Date: Thu, 18 Jan 2018 01:15:48 +0000 (UTC) From: "Danilo G. Baio" <dbaio@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r459308 - in head/security/sshguard: . files Message-ID: <201801180115.w0I1FmuT087818@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dbaio Date: Thu Jan 18 01:15:48 2018 New Revision: 459308 URL: https://svnweb.freebsd.org/changeset/ports/459308 Log: security/sshguard: Update to 2.1.0 Improve descriptions, pkg-message and update WWW. Changes: https://sourceforge.net/p/sshguard/mailman/message/36109171/ PR: 224153 Submitted by: Kevin Zheng <kevinz5000@gmail.com> Approved by: maintainer timeout (dan.mcgregor@usask.ca, > 2 weeks) Modified: head/security/sshguard/Makefile head/security/sshguard/distinfo head/security/sshguard/files/patch-examples-sshguard.conf.sample head/security/sshguard/files/pkg-message.in head/security/sshguard/pkg-descr head/security/sshguard/pkg-plist Modified: head/security/sshguard/Makefile ============================================================================== --- head/security/sshguard/Makefile Thu Jan 18 00:59:14 2018 (r459307) +++ head/security/sshguard/Makefile Thu Jan 18 01:15:48 2018 (r459308) @@ -2,20 +2,16 @@ # $FreeBSD$ PORTNAME= sshguard -PORTVERSION= 2.0.0 -PORTREVISION= 1 +PORTVERSION= 2.1.0 CATEGORIES= security MASTER_SITES= SF/sshguard/sshguard/${PORTVERSION} MAINTAINER= dan.mcgregor@usask.ca -COMMENT= Protect hosts from brute force attacks against ssh and other services +COMMENT= Protect hosts from brute-force attacks against SSH and other services LICENSE= BSD2CLAUSE -USES= autoreconf - USE_RC_SUBR= sshguard -MAKE_ARGS+= ACLOCAL="${TRUE}" AUTOCONF="${TRUE}" AUTOMAKE="${TRUE}" GNU_CONFIGURE= yes SUB_FILES= pkg-message Modified: head/security/sshguard/distinfo ============================================================================== --- head/security/sshguard/distinfo Thu Jan 18 00:59:14 2018 (r459307) +++ head/security/sshguard/distinfo Thu Jan 18 01:15:48 2018 (r459308) @@ -1,3 +1,3 @@ -TIMESTAMP = 1500391750 -SHA256 (sshguard-2.0.0.tar.gz) = e87c6c4a6dddf06f440ea76464eb6197869c0293f0a60ffa51f8a6a0d7b0cb06 -SIZE (sshguard-2.0.0.tar.gz) = 886995 +TIMESTAMP = 1512597921 +SHA256 (sshguard-2.1.0.tar.gz) = 21252a4834ad8408df384ee4ddf468624aa9de9cead5afde1c77380a48cf028a +SIZE (sshguard-2.1.0.tar.gz) = 1117466 Modified: head/security/sshguard/files/patch-examples-sshguard.conf.sample ============================================================================== --- head/security/sshguard/files/patch-examples-sshguard.conf.sample Thu Jan 18 00:59:14 2018 (r459307) +++ head/security/sshguard/files/patch-examples-sshguard.conf.sample Thu Jan 18 01:15:48 2018 (r459308) @@ -1,24 +1,21 @@ -diff --git examples/sshguard.conf.sample examples/sshguard.conf.sample -index d881e51..87b7acc 100644 ---- examples/sshguard.conf.sample +--- examples/sshguard.conf.sample.orig 2017-12-06 22:18:20 UTC +++ examples/sshguard.conf.sample -@@ -6,11 +6,13 @@ +@@ -6,10 +6,12 @@ #### REQUIRED CONFIGURATION #### # Full path to backend executable (required, no default) --#BACKEND="/usr/local/libexec/sshg-fw-hosts" -+BACKEND="/usr/local/libexec/sshg-fw-null" +-#BACKEND="/usr/local/libexec/sshg-fw-iptables" ++#BACKEND="/usr/local/libexec/sshg-fw-hosts" +#BACKEND="/usr/local/libexec/sshg-fw-ipfw" +#BACKEND="/usr/local/libexec/sshg-fw-pf" - # Space-separated list of log files to monitor. Ignored if LOGREADER is set. - # (optional, no default) + # Space-separated list of log files to monitor. (optional, no default) -#FILES="/var/log/auth.log /var/log/authlog /var/log/maillog" +FILES="/var/log/auth.log /var/log/maillog" - # Shell command that provides logs on standard output. Takes precedence over - # FILES. (optional, no default) -@@ -36,12 +38,12 @@ DETECTION_TIME=1800 + # Shell command that provides logs on standard output. (optional, no default) + # Example 1: ssh and sendmail from systemd journal: +@@ -40,12 +42,12 @@ DETECTION_TIME=1800 # !! Warning: These features may not work correctly with sandboxing. !! # Full path to PID file (optional, no default) Modified: head/security/sshguard/files/pkg-message.in ============================================================================== --- head/security/sshguard/files/pkg-message.in Thu Jan 18 00:59:14 2018 (r459307) +++ head/security/sshguard/files/pkg-message.in Thu Jan 18 01:15:48 2018 (r459308) @@ -1,15 +1,14 @@ -########################################################################## - Sshguard installed successfully. +To enable SSHGuard at startup, add the following line to your 'rc.conf': +sshguard_enable="YES" - You can start sshguard as a daemon by using the - rc.d script installed at %%PREFIX%%/etc/rc.d/sshguard . +Starting SSHGuard through syslogd(8) is discouraged and not supported. - See sshguard-setup(7) and http://www.sshguard.net/docs/setup for additional info. +Configure SSHGuard by editing BACKEND in '%%PREFIX%%/etc/sshguard.conf'. See +sshguard-setup(7) for instructions on setting up your firewall. - Please note that a few rc script parameters have been renamed to - better reflect the documentation: +Please note that a few rc script parameters have been renamed to +better reflect the documentation: - sshguard_safety_thresh -> sshguard_danger_thresh - sshguard_pardon_min_interval -> sshguard_release_interval - sshguard_prescribe_interval -> sshguard_reset_interval -########################################################################## +sshguard_safety_thresh -> sshguard_danger_thresh +sshguard_pardon_min_interval -> sshguard_release_interval +sshguard_prescribe_interval -> sshguard_reset_interval Modified: head/security/sshguard/pkg-descr ============================================================================== --- head/security/sshguard/pkg-descr Thu Jan 18 00:59:14 2018 (r459307) +++ head/security/sshguard/pkg-descr Thu Jan 18 01:15:48 2018 (r459308) @@ -1,14 +1,5 @@ -Sshguard monitors services from their logging activity. It reacts to messages -about dangerous activity by blocking the source address with the local firewall. +SSHGuard protects hosts from brute-force attacks against SSH and other +services. It aggregates system logs and blocks repeat offenders using one of +several firewall backends. -Sshguard employs a clever parser that can recognize several logging formats at -once transparently (syslog, syslog-ng, metalog, multilog, raw messages), and -detects attacks for many services out of the box, including SSH, FreeBSD's -ftpd and dovecot. It can operate all the major firewalling systems, including -PF, netfilter/iptables, and IPFIREWALL/ipfw. - -Sshguard has several relevant features like support for IPv6, whitelisting, -suspension, log message authentication. It is reliable, easy to set up and -demands very few resources to the system. - -WWW: http://sshguard.sourceforge.net +WWW: https://www.sshguard.net/ Modified: head/security/sshguard/pkg-plist ============================================================================== --- head/security/sshguard/pkg-plist Thu Jan 18 00:59:14 2018 (r459307) +++ head/security/sshguard/pkg-plist Thu Jan 18 01:15:48 2018 (r459308) @@ -7,6 +7,7 @@ libexec/sshg-fw-ipfilter libexec/sshg-fw-ipfw libexec/sshg-fw-ipset libexec/sshg-fw-iptables +libexec/sshg-fw-nft-sets libexec/sshg-fw-null libexec/sshg-fw-pf libexec/sshg-logtail
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201801180115.w0I1FmuT087818>