From owner-freebsd-ports-bugs@FreeBSD.ORG Thu Apr 21 14:10:41 2005 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E9ECF16A4CE for ; Thu, 21 Apr 2005 14:10:41 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 969B643D2D for ; Thu, 21 Apr 2005 14:10:41 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j3LEAfGn009579 for ; Thu, 21 Apr 2005 14:10:41 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j3LEAfAS009578; Thu, 21 Apr 2005 14:10:41 GMT (envelope-from gnats) Resent-Date: Thu, 21 Apr 2005 14:10:41 GMT Resent-Message-Id: <200504211410.j3LEAfAS009578@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Daniel Gerzo Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D53EC16A4CE for ; Thu, 21 Apr 2005 14:09:17 +0000 (GMT) Received: from www.freebsd.org (www.freebsd.org [216.136.204.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 913C043D31 for ; Thu, 21 Apr 2005 14:09:17 +0000 (GMT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.13.1/8.13.1) with ESMTP id j3LE9FeQ006838 for ; Thu, 21 Apr 2005 14:09:15 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.13.1/8.13.1/Submit) id j3LE9F9L006837; Thu, 21 Apr 2005 14:09:15 GMT (envelope-from nobody) Message-Id: <200504211409.j3LE9F9L006837@www.freebsd.org> Date: Thu, 21 Apr 2005 14:09:15 GMT From: Daniel Gerzo To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-2.3 Subject: ports/80211: [NEW PORT] bruteforceblocker X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Apr 2005 14:10:42 -0000 >Number: 80211 >Category: ports >Synopsis: [NEW PORT] bruteforceblocker >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Apr 21 14:10:41 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Daniel Gerzo >Release: >Organization: >Environment: >Description: bruteforceblocker is a script that checks sshd's auth.log for Failed login attemtps and cooperates with pf firewall. When given IP gains specific number of fails, bruteforceblocker adds this IP to the pf's table. This is useful for people who are getting large number of these attempts. >How-To-Repeat: >Fix: # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # bruteforceblocker/ # bruteforceblocker/Makefile # bruteforceblocker/distinfo # bruteforceblocker/pkg-descr # bruteforceblocker/files # bruteforceblocker/files/bruteforceblocker.sh.in # bruteforceblocker/files/pkg-message.in # echo c - bruteforceblocker/ mkdir -p bruteforceblocker/ > /dev/null 2>&1 echo x - bruteforceblocker/Makefile sed 's/^X//' >bruteforceblocker/Makefile << 'END-of-bruteforceblocker/Makefile' X# New ports collection makefile for: bruteforceblocker X# Date created: 20 April 2005 X# Whom: Daniel Gerzo X# X# $FreeBSD$ X# X XPORTNAME= bruteforceblocker XPORTVERSION= 1.0 XCATEGORIES= security XMASTER_SITES= http://danger.rulez.sk/projects/bruteforceblocker/ X XMAINTAINER= danger@rulez.sk XCOMMENT= Checks for failed login attempts and blocks given IPs X XRUN_DEPENDS= ${SITE_PERL}/File/Tail.pm:${PORTSDIR}/devel/p5-File-Tail X XNO_BUILD= yes XUSE_PERL5_RUN= yes XUSE_RC_SUBR= ${PORTNAME}.sh X XWRKSRC= ${WRKDIR} XPLIST_FILES= bin/${PORTNAME}.pl XPKGMESSAGE= ${WRKDIR}/pkg-message XSUB_FILES= pkg-message X X.include X X.if ${PERL_LEVEL} < 500600 XIGNORE= Perl 5.6 or newer required. Install lang/perl5 or lang/perl5.8 and try again. X.endif X X.if ${OSVERSION} < 502106 XIGNORE= requires at least FreeBSD 5.2 X.endif X Xdo-install: X ${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME}.pl ${PREFIX}/bin/${PORTNAME}.pl X Xpost-install: X.if !defined(BATCH) X @${CAT} ${PKGMESSAGE} X.endif X X.include END-of-bruteforceblocker/Makefile echo x - bruteforceblocker/distinfo sed 's/^X//' >bruteforceblocker/distinfo << 'END-of-bruteforceblocker/distinfo' XMD5 (bruteforceblocker-1.0.tar.gz) = e82fc32fe3fbde2a4291cbdeada188c7 XSIZE (bruteforceblocker-1.0.tar.gz) = 1845 END-of-bruteforceblocker/distinfo echo x - bruteforceblocker/pkg-descr sed 's/^X//' >bruteforceblocker/pkg-descr << 'END-of-bruteforceblocker/pkg-descr' XBruteForceBlocker is a script, that works along with pf - OpenBSD's firewall. XWhen this script is running, it checks sshd's auth log for Failed Password Xattempts and counts it's number. When given IP reaches specified number of Xfails, script adds this IP to the pf's table and block any other traffic to Xthe given box. If you are bored of those automated auth tries, you will be Xhappy with this script. It also includes a simple rc script. X XWWW: http://danger.rulez.sk/projects/bruteforceblocker/ X X- Daniel Gerzo END-of-bruteforceblocker/pkg-descr echo c - bruteforceblocker/files mkdir -p bruteforceblocker/files > /dev/null 2>&1 echo x - bruteforceblocker/files/bruteforceblocker.sh.in sed 's/^X//' >bruteforceblocker/files/bruteforceblocker.sh.in << 'END-of-bruteforceblocker/files/bruteforceblocker.sh.in' X#!/bin/sh X X# PROVIDE: bruteforceblocker X# REQUIRE: LOGIN X# KEYWORD: FreeBSD shutdown X X# X# Add the following lines to /etc/rc.conf to enable bruteforceblocker: X# X# bruteforceblocker_enable="YES" X# X X. %%RC_SUBR%% X Xname="bruteforceblocker" Xrcvar=`set_rcvar` Xload_rc_config $name X Xcommand="%%PREFIX%%/bin/bruteforceblocker.pl" Xpidfile="/var/run/bruteforceblocker.pid" Xprocname="/usr/bin/perl" X Xstop_postcmd=stop_postcmd X Xstop_postcmd() X{ X rm -f $pidfile X} X X# set defaults Xbruteforceblocker_enable=${bruteforceblocker_enable:-"NO"} X Xrun_rc_command "$1" END-of-bruteforceblocker/files/bruteforceblocker.sh.in echo x - bruteforceblocker/files/pkg-message.in sed 's/^X//' >bruteforceblocker/files/pkg-message.in << 'END-of-bruteforceblocker/files/pkg-message.in' X===> CONFIGURATION NOTE: X XTo setup bruteforceblocker, you should check main script Xlocated at %%PREFIX%%/bin/bruteforceblocker.pl X Xwhen you are done, you will also need to add to /etc/rc.conf Xbruteforceblocker_enable="YES", so you will be able to start Xbruteforceblocker via rcNG script. END-of-bruteforceblocker/files/pkg-message.in exit >Release-Note: >Audit-Trail: >Unformatted: