Date: Thu, 13 Apr 2017 14:55:22 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 218633] /security/ossec-hids-local host-deny.sh add ip's to hosts.allow permanently Message-ID: <bug-218633-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D218633 Bug ID: 218633 Summary: /security/ossec-hids-local host-deny.sh add ip's to hosts.allow permanently Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: netbackup.gs@gmail.com /usr/local/ossec-hids/active-response/bin/host-deny.sh dosent delete entrie= s in /etc/hosts.allow Mktemp /var/ossec/ossec-hosts.XXXXXXXXXX is the problem i think, maybe /tmp/ossec-hosts.XXXXXXXXXX ? cat host-deny.sh: # Deleting from hosts.deny=20=20=20 elif [ "x${ACTION}" =3D "xdelete" ]; then=20=20=20 lock; TMP_FILE =3D `mktemp /var/ossec/ossec-hosts.XXXXXXXXXX`=20 if [ "X${TMP_FILE}" =3D "X" ]; then=20 # Cheap fake tmpfile, but should be harder then no random data=20 TMP_FILE =3D "/var/ossec/ossec-hosts.`cat /dev/urandom | tr -dc 'a-zA-= Z0-9' | fold -w 32 | head -1 `" fi if [ "X$UNAME" =3D "XFreeBSD" ]; then cat /etc/hosts.allow | grep -v "ALL : ${IP} : deny$"> ${TMP_FILE} mv ${TMP_FILE} /etc/hosts.allow else cat /etc/hosts.deny | grep -v "ALL:${IP}$"> ${TMP_FILE} cat ${TMP_FILE} > /etc/hosts.deny rm ${TMP_FILE} fi=20 unlock; exit 0; Mktemp /var/ossec/ --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-218633-13>