Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 8 Jan 2008 20:14:24 GMT
From:      Naram Qashat <cyberbotx@cyberbotx.com>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/119467: [NEW PORT] security/fail2ban: Python script that Bans IPs that make too many password failures
Message-ID:  <200801082014.m08KEOA1054846@www.freebsd.org>
Resent-Message-ID: <200801082020.m08KK2t3048730@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         119467
>Category:       ports
>Synopsis:       [NEW PORT] security/fail2ban: Python script that Bans IPs that make too many password failures
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jan 08 20:20:02 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Naram Qashat
>Release:        FreeBSD 6.2-RELEASE-p8 i386
>Organization:
>Environment:
System: FreeBSD kirby.cyberbotx.com 6.2-RELEASE-p8 FreeBSD 6.2-RELEASE-p8 #12: Sun Oct 14 16:14:35 EDT 2007
>Description:
Fail2Ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and
bans IPs that makes too many password failures. It updates firewall rules to
reject the IP address or executes user defined commands.

WWW: http://fail2ban.org/wiki/index.php/Main_Page

- Naram Qashat
cyberbotx@cyberbotx.com

Note:
- I found that the ipfw action does not function as it should, but I have
  not been able to figure out a reason why.  For FreeBSD, I would recommend
  using hosts.deny when using fail2ban.
>How-To-Repeat:

>Fix:
(I wasn't able to send the PR via send-pr(1) on my system, Comcast wouldn't allow the entire e-mail to go through.)

I'm attaching the .shar file to this PR.

Patch attached with submission follows:

# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	fail2ban
#	fail2ban/Makefile
#	fail2ban/distinfo
#	fail2ban/files
#	fail2ban/pkg-descr
#	fail2ban/pkg-plist
#	fail2ban/files/fail2ban.in
#	fail2ban/files/patch-client-configreader.py
#	fail2ban/files/patch-fail2ban-client
#	fail2ban/files/patch-fail2ban-regex
#	fail2ban/files/patch-fail2ban-server
#	fail2ban/files/patch-setup.cfg
#	fail2ban/files/patch-setup.py
#
echo c - fail2ban
mkdir -p fail2ban > /dev/null 2>&1
echo x - fail2ban/Makefile
sed 's/^X//' >fail2ban/Makefile << 'END-of-fail2ban/Makefile'
X# New ports collection makefile for:	fail2ban
X# Date created:				5 Janurary 2008
X# Whom:					Naram Qashat <cyberbotx@cyberbotx.com>
X#
X# $FreeBSD$
X#
X
XPORTNAME=	fail2ban
XPORTVERSION=	0.8.1
XCATEGORIES=	security
XMASTER_SITES=	SF
X
XMAINTAINER=	cyberbotx@cyberbotx.com
XCOMMENT=	Python script that Ban IPs that make too many password failure
X
XUSE_BZIP2=	yes
XUSE_PYTHON=	2.4+
XUSE_PYDISTUTILS=	yes
XPYDISTUTILS_NOEGGINFO=	yes
X
XMAN1=		fail2ban-client.1 fail2ban-regex.1 fail2ban-server.1
X
XOPTIONS=	GAMIN "Enable Gamin Support" Off
X
XUSE_RC_SUBR=	${PORTNAME}
XSUB_LIST+=	PYTHON_CMD=${PYTHON_CMD}
X
XCONF_FILES=	fail2ban.conf jail.conf
