CONF_FILES} ; do \
X if [ ! -e ${PREFIX}/etc/fail2ban/filter.d/$$i ]; then \
X ${CP} -p ${PREFIX}/etc/fail2ban/filter.d/$$i.sample ${PREFIX}/etc/fail2ban/filter.d/$$i ; \
X fi ; \
X done
X
X.include <bsd.port.post.mk>
END-of-fail2ban/Makefile
echo x - fail2ban/distinfo
sed 's/^X//' >fail2ban/distinfo << 'END-of-fail2ban/distinfo'
XMD5 (fail2ban-0.8.1.tar.bz2) = 91e45125924e7978949fdab2e32b71a1
XSHA256 (fail2ban-0.8.1.tar.bz2) = 3c3adc67c5f2b4fc72c9ea22e52c4cdfd9f901f6c238616416444560f56f6403
XSIZE (fail2ban-0.8.1.tar.bz2) = 58321
END-of-fail2ban/distinfo
echo c - fail2ban/files
mkdir -p fail2ban/files > /dev/null 2>&1
echo x - fail2ban/pkg-descr
sed 's/^X//' >fail2ban/pkg-descr << 'END-of-fail2ban/pkg-descr'
XFail2Ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and
Xbans IPs that makes too many password failures. It updates firewall rules to
Xreject the IP address or executes user defined commands.
X
XWWW: http://fail2ban.org/wiki/index.php/Main_Page
X
X- Naram Qashat
Xcyberbotx at cyberbotx.com
END-of-fail2ban/pkg-descr
echo x - fail2ban/pkg-plist
sed 's/^X//' >fail2ban/pkg-plist << 'END-of-fail2ban/pkg-plist'
Xbin/fail2ban-client
Xbin/fail2ban-regex
Xbin/fail2ban-server
X at unexec if cmp -s %D/etc/fail2ban/action.d/hostsdeny.conf.sample %D/etc/fail2ban/action.d/hostsdeny.conf; then rm -f %D/etc/fail2ban/action.d/hostsdeny.conf; fi
Xetc/fail2ban/action.d/hostsdeny.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/action.d/hostsdeny.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/hostsdeny.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/action.d/ipfw.conf.sample %D/etc/fail2ban/action.d/ipfw.conf; then rm -f %D/etc/fail2ban/action.d/ipfw.conf; fi
Xetc/fail2ban/action.d/ipfw.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/action.d/ipfw.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/ipfw.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/action.d/iptables-allports.conf.sample %D/etc/fail2ban/action.d/iptables-allports.conf; then rm -f %D/etc/fail2ban/action.d/iptables-allports.conf; fi
Xetc/fail2ban/action.d/iptables-allports.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/action.d/iptables-allports.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/iptables-allports.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/action.d/iptables-multiport.conf.sample %D/etc/fail2ban/action.d/iptables-multiport.conf; then rm -f %D/etc/fail2ban/action.d/iptables-multiport.conf; fi
Xetc/fail2ban/action.d/iptables-multiport.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/action.d/iptables-multiport.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/iptables-multiport.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/action.d/iptables-new.conf.sample %D/etc/fail2ban/action.d/iptables-new.conf; then rm -f %D/etc/fail2ban/action.d/iptables-new.conf; fi
Xetc/fail2ban/action.d/iptables-new.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/action.d/iptables-new.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/iptables-new.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/action.d/iptables.conf.sample %D/etc/fail2ban/action.d/iptables.conf; then rm -f %D/etc/fail2ban/action.d/iptables.conf; fi
Xetc/fail2ban/action.d/iptables.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/action.d/iptables.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/iptables.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/action.d/mail-buffered.conf.sample %D/etc/fail2ban/action.d/mail-buffered.conf; then rm -f %D/etc/fail2ban/action.d/mail-buffered.conf; fi
Xetc/fail2ban/action.d/mail-buffered.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/action.d/mail-buffered.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/mail-buffered.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/action.d/mail-whois-lines.conf.sample %D/etc/fail2ban/action.d/mail-whois-lines.conf; then rm -f %D/etc/fail2ban/action.d/mail-whois-lines.conf; fi
Xetc/fail2ban/action.d/mail-whois-lines.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/action.d/mail-whois-lines.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/mail-whois-lines.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/action.d/mail-whois.conf.sample %D/etc/fail2ban/action.d/mail-whois.conf; then rm -f %D/etc/fail2ban/action.d/mail-whois.conf; fi
