ports/125973: [maintainer update] update security/sshguard to 1.1, include support for a further slave

Mij mij at bitchx.it
Sat Jul 26 10:30:05 UTC 2008 

>Number:         125973
>Category:       ports
>Synopsis:       [maintainer update] update security/sshguard to 1.1, include support for a further slave
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Sat Jul 26 10:30:04 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Mij
>Release:        
>Organization:
>Environment:
>Description:
Updates security/sshguard to the recently release 1.1, see
http://sourceforge.net/project/shownotes.php?group_id=188282&release_id=615519

A new slave port is supported for using IPFilter as a backend.
>How-To-Repeat:

>Fix:


Patch attached with submission follows:

diff -ruN sshguard.old/Makefile sshguard/Makefile
--- sshguard.old/Makefile	2008-01-04 21:35:08.000000000 +0100
+++ sshguard/Makefile	2008-07-26 12:23:57.000000000 +0200
@@ -6,28 +6,27 @@
 #
 
 PORTNAME=	sshguard
-DISTVERSION=	1.0
-PORTREVISION=	1
+PORTVERSION=	1.1
 CATEGORIES=	security
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE}
 MASTER_SITE_SUBDIR=	${PORTNAME}
 
 MAINTAINER=	mij at bitchx.it
-COMMENT?=	Protect hosts from brute force attacks against ssh
+COMMENT?=	Protect hosts from brute force attacks against ssh and other services
 
-CONFLICTS?=	sshguard-ipfw-1.0* sshguard-pf-1.0*
+CONFLICTS?=	sshguard-ipfilter-1.* sshguard-ipfw-1.* sshguard-pf-1.*
 
 PLIST_FILES=	sbin/sshguard
 
+MANPREFIX=		${PREFIX}/share
 MAN8=		sshguard.8
 MANCOMPRESSED=	no
 USE_BZIP2=	yes
-MAKE_ARGS+=     ACLOCAL="${TRUE}" AUTOCONF="${TRUE}" AUTOMAKE="${TRUE}"
+MAKE_ARGS+=		ACLOCAL="${TRUE}" AUTOCONF="${TRUE}" AUTOMAKE="${TRUE}"
 HAS_CONFIGURE=	yes
 
 # sublist will be set afterward
 SUB_FILES=	pkg-message
-#SUB_LIST=
 
 # backend type in { hosts, ipfw, pf }
 SSHGUARDFW?=	hosts
@@ -44,6 +43,8 @@
 PKGMSG_FWBLOCK="  Verify that IPFW is active with \"ipfw show\"."
 .elif ${SSHGUARDFW} == hosts
 PKGMSG_FWBLOCK="  Sshguard is going to use /etc/hosts.allow, I have touched it for you."
+.elif ${SSHGUARDFW} == ipfilter
+PKGMSG_FWBLOCK="  Sshguard will use /etc/ipf.rules as ruleset."
 .endif
 
 # for substitution in subfiles
diff -ruN sshguard.old/distinfo sshguard/distinfo
--- sshguard.old/distinfo	2007-06-12 22:05:41.000000000 +0200
+++ sshguard/distinfo	2008-07-26 12:23:57.000000000 +0200
@@ -1,3 +1,3 @@
-MD5 (sshguard-1.0.tar.bz2) = 77b5a3a9d74542c487b8d5453d53d572
-SHA256 (sshguard-1.0.tar.bz2) = 33a9fe9d2360e9a5c357e269353d4157270171ff975bcf649f5f99b1aa8dcc08
-SIZE (sshguard-1.0.tar.bz2) = 118988
+MD5 (sshguard-1.1.tar.bz2) = 673a22129487b8d8cb132fb0ced240e6
+SHA256 (sshguard-1.1.tar.bz2) = c1b2fcd7c402725958e62808829c82bb4445dcf6a9b27ee07e2ab8a3417bb96f
+SIZE (sshguard-1.1.tar.bz2) = 233308
diff -ruN sshguard.old/files/patch-attack_scanner.l sshguard/files/patch-attack_scanner.l
--- sshguard.old/files/patch-attack_scanner.l	2007-06-17 23:55:21.000000000 +0200
+++ sshguard/files/patch-attack_scanner.l	1970-01-01 01:00:00.000000000 +0100
@@ -1,11 +0,0 @@
---- src/attack_scanner.l.orig	Wed May 23 20:53:53 2007
-+++ src/attack_scanner.l	Sat Jun 16 17:45:43 2007
-@@ -46,7 +46,7 @@ NUMBER      [1-9][0-9]*
-  /* an IPv4 address */
- (25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]([0-9])?)(\.(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]([0-9])?|0)){3} { yylval.str = yytext; return IPv4; }
-  /* an IPv6 address */
--((([a-fA-F0-9]{1,4}:){2}(:[a-fA-F0-9]{1,4}){1,5})|(:(:[a-fA-F0-9]{1,4}){1,6}|([a-fA-F0-9]{1,4}:)(:[a-fA-F0-9]{1,4}){1,6}|([a-fA-F0-9]{1,4}:){2}(:[a-fA-F0-9]{1,4}){1,5}|([a-fA-F0-9]{1,4}:){3}(:[a-fA-F0-9]{1,4}){1,4}|([a-fA-F0-9]{1,4}:){4}(:[a-fA-F0-9]{1,4}){1,3}|([a-fA-F0-9]{1,4}:){5}(:[a-fA-F0-9]{1,4}){1,2}|([a-fA-F0-9]{1,4}:){6}:[a-fA-F0-9]{1,4}))           { yylval.str = yytext; return IPv6;  }
-+(([a-fA-F0-9]{1,4}(:[a-fA-F0-9]{1,4}){7})|(([a-fA-F0-9]{1,4}:){2}(:[a-fA-F0-9]{1,4}){1,5})|(:(:[a-fA-F0-9]{1,4}){1,6}|([a-fA-F0-9]{1,4}:)(:[a-fA-F0-9]{1,4}){1,6}|([a-fA-F0-9]{1,4}:){2}(:[a-fA-F0-9]{1,4}){1,5}|([a-fA-F0-9]{1,4}:){3}(:[a-fA-F0-9]{1,4}){1,4}|([a-fA-F0-9]{1,4}:){4}(:[a-fA-F0-9]{1,4}){1,3}|([a-fA-F0-9]{1,4}:){5}(:[a-fA-F0-9]{1,4}){1,2}|([a-fA-F0-9]{1,4}:){6}:[a-fA-F0-9]{1,4}))           { yylval.str = yytext; return IPv6;  }
- 
-  /* an host address (PTR) */
- localhost|([-a-zA-Z0-9]+\.)+[a-zA-Z]+                           { yylval.str = yytext; return HOSTADDR; }


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list