XACTION_D_CONF_FILES=	hostsdeny.conf ipfw.conf iptables-allports.conf iptables-multiport.conf \
X			iptables-new.conf iptables.conf mail-buffered.conf mail-whois-lines.conf \
X			mail-whois.conf mail.conf sendmail-buffered.conf sendmail-whois-lines.conf \
X			sendmail-whois.conf sendmail.conf shorewall.conf
XFILTER_D_CONF_FILES=	apache-auth.conf apache-badbots.conf apache-noscript.conf courierlogin.conf \
X			couriersmtp.conf exim.conf named-refused.conf postfix.conf proftpd.conf \
X			pure-ftpd.conf qmail.conf sasl.conf sshd-ddos.conf sshd.conf vsftpd.conf \
X			webmin-auth.conf wuftpd.conf
X
X.include <bsd.port.pre.mk>
X
X.if defined(WITH_GAMIN)
XUSE_FAM=	yes
XWANT_FAM_SYSTEM=	gamin
X.endif
X
Xpost-extract:
X	@for i in ${CONF_FILES} ; do \
X		${MV} ${WRKSRC}/config/$$i ${WRKSRC}/config/$$i.sample ; \
X	done
X	@for i in ${ACTION_D_CONF_FILES} ; do \
X		${MV} ${WRKSRC}/config/action.d/$$i ${WRKSRC}/config/action.d/$$i.sample ; \
X	done
X	@for i in ${FILTER_D_CONF_FILES} ; do \
X		${MV} ${WRKSRC}/config/filter.d/$$i ${WRKSRC}/config/filter.d/$$i.sample ; \
X	done
X
Xpost-patch:
X	@${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/client/configreader.py
X	@${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|g' -e 's|/usr/bin/python|${PYTHON_CMD}|g' ${WRKSRC}/fail2ban-*
X	@${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/setup.cfg
X	@${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/setup.py
X
Xpost-install:
X	@for i in ${MAN1} ; do \
X		${INSTALL_MAN} ${WRKSRC}/man/$$i ${MANPREFIX}/man/man1/$$i ; \
X	done
X	@for i in ${CONF_FILES} ; do \
X		if [ ! -e ${PREFIX}/etc/fail2ban/$$i ]; then \
X			${CP} -p ${PREFIX}/etc/fail2ban/$$i.sample ${PREFIX}/etc/fail2ban/$$i ; \
X		fi ; \
X	done
X	@for i in ${ACTION_D_CONF_FILES} ; do \
X		if [ ! -e ${PREFIX}/etc/fail2ban/action.d/$$i ]; then \
X			${CP} -p ${PREFIX}/etc/fail2ban/action.d/$$i.sample ${PREFIX}/etc/fail2ban/action.d/$$i ; \
X		fi ; \
X	done
X	@for i in ${FILTER_D_CONF_FILES} ; do \
X		if [ ! -e ${PREFIX}/etc/fail2ban/filter.d/$$i ]; then \
X			${CP} -p ${PREFIX}/etc/fail2ban/filter.d/$$i.sample ${PREFIX}/etc/fail2ban/filter.d/$$i ; \
X		fi ; \
X	done
X
X.include <bsd.port.post.mk>
END-of-fail2ban/Makefile
echo x - fail2ban/distinfo
sed 's/^X//' >fail2ban/distinfo << 'END-of-fail2ban/distinfo'
XMD5 (fail2ban-0.8.1.tar.bz2) = 91e45125924e7978949fdab2e32b71a1
XSHA256 (fail2ban-0.8.1.tar.bz2) = 3c3adc67c5f2b4fc72c9ea22e52c4cdfd9f901f6c238616416444560f56f6403
XSIZE (fail2ban-0.8.1.tar.bz2) = 58321
END-of-fail2ban/distinfo
echo c - fail2ban/files
mkdir -p fail2ban/files > /dev/null 2>&1
echo x - fail2ban/pkg-descr
sed 's/^X//' >fail2ban/pkg-descr << 'END-of-fail2ban/pkg-descr'
XFail2Ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and
Xbans IPs that makes too many password failures. It updates firewall rules to
Xreject the IP address or executes user defined commands.
X
XWWW: http://fail2ban.org/wiki/index.php/Main_Page
X
X- Naram Qashat
Xcyberbotx@cyberbotx.com
END-of-fail2ban/pkg-descr
echo x - fail2ban/pkg-plist
sed 's/^X//' >fail2ban/pkg-plist << 'END-of-fail2ban/pkg-plist'
Xbin/fail2ban-client
Xbin/fail2ban-regex
Xbin/fail2ban-server
X@unexec if cmp -s %D/etc/fail2ban/action.d/hostsdeny.conf.sample %D/etc/fail2ban/action.d/hostsdeny.conf; then rm -f %D/etc/fail2ban/action.d/hostsdeny.conf; fi
Xetc/fail2ban/action.d/hostsdeny.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/action.d/hostsdeny.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/hostsdeny.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/action.d/ipfw.conf.sample %D/etc/fail2ban/action.d/ipfw.conf; then rm -f %D/etc/fail2ban/action.d/ipfw.conf; fi
Xetc/fail2ban/action.d/ipfw.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/action.d/ipfw.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/ipfw.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/action.d/iptables-allports.conf.sample %D/etc/fail2ban/action.d/iptables-allports.conf; then rm -f %D/etc/fail2ban/action.d/iptables-allports.conf; fi
Xetc/fail2ban/action.d/iptables-allports.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/action.d/iptables-allports.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/iptables-allports.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/action.d/iptables-multiport.conf.sample %D/etc/fail2ban/action.d/iptables-multiport.conf; then rm -f %D/etc/fail2ban/action.d/iptables-multiport.conf; fi
Xetc/fail2ban/action.d/iptables-multiport.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/action.d/iptables-multiport.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/iptables-multiport.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/action.d/iptables-new.conf.sample %D/etc/fail2ban/action.d/iptables-new.conf; then rm -f %D/etc/fail2ban/action.d/iptables-new.conf; fi
Xetc/fail2ban/action.d/iptables-new.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/action.d/iptables-new.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/iptables-new.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/action.d/iptables.conf.sample %D/etc/fail2ban/action.d/iptables.conf; then rm -f %D/etc/fail2ban/action.d/iptables.conf; fi
Xetc/fail2ban/action.d/iptables.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/action.d/iptables.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/iptables.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/action.d/mail-buffered.conf.sample %D/etc/fail2ban/action.d/mail-buffered.conf; then rm -f %D/etc/fail2ban/action.d/mail-buffered.conf; fi
Xetc/fail2ban/action.d/mail-buffered.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/action.d/mail-buffered.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/mail-buffered.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/action.d/mail-whois-lines.conf.sample %D/etc/fail2ban/action.d/mail-whois-lines.conf; then rm -f %D/etc/fail2ban/action.d/mail-whois-lines.conf; fi
Xetc/fail2ban/action.d/mail-whois-lines.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/action.d/mail-whois-lines.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/mail-whois-lines.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/action.d/mail-whois.conf.sample %D/etc/fail2ban/action.d/mail-whois.conf; then rm -f %D/etc/fail2ban/action.d/mail-whois.conf; fi
Xetc/fail2ban/action.d/mail-whois.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/action.d/mail-whois.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/mail-whois.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/action.d/mail.conf.sample %D/etc/fail2ban/action.d/mail.conf; then rm -f %D/etc/fail2ban/action.d/mail.conf; fi
Xetc/fail2ban/action.d/mail.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/action.d/mail.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/mail.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/action.d/sendmail-buffered.conf.sample %D/etc/fail2ban/action.d/sendmail-buffered.conf; then rm -f %D/etc/fail2ban/action.d/sendmail-buffered.conf; fi
