diff --git a/network/fail2ban/README b/network/fail2ban/README new file mode 100644 index 0000000000..5993d3c304 --- /dev/null +++ b/network/fail2ban/README @@ -0,0 +1,10 @@ +Fail2Ban scans log files like /var/log/pwdfail and bans IP that makes +too many password failures. It updates firewall rules to reject the +IP address. These rules can be defined by the user. Fail2Ban can read +multiple log files such as sshd, Apache web server, postfix and others. + +fail2ban has following dependencies which are offical Slackware packages: +1. Python >= 2.3 Required +2. gamin >= 0.0.21 Optional + +Also see README.SBo for configuration and upgrade help. diff --git a/network/fail2ban/README.SBo b/network/fail2ban/README.SBo new file mode 100644 index 0000000000..8395a086da --- /dev/null +++ b/network/fail2ban/README.SBo @@ -0,0 +1,36 @@ +Once you install the package, you can start using fail2ban by: +1. mv /etc/rc.d/rc.fail2ban.new /etc/rc.d/rc.fail2ban +2. chmod +x /etc/rc.d/rc.fail2ban +3. /etc/rc.d/rc.fail2ban start + +Additionally, you can add the following to rc.local for automatic startup +if [ -x /etc/rc.d/rc.fail2ban ]; then + /etc/rc.d/rc.fail2ban start +fi + +and add the following to rc.local_shutdown for to stop at shutdown +if [ -x /etc/rc.d/rc.fail2ban ]; then + /etc/rc.d/rc.fail2ban stop +fi + +The package contains logrotate script copied from fail2ban manual, +and modified to reflect Slackware packaging. You can find +the original script at: + +http://www.fail2ban.org/wiki/index.php/MANUAL_0_8 + +UPGRADING: + +Please make sure you have all your modifications to the default .conf files +in .local files. Upgrade **WILL OVERWRITE** files in place. +Making modifications to .local files is the recommended practice as per the +software manual. Each .conf file can be overridden by equivalent .local file. +Please refer Configuration section in fail2ban manual. + +Changelog: + +- Simplified rc script removing unnecessary startup options which have now + become standard. +- minor fix in slackbuild. +- doinst.sh now makes /var/run/fail2ban to house pid and socket files. + diff --git a/network/fail2ban/doinst.sh b/network/fail2ban/doinst.sh new file mode 100644 index 0000000000..de511378bf --- /dev/null +++ b/network/fail2ban/doinst.sh @@ -0,0 +1,22 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +# Keep same perms on rc.fail2ban.new: +if [ -e etc/rc.d/rc.fail2ban ]; then + cp -a etc/rc.d/rc.fail2ban etc/rc.d/rc.fail2ban.new.incoming + cat etc/rc.d/rc.fail2ban.new > etc/rc.d/rc.fail2ban.new.incoming + mv etc/rc.d/rc.fail2ban.new.incoming etc/rc.d/rc.fail2ban.new +fi + +config etc/rc.d/rc.fail2ban.new +config etc/logrotate.d/fail2ban.new diff --git a/network/fail2ban/fail2ban.SlackBuild b/network/fail2ban/fail2ban.SlackBuild new file mode 100644 index 0000000000..64764b9d4e --- /dev/null +++ b/network/fail2ban/fail2ban.SlackBuild @@ -0,0 +1,80 @@ +#!/bin/sh + +# Slackware Package Build Script for fail2ban + +# Copyright (c) 2007, Nishant Limbachia (nishant@mnspace.net) +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of script must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, +# EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR +# PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PRGNAM=fail2ban +VERSION=0.8.2 +ARCH=${ARCH:-noarch} +BUILD=${BUILD:-1} +TAG=${TAG:-_SBo} + +CWD=$(pwd) +TMP=${TMP:-/tmp/SBo} +PKG=$TMP/package-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +set -e # Exit on most errors + +rm -fr $PKG $TMP/$PRGNAM-$VERSION +mkdir -p $PKG $TMP $OUTPUT +cd $TMP +tar xvf $CWD/$PRGNAM-$VERSION.tar.bz2 +cd $TMP/$PRGNAM-$VERSION +chown -R root.root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 771 -o -perm 711 -o -perm 555 -o -perm 551 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 660 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +python setup.py install --root=$PKG + +install -D -m 0644 $CWD/README.SBo $PKG/usr/doc/$PRGNAM-$VERSION/README.SBo +cp -a COPYING ChangeLog PKG-INFO README TODO $PKG/usr/doc/$PRGNAM-$VERSION + +# Installing man pages +mkdir -p $PKG/usr/man/man1 +install -m 0644 man/*.1 $PKG/usr/man/man1 + +# Find and compress man pages +( cd $PKG/usr/man + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done +) + +# Install startup script +install -D -m 0644 $CWD/rc.fail2ban $PKG/etc/rc.d/rc.fail2ban.new + +# Install logrotate script +install -D -m 0644 $CWD/fail2ban.logrotate $PKG/etc/logrotate.d/fail2ban.new + +# Make directory for socket and pid file +mkdir -p $PKG/var/run/fail2ban + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +cat $CWD/doinst.sh > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.tgz diff --git a/network/fail2ban/fail2ban.info b/network/fail2ban/fail2ban.info new file mode 100644 index 0000000000..653a959fa5 --- /dev/null +++ b/network/fail2ban/fail2ban.info @@ -0,0 +1,8 @@ +PRGNAM="fail2ban" +VERSION="0.8.2" +HOMEPAGE="http://www.fail2ban.org/wiki/index.php/Main_Page" +DOWNLOAD="http://downloads.sourceforge.net/fail2ban/fail2ban-0.8.2.tar.bz2" +MD5SUM="48c82a8b79cf6275d557571003eddbb1" +MAINTAINER="Nishant Limbachia" +EMAIL="nishant@mnspace.net" +APPROVED="David Somero" diff --git a/network/fail2ban/fail2ban.logrotate b/network/fail2ban/fail2ban.logrotate new file mode 100644 index 0000000000..2c973a26de --- /dev/null +++ b/network/fail2ban/fail2ban.logrotate @@ -0,0 +1,10 @@ +/var/log/fail2ban.log { + weekly + rotate 4 + missingok + nocompress + postrotate + /etc/rc.d/rc.fail2ban reload 1> /dev/null || true + endscript +} + diff --git a/network/fail2ban/rc.fail2ban b/network/fail2ban/rc.fail2ban new file mode 100644 index 0000000000..5f34cdb1ef --- /dev/null +++ b/network/fail2ban/rc.fail2ban @@ -0,0 +1,64 @@ +#!/bin/sh +# +# /etc/rc.d/rc.fail2ban +# +# start/stop/reload/status/ping fail2ban server. +# +# To start fail2ban automatically at boot, make this +# file executable: chmod 755 /etc/rc.d/rc.fail2ban +# you must also add this file to rc.local in the appropriate +# order +# + +fail2ban_start() { + if [ -x /etc/rc.d/rc.fail2ban ]; then + echo "Starting fail2ban: " + /usr/bin/fail2ban-client start + else + echo "rc.fail2ban is not executable or you don't have enough permissions" + exit 1 + fi +} + +fail2ban_stop() { + echo "Stopping fail2ban" + /usr/bin/fail2ban-client stop +} + +fail2ban_reload() { + echo "Reloading fail2ban" + /usr/bin/fail2ban-client reload +} + +fail2ban_status() { + echo "Status: fail2ban" + /usr/bin/fail2ban-client status +} + +fail2ban_ping() { + echo "Pinging fail2ban" + /usr/bin/fail2ban-client ping +} + +case "$1" in +'start') + fail2ban_start + ;; +'stop') + fail2ban_stop + ;; +'reload') + fail2ban_reload + ;; +'status') + fail2ban_status + ;; +'ping') + fail2ban_ping + ;; +'*') + echo "USAGE: $0 start|stop|reload|status|ping" + exit 1 + ;; +esac + diff --git a/network/fail2ban/slack-desc b/network/fail2ban/slack-desc new file mode 100644 index 0000000000..cfb24f5525 --- /dev/null +++ b/network/fail2ban/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +fail2ban: Fail2Ban (Fialed login attempt scanner) +fail2ban: +fail2ban: Fail2Ban scans log files and bans IP addresses that make +fail2ban: too many password failures by modifying firewall rules. +fail2ban: Fail2Ban can read multiple log files such as sshd, apache, +fail2ban: postfix, and others. +fail2ban: +fail2ban: Home Page: http://www.fail2ban.org/wiki/index.php/Main_Page +fail2ban: +fail2ban: +fail2ban: