aboutsummaryrefslogtreecommitdiff
path: root/security/sshguard
diff options
context:
space:
mode:
authorIon-Mihai Tetcu <itetcu@FreeBSD.org>2007-06-12 20:05:42 +0000
committerIon-Mihai Tetcu <itetcu@FreeBSD.org>2007-06-12 20:05:42 +0000
commit635337dfbeb06dcd95cccfec68e53880cb43a800 (patch)
tree51cdf8a9c9c86274e4384703395abd092c037b31 /security/sshguard
parent966dc647230779a90d07aa8775f24f4a3ca7708e (diff)
downloadports-635337dfbeb06dcd95cccfec68e53880cb43a800.tar.gz
ports-635337dfbeb06dcd95cccfec68e53880cb43a800.zip
Notes
Diffstat (limited to 'security/sshguard')
-rw-r--r--security/sshguard/Makefile48
-rw-r--r--security/sshguard/distinfo6
-rw-r--r--security/sshguard/files/pkg-message.in10
-rw-r--r--security/sshguard/pkg-deinstall36
-rw-r--r--security/sshguard/pkg-install41
5 files changed, 119 insertions, 22 deletions
diff --git a/security/sshguard/Makefile b/security/sshguard/Makefile
index 7ee9ac2bdcce..8880e3d9e4a8 100644
--- a/security/sshguard/Makefile
+++ b/security/sshguard/Makefile
@@ -6,8 +6,7 @@
#
PORTNAME= sshguard
-PORTVERSION= 0.91
-PORTREVISION= 1
+DISTVERSION= 1.0
CATEGORIES= security
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
MASTER_SITE_SUBDIR= ${PORTNAME}
@@ -15,35 +14,46 @@ MASTER_SITE_SUBDIR= ${PORTNAME}
MAINTAINER= mij@bitchx.it
COMMENT= Protect networked hosts from brute force attacks against ssh
+CONFLICTS?= sshguard-ipfw-1.0* sshguard-pf-1.0*
+
PLIST_FILES= sbin/sshguard
-IS_INTERACTIVE= yes
+MAN8= sshguard.8
+MANCOMPRESSED= no
USE_BZIP2= yes
HAS_CONFIGURE= yes
-OPTIONS= PF "Use PF as firewall backend" off \
- IPFW "Use IPFW as firewall backend" off
+# sublist will be set afterward
+SUB_FILES= pkg-message
+#SUB_LIST=
+
+# backend type in { hosts, ipfw, pf }
+SSHGUARDFW?= hosts
.include <bsd.port.pre.mk>
-.if ! ( (defined(WITH_PF) && !defined(WITH_IPFW)) || !defined(WITH_PF))
-# some error occurred. Configure will handle this.
+.if defined(PREFIX)
+CONFIGURE_ARGS+= --prefix=${PREFIX}
.endif
-.if defined(WITH_PF)
-# compile with PF support
-CONFIGURE_ARGS+= --with-firewall=pf
-.elif defined(WITH_IPFW)
-# compile with IPFW support
-CONFIGURE_ARGS+= --with-firewall=ipfw
+.if ${SSHGUARDFW} == pf
+PKGMSG_FWBLOCK=" To activate or configure PF see http://sshguard.sf.net/doc/setup/blockingpf.html"
+.elif ${SSHGUARDFW} == ipfw
+PKGMSG_FWBLOCK=" Verify that IPFW is active with \"ipfw show\"."
+.elif ${SSHGUARDFW} == hosts
+PKGMSG_FWBLOCK=" Sshguard is going to use /etc/hosts.allow, I have touched it for you."
.endif
+# for substitution in subfiles
+SUB_LIST+= PKGMSG_FWBLOCK=${PKGMSG_FWBLOCK}
+
+CONFIGURE_ARGS+= --with-firewall=${SSHGUARDFW}
+
post-install:
- # spare pkg-message
- ${ECHO_MSG} " Sshguard installed successfully."