Xetc/fail2ban/action.d/sendmail-buffered.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/action.d/sendmail-buffered.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/sendmail-buffered.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/action.d/sendmail-whois-lines.conf.sample %D/etc/fail2ban/action.d/sendmail-whois-lines.conf; then rm -f %D/etc/fail2ban/action.d/sendmail-whois-lines.conf; fi
Xetc/fail2ban/action.d/sendmail-whois-lines.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/action.d/sendmail-whois-lines.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/sendmail-whois-lines.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/action.d/sendmail-whois.conf.sample %D/etc/fail2ban/action.d/sendmail-whois.conf; then rm -f %D/etc/fail2ban/action.d/sendmail-whois.conf; fi
Xetc/fail2ban/action.d/sendmail-whois.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/action.d/sendmail-whois.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/sendmail-whois.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/action.d/sendmail.conf.sample %D/etc/fail2ban/action.d/sendmail.conf; then rm -f %D/etc/fail2ban/action.d/sendmail.conf; fi
Xetc/fail2ban/action.d/sendmail.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/action.d/sendmail.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/sendmail.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/action.d/shorewall.conf.sample %D/etc/fail2ban/action.d/shorewall.conf; then rm -f %D/etc/fail2ban/action.d/shorewall.conf; fi
Xetc/fail2ban/action.d/shorewall.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/action.d/shorewall.conf ] ; then cp -p %D/%F %D/etc/fail2ban/action.d/shorewall.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/fail2ban.conf.sample %D/etc/fail2ban/fail2ban.conf; then rm -f %D/etc/fail2ban/fail2ban.conf; fi
Xetc/fail2ban/fail2ban.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/fail2ban.conf ] ; then cp -p %D/%F %D/etc/fail2ban/fail2ban.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/filter.d/apache-auth.conf.sample %D/etc/fail2ban/filter.d/apache-auth.conf; then rm -f %D/etc/fail2ban/filter.d/apache-auth.conf; fi
Xetc/fail2ban/filter.d/apache-auth.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/filter.d/apache-auth.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/apache-auth.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/filter.d/apache-badbots.conf.sample %D/etc/fail2ban/filter.d/apache-badbots.conf; then rm -f %D/etc/fail2ban/filter.d/apache-badbots.conf; fi
Xetc/fail2ban/filter.d/apache-badbots.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/filter.d/apache-badbots.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/apache-badbots.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/filter.d/apache-noscript.conf.sample %D/etc/fail2ban/filter.d/apache-noscript.conf; then rm -f %D/etc/fail2ban/filter.d/apache-noscript.conf; fi
Xetc/fail2ban/filter.d/apache-noscript.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/filter.d/apache-noscript.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/apache-noscript.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/filter.d/courierlogin.conf.sample %D/etc/fail2ban/filter.d/courierlogin.conf; then rm -f %D/etc/fail2ban/filter.d/courierlogin.conf; fi
Xetc/fail2ban/filter.d/courierlogin.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/filter.d/courierlogin.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/courierlogin.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/filter.d/couriersmtp.conf.sample %D/etc/fail2ban/filter.d/couriersmtp.conf; then rm -f %D/etc/fail2ban/filter.d/couriersmtp.conf; fi
Xetc/fail2ban/filter.d/couriersmtp.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/filter.d/couriersmtp.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/couriersmtp.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/filter.d/exim.conf.sample %D/etc/fail2ban/filter.d/exim.conf; then rm -f %D/etc/fail2ban/filter.d/exim.conf; fi
Xetc/fail2ban/filter.d/exim.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/filter.d/exim.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/exim.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/filter.d/named-refused.conf.sample %D/etc/fail2ban/filter.d/named-refused.conf; then rm -f %D/etc/fail2ban/filter.d/named-refused.conf; fi
Xetc/fail2ban/filter.d/named-refused.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/filter.d/named-refused.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/named-refused.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/filter.d/postfix.conf.sample %D/etc/fail2ban/filter.d/postfix.conf; then rm -f %D/etc/fail2ban/filter.d/postfix.conf; fi
Xetc/fail2ban/filter.d/postfix.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/filter.d/postfix.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/postfix.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/filter.d/proftpd.conf.sample %D/etc/fail2ban/filter.d/proftpd.conf; then rm -f %D/etc/fail2ban/filter.d/proftpd.conf; fi
Xetc/fail2ban/filter.d/proftpd.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/filter.d/proftpd.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/proftpd.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/filter.d/pure-ftpd.conf.sample %D/etc/fail2ban/filter.d/pure-ftpd.conf; then rm -f %D/etc/fail2ban/filter.d/pure-ftpd.conf; fi
Xetc/fail2ban/filter.d/pure-ftpd.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/filter.d/pure-ftpd.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/pure-ftpd.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/filter.d/qmail.conf.sample %D/etc/fail2ban/filter.d/qmail.conf; then rm -f %D/etc/fail2ban/filter.d/qmail.conf; fi
Xetc/fail2ban/filter.d/qmail.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/filter.d/qmail.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/qmail.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/filter.d/sasl.conf.sample %D/etc/fail2ban/filter.d/sasl.conf; then rm -f %D/etc/fail2ban/filter.d/sasl.conf; fi
Xetc/fail2ban/filter.d/sasl.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/filter.d/sasl.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/sasl.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/filter.d/sshd-ddos.conf.sample %D/etc/fail2ban/filter.d/sshd-ddos.conf; then rm -f %D/etc/fail2ban/filter.d/sshd-ddos.conf; fi
Xetc/fail2ban/filter.d/sshd-ddos.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/filter.d/sshd-ddos.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/sshd-ddos.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/filter.d/sshd.conf.sample %D/etc/fail2ban/filter.d/sshd.conf; then rm -f %D/etc/fail2ban/filter.d/sshd.conf; fi
Xetc/fail2ban/filter.d/sshd.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/filter.d/sshd.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/sshd.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/filter.d/vsftpd.conf.sample %D/etc/fail2ban/filter.d/vsftpd.conf; then rm -f %D/etc/fail2ban/filter.d/vsftpd.conf; fi
Xetc/fail2ban/filter.d/vsftpd.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/filter.d/vsftpd.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/vsftpd.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/filter.d/webmin-auth.conf.sample %D/etc/fail2ban/filter.d/webmin-auth.conf; then rm -f %D/etc/fail2ban/filter.d/webmin-auth.conf; fi
Xetc/fail2ban/filter.d/webmin-auth.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/filter.d/webmin-auth.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/webmin-auth.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/filter.d/wuftpd.conf.sample %D/etc/fail2ban/filter.d/wuftpd.conf; then rm -f %D/etc/fail2ban/filter.d/wuftpd.conf; fi
Xetc/fail2ban/filter.d/wuftpd.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/filter.d/wuftpd.conf ] ; then cp -p %D/%F %D/etc/fail2ban/filter.d/wuftpd.conf; fi
X@unexec if cmp -s %D/etc/fail2ban/jail.conf.sample %D/etc/fail2ban/jail.conf; then rm -f %D/etc/fail2ban/jail.conf; fi
Xetc/fail2ban/jail.conf.sample
X@exec if [ ! -f %D/etc/fail2ban/jail.conf ] ; then cp -p %D/%F %D/etc/fail2ban/jail.conf; fi
X%%DATADIR%%/client/__init__.py
X%%DATADIR%%/client/__init__.pyc
X%%DATADIR%%/client/__init__.pyo
X%%DATADIR%%/client/actionreader.py
X%%DATADIR%%/client/actionreader.pyc
X%%DATADIR%%/client/actionreader.pyo
X%%DATADIR%%/client/beautifier.py
X%%DATADIR%%/client/beautifier.pyc
X%%DATADIR%%/client/beautifier.pyo
X%%DATADIR%%/client/configreader.py
X%%DATADIR%%/client/configreader.pyc
X%%DATADIR%%/client/configreader.pyo
X%%DATADIR%%/client/configurator.py
X%%DATADIR%%/client/configurator.pyc
X%%DATADIR%%/client/configurator.pyo
X%%DATADIR%%/client/csocket.py
X%%DATADIR%%/client/csocket.pyc
X%%DATADIR%%/client/csocket.pyo
X%%DATADIR%%/client/fail2banreader.py
X%%DATADIR%%/client/fail2banreader.pyc
X%%DATADIR%%/client/fail2banreader.pyo
X%%DATADIR%%/client/filterreader.py
X%%DATADIR%%/client/filterreader.pyc
X%%DATADIR%%/client/filterreader.pyo
X%%DATADIR%%/client/jailreader.py
X%%DATADIR%%/client/jailreader.pyc
X%%DATADIR%%/client/jailreader.pyo
X%%DATADIR%%/client/jailsreader.py
X%%DATADIR%%/client/jailsreader.pyc
X%%DATADIR%%/client/jailsreader.pyo
X%%DATADIR%%/common/__init__.py
X%%DATADIR%%/common/__init__.pyc
X%%DATADIR%%/common/__init__.pyo
X%%DATADIR%%/common/protocol.py
X%%DATADIR%%/common/protocol.pyc
X%%DATADIR%%/common/protocol.pyo
X%%DATADIR%%/common/version.py
X%%DATADIR%%/common/version.pyc
X%%DATADIR%%/common/version.pyo
X%%DATADIR%%/fail2ban-0.8.1-py2.5.egg-info
X%%DATADIR%%/server/__init__.py
X%%DATADIR%%/server/__init__.pyc
X%%DATADIR%%/server/__init__.pyo
X%%DATADIR%%/server/action.py
X%%DATADIR%%/server/action.pyc
X%%DATADIR%%/server/action.pyo
X%%DATADIR%%/server/actions.py
X%%DATADIR%%/server/actions.pyc
X%%DATADIR%%/server/actions.pyo
X%%DATADIR%%/server/banmanager.py
X%%DATADIR%%/server/banmanager.pyc
X%%DATADIR%%/server/banmanager.pyo
X%%DATADIR%%/server/banticket.py
X%%DATADIR%%/server/banticket.pyc
X%%DATADIR%%/server/banticket.pyo
X%%DATADIR%%/server/datedetector.py
X%%DATADIR%%/server/datedetector.pyc
X%%DATADIR%%/server/datedetector.pyo
X%%DATADIR%%/server/dateepoch.py
X%%DATADIR%%/server/dateepoch.pyc
X%%DATADIR%%/server/dateepoch.pyo
X%%DATADIR%%/server/datestrptime.py
X%%DATADIR%%/server/datestrptime.pyc
X%%DATADIR%%/server/datestrptime.pyo
X%%DATADIR%%/server/datetai64n.py
X%%DATADIR%%/server/datetai64n.pyc
X%%DATADIR%%/server/datetai64n.pyo
X%%DATADIR%%/server/datetemplate.py
X%%DATADIR%%/server/datetemplate.pyc
X%%DATADIR%%/server/datetemplate.pyo
X%%DATADIR%%/server/faildata.py
X%%DATADIR%%/server/faildata.pyc
X%%DATADIR%%/server/faildata.pyo
X%%DATADIR%%/server/failmanager.py
X%%DATADIR%%/server/failmanager.pyc
X%%DATADIR%%/server/failmanager.pyo
X%%DATADIR%%/server/failregex.py
X%%DATADIR%%/server/failregex.pyc
X%%DATADIR%%/server/failregex.pyo
X%%DATADIR%%/server/failticket.py
X%%DATADIR%%/server/failticket.pyc
X%%DATADIR%%/server/failticket.pyo
X%%DATADIR%%/server/filter.py
X%%DATADIR%%/server/filter.pyc
X%%DATADIR%%/server/filter.pyo
X%%DATADIR%%/server/filtergamin.py
X%%DATADIR%%/server/filtergamin.pyc
X%%DATADIR%%/server/filtergamin.pyo
X%%DATADIR%%/server/filterpoll.py
X%%DATADIR%%/server/filterpoll.pyc
X%%DATADIR%%/server/filterpoll.pyo
X%%DATADIR%%/server/jail.py
X%%DATADIR%%/server/jail.pyc
X%%DATADIR%%/server/jail.pyo
X%%DATADIR%%/server/jails.py
X%%DATADIR%%/server/jails.pyc
X%%DATADIR%%/server/jails.pyo
X%%DATADIR%%/server/jailthread.py
X%%DATADIR%%/server/jailthread.pyc
X%%DATADIR%%/server/jailthread.pyo
X%%DATADIR%%/server/mytime.py
X%%DATADIR%%/server/mytime.pyc
X%%DATADIR%%/server/mytime.pyo
X%%DATADIR%%/server/regex.py
X%%DATADIR%%/server/regex.pyc
X%%DATADIR%%/server/regex.pyo
X%%DATADIR%%/server/server.py
X%%DATADIR%%/server/server.pyc
X%%DATADIR%%/server/server.pyo
X%%DATADIR%%/server/ssocket.py
X%%DATADIR%%/server/ssocket.pyc
X%%DATADIR%%/server/ssocket.pyo
X%%DATADIR%%/server/ticket.py
X%%DATADIR%%/server/ticket.pyc
X%%DATADIR%%/server/ticket.pyo
X%%DATADIR%%/server/transmitter.py
X%%DATADIR%%/server/transmitter.pyc
X%%DATADIR%%/server/transmitter.pyo
X@dirrm %%DATADIR%%/server
X@dirrm %%DATADIR%%/common
X@dirrm %%DATADIR%%/client
X@dirrm %%DATADIR%%
X@dirrm etc/fail2ban/filter.d
X@dirrm etc/fail2ban/action.d
X@dirrm etc/fail2ban
END-of-fail2ban/pkg-plist
echo x - fail2ban/files/fail2ban.in
sed 's/^X//' >fail2ban/files/fail2ban.in << 'END-of-fail2ban/files/fail2ban.in'
X#!/bin/sh
X
X# PROVIDE: fail2ban
X# REQUIRE: LOGIN
X#
X# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
X# to enable this service:
X#
X# fail2ban_enable (bool):   Set to NO by default.
