mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-21 19:42:24 +01:00
network/fail2ban: Updated for version 0.8.4
This commit is contained in:
parent
d8af4d8eef
commit
be48e85838
8 changed files with 113 additions and 89 deletions
|
@ -3,4 +3,8 @@ too many password failures. It updates firewall rules to reject the
|
|||
IP address. These rules can be defined by the user. Fail2Ban can read
|
||||
multiple log files such as sshd, Apache web server, postfix and others.
|
||||
|
||||
See README.SLACKWARE for configuration and upgrade help.
|
||||
fail2ban has following dependencies which are offical Slackware packages:
|
||||
1. Python >= 2.3 Required
|
||||
2. gamin >= 0.0.21 Optional
|
||||
|
||||
Also see README.SBo for configuration and upgrade help.
|
||||
|
|
39
network/fail2ban/README.SBo
Normal file
39
network/fail2ban/README.SBo
Normal file
|
@ -0,0 +1,39 @@
|
|||
Once you install the package, you can start using fail2ban by:
|
||||
1. chmod +x /etc/rc.d/rc.fail2ban
|
||||
2. /etc/rc.d/rc.fail2ban start
|
||||
|
||||
Additionally, you can add the following to rc.local for automatic startup
|
||||
if [ -x /etc/rc.d/rc.fail2ban ]; then
|
||||
/etc/rc.d/rc.fail2ban start
|
||||
fi
|
||||
|
||||
and add the following to rc.local_shutdown to stop fail2ban at shutdown
|
||||
if [ -x /etc/rc.d/rc.fail2ban ]; then
|
||||
/etc/rc.d/rc.fail2ban stop
|
||||
fi
|
||||
|
||||
The package contains logrotate script copied from fail2ban manual,
|
||||
and modified to reflect Slackware packaging. You can find
|
||||
the original script at:
|
||||
|
||||
http://www.fail2ban.org/wiki/index.php/MANUAL_0_8
|
||||
|
||||
UPGRADING:
|
||||
|
||||
Please make sure you have all your modifications done to .local files instead of
|
||||
.conf files.
|
||||
|
||||
Making modifications to .local files is the recommended practice as per the
|
||||
software manual. Each .conf file is overridden by equivalent .local file.
|
||||
Please refer Configuration section in fail2ban manual.
|
||||
|
||||
Changelog:
|
||||
|
||||
08/03/2008
|
||||
upgraded to fail2ban version 0.8.3, added restart option to rc script
|
||||
12/28/2008
|
||||
fixed a typo in rc.fail2ban that prevented showing usage info when run without options
|
||||
09/08/2009
|
||||
added some notes and simplified rc script. updated to version 0.8.4. Modified build script
|
||||
to account for users who keeps their config options in .conf files. Now the script
|
||||
moves the .conf files to .new which will prevent the overwrite of existing .conf files.
|
|
@ -1,41 +0,0 @@
|
|||
README.SLACKWARE for fail2ban
|
||||
|
||||
==============================================================================
|
||||
|
||||
Once you install the package, you can start using fail2ban by:
|
||||
/etc/rc.d/rc.fail2ban start
|
||||
|
||||
Additionally, you can add the following to rc.local for automatic startup:
|
||||
if [ -x /etc/rc.d/rc.fail2ban ]; then
|
||||
/etc/rc.d/rc.fail2ban start
|
||||
fi
|
||||
|
||||
and add the following to rc.local_shutdown to stop fail2ban at shutdown:
|
||||
if [ -x /etc/rc.d/rc.fail2ban ]; then
|
||||
/etc/rc.d/rc.fail2ban stop
|
||||
fi
|
||||
|
||||
The package contains logrotate script copied from fail2ban manual and
|
||||
modified to reflect Slackware packaging. You can find the original script at:
|
||||
http://www.fail2ban.org/wiki/index.php/MANUAL_0_8
|
||||
|
||||
==============================================================================
|
||||
|
||||
UPGRADING:
|
||||
|
||||
Please make sure you have all your modifications done to .local files instead of
|
||||
.conf files. Upgrade **WILL OVERWRITE** files in place.
|
||||
|
||||
Making modifications to .local files is the recommended practice as per the
|
||||
software manual. Each .conf file is overridden by equivalent .local file.
|
||||
Please refer Configuration section in fail2ban manual.
