diff options
author | Nishant Limbachia <nishant@mnspace.net> | 2010-05-13 00:36:23 +0200 |
---|---|---|
committer | David Somero <xgizzmo@slackbuilds.org> | 2010-05-13 00:36:23 +0200 |
commit | be48e858385bef134f4bcb7a55d1325f4b16f5e2 (patch) | |
tree | e1bf88131f8fe18f57a1e0ace92798828d3f4750 | |
parent | d8af4d8eefc2ed0063a7ff95f6a2f98d7176b88e (diff) |
network/fail2ban: Updated for version 0.8.4
-rw-r--r-- | network/fail2ban/README | 6 | ||||
-rw-r--r-- | network/fail2ban/README.SBo | 39 | ||||
-rw-r--r-- | network/fail2ban/README.SLACKWARE | 41 | ||||
-rw-r--r-- | network/fail2ban/doinst.sh | 9 | ||||
-rw-r--r-- | network/fail2ban/fail2ban.SlackBuild | 67 | ||||
-rw-r--r-- | network/fail2ban/fail2ban.info | 10 | ||||
-rw-r--r-- | network/fail2ban/rc.fail2ban | 26 | ||||
-rw-r--r-- | network/fail2ban/slack-desc | 2 |
8 files changed, 112 insertions, 88 deletions
diff --git a/network/fail2ban/README b/network/fail2ban/README index 96b33a1a9c17..5993d3c304a9 100644 --- a/network/fail2ban/README +++ b/network/fail2ban/README @@ -3,4 +3,8 @@ too many password failures. It updates firewall rules to reject the IP address. These rules can be defined by the user. Fail2Ban can read multiple log files such as sshd, Apache web server, postfix and others. -See README.SLACKWARE for configuration and upgrade help. +fail2ban has following dependencies which are offical Slackware packages: +1. Python >= 2.3 Required +2. gamin >= 0.0.21 Optional + +Also see README.SBo for configuration and upgrade help. diff --git a/network/fail2ban/README.SBo b/network/fail2ban/README.SBo new file mode 100644 index 000000000000..7d659bc603da --- /dev/null +++ b/network/fail2ban/README.SBo @@ -0,0 +1,39 @@ +Once you install the package, you can start using fail2ban by: +1. chmod +x /etc/rc.d/rc.fail2ban +2. /etc/rc.d/rc.fail2ban start + +Additionally, you can add the following to rc.local for automatic startup +if [ -x /etc/rc.d/rc.fail2ban ]; then + /etc/rc.d/rc.fail2ban start +fi + +and add the following to rc.local_shutdown to stop fail2ban at shutdown +if [ -x /etc/rc.d/rc.fail2ban ]; then + /etc/rc.d/rc.fail2ban stop +fi + +The package contains logrotate script copied from fail2ban manual, +and modified to reflect Slackware packaging. You can find +the original script at: + +http://www.fail2ban.org/wiki/index.php/MANUAL_0_8 + +UPGRADING: + +Please make sure you have all your modifications done to .local files instead of +.conf files. + +Making modifications to .local files is the recommended practice as per the +software manual. Each .conf file is overridden by equivalent .local file. +Please refer Configuration section in fail2ban manual. + +Changelog: + +08/03/2008 +upgraded to fail2ban version 0.8.3, added restart option to rc script +12/28/2008 +fixed a typo in rc.fail2ban that prevented showing usage info when run without options +09/08/2009 +added some notes and simplified rc script. updated to version 0.8.4. Modified build script +to account for users who keeps their config options in .conf files. Now the script +moves the .conf files to .new which will prevent the overwrite of existing .conf files.