X#               Set it to YES to enable fail2ban.
X# fail2ban_config (path):   Set to %%PREFIX%%/etc/fail2ban
X#               by default.
X#
X
X. %%RC_SUBR%%
X
Xname="fail2ban"
Xrcvar=`set_rcvar`
X
Xcommand=%%PREFIX%%/bin/${name}-client
Xcommand_interpreter=%%PYTHON_CMD%%
Xprocname=%%PREFIX%%/bin/${name}-server
Xstart_precmd="prestart"
Xstop_precmd="prestop"
X
Xload_rc_config $name
X
X: ${fail2ban_enable="NO"}
X: ${fail2ban_config="%%PREFIX%%/etc/fail2ban"}
X
Xcommand_args="-c $fail2ban_config"
X
Xprestart()
X{
X	command_args="$command_args start"
X}
X
Xprestop()
X{
X	command_args="$command_args stop"
X}
X
Xrun_rc_command "$1"
END-of-fail2ban/files/fail2ban.in
echo x - fail2ban/files/patch-client-configreader.py
sed 's/^X//' >fail2ban/files/patch-client-configreader.py << 'END-of-fail2ban/files/patch-client-configreader.py'
X--- client/configreader.py.orig	Sun May 20 17:17:55 2007
X+++ client/configreader.py	Sun Jan  6 00:12:40 2008
X@@ -33,7 +33,7 @@
X 
X class ConfigReader(SafeConfigParser):
X 	
X-	BASE_DIRECTORY = "/etc/fail2ban/"
X+	BASE_DIRECTORY = "%%PREFIX%%/etc/fail2ban/"
X 	
X 	def __init__(self):
X 		SafeConfigParser.__init__(self)
END-of-fail2ban/files/patch-client-configreader.py
echo x - fail2ban/files/patch-fail2ban-client
sed 's/^X//' >fail2ban/files/patch-fail2ban-client << 'END-of-fail2ban/files/patch-fail2ban-client'
X--- fail2ban-client.orig	Sat May 19 07:04:59 2007
X+++ fail2ban-client	Sun Jan  6 00:00:41 2008
X@@ -30,7 +30,7 @@
X 
X # Inserts our own modules path first in the list
X # fix for bug #343821
X-sys.path.insert(1, "/usr/share/fail2ban")
X+sys.path.insert(1, "%%PREFIX%%/share/fail2ban")
X 
X # Now we can import our modules
X from common.version import version
X@@ -55,7 +55,7 @@
X 		self.__stream = None
X 		self.__configurator = Configurator()
X 		self.__conf = dict()
X-		self.__conf["conf"] = "/etc/fail2ban"
X+		self.__conf["conf"] = "%%PREFIX%%/etc/fail2ban"
X 		self.__conf["dump"] = False
X 		self.__conf["force"] = False
X 		self.__conf["verbose"] = 1
END-of-fail2ban/files/patch-fail2ban-client
echo x - fail2ban/files/patch-fail2ban-regex
sed 's/^X//' >fail2ban/files/patch-fail2ban-regex << 'END-of-fail2ban/files/patch-fail2ban-regex'
X--- fail2ban-regex.orig	Tue Jul 10 15:54:02 2007
X+++ fail2ban-regex	Sat Jan  5 23:59:37 2008
X@@ -29,7 +29,7 @@
X 
X # Inserts our own modules path first in the list
X # fix for bug #343821
X-sys.path.insert(1, "/usr/share/fail2ban")
X+sys.path.insert(1, "%%PREFIX%%/share/fail2ban")
X 
X from ConfigParser import SafeConfigParser
X from ConfigParser import NoOptionError, NoSectionError, MissingSectionHeaderError
END-of-fail2ban/files/patch-fail2ban-regex
echo x - fail2ban/files/patch-fail2ban-server
sed 's/^X//' >fail2ban/files/patch-fail2ban-server << 'END-of-fail2ban/files/patch-fail2ban-server'
X--- fail2ban-server.orig	Sat May 19 07:04:59 2007
X+++ fail2ban-server	Sun Jan  6 00:02:26 2008
X@@ -29,7 +29,7 @@
X 
