Date: Sun, 3 Nov 2019 18:02:20 +0000 (UTC) From: Bernard Spil <brnrd@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r516582 - in head/net: . endlessh endlessh/files Message-ID: <201911031802.xA3I2KKA063219@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: brnrd Date: Sun Nov 3 18:02:20 2019 New Revision: 516582 URL: https://svnweb.freebsd.org/changeset/ports/516582 Log: net/endlessh: New SSH tarpit port Added: head/net/endlessh/ head/net/endlessh/Makefile (contents, props changed) head/net/endlessh/distinfo (contents, props changed) head/net/endlessh/files/ head/net/endlessh/files/endlessh.conf.sample (contents, props changed) head/net/endlessh/files/endlessh.in (contents, props changed) head/net/endlessh/pkg-descr (contents, props changed) head/net/endlessh/pkg-message (contents, props changed) Modified: head/net/Makefile Modified: head/net/Makefile ============================================================================== --- head/net/Makefile Sun Nov 3 17:52:12 2019 (r516581) +++ head/net/Makefile Sun Nov 3 18:02:20 2019 (r516582) @@ -140,6 +140,7 @@ SUBDIR += elixir-kafka_ex SUBDIR += elixir-oauth2 SUBDIR += empty + SUBDIR += endlessh SUBDIR += enet SUBDIR += erlang-ranch SUBDIR += erlang-xmlrpc Added: head/net/endlessh/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/endlessh/Makefile Sun Nov 3 18:02:20 2019 (r516582) @@ -0,0 +1,30 @@ +# $FreeBSD$ + +PORTNAME= endlessh +PORTVERSION= 1.0 +CATEGORIES= net + +MAINTAINER= brnrd@FreeBSD.org +COMMENT= SSH tarpit + +LICENSE= UNLICENSE +LICENSE_FILE= ${WRKSRC}/UNLICENSE + +USE_RC_SUBR= endlessh + +USE_GITHUB= yes +GH_ACCOUNT= skeeto + +PLIST_FILES= bin/endlessh \ + man/man1/endlessh.1.gz \ + "@sample ${PREFIX}/etc/endlessh.conf.sample" + +post-patch: + ${REINPLACE_CMD} 's|share/man|man|;s|/usr/local|${PREFIX}|' ${WRKSRC}/Makefile + ${REINPLACE_CMD} 's|/etc/endlessh/config|${PREFIX}/etc/endlessh.conf|' \ + ${WRKSRC}/endlessh.c ${WRKSRC}/endlessh.1 + +post-install: + ${INSTALL_DATA} ${FILESDIR}/endlessh.conf.sample ${STAGEDIR}${PREFIX}/etc/ + +.include <bsd.port.mk> Added: head/net/endlessh/distinfo ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/endlessh/distinfo Sun Nov 3 18:02:20 2019 (r516582) @@ -0,0 +1,3 @@ +TIMESTAMP = 1567361886 +SHA256 (skeeto-endlessh-1.0_GH0.tar.gz) = 6ae377354fa7547c15fde19ebc5e0dbc4f9f562f28eab3a48c2f36b819d7e524 +SIZE (skeeto-endlessh-1.0_GH0.tar.gz) = 12258 Added: head/net/endlessh/files/endlessh.conf.sample ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/endlessh/files/endlessh.conf.sample Sun Nov 3 18:02:20 2019 (r516582) @@ -0,0 +1,27 @@ +# The port on which to listen for new SSH connections. +# Port 2222 + +# The endless banner is sent one line at a time. This is the delay +# in milliseconds between individual lines. +# Delay 10000 + +# The length of each line is randomized. This controls the maximum +# length of each line. Shorter lines may keep clients on for longer if +# they give up after a certain number of bytes. +# MaxLineLength 32 + +# Maximum number of connections to accept at a time. Connections beyond +# this are not immediately rejected, but will wait in the queue. +# MaxClients 4096 + +# Set the detail level for the log. +# 0 = Quiet +# 1 = Standard, useful log messages +# 2 = Very noisy debugging information +# LogLevel 0 + +# Set the family of the listening socket +# 0 = Use IPv4 Mapped IPv6 (Both v4 and v6, default) +# 4 = Use IPv4 only +# 6 = Use IPv6 only +# BindFamily 0 Added: head/net/endlessh/files/endlessh.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/endlessh/files/endlessh.in Sun Nov 3 18:02:20 2019 (r516582) @@ -0,0 +1,36 @@ +#!/bin/sh +# +# Author: Bernard Spil <brnrd@FreeBSD.org> +# +# $FreeBSD$ +# + +# PROVIDE: endlessh +# REQUIRE: LOGIN +# KEYWORD: shutdown + +# Add the following lines to /etc/rc.conf to enable endlessh: +# endlessh_enable="YES" +# endlessh_daemonuser="nobody" +# endlessh_config="<config file>" Default %%PREFIX%%/etc/endlessh.conf +# endlessh_logfile"<log file>" Default /var/log/endlessh.log +# endlessh_args="<set as needed>" these override the conf file + +. /etc/rc.subr + +name=endlessh +rcvar=endlessh_enable + +load_rc_config $name + +: ${endlessh_enable:=NO} +: ${endlessh_daemonuser:=nobody} +: ${endlessh_config:=%%PREFIX%%/etc/endlessh.conf} +: ${endlessh_logfile:=/var/log/endlessh.log} + +pidfile=/var/run/endlessh.pid +procname="%%PREFIX%%/bin/endlessh" +command=/usr/sbin/daemon +command_args='-p ${pidfile} -u ${endlessh_daemonuser} -o ${endlessh_logfile} ${procname} -f ${endlessh_config} ${endlessh_args}' + +run_rc_command $1 Added: head/net/endlessh/pkg-descr ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/endlessh/pkg-descr Sun Nov 3 18:02:20 2019 (r516582) @@ -0,0 +1,6 @@ +Endlessh is an SSH tarpit that very slowly sends an endless, random SSH +banner. It keeps SSH clients locked up for hours or even days at a time. +The purpose is to put your real SSH server on another port and then let the +script kiddies get stuck in this tarpit instead of bothering a real server. + +WWW: https://github.com/skeeto/endlessh Added: head/net/endlessh/pkg-message ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/endlessh/pkg-message Sun Nov 3 18:02:20 2019 (r516582) @@ -0,0 +1,21 @@ +[ +{ + type: install + message: <<EOD + +Configure endlessh either via endlessh.conf or using endlessh_args in rc.conf. +The defaults are commented out in endlessh.conf. + +The default configuration only logs starts & stops to /var/log/endlessh.log. +To see the connections set LogLevel 1 in endlessh.conf or add "-v" to +endlessh_args. Sending SIGUSR1 to endlessh (pkill USR1 endlessh) will add +statistics to the /var/log/endlessh.log file + +Neither endlessh nor daemon support rotating the logfile, use periodic or +cron to copy the logfile and truncate it using + + $ echo -n > /var/log/endlessh.log + +EOD +} +]
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201911031802.xA3I2KKA063219>