diff options
| author | Rong-En Fan <rafan@FreeBSD.org> | 2006-08-17 08:27:13 +0000 |
|---|---|---|
| committer | Rong-En Fan <rafan@FreeBSD.org> | 2006-08-17 08:27:13 +0000 |
| commit | 93af3344825cdb6d018636dcc3c1326f4ae3d1db (patch) | |
| tree | e10c2dcca143eec38486f9f502d03bfd8e04bc0e /security/bruteblock | |
| parent | c6ec602398da62cb1dcd869bb71853d1d5aaefcc (diff) | |
| download | ports-93af3344825cdb6d018636dcc3c1326f4ae3d1db.tar.gz ports-93af3344825cdb6d018636dcc3c1326f4ae3d1db.zip | |
Notes
Diffstat (limited to 'security/bruteblock')
| -rw-r--r-- | security/bruteblock/Makefile | 49 | ||||
| -rw-r--r-- | security/bruteblock/distinfo | 3 | ||||
| -rw-r--r-- | security/bruteblock/files/bruteblockd.sh.in | 28 | ||||
| -rw-r--r-- | security/bruteblock/files/pkg-message.in | 26 | ||||
| -rw-r--r-- | security/bruteblock/pkg-descr | 10 | ||||
| -rw-r--r-- | security/bruteblock/pkg-plist | 6 |
6 files changed, 122 insertions, 0 deletions
diff --git a/security/bruteblock/Makefile b/security/bruteblock/Makefile new file mode 100644 index 000000000000..4caa2634e74f --- /dev/null +++ b/security/bruteblock/Makefile @@ -0,0 +1,49 @@ +# New ports collection makefile for: bruteblock +# Date created: 30 Jul 2006 +# Whom: Dmitry Marakasov <amdmi3@mail.ru> +# +# $FreeBSD$ +# + +PORTNAME= bruteblock +PORTVERSION= 0.0.4 +CATEGORIES= security +MASTER_SITES= http://samm.kiev.ua/bruteblock/ + +MAINTAINER= amdmi3@mail.ru +COMMENT= Software for blocking bruteforce attacks with ipfw + +LIB_DEPENDS= pcre.0:${PORTSDIR}/devel/pcre + +PKGMESSAGE= ${WRKDIR}/pkg-message +SUB_FILES= pkg-message + +USE_RC_SUBR= bruteblockd.sh +MAN8= bruteblock.8 + +CONFDIR= ${PREFIX}/etc/${PORTNAME} + +.include <bsd.port.pre.mk> + +.if ${OSVERSION} < 503000 +IGNORE= requires FreeBSD >= 5.3 +.endif + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/bruteblock ${PREFIX}/sbin/ + ${INSTALL_PROGRAM} ${WRKSRC}/bruteblockd ${PREFIX}/sbin/ + ${MKDIR} ${PREFIX}/etc/bruteblock +.for file in ssh # more configs are planned to be added + ${INSTALL_DATA} ${WRKSRC}/etc/${file}.conf ${CONFDIR}/${file}.conf.dist + if [ ! -f ${CONFDIR}/${file}.conf ]; then \ + ${INSTALL_DATA} ${CONFDIR}/${file}.conf.dist ${CONFDIR}/${file}.conf; \ + fi +.endfor + ${INSTALL_MAN} ${WRKSRC}/doc/bruteblock.8 ${PREFIX}/man/man8/ + +post-install: +.if !defined(BATCH) + @${CAT} ${PKGMESSAGE} +.endif + +.include <bsd.port.post.mk> diff --git a/security/bruteblock/distinfo b/security/bruteblock/distinfo new file mode 100644 index 000000000000..cbf9a686bff1 --- /dev/null +++ b/security/bruteblock/distinfo @@ -0,0 +1,3 @@ +MD5 (bruteblock-0.0.4.tar.gz) = 01f2a300dd4abb28fc377de5848aa80e +SHA256 (bruteblock-0.0.4.tar.gz) = f13df7f866842c4f32b7d6b13df0fac3250a41f646602581452af623c790159b +SIZE (bruteblock-0.0.4.tar.gz) = 24170 diff --git a/security/bruteblock/files/bruteblockd.sh.in b/security/bruteblock/files/bruteblockd.sh.in new file mode 100644 index 000000000000..a673c5b1a3cb --- /dev/null +++ b/security/bruteblock/files/bruteblockd.sh.in @@ -0,0 +1,28 @@ +#!/bin/sh + +# PROVIDE: bruteblockd +# REQUIRE: NETWORKING syslogd +# KEYWORD: nojail + +. %%RC_SUBR%% + +name="bruteblockd" +rcvar=`set_rcvar` + +load_rc_config $name + +: ${bruteblockd_enable="NO"} + +pidfile="/var/run/${name}.pid" +command=%%PREFIX%%/sbin/${name} +command_args="-p ${pidfile} -t ${bruteblockd_table}" +start_precmd="bruteblockd_precmd" + +bruteblockd_precmd() +{ + if [ -z "${bruteblockd_table}" ]; then + err 1 "Please specify ipfw table number with bruteblockd_table parameter in /etc/rc.conf (see bruteblock(8))" + fi +} + +run_rc_command "$1" diff --git a/security/bruteblock/files/pkg-message.in b/security/bruteblock/files/pkg-message.in new file mode 100644 index 000000000000..9ba1c6390b65 --- /dev/null +++ b/security/bruteblock/files/pkg-message.in @@ -0,0 +1,26 @@ +===> CONFIGURATION NOTE: + + Configuration of the bruteblock is done via configuration files + located at %%PREFIX%%/etc/bruteblock/ + + To run the script, add a line in /etc/syslog.conf: + +auth.info;authpriv.info |exec %%PREFIX%%/sbin/bruteblock -f %%PREFIX%%/etc/bruteblock/ssh.conf + + and restart syslogd. + + Also you should add ipfw2 table and the corresponding deny rule. + For example, + +# ipfw add deny ip from table(1) to any + + Next, you'll want to setup periodical cleanup of ipfw2 table. Add following + lines to /etc/rc.conf: + + bruteblockd_enable="YES" + bruteblockd_table="1" + bruteblockd_flags="-s 5" + + and start bruteblockd: %%PREFIX%%/etc/rc.d/bruteblockd.sh start + +See bruteblock(8) for more detailts. diff --git a/security/bruteblock/pkg-descr b/security/bruteblock/pkg-descr new file mode 100644 index 000000000000..57338d2d1f29 --- /dev/null +++ b/security/bruteblock/pkg-descr @@ -0,0 +1,10 @@ +Bruteblock allows system administrators to block various bruteforce +attacks on UNIX services. The program analyzes system logs and adds +attacker's IP address into ipfw2 table effectively blocking them. +Addresses are automatically removed from the table after specified +amount of time. Bruteblock uses regular expressions to parse logs, +which provides flexibility allowing it to be used with almost any +network service. Bruteblock is written in pure C, doesn't use any +external programs and work with ipfw2 tables via raw sockets API. + +WWW: http://samm.kiev.ua/bruteblock/ diff --git a/security/bruteblock/pkg-plist b/security/bruteblock/pkg-plist new file mode 100644 index 000000000000..9a292b14bb6e --- /dev/null +++ b/security/bruteblock/pkg-plist @@ -0,0 +1,6 @@ +sbin/bruteblock +sbin/bruteblockd +@unexec if cmp -s %D/etc/bruteblock/ssh.conf.dist %D/etc/bruteblock/ssh.conf; then rm -f %D/etc/bruteblock/ssh.conf; fi +etc/bruteblock/ssh.conf.dist +@exec if [ ! -f %D/etc/bruteblock/ssh.conf ]; then cp -p %D/%F %B/bruteblock/ssh.conf; fi +@dirrmtry etc/bruteblock |