Date: Sun, 17 May 2015 13:47:41 +0000 (UTC) From: Mark Felder <feld@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r386613 - in head/security/sshguard: . files Message-ID: <201505171347.t4HDlf0k093194@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: feld Date: Sun May 17 13:47:41 2015 New Revision: 386613 URL: https://svnweb.freebsd.org/changeset/ports/386613 Log: Add patch to support syslog in verbose mode This was previously a patch in the FreeBSD ports tree and was sent upstream but did not make it into 1.6.0 Submitted by: gregp@n0qds.org Added: head/security/sshguard/files/patch-src-parser-attack_scanner.l (contents, props changed) Modified: head/security/sshguard/Makefile Modified: head/security/sshguard/Makefile ============================================================================== --- head/security/sshguard/Makefile Sun May 17 13:15:02 2015 (r386612) +++ head/security/sshguard/Makefile Sun May 17 13:47:41 2015 (r386613) @@ -3,7 +3,7 @@ PORTNAME= sshguard PORTVERSION= 1.6.0 -PORTREVISION= 0 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= SF/sshguard/sshguard/${PORTVERSION} Added: head/security/sshguard/files/patch-src-parser-attack_scanner.l ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/sshguard/files/patch-src-parser-attack_scanner.l Sun May 17 13:47:41 2015 (r386613) @@ -0,0 +1,27 @@ +--- src/parser/attack_scanner.l.orig 2015-05-16 19:49:47.000000000 -0500 ++++ src/parser/attack_scanner.l 2015-05-16 19:57:07.000000000 -0500 +@@ -74,6 +74,7 @@ + IPV4MAPPED6 ((:(:0{1,4}){0,4}|0{1,4}:(:0{1,4}){1,3}|(0{1,4}:){2}(0{1,4}:0{0,4}:0{1,4}|(:0{1,4}){1,2})|(0{1,4}:){1,4}):[fF]{4}:(((2[0-4]|1[0-9]|[1-9])?[0-9]|25[0-5])\.){3}((2[0-4]|1[0-9]|[1-9])?[0-9]|25[0-5])) + + HOSTADDR localhost|([-a-zA-Z0-9]+\.)+[a-zA-Z]+|{IPV4}|{IPV6}|{IPV4MAPPED6} ++FACLEVEL (<[a-zA-Z0-9]+\.[a-zA-Z0-9]+>) + + %% + +@@ -87,13 +88,14 @@ + */ + + /* handle entries with PID and without PID from processes other than sshguard */ +-({TIMESTAMP_SYSLOG}|{TIMESTAMP_ISO8601})[ ]+([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+{PROCESSNAME}("/"{PROCESSNAME})?"["{NUMBER}"]: "{SOLARIS_MSGID_TAG}? { ++({TIMESTAMP_SYSLOG}|{TIMESTAMP_ISO8601})[ ]+{FACLEVEL}?[ ]*([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+{PROCESSNAME}("/"{PROCESSNAME})?"["{NUMBER}"]: "{SOLARIS_MSGID_TAG}? { + /* extract PID */ + yylval.num = getsyslogpid(yytext, yyleng); + return SYSLOG_BANNER_PID; + } + +-({TIMESTAMP_SYSLOG}|{TIMESTAMP_ISO8601})[ ]+([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+({PROCESSNAME}("/"{PROCESSNAME})?":")? { return SYSLOG_BANNER; } ++({TIMESTAMP_SYSLOG}|{TIMESTAMP_ISO8601})[ ]+{FACLEVEL}?[ ]*([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+({PROCESSNAME}("/"{PROCESSNAME})?":")? { return SYSLOG_BANNER; } ++ + + /* syslog style "last message repeated N times" */ + "last message repeated "([1-9][0-9]*)" times" {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201505171347.t4HDlf0k093194>