diff options
| author | Mark Felder <feld@FreeBSD.org> | 2015-03-24 02:23:30 +0000 |
|---|---|---|
| committer | Mark Felder <feld@FreeBSD.org> | 2015-03-24 02:23:30 +0000 |
| commit | 002a77a68f5cd89fce887734fcbb341a5a09e832 (patch) | |
| tree | 6bdfeb065c0165d9e387656bd8aa38a541699b08 /security | |
| parent | e5ca81a883ec8a51ca716485ecd251a26fd1e676 (diff) | |
| download | ports-002a77a68f5cd89fce887734fcbb341a5a09e832.tar.gz ports-002a77a68f5cd89fce887734fcbb341a5a09e832.zip | |
Notes
Diffstat (limited to 'security')
| -rw-r--r-- | security/sshguard/Makefile | 2 | ||||
| -rw-r--r-- | security/sshguard/files/patch-src-parser-attack_scanner.l | 20 |
2 files changed, 20 insertions, 2 deletions
diff --git a/security/sshguard/Makefile b/security/sshguard/Makefile index 178dd885042f..06098e7daebd 100644 --- a/security/sshguard/Makefile +++ b/security/sshguard/Makefile @@ -3,7 +3,7 @@ PORTNAME= sshguard PORTVERSION= 1.5 -PORTREVISION= 11 +PORTREVISION= 12 CATEGORIES= security MASTER_SITES= SF/sshguard/sshguard/sshguard-${PORTVERSION} diff --git a/security/sshguard/files/patch-src-parser-attack_scanner.l b/security/sshguard/files/patch-src-parser-attack_scanner.l index 3c90ec17ef8f..939dff3582f2 100644 --- a/security/sshguard/files/patch-src-parser-attack_scanner.l +++ b/security/sshguard/files/patch-src-parser-attack_scanner.l @@ -1,4 +1,4 @@ ---- src/parser/attack_scanner.l.orig 2015-03-24 02:08:55 UTC +--- src/parser/attack_scanner.l.orig 2015-03-24 02:18:57 UTC +++ src/parser/attack_scanner.l @@ -78,6 +78,7 @@ MINPS [0-5][0-9] WORD [a-zA-Z0-9][-_a-zA-Z0-9]+ @@ -24,3 +24,21 @@ /* syslog style "last message repeated N times" */ "last message repeated "([1-9][0-9]*)" times" { +@@ -127,7 +128,7 @@ IPV4MAPPED6 ((:(:0{1,4}){0,4}|0{1,4}:(:0 + + + /* SSH: invalid or rejected user (cross platform [generated by openssh]) */ +-"Invalid user ".+" from " { return SSH_INVALUSERPREF; } ++[Ii]"nvalid user ".+" from " { return SSH_INVALUSERPREF; } + /* match disallowed user (not in AllowUsers/AllowGroups or in DenyUsers/DenyGroups) on Linux Ubuntu/FreeBSD */ + /* "User tinydns from 1.2.3.4 not allowed because not listed in AllowUsers" */ + "User ".+" from " { BEGIN(ssh_notallowed); return SSH_NOTALLOWEDPREF; } +@@ -175,7 +176,7 @@ IPV4MAPPED6 ((:(:0{1,4}){0,4}|0{1,4}:(:0 + + /* cyrus-imap login error */ + "badlogin: "[^\[]*"[" { BEGIN(cyrusimap_loginerr); return CYRUSIMAP_SASL_LOGINERR_PREF; } +-<cyrusimap_loginerr>"] ".*"SASL".*"checkpass failed" { BEGIN(INITIAL); return CYRUSIMAP_SASL_LOGINERR_SUFF; } ++<cyrusimap_loginerr>"] ".*"SASL".*"failed".?$ { BEGIN(INITIAL); return CYRUSIMAP_SASL_LOGINERR_SUFF; } + + /* FreeBSD's ftpd login errors */ + "FTP LOGIN FAILED FROM " { BEGIN(freebsdftpd_loginerr); return FREEBSDFTPD_LOGINERR_PREF; } |