Xetc/fail2ban/action.d/mail-whois.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/action.d/mail-whois.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/mail-whois.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/action.d/mail.conf.sample %D/etc/fail2ban/action.d/mail.conf; then rm -f %D/etc/fail2ban/action.d/mail.conf; fi
Xetc/fail2ban/action.d/mail.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/action.d/mail.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/mail.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/action.d/sendmail-buffered.conf.sample %D/etc/fail2ban/action.d/sendmail-buffered.conf; then rm -f %D/etc/fail2ban/action.d/sendmail-buffered.conf; fi
Xetc/fail2ban/action.d/sendmail-buffered.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/action.d/sendmail-buffered.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/sendmail-buffered.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/action.d/sendmail-whois-lines.conf.sample %D/etc/fail2ban/action.d/sendmail-whois-lines.conf; then rm -f %D/etc/fail2ban/action.d/sendmail-whois-lines.conf; fi
Xetc/fail2ban/action.d/sendmail-whois-lines.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/action.d/sendmail-whois-lines.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/sendmail-whois-lines.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/action.d/sendmail-whois.conf.sample %D/etc/fail2ban/action.d/sendmail-whois.conf; then rm -f %D/etc/fail2ban/action.d/sendmail-whois.conf; fi
Xetc/fail2ban/action.d/sendmail-whois.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/action.d/sendmail-whois.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/sendmail-whois.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/action.d/sendmail.conf.sample %D/etc/fail2ban/action.d/sendmail.conf; then rm -f %D/etc/fail2ban/action.d/sendmail.conf; fi
Xetc/fail2ban/action.d/sendmail.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/action.d/sendmail.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/sendmail.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/action.d/shorewall.conf.sample %D/etc/fail2ban/action.d/shorewall.conf; then rm -f %D/etc/fail2ban/action.d/shorewall.conf; fi
Xetc/fail2ban/action.d/shorewall.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/action.d/shorewall.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/shorewall.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/fail2ban.conf.sample %D/etc/fail2ban/fail2ban.conf; then rm -f %D/etc/fail2ban/fail2ban.conf; fi
Xetc/fail2ban/fail2ban.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/fail2ban.conf ] ; then cp -p %D/%F %D/etc/fail2ban/fail2ban.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/filter.d/apache-auth.conf.sample %D/etc/fail2ban/filter.d/apache-auth.conf; then rm -f %D/etc/fail2ban/filter.d/apache-auth.conf; fi
Xetc/fail2ban/filter.d/apache-auth.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/filter.d/apache-auth.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/apache-auth.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/filter.d/apache-badbots.conf.sample %D/etc/fail2ban/filter.d/apache-badbots.conf; then rm -f %D/etc/fail2ban/filter.d/apache-badbots.conf; fi
Xetc/fail2ban/filter.d/apache-badbots.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/filter.d/apache-badbots.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/apache-badbots.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/filter.d/apache-noscript.conf.sample %D/etc/fail2ban/filter.d/apache-noscript.conf; then rm -f %D/etc/fail2ban/filter.d/apache-noscript.conf; fi
Xetc/fail2ban/filter.d/apache-noscript.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/filter.d/apache-noscript.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/apache-noscript.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/filter.d/courierlogin.conf.sample %D/etc/fail2ban/filter.d/courierlogin.conf; then rm -f %D/etc/fail2ban/filter.d/courierlogin.conf; fi
Xetc/fail2ban/filter.d/courierlogin.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/filter.d/courierlogin.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/courierlogin.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/filter.d/couriersmtp.conf.sample %D/etc/fail2ban/filter.d/couriersmtp.conf; then rm -f %D/etc/fail2ban/filter.d/couriersmtp.conf; fi
Xetc/fail2ban/filter.d/couriersmtp.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/filter.d/couriersmtp.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/couriersmtp.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/filter.d/exim.conf.sample %D/etc/fail2ban/filter.d/exim.conf; then rm -f %D/etc/fail2ban/filter.d/exim.conf; fi