X # Inserts our own modules path first in the list
X # fix for bug #343821
X-sys.path.insert(1, "/usr/share/fail2ban")
X+sys.path.insert(1, "%%PREFIX%%/share/fail2ban")
X 
X from common.version import version
X from server.server import Server
END-of-fail2ban/files/patch-fail2ban-server
echo x - fail2ban/files/patch-setup.cfg
sed 's/^X//' >fail2ban/files/patch-setup.cfg << 'END-of-fail2ban/files/patch-setup.cfg'
X--- setup.cfg.orig	Sat May 19 07:04:59 2007
X+++ setup.cfg	Sat Jan  5 23:24:55 2008
X@@ -1,5 +1,5 @@
X [install]
X-install-purelib=/usr/share/fail2ban
X+install-purelib=%%PREFIX%%/share/fail2ban
X 
X [sdist]
X formats=bztar
END-of-fail2ban/files/patch-setup.cfg
echo x - fail2ban/files/patch-setup.py
sed 's/^X//' >fail2ban/files/patch-setup.py << 'END-of-fail2ban/files/patch-setup.py'
X--- setup.py.orig	Sat May 19 07:04:59 2007
X+++ setup.py	Sun Jan  6 15:32:14 2008
X@@ -60,14 +60,14 @@
X 					'server'
X 				], 
X 	data_files =	[
X-						('/etc/fail2ban', 
X-							glob("config/*.conf")
X+						('%%PREFIX%%/etc/fail2ban', 
X+							glob("config/*.conf.sample")
X 						), 
X-						('/etc/fail2ban/filter.d', 
X-							glob("config/filter.d/*.conf")
X+						('%%PREFIX%%/etc/fail2ban/filter.d', 
X+							glob("config/filter.d/*.conf.sample")
X 						), 
X-						('/etc/fail2ban/action.d', 
X-							glob("config/action.d/*.conf")
X+						('%%PREFIX%%/etc/fail2ban/action.d', 
X+							glob("config/action.d/*.conf.sample")
X 						)
X 					]
X )
X@@ -76,21 +76,21 @@
X # Search for obsolete files.
X obsoleteFiles = []
X elements =	{
X-				"/etc/":
X+				"%%PREFIX%%/etc/":
X 					[
X 						"fail2ban.conf"
X 					], 
X-				"/usr/bin/":
X+				"%%PREFIX%%/bin/":
X 					[
X 						"fail2ban.py"
X 					], 
X-				"/usr/lib/fail2ban/firewall/":
X+				"%%PREFIX%%/lib/fail2ban/firewall/":
X 					[
X 						"iptables.py", 
X 						"ipfwadm.py", 
X 						"ipfw.py"
X 					],
X-				"/usr/lib/fail2ban/":
X+				"%%PREFIX%%/lib/fail2ban/":
X 					[
X 						"version.py", 
X 						"protocol.py"
X@@ -113,16 +113,16 @@
X 		print "\t" + f
X 	print
X 
X-if isdir("/usr/lib/fail2ban"):
X+if isdir("%%PREFIX%%/lib/fail2ban"):
X 	print
X-	print "Fail2ban is not installed under /usr/lib anymore. The new " \
X-		  "location is under /usr/share. Please remove the directory " \
X-		  "/usr/lib/fail2ban and everything under this directory."
X+	print "Fail2ban is not installed under %%PREFIX%%/lib anymore. The new " \
X+		  "location is under %%PREFIX%%/share. Please remove the directory " \
X+		  "%%PREFIX%%/lib/fail2ban and everything under this directory."
X 	print
X 
X # Update config file
X if argv[1] == "install":
X 	print
X 	print "Please do not forget to update your configuration files."
X-	print "They are in /etc/fail2ban/."
X+	print "They are in %%PREFIX%%/etc/fail2ban/."
X 	print
END-of-fail2ban/files/patch-setup.py
exit



>Release-Note:
>Audit-Trail:
>Unformatted:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200801082014.m08KEOA1054846>