|
||||
|
||||
==============================================================================
|
||||
|
||||
Changelog:
|
||||
|
||||
08/03/2008
|
||||
upgraded to fail2ban version 0.8.3, added restart option to rc script
|
||||
|
||||
12/28/2008
|
||||
fixed a typo in rc.fail2ban that prevented showing usage info when run without options
|
|
@ -20,4 +20,11 @@ fi
|
|||
|
||||
config etc/rc.d/rc.fail2ban.new
|
||||
config etc/logrotate.d/fail2ban.new
|
||||
|
||||
config etc/fail2ban/fail2ban.conf.new
|
||||
config etc/fail2ban/jail.conf.new
|
||||
for conf_file in etc/fail2ban/action.d/*.new; do
|
||||
config $conf_file
|
||||
done
|
||||
for conf_file in etc/fail2ban/filter.d/*.new; do
|
||||
config $conf_file
|
||||
done
|
||||
|
|
|
@ -3,15 +3,15 @@
|
|||
# Slackware Package Build Script for fail2ban
|
||||
# Home Page http://www.fail2ban.org/wiki/index.php/Main_Page
|
||||
|
||||
# Copyright (c) 2008-2009, Nishant Limbachia (nishant@mnspace.net)
|
||||
# Copyright (c) 2008-2009, Nishant Limbachia, Hoffman Est, IL, USA (nishant@mnspace.net)
|
||||
# All rights reserved.
|
||||
#
|
||||
|
||||
# Redistribution and use of this script, with or without modification, is
|
||||
# permitted provided that the following conditions are met:
|
||||
#
|
||||
|
||||
# 1. Redistributions of script must retain the above copyright notice,
|
||||
# this list of conditions and the following disclaimer.
|
||||
#
|
||||
|
||||
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
||||
|
@ -25,9 +25,9 @@
|
|||
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
PRGNAM=fail2ban
|
||||
VERSION=0.8.3
|
||||
ARCH=${ARCH:-noarch}
|
||||
BUILD=${BUILD:-2}
|
||||
VERSION=0.8.4
|
||||
ARCH=${ARCH:-i486}
|
||||
BUILD=${BUILD:-1}
|
||||
TAG=${TAG:-_SBo}
|
||||
|
||||
TMP=${TMP:-/tmp/SBo}
|
||||
|
@ -35,12 +35,14 @@ PKG=$TMP/package-$PRGNAM
|
|||
OUTPUT=${OUTPUT:-/tmp}
|
||||
CWD=$(pwd)
|
||||
|
||||
# exit on most errors
|
||||
set -e
|
||||
|
||||
# clean up from previous builds
|
||||
rm -fr $PKG $TMP/$PRGNAM-$VERSION
|
||||
mkdir -p $PKG $TMP $OUTPUT
|
||||
cd $TMP
|
||||
tar xvf $CWD/$PRGNAM-$VERSION.tar.bz2
|
||||
tar xvf $CWD/$PRGNAM-$VERSION.tar.?z*
|
||||
cd $TMP/$PRGNAM-$VERSION
|
||||
chown -R root.root .
|
||||
find . \
|
||||
|
@ -51,31 +53,40 @@ find . \
|
|||
|
||||
python setup.py install --root=$PKG
|
||||
|
||||
mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
|
||||
cp -a \
|
||||
COPYING ChangeLog PKG-INFO README TODO \
|
||||
$PKG/usr/doc/$PRGNAM-$VERSION
|
||||
install -m 0644 $CWD/README.SLACKWARE $CWD/$PRGNAM.SlackBuild \
|
||||
$PKG/usr/doc/$PRGNAM-$VERSION
|
||||
|
||||
# installing man pages
|
||||
mkdir -p $PKG/usr/man/man1
|
||||
install -m 0644 man/*.1 $PKG/usr/man/man1
|
||||
install -m 0644 man/fail2ban-client.1 man/fail2ban-regex.1 \
|
||||
man/fail2ban-server.1 $PKG/usr/man/man1
|
||||
|
||||
install -D -m 0755 $CWD/rc.fail2ban $PKG/etc/rc.d/rc.fail2ban.new
|
||||
install -D -m 0644 $CWD/fail2ban.logrotate $PKG/etc/logrotate.d/fail2ban.new
|
||||
|
||||
# Make directory for socket and pid file
|
||||
mkdir -p $PKG/var/run/fail2ban
|
||||
|
||||
( cd $PKG/usr/man || exit 1
|
||||
# move config files to .new
|
||||
( cd $PKG/etc/fail2ban
|
||||
for file in $(find . -type f); do
|
||||
mv $file "$file.new"
|
||||
done
|
||||
)
|
||||
# compress man pages
|
||||
( cd $PKG/usr/man
|
||||
find . -type f -exec gzip -9 {} \;
|
||||
for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done
|
||||
)
|
||||
|
||||
# install startup script
|
||||
install -D -m 0644 $CWD/rc.fail2ban $PKG/etc/rc.d/rc.fail2ban.new
|
||||
|
||||
# install logrotate script
|
||||
install -D -m 0644 $CWD/fail2ban.logrotate $PKG/etc/logrotate.d/fail2ban.new
|
||||
|
||||
# make directory for socket and pid file
|
||||
mkdir -p $PKG/var/run/fail2ban
|
||||
|
||||
mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
