wok rev 24536

updated fail2ban (0.10.4 -> 0.11.2)
author Hans-G?nter Theisgen
date Wed Feb 23 13:43:14 2022 +0100 (2022-02-23)
parents 7c0170dd3ecc
children 79a5bd723741
files fail2ban/description.txt fail2ban/receipt
line diff
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/fail2ban/description.txt	Wed Feb 23 13:43:14 2022 +0100
     1.3 @@ -0,0 +1,15 @@
     1.4 +Fail2ban scans log files (e.g. /var/log/apache/error_log) and
     1.5 +bans IPs that show the malicious signs -- too many password
     1.6 +failures, seeking for exploits, etc.
     1.7 +Generally Fail2Ban is then used to update firewall rules to
     1.8 +reject the IP addresses for a specified amount of time,
     1.9 +although any arbitrary other action (e.g. sending an email)
    1.10 +could also be configured.
    1.11 +Out of the box Fail2Ban comes with filters for various services
    1.12 +(apache, courier, ssh, etc).
    1.13 +
    1.14 +Fail2Ban is able to reduce the rate of incorrect authentications
    1.15 +attempts however it cannot eliminate the risk that weak
    1.16 +authentication presents.
    1.17 +Configure services to use only two factor or public/private
    1.18 +authentication mechanisms if you really want to protect services.

     2.1 --- a/fail2ban/receipt	Wed Feb 23 11:49:52 2022 +0000
     2.2 +++ b/fail2ban/receipt	Wed Feb 23 13:43:14 2022 +0100
     2.3 @@ -1,19 +1,20 @@
     2.4  # SliTaz package receipt.
     2.5  
     2.6  PACKAGE="fail2ban"
     2.7 -VERSION="0.10.4"
     2.8 +VERSION="0.11.2"
     2.9  CATEGORY="network"
    2.10  TAGS="monitor network"
    2.11  SHORT_DESC="Scans log files to ban IPs that make too many password failures."
    2.12  MAINTAINER="pascal.bellard@slitaz.org"
    2.13  LICENSE="GPL2"
    2.14 -WEB_SITE="http://www.fail2ban.org/wiki/index.php/Main_Page"
    2.15 +WEB_SITE="https://www.fail2ban.org/wiki/index.php/Main_Page"
    2.16  
    2.17  TARBALL="$PACKAGE-$VERSION.tar.gz"
    2.18  WGET_URL="https://github.com/$PACKAGE/$PACKAGE/archive/$VERSION.tar.gz"
    2.19  
    2.20 -DEPENDS="iptables"
    2.21 +DEPENDS="iptables python"
    2.22  BUILD_DEPENDS="python"
    2.23 +
    2.24  CONFIG_FILES="/etc/fail2ban"
    2.25  
    2.26  current_version()
    2.27 @@ -31,13 +32,16 @@
    2.28  # Rules to gen a SliTaz package suitable for Tazpkg.
    2.29  genpkg_rules()
    2.30  {
    2.31 -	mkdir -p $fs/etc/logrotate.d $fs/etc/init.d
    2.32 -	cp -a $install/* $fs
    2.33 -	sed -i -e 's|127.0.0.1.*|& 192.168.0.0/16|;s|sshd.log|messages|' \
    2.34 -		-e '/ssh-iptables/{nn;s/false/true/}' $fs/etc/fail2ban/jail.conf
    2.35 +	mkdir -p $fs/etc/logrotate.d
    2.36 +	mkdir -p $fs/etc/init.d
    2.37  
    2.38 -	cp -a $stuff/etc/fail2ban/  $fs/etc/
    2.39 -	cp -a $stuff/etc/init.d  $fs/etc/
    2.40 +	cp -a $install/*	$fs
    2.41 +	sed -i	-e 's|127.0.0.1.*|& 192.168.0.0/16|;s|sshd.log|messages|' \
    2.42 +		-e '/ssh-iptables/{nn;s/false/true/}' \
    2.43 +		$fs/etc/fail2ban/jail.conf
    2.44 +
    2.45 +	cp -a $stuff/etc/fail2ban	$fs/etc
    2.46 +	cp -a $stuff/etc/init.d		$fs/etc
    2.47  
    2.48  	cat >> $fs/etc/fail2ban/jail.conf <<EOT
    2.49  [apache-noscript]