Date: Thu, 21 Apr 2005 14:09:15 GMT From: Daniel Gerzo <danger@rulez.sk> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/80211: [NEW PORT] bruteforceblocker Message-ID: <200504211409.j3LE9F9L006837@www.freebsd.org> Resent-Message-ID: <200504211410.j3LEAfAS009578@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 80211 >Category: ports >Synopsis: [NEW PORT] bruteforceblocker >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Apr 21 14:10:41 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Daniel Gerzo >Release: >Organization: >Environment: >Description: bruteforceblocker is a script that checks sshd's auth.log for Failed login attemtps and cooperates with pf firewall. When given IP gains specific number of fails, bruteforceblocker adds this IP to the pf's table. This is useful for people who are getting large number of these attempts. >How-To-Repeat: >Fix: # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # bruteforceblocker/ # bruteforceblocker/Makefile # bruteforceblocker/distinfo # bruteforceblocker/pkg-descr # bruteforceblocker/files # bruteforceblocker/files/bruteforceblocker.sh.in # bruteforceblocker/files/pkg-message.in # echo c - bruteforceblocker/ mkdir -p bruteforceblocker/ > /dev/null 2>&1 echo x - bruteforceblocker/Makefile sed 's/^X//' >bruteforceblocker/Makefile << 'END-of-bruteforceblocker/Makefile' X# New ports collection makefile for: bruteforceblocker X# Date created: 20 April 2005 X# Whom: Daniel Gerzo <danger@rulez.sk> X# X# $FreeBSD$ X# X XPORTNAME= bruteforceblocker XPORTVERSION= 1.0 XCATEGORIES= security XMASTER_SITES= http://danger.rulez.sk/projects/bruteforceblocker/ X XMAINTAINER= danger@rulez.sk XCOMMENT= Checks for failed login attempts and blocks given IPs X XRUN_DEPENDS= ${SITE_PERL}/File/Tail.pm:${PORTSDIR}/devel/p5-File-Tail X XNO_BUILD= yes XUSE_PERL5_RUN= yes XUSE_RC_SUBR= ${PORTNAME}.sh X XWRKSRC= ${WRKDIR} XPLIST_FILES= bin/${PORTNAME}.pl XPKGMESSAGE= ${WRKDIR}/pkg-message XSUB_FILES= pkg-message X X.include <bsd.port.pre.mk> X X.if ${PERL_LEVEL} < 500600 XIGNORE= Perl 5.6 or newer required. Install lang/perl5 or lang/perl5.8 and try again. X.endif X X.if ${OSVERSION} < 502106 XIGNORE= requires at least FreeBSD 5.2 X.endif X Xdo-install: X ${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME}.pl ${PREFIX}/bin/${PORTNAME}.pl X Xpost-install: X.if !defined(BATCH) X @${CAT} ${PKGMESSAGE} X.endif X X.include <bsd.port.post.mk> END-of-bruteforceblocker/Makefile echo x - bruteforceblocker/distinfo sed 's/^X//' >bruteforceblocker/distinfo << 'END-of-bruteforceblocker/distinfo' XMD5 (bruteforceblocker-1.0.tar.gz) = e82fc32fe3fbde2a4291cbdeada188c7 XSIZE (bruteforceblocker-1.0.tar.gz) = 1845 END-of-bruteforceblocker/distinfo echo x - bruteforceblocker/pkg-descr sed 's/^X//' >bruteforceblocker/pkg-descr << 'END-of-bruteforceblocker/pkg-descr' XBruteForceBlocker is a script, that works along with pf - OpenBSD's firewall. XWhen this script is running, it checks sshd's auth log for Failed Password Xattempts and counts it's number. When given IP reaches specified number of Xfails, script adds this IP to the pf's table and block any other traffic to Xthe given box. If you are bored of those automated auth tries, you will be Xhappy with this script. It also includes a simple rc script. X XWWW: http://danger.rulez.sk/projects/bruteforceblocker/ X X- Daniel Gerzo <danger@rulez.sk> END-of-bruteforceblocker/pkg-descr echo c - bruteforceblocker/files mkdir -p bruteforceblocker/files > /dev/null 2>&1 echo x - bruteforceblocker/files/bruteforceblocker.sh.in sed 's/^X//' >bruteforceblocker/files/bruteforceblocker.sh.in << 'END-of-bruteforceblocker/files/bruteforceblocker.sh.in' X#!/bin/sh X X# PROVIDE: bruteforceblocker X# REQUIRE: LOGIN X# KEYWORD: FreeBSD shutdown X X# X# Add the following lines to /etc/rc.conf to enable bruteforceblocker: X# X# bruteforceblocker_enable="YES" X# X X. %%RC_SUBR%% X Xname="bruteforceblocker" Xrcvar=`set_rcvar` Xload_rc_config $name X Xcommand="%%PREFIX%%/bin/bruteforceblocker.pl" Xpidfile="/var/run/bruteforceblocker.pid" Xprocname="/usr/bin/perl" X Xstop_postcmd=stop_postcmd X Xstop_postcmd() X{ X rm -f $pidfile X} X X# set defaults Xbruteforceblocker_enable=${bruteforceblocker_enable:-"NO"} X Xrun_rc_command "$1" END-of-bruteforceblocker/files/bruteforceblocker.sh.in echo x - bruteforceblocker/files/pkg-message.in sed 's/^X//' >bruteforceblocker/files/pkg-message.in << 'END-of-bruteforceblocker/files/pkg-message.in' X===> CONFIGURATION NOTE: X XTo setup bruteforceblocker, you should check main script Xlocated at %%PREFIX%%/bin/bruteforceblocker.pl X Xwhen you are done, you will also need to add to /etc/rc.conf Xbruteforceblocker_enable="YES", so you will be able to start Xbruteforceblocker via rcNG script. END-of-bruteforceblocker/files/pkg-message.in exit >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504211409.j3LE9F9L006837>