Xetc/fail2ban/filter.d/exim.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/filter.d/exim.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/exim.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/filter.d/named-refused.conf.sample %D/etc/fail2ban/filter.d/named-refused.conf; then rm -f %D/etc/fail2ban/filter.d/named-refused.conf; fi
Xetc/fail2ban/filter.d/named-refused.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/filter.d/named-refused.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/named-refused.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/filter.d/postfix.conf.sample %D/etc/fail2ban/filter.d/postfix.conf; then rm -f %D/etc/fail2ban/filter.d/postfix.conf; fi
Xetc/fail2ban/filter.d/postfix.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/filter.d/postfix.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/postfix.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/filter.d/proftpd.conf.sample %D/etc/fail2ban/filter.d/proftpd.conf; then rm -f %D/etc/fail2ban/filter.d/proftpd.conf; fi
Xetc/fail2ban/filter.d/proftpd.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/filter.d/proftpd.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/proftpd.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/filter.d/pure-ftpd.conf.sample %D/etc/fail2ban/filter.d/pure-ftpd.conf; then rm -f %D/etc/fail2ban/filter.d/pure-ftpd.conf; fi
Xetc/fail2ban/filter.d/pure-ftpd.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/filter.d/pure-ftpd.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/pure-ftpd.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/filter.d/qmail.conf.sample %D/etc/fail2ban/filter.d/qmail.conf; then rm -f %D/etc/fail2ban/filter.d/qmail.conf; fi
Xetc/fail2ban/filter.d/qmail.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/filter.d/qmail.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/qmail.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/filter.d/sasl.conf.sample %D/etc/fail2ban/filter.d/sasl.conf; then rm -f %D/etc/fail2ban/filter.d/sasl.conf; fi
Xetc/fail2ban/filter.d/sasl.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/filter.d/sasl.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/sasl.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/filter.d/sshd-ddos.conf.sample %D/etc/fail2ban/filter.d/sshd-ddos.conf; then rm -f %D/etc/fail2ban/filter.d/sshd-ddos.conf; fi
Xetc/fail2ban/filter.d/sshd-ddos.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/filter.d/sshd-ddos.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/sshd-ddos.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/filter.d/sshd.conf.sample %D/etc/fail2ban/filter.d/sshd.conf; then rm -f %D/etc/fail2ban/filter.d/sshd.conf; fi
Xetc/fail2ban/filter.d/sshd.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/filter.d/sshd.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/sshd.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/filter.d/vsftpd.conf.sample %D/etc/fail2ban/filter.d/vsftpd.conf; then rm -f %D/etc/fail2ban/filter.d/vsftpd.conf; fi
Xetc/fail2ban/filter.d/vsftpd.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/filter.d/vsftpd.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/vsftpd.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/filter.d/webmin-auth.conf.sample %D/etc/fail2ban/filter.d/webmin-auth.conf; then rm -f %D/etc/fail2ban/filter.d/webmin-auth.conf; fi
Xetc/fail2ban/filter.d/webmin-auth.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/filter.d/webmin-auth.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/webmin-auth.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/filter.d/wuftpd.conf.sample %D/etc/fail2ban/filter.d/wuftpd.conf; then rm -f %D/etc/fail2ban/filter.d/wuftpd.conf; fi
Xetc/fail2ban/filter.d/wuftpd.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/filter.d/wuftpd.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/wuftpd.conf; fi
X at unexec if cmp -s %D/etc/fail2ban/jail.conf.sample %D/etc/fail2ban/jail.conf; then rm -f %D/etc/fail2ban/jail.conf; fi
Xetc/fail2ban/jail.conf.sample
X at exec if [ ! -f %D/etc/fail2ban/jail.conf ] ; then cp -p %D/%F %D/etc/fail2ban/jail.conf; fi
X%%DATADIR%%/client/__init__.py
X%%DATADIR%%/client/__init__.pyc
X%%DATADIR%%/client/__init__.pyo