|
||||
cp -a COPYING ChangeLog PKG-INFO README TODO $PKG/usr/doc/$PRGNAM-$VERSION
|
||||
cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
|
||||
|
||||
# building package
|
||||
mkdir -p $PKG/install
|
||||
cat $CWD/doinst.sh > $PKG/install/doinst.sh
|
||||
cat $CWD/slack-desc > $PKG/install/slack-desc
|
||||
|
||||
cd $PKG
|
||||
/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.tgz
|
||||
|
||||
/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz}
|
||||
|
|
|
@ -1,8 +1,10 @@
|
|||
PRGNAM="fail2ban"
|
||||
VERSION="0.8.3"
|
||||
VERSION="0.8.4"
|
||||
HOMEPAGE="http://www.fail2ban.org/wiki/index.php/Main_Page"
|
||||
DOWNLOAD="http://downloads.sourceforge.net/fail2ban/fail2ban-0.8.3.tar.bz2"
|
||||
MD5SUM="b438d7e2ce77a469fb0cca2a5cc0b81c"
|
||||
DOWNLOAD="http://downloads.sourceforge.net/fail2ban/fail2ban-0.8.4.tar.bz2"
|
||||
MD5SUM="df94335a5d12b4750869e5fe350073fa"
|
||||
DOWNLOAD_x86_64=""
|
||||
MD5SUM_x86_64=""
|
||||
MAINTAINER="Nishant Limbachia"
|
||||
EMAIL="nishant@mnspace.net"
|
||||
APPROVED="rworkman"
|
||||
APPROVED="dsomero"
|
||||
|
|
|
@ -1,20 +1,22 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2008-2009, Nishant Limbachia, Hoffman Est, IL, USA (nishant@mnspace.net)
|
||||
# /etc/rc.d/rc.fail2ban
|
||||
#
|
||||
# start/stop/reload/status/ping fail2ban server.
|
||||
# start|stop|restart|reload|status|ping fail2ban server
|
||||
#
|
||||
# To start fail2ban automatically at boot, make this
|
||||
# file executable: chmod 755 /etc/rc.d/rc.fail2ban
|
||||
# you must also add this file to rc.local in the
|
||||
# appropriate order.
|
||||
# To start fail2ban automatically at boot, make this file executable:
|
||||
# chmod 755 /etc/rc.d/rc.fail2ban
|
||||
# you must also add this file to rc.local for fail2ban to start during boot.
|
||||
|
||||
SOCKET="/var/run/fail2ban/fail2ban.socket"
|
||||
### default socket file is /var/run/fail2ban/fail2ban.sock which can be
|
||||
### changed via the config file: /etc/fail2ban/fail2ban.conf
|
||||
|
||||
fail2ban_start() {
|
||||
if [ -x /etc/rc.d/rc.fail2ban ]; then
|
||||
echo "Starting fail2ban: "
|
||||
/usr/bin/fail2ban-client -x -s ${SOCKET} start
|
||||
### using -x option to remove any stale socket file.
|
||||
/usr/bin/fail2ban-client -x start
|
||||
else
|
||||
echo "rc.fail2ban is not executable or you don't have enough permissions"
|
||||
exit 1
|
||||
|
@ -23,22 +25,22 @@ fail2ban_start() {
|
|||
|
||||
fail2ban_stop() {
|
||||
echo "Stopping fail2ban"
|
||||
/usr/bin/fail2ban-client -x -s ${SOCKET} stop
|
||||
/usr/bin/fail2ban-client stop
|
||||
}
|
||||
|
||||
fail2ban_reload() {
|
||||
echo "Reloading fail2ban"
|
||||
/usr/bin/fail2ban-client -x -s ${SOCKET} reload
|
||||
/usr/bin/fail2ban-client reload
|
||||
}
|
||||
|
||||
fail2ban_status() {
|
||||
echo "Status: fail2ban"
|
||||
/usr/bin/fail2ban-client -s ${SOCKET} status
|
||||
/usr/bin/fail2ban-client status
|
||||
}
|
||||
|
||||
fail2ban_ping() {
|
||||
echo "Pinging fail2ban"
|
||||
/usr/bin/fail2ban-client -s ${SOCKET} ping
|
||||
/usr/bin/fail2ban-client ping
|
||||
}
|
||||
|
||||
case "$1" in
|
||||
|
@ -50,7 +52,7 @@ case "$1" in
|
|||
;;
|
||||
'restart')
|
||||
fail2ban_stop
|
||||
sleep 2
|
||||
sleep 5
|
||||
fail2ban_start
|
||||
;;
|
||||
'reload')
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# make exactly 11 lines for the formatting to be correct. It's also
|
||||
# customary to leave one space after the ':'.
|
||||
|
||||
|-----handy-ruler----------------------------------------------------|
|
||||
|-----handy-ruler--------------------------------------------------|
|
||||
fail2ban: Fail2Ban (bans IP that makes too many password failures)
|
||||
fail2ban:
|
||||
fail2ban: Fail2Ban scans log files like /var/log/pwdfail and bans IP
|
||||
|
|
Loading…
Reference in a new issue