- ${ECHO_MSG} "Make it active by putting in /etc/syslog.conf something like:"
- ${ECHO_MSG} " auth.info;authpriv.info |exec ${PREFIX}/sbin/sshguard"
- ${ECHO_MSG} "Otherwise, run sshguard standalone with (as root):"
- ${ECHO_MSG} " tail -n 0 -f /var/log/auth.log | ${PREFIX}/sbin/sshguard"
+ @PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
+ @${CAT} ${PKGMESSAGE}
+
+pre-deinstall:
+ @PKG_PREFIX=${PREFIX} ${SH} ${PKGDEINSTALL} ${PKGNAME} DEINSTALL
.include <bsd.port.post.mk>
diff --git a/security/sshguard/distinfo b/security/sshguard/distinfo
index 07be1e50c899..e9ad206ad3b1 100644
--- a/security/sshguard/distinfo
+++ b/security/sshguard/distinfo
@@ -1,3 +1,3 @@
-MD5 (sshguard-0.91.tar.bz2) = e6fb218fe2450f14b38ae5c5b67f0b6a
-SHA256 (sshguard-0.91.tar.bz2) = c1e16d1d20ff192e0368bd8ddfe6acede5a90fef10ce0558655bacf62c29c42f
-SIZE (sshguard-0.91.tar.bz2) = 63751
+MD5 (sshguard-1.0.tar.bz2) = 77b5a3a9d74542c487b8d5453d53d572
+SHA256 (sshguard-1.0.tar.bz2) = 33a9fe9d2360e9a5c357e269353d4157270171ff975bcf649f5f99b1aa8dcc08
+SIZE (sshguard-1.0.tar.bz2) = 118988
diff --git a/security/sshguard/files/pkg-message.in b/security/sshguard/files/pkg-message.in
new file mode 100644
index 000000000000..635f459c5200
--- /dev/null
+++ b/security/sshguard/files/pkg-message.in
@@ -0,0 +1,10 @@
+##########################################################################
+ Sshguard installed successfully.
+
+%%PKGMSG_FWBLOCK%%
+
+ Your /etc/syslog.conf has been added a line for sshguard; uncomment it
+ and use "/etc/rc.d/syslogd reload" for activating it.
+
+ See sshguard(8) and http://sshguard.sourceforge.net for additional info.
+##########################################################################
diff --git a/security/sshguard/pkg-deinstall b/security/sshguard/pkg-deinstall
new file mode 100644
index 000000000000..7ced4dc8540c
--- /dev/null
+++ b/security/sshguard/pkg-deinstall
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+# If:
+# 1) syslog.conf exists
+# 2) it does contain some directive for sshguard
+# then do the following:
+# @ if the directive was the default directive (as installed by pkg-install)
+# then remove it
+# @ if the directive is some custom (uncommented) directive, comment it
+# and reload syslogd eventually.
+
+# real syslog.conf configuration file path
+SYSLOGCONF=/etc/syslog.conf
+# configuration line to add
+SSHGUARDCONFLINE="auth.info;authpriv.info |exec $PKG_PREFIX/sbin/sshguard"
+
+case "$2" in
+ "DEINSTALL")
+ if (test -f "$SYSLOGCONF" && grep -q '^[^#].*sshguard' "$SYSLOGCONF")
+ then
+ TMPFILE=`mktemp -q /tmp/syslogcXX`
+ if grep -qx "$SSHGUARDCONFLINE" "$SYSLOGCONF"
+ then
+ # remove default sshguard entry from syslog.conf
+ echo "I'm removing the default sshguard syslog entry for you..."
+ grep -vx "$SSHGUARDCONFLINE" "$SYSLOGCONF" > $TMPFILE
+ else
+ # comment customized sshguard configuration line
+ echo "I'm commenting your custom sshguard syslog entry for you..."
+ sed "s/^[^#].*sshguard.*/#&/" < "$SYSLOGCONF" > $TMPFILE
+ fi
+ mv $TMPFILE "$SYSLOGCONF"
+ /etc/rc.d/syslogd reload
+ fi
+ ;;
+esac
diff --git a/security/sshguard/pkg-install b/security/sshguard/pkg-install
new file mode 100644
index 000000000000..09b275c40669
--- /dev/null
+++ b/security/sshguard/pkg-install
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+# If:
+# 1) syslog.conf exists
+# 2) it doesn't already contain some (uncommented) sshguard directive
+# then add $SSHGUARDCONFLINE (commented) right at the end of the header
+# comments section in syslog.conf
+
+# real syslog.conf configuration file path
+SYSLOGCONF=/etc/syslog.conf
+# configuration line to add
+SSHGUARDCONFLINE="auth.info;authpriv.info |exec $PKG_PREFIX/sbin/sshguard"
+
+case "$2" in
+ "POST-INSTALL")
+ if test "x$SSHGUARDFW" = xhosts
+ then
+ touch /etc/hosts.allow
+ fi
+ if (test -f "$SYSLOGCONF" && ! grep -q sshguard "$SYSLOGCONF")
+ then
+ # append default sshguard entry in syslog.conf (first line after comments header)
+ TMPFILE=`mktemp -q /tmp/syslogcXX`
+ # make sure our file has the same permissions as the original, since we mv it back
+ cp -p $SYSLOGCONF ${TMPFILE}
+ echo > ${TMPFILE}
+ inheader=1
+ cat "$SYSLOGCONF" | while read cline ;
+ do
+ if (test $inheader -eq 1 && !(echo "$cline" | grep -q "^[[:space:]]*#"))
+ then
+ # got off of header comments
+ inheader=0
+ echo "#$SSHGUARDCONFLINE" >> $TMPFILE
+ fi
+ echo "$cline" >> $TMPFILE
+ done
+ mv $TMPFILE "$SYSLOGCONF"
+ fi
+;;
+esac