X%%DATADIR%%/client/actionreader.py
X%%DATADIR%%/client/actionreader.pyc
X%%DATADIR%%/client/actionreader.pyo
X%%DATADIR%%/client/beautifier.py
X%%DATADIR%%/client/beautifier.pyc
X%%DATADIR%%/client/beautifier.pyo
X%%DATADIR%%/client/configreader.py
X%%DATADIR%%/client/configreader.pyc
X%%DATADIR%%/client/configreader.pyo
X%%DATADIR%%/client/configurator.py
X%%DATADIR%%/client/configurator.pyc
X%%DATADIR%%/client/configurator.pyo
X%%DATADIR%%/client/csocket.py
X%%DATADIR%%/client/csocket.pyc
X%%DATADIR%%/client/csocket.pyo
X%%DATADIR%%/client/fail2banreader.py
X%%DATADIR%%/client/fail2banreader.pyc
X%%DATADIR%%/client/fail2banreader.pyo
X%%DATADIR%%/client/filterreader.py
X%%DATADIR%%/client/filterreader.pyc
X%%DATADIR%%/client/filterreader.pyo
X%%DATADIR%%/client/jailreader.py
X%%DATADIR%%/client/jailreader.pyc
X%%DATADIR%%/client/jailreader.pyo
X%%DATADIR%%/client/jailsreader.py
X%%DATADIR%%/client/jailsreader.pyc
X%%DATADIR%%/client/jailsreader.pyo
X%%DATADIR%%/common/__init__.py
X%%DATADIR%%/common/__init__.pyc
X%%DATADIR%%/common/__init__.pyo
X%%DATADIR%%/common/protocol.py
X%%DATADIR%%/common/protocol.pyc
X%%DATADIR%%/common/protocol.pyo
X%%DATADIR%%/common/version.py
X%%DATADIR%%/common/version.pyc
X%%DATADIR%%/common/version.pyo
X%%DATADIR%%/fail2ban-0.8.1-py2.5.egg-info
X%%DATADIR%%/server/__init__.py
X%%DATADIR%%/server/__init__.pyc
X%%DATADIR%%/server/__init__.pyo
X%%DATADIR%%/server/action.py
X%%DATADIR%%/server/action.pyc
X%%DATADIR%%/server/action.pyo
X%%DATADIR%%/server/actions.py
X%%DATADIR%%/server/actions.pyc
X%%DATADIR%%/server/actions.pyo
X%%DATADIR%%/server/banmanager.py
X%%DATADIR%%/server/banmanager.pyc
X%%DATADIR%%/server/banmanager.pyo
X%%DATADIR%%/server/banticket.py
X%%DATADIR%%/server/banticket.pyc
X%%DATADIR%%/server/banticket.pyo
X%%DATADIR%%/server/datedetector.py
X%%DATADIR%%/server/datedetector.pyc
X%%DATADIR%%/server/datedetector.pyo
X%%DATADIR%%/server/dateepoch.py
X%%DATADIR%%/server/dateepoch.pyc
X%%DATADIR%%/server/dateepoch.pyo
X%%DATADIR%%/server/datestrptime.py
X%%DATADIR%%/server/datestrptime.pyc
X%%DATADIR%%/server/datestrptime.pyo
X%%DATADIR%%/server/datetai64n.py
X%%DATADIR%%/server/datetai64n.pyc
X%%DATADIR%%/server/datetai64n.pyo
X%%DATADIR%%/server/datetemplate.py
X%%DATADIR%%/server/datetemplate.pyc
X%%DATADIR%%/server/datetemplate.pyo
X%%DATADIR%%/server/faildata.py
X%%DATADIR%%/server/faildata.pyc
X%%DATADIR%%/server/faildata.pyo
X%%DATADIR%%/server/failmanager.py
X%%DATADIR%%/server/failmanager.pyc
X%%DATADIR%%/server/failmanager.pyo
X%%DATADIR%%/server/failregex.py
X%%DATADIR%%/server/failregex.pyc
X%%DATADIR%%/server/failregex.pyo
X%%DATADIR%%/server/failticket.py
X%%DATADIR%%/server/failticket.pyc
X%%DATADIR%%/server/failticket.pyo
X%%DATADIR%%/server/filter.py
X%%DATADIR%%/server/filter.pyc
X%%DATADIR%%/server/filter.pyo
X%%DATADIR%%/server/filtergamin.py
X%%DATADIR%%/server/filtergamin.pyc
X%%DATADIR%%/server/filtergamin.pyo
X%%DATADIR%%/server/filterpoll.py
X%%DATADIR%%/server/filterpoll.pyc
X%%DATADIR%%/server/filterpoll.pyo
X%%DATADIR%%/server/jail.py
X%%DATADIR%%/server/jail.pyc
X%%DATADIR%%/server/jail.pyo
X%%DATADIR%%/server/jails.py
X%%DATADIR%%/server/jails.pyc
X%%DATADIR%%/server/jails.pyo
X%%DATADIR%%/server/jailthread.py
X%%DATADIR%%/server/jailthread.pyc
X%%DATADIR%%/server/jailthread.pyo
X%%DATADIR%%/server/mytime.py
X%%DATADIR%%/server/mytime.pyc
X%%DATADIR%%/server/mytime.pyo
X%%DATADIR%%/server/regex.py
X%%DATADIR%%/server/regex.pyc
X%%DATADIR%%/server/regex.pyo
X%%DATADIR%%/server/server.py
X%%DATADIR%%/server/server.pyc
X%%DATADIR%%/server/server.pyo
X%%DATADIR%%/server/ssocket.py
X%%DATADIR%%/server/ssocket.pyc
X%%DATADIR%%/server/ssocket.pyo
X%%DATADIR%%/server/ticket.py
X%%DATADIR%%/server/ticket.pyc
X%%DATADIR%%/server/ticket.pyo
X%%DATADIR%%/server/transmitter.py
X%%DATADIR%%/server/transmitter.pyc
X%%DATADIR%%/server/transmitter.pyo
X at dirrm %%DATADIR%%/server
X at dirrm %%DATADIR%%/common
X at dirrm %%DATADIR%%/client
X at dirrm %%DATADIR%%
X at dirrm etc/fail2ban/filter.d
X at dirrm etc/fail2ban/action.d
X at dirrm etc/fail2ban
END-of-fail2ban/pkg-plist
echo x - fail2ban/files/fail2ban.in
sed 's/^X//' >fail2ban/files/fail2ban.in << 'END-of-fail2ban/files/fail2ban.in'
X#!/bin/sh
X
X# PROVIDE: fail2ban
X# REQUIRE: LOGIN
X#
X# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
X# to enable this service:
X#
X# fail2ban_enable (bool): Set to NO by default.