\ No newline at end of file diff --git a/network/fail2ban/README.SLACKWARE b/network/fail2ban/README.SLACKWARE deleted file mode 100644 index 6fb9307a16b6..000000000000 --- a/network/fail2ban/README.SLACKWARE +++ /dev/null @@ -1,41 +0,0 @@ -README.SLACKWARE for fail2ban - -============================================================================== - -Once you install the package, you can start using fail2ban by: - /etc/rc.d/rc.fail2ban start - -Additionally, you can add the following to rc.local for automatic startup: -if [ -x /etc/rc.d/rc.fail2ban ]; then - /etc/rc.d/rc.fail2ban start -fi - -and add the following to rc.local_shutdown to stop fail2ban at shutdown: -if [ -x /etc/rc.d/rc.fail2ban ]; then - /etc/rc.d/rc.fail2ban stop -fi - -The package contains logrotate script copied from fail2ban manual and -modified to reflect Slackware packaging. You can find the original script at: - http://www.fail2ban.org/wiki/index.php/MANUAL_0_8 - -============================================================================== - -UPGRADING: - -Please make sure you have all your modifications done to .local files instead of -.conf files. Upgrade **WILL OVERWRITE** files in place. - -Making modifications to .local files is the recommended practice as per the -software manual. Each .conf file is overridden by equivalent .local file. -Please refer Configuration section in fail2ban manual. - -============================================================================== - -Changelog: - -08/03/2008 - upgraded to fail2ban version 0.8.3, added restart option to rc script - -12/28/2008 - fixed a typo in rc.fail2ban that prevented showing usage info when run without options diff --git a/network/fail2ban/doinst.sh b/network/fail2ban/doinst.sh index f1a42cb78e22..5570dfaa27ff 100644 --- a/network/fail2ban/doinst.sh +++ b/network/fail2ban/doinst.sh @@ -20,4 +20,11 @@ fi config etc/rc.d/rc.fail2ban.new config etc/logrotate.d/fail2ban.new - +config etc/fail2ban/fail2ban.conf.new +config etc/fail2ban/jail.conf.new +for conf_file in etc/fail2ban/action.d/*.new; do + config $conf_file +done +for conf_file in etc/fail2ban/filter.d/*.new; do + config $conf_file +done diff --git a/network/fail2ban/fail2ban.SlackBuild b/network/fail2ban/fail2ban.SlackBuild index d95b11cd2a49..2bc98313ab06 100644 --- a/network/fail2ban/fail2ban.SlackBuild +++ b/network/fail2ban/fail2ban.SlackBuild @@ -3,15 +3,15 @@ # Slackware Package Build Script for fail2ban # Home Page http://www.fail2ban.org/wiki/index.php/Main_Page -# Copyright (c) 2008-2009, Nishant Limbachia (nishant@mnspace.net) +# Copyright (c) 2008-2009, Nishant Limbachia, Hoffman Est, IL, USA (nishant@mnspace.net) # All rights reserved. -# + # Redistribution and use of this script, with or without modification, is # permitted provided that the following conditions are met: -# + # 1. Redistributions of script must retain the above copyright notice, # this list of conditions and the following disclaimer. -# + # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR @@ -25,9 +25,9 @@ # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PRGNAM=fail2ban -VERSION=0.8.3 -ARCH=${ARCH:-noarch} -BUILD=${BUILD:-2} +VERSION=0.8.4 +ARCH=${ARCH:-i486} +BUILD=${BUILD:-1} TAG=${TAG:-_SBo} TMP=${TMP:-/tmp/SBo} @@ -35,47 +35,58 @@ PKG=$TMP/package-$PRGNAM OUTPUT=${OUTPUT:-/tmp} CWD=$(pwd) +# exit on most errors set -e +# clean up from previous builds rm -fr $PKG $TMP/$PRGNAM-$VERSION mkdir -p $PKG $TMP $OUTPUT cd $TMP -tar xvf $CWD/$PRGNAM-$VERSION.tar.bz2 +tar xvf $CWD/$PRGNAM-$VERSION.tar.?z* cd $TMP/$PRGNAM-$VERSION chown -R root.root . find . \ - \( -perm 777 -o -perm 775 -o -perm 771 -o -perm 711 -o -perm 555 -o -perm 551 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 660 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ - -exec chmod 644 {} \; +\( -perm 777 -o -perm 775 -o -perm 771 -o -perm 711 -o -perm 555 -o -perm 551 -o -perm 511 \) \ +-exec chmod 755 {} \; -o \ +\( -perm 666 -o -perm 664 -o -perm 660 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ +-exec chmod 644 {} \; python setup.py install --root=$PKG -mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION -cp -a \ - COPYING ChangeLog PKG-INFO README TODO \ - $PKG/usr/doc/$PRGNAM-$VERSION -install -m 0644 $CWD/README.SLACKWARE $CWD/$PRGNAM.SlackBuild \ - $PKG/usr/doc/$PRGNAM-$VERSION - +# installing man pages mkdir -p $PKG/usr/man/man1 -install -m 0644 man/*.1 $PKG/usr/man/man1 +install -m 0644 man/fail2ban-client.1 man/fail2ban-regex.1 \ +man/fail2ban-server.1 $PKG/usr/man/man1 -install -D -m 0755 $CWD/rc.fail2ban $PKG/etc/rc.d/rc.fail2ban.new +# move config files to .new +( cd $PKG/etc/fail2ban + for file in $(find . -type f); do + mv $file "$file.new" + done +) +# compress man pages +( cd $PKG/usr/man + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done +) + +# install startup script +install -D -m 0644 $CWD/rc.fail2ban $PKG/etc/rc.d/rc.fail2ban.new + +# install logrotate script install -D -m 0644 $CWD/fail2ban.logrotate $PKG/etc/logrotate.d/fail2ban.new -# Make directory for socket and pid file +# make directory for socket and pid file mkdir -p $PKG/var/run/fail2ban -( cd $PKG/usr/man || exit 1 - find . -type f -exec gzip -9 {} \; - for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done -) +mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION +cp -a COPYING ChangeLog PKG-INFO README TODO $PKG/usr/doc/$PRGNAM-$VERSION +cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild +# building package mkdir -p $PKG/install cat $CWD/doinst.sh > $PKG/install/doinst.sh cat $CWD/slack-desc > $PKG/install/slack-desc cd $PKG -/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.tgz - +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} diff --git a/network/fail2ban/fail2ban.info b/network/fail2ban/fail2ban.info index b8e8eaa12651..613a063f2be6 100644 --- a/network/fail2ban/fail2ban.info +++ b/network/fail2ban/fail2ban.info @@ -1,8 +1,10 @@ PRGNAM="fail2ban" -VERSION="0.8.3" +VERSION="0.8.4" HOMEPAGE="http://www.fail2ban.org/wiki/index.php/Main_Page" -DOWNLOAD="http://downloads.sourceforge.net/fail2ban/fail2ban-0.8.3.tar.bz2" -MD5SUM="b438d7e2ce77a469fb0cca2a5cc0b81c" +DOWNLOAD="http://downloads.sourceforge.net/fail2ban/fail2ban-0.8.4.tar.bz2" +MD5SUM="df94335a5d12b4750869e5fe350073fa" +DOWNLOAD_x86_64="" +MD5SUM_x86_64="" MAINTAINER="Nishant Limbachia" EMAIL="nishant@mnspace.net" -APPROVED="rworkman" +APPROVED="dsomero" diff --git a/network/fail2ban/rc.fail2ban b/network/fail2ban/rc.fail2ban index bc3021e56e3c..86c6b7de5262 100644 --- a/network/fail2ban/rc.fail2ban +++ b/network/fail2ban/rc.fail2ban @@ -1,20 +1,22 @@ #!/bin/sh # +# Copyright (c) 2008-2009, Nishant Limbachia, Hoffman Est, IL, USA (nishant@mnspace.net) # /etc/rc.d/rc.fail2ban # -# start/stop/reload/status/ping fail2ban server. +# start|stop|restart|reload|status|ping fail2ban server # -# To start fail2ban automatically at boot, make this -# file executable: chmod 755 /etc/rc.d/rc.fail2ban -# you must also add this file to rc.local in the -# appropriate order. +# To start fail2ban automatically at boot, make this file executable: +# chmod 755 /etc/rc.d/rc.fail2ban +# you must also add this file to rc.local for fail2ban to start during boot. -SOCKET="/var/run/fail2ban/fail2ban.socket" +### default socket file is /var/run/fail2ban/fail2ban.sock which can be +### changed via the config file: /etc/fail2ban/fail2ban.conf fail2ban_start() { if [ -x /etc/rc.d/rc.fail2ban ]; then echo "Starting fail2ban: " - /usr/bin/fail2ban-client -x -s ${SOCKET} start + ### using -x option to remove any stale socket file. + /usr/bin/fail2ban-client -x start else echo "rc.fail2ban is not executable or you don't have enough permissions" exit 1 @@ -23,22 +25,22 @@ fail2ban_start() { fail2ban_stop() { echo "Stopping fail2ban" - /usr/bin/fail2ban-client -x -s ${SOCKET} stop + /usr/bin/fail2ban-client stop } fail2ban_reload() { echo "Reloading fail2ban" - /usr/bin/fail2ban-client -x -s ${SOCKET} reload + /usr/bin/fail2ban-client reload } fail2ban_status() { echo "Status: fail2ban" - /usr/bin/fail2ban-client -s ${SOCKET} status + /usr/bin/fail2ban-client status } fail2ban_ping() { echo "Pinging fail2ban" - /usr/bin/fail2ban-client -s ${SOCKET} ping + /usr/bin/fail2ban-client ping } case "$1" in @@ -50,7 +52,7 @@ case "$1" in ;; 'restart') fail2ban_stop - sleep 2 + sleep 5 fail2ban_start ;; 'reload') diff --git a/network/fail2ban/slack-desc b/network/fail2ban/slack-desc index 872f9903e695..7f4b38938631 100644 --- a/network/fail2ban/slack-desc +++ b/network/fail2ban/slack-desc @@ -5,7 +5,7 @@ # make exactly 11 lines for the formatting to be correct. It's also # customary to leave one space after the ':'. - |-----handy-ruler----------------------------------------------------| + |-----handy-ruler--------------------------------------------------| fail2ban: Fail2Ban (bans IP that makes too many password failures) fail2ban: fail2ban: Fail2Ban scans log files like /var/log/pwdfail and bans IP |