X# Set it to YES to enable fail2ban.
X# fail2ban_config (path): Set to %%PREFIX%%/etc/fail2ban
X# by default.
X#
X
X. %%RC_SUBR%%
X
Xname="fail2ban"
Xrcvar=`set_rcvar`
X
Xcommand=%%PREFIX%%/bin/${name}-client
Xcommand_interpreter=%%PYTHON_CMD%%
Xprocname=%%PREFIX%%/bin/${name}-server
Xstart_precmd="prestart"
Xstop_precmd="prestop"
X
Xload_rc_config $name
X
X: ${fail2ban_enable="NO"}
X: ${fail2ban_config="%%PREFIX%%/etc/fail2ban"}
X
Xcommand_args="-c $fail2ban_config"
X
Xprestart()
X{
X command_args="$command_args start"
X}
X
Xprestop()
X{
X command_args="$command_args stop"
X}
X
Xrun_rc_command "$1"
END-of-fail2ban/files/fail2ban.in
echo x - fail2ban/files/patch-client-configreader.py
sed 's/^X//' >fail2ban/files/patch-client-configreader.py << 'END-of-fail2ban/files/patch-client-configreader.py'
X--- client/configreader.py.orig Sun May 20 17:17:55 2007
X+++ client/configreader.py Sun Jan 6 00:12:40 2008
X@@ -33,7 +33,7 @@
X
X class ConfigReader(SafeConfigParser):
X
X- BASE_DIRECTORY = "/etc/fail2ban/"
X+ BASE_DIRECTORY = "%%PREFIX%%/etc/fail2ban/"
X
X def __init__(self):
X SafeConfigParser.__init__(self)
END-of-fail2ban/files/patch-client-configreader.py
echo x - fail2ban/files/patch-fail2ban-client
sed 's/^X//' >fail2ban/files/patch-fail2ban-client << 'END-of-fail2ban/files/patch-fail2ban-client'
X--- fail2ban-client.orig Sat May 19 07:04:59 2007
X+++ fail2ban-client Sun Jan 6 00:00:41 2008
X@@ -30,7 +30,7 @@
X
X # Inserts our own modules path first in the list
X # fix for bug #343821
X-sys.path.insert(1, "/usr/share/fail2ban")
X+sys.path.insert(1, "%%PREFIX%%/share/fail2ban")
X
X # Now we can import our modules
X from common.version import version
X@@ -55,7 +55,7 @@
X self.__stream = None
X self.__configurator = Configurator()
X self.__conf = dict()
X- self.__conf["conf"] = "/etc/fail2ban"
X+ self.__conf["conf"] = "%%PREFIX%%/etc/fail2ban"
X self.__conf["dump"] = False
X self.__conf["force"] = False
X self.__conf["verbose"] = 1
END-of-fail2ban/files/patch-fail2ban-client
echo x - fail2ban/files/patch-fail2ban-regex
sed 's/^X//' >fail2ban/files/patch-fail2ban-regex << 'END-of-fail2ban/files/patch-fail2ban-regex'
X--- fail2ban-regex.orig Tue Jul 10 15:54:02 2007
X+++ fail2ban-regex Sat Jan 5 23:59:37 2008
X@@ -29,7 +29,7 @@
X
X # Inserts our own modules path first in the list
X # fix for bug #343821
X-sys.path.insert(1, "/usr/share/fail2ban")
X+sys.path.insert(1, "%%PREFIX%%/share/fail2ban")
X
X from ConfigParser import SafeConfigParser
X from ConfigParser import NoOptionError, NoSectionError, MissingSectionHeaderError
END-of-fail2ban/files/patch-fail2ban-regex
echo x - fail2ban/files/patch-fail2ban-server
sed 's/^X//' >fail2ban/files/patch-fail2ban-server << 'END-of-fail2ban/files/patch-fail2ban-server'
X--- fail2ban-server.orig Sat May 19 07:04:59 2007
X+++ fail2ban-server Sun Jan 6 00:02:26 2008
X@@ -29,7 +29,7 @@
X
X # Inserts our own modules path first in the list
X # fix for bug #343821
X-sys.path.insert(1, "/usr/share/fail2ban")
X+sys.path.insert(1, "%%PREFIX%%/share/fail2ban")
X
X from common.version import version
X from server.server import Server
END-of-fail2ban/files/patch-fail2ban-server
echo x - fail2ban/files/patch-setup.cfg
sed 's/^X//' >fail2ban/files/patch-setup.cfg << 'END-of-fail2ban/files/patch-setup.cfg'
X--- setup.cfg.orig Sat May 19 07:04:59 2007
X+++ setup.cfg Sat Jan 5 23:24:55 2008
X@@ -1,5 +1,5 @@
X [install]
X-install-purelib=/usr/share/fail2ban
X+install-purelib=%%PREFIX%%/share/fail2ban
X
X [sdist]
X formats=bztar
END-of-fail2ban/files/patch-setup.cfg
echo x - fail2ban/files/patch-setup.py
sed 's/^X//' >fail2ban/files/patch-setup.py << 'END-of-fail2ban/files/patch-setup.py'
X--- setup.py.orig Sat May 19 07:04:59 2007
X+++ setup.py Sun Jan 6 15:32:14 2008
X@@ -60,14 +60,14 @@
X 'server'
X ],
X data_files = [
X- ('/etc/fail2ban',
X- glob("config/*.conf")
X+ ('%%PREFIX%%/etc/fail2ban',
X+ glob("config/*.conf.sample")
X ),
X- ('/etc/fail2ban/filter.d',
X- glob("config/filter.d/*.conf")
X+ ('%%PREFIX%%/etc/fail2ban/filter.d',
X+ glob("config/filter.d/*.conf.sample")
X ),
X- ('/etc/fail2ban/action.d',
X- glob("config/action.d/*.conf")
X+ ('%%PREFIX%%/etc/fail2ban/action.d',
X+ glob("config/action.d/*.conf.sample")
X )
X ]
X )
X@@ -76,21 +76,21 @@
X # Search for obsolete files.
X obsoleteFiles = []
X elements = {
X- "/etc/":
X+ "%%PREFIX%%/etc/":
X [
X "fail2ban.conf"
X ],
X- "/usr/bin/":
X+ "%%PREFIX%%/bin/":
X [
X "fail2ban.py"
X ],
X- "/usr/lib/fail2ban/firewall/":
X+ "%%PREFIX%%/lib/fail2ban/firewall/":
X [
X "iptables.py",
X "ipfwadm.py",
X "ipfw.py"
X ],
X- "/usr/lib/fail2ban/":
X+ "%%PREFIX%%/lib/fail2ban/":
X [
X "version.py",
X "protocol.py"
X@@ -113,16 +113,16 @@
X print "\t" + f
X print
X
X-if isdir("/usr/lib/fail2ban"):
X+if isdir("%%PREFIX%%/lib/fail2ban"):
X print
X- print "Fail2ban is not installed under /usr/lib anymore. The new " \
X- "location is under /usr/share. Please remove the directory " \
X- "/usr/lib/fail2ban and everything under this directory."
X+ print "Fail2ban is not installed under %%PREFIX%%/lib anymore. The new " \
X+ "location is under %%PREFIX%%/share. Please remove the directory " \
X+ "%%PREFIX%%/lib/fail2ban and everything under this directory."
X print
X
X # Update config file
X if argv[1] == "install":
X print
X print "Please do not forget to update your configuration files."
X- print "They are in /etc/fail2ban/."
X+ print "They are in %%PREFIX%%/etc/fail2ban/."
X print
END-of-fail2ban/files/patch-setup.py
exit
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list