wok-6.x view fail2ban/receipt @ rev 15090

pinentry: add bdeps...
author Pascal Bellard <pascal.bellard@slitaz.org>
date Tue Aug 13 21:20:52 2013 +0000 (2013-08-13)
parents 83db47742d2a
children 887e3a1c56a5
line source
1 # SliTaz package receipt.
3 PACKAGE="fail2ban"
4 VERSION="0.8.7.1"
5 CATEGORY="network"
6 SHORT_DESC="Scans log files to bans IP that makes too many password failures."
7 MAINTAINER="pascal.bellard@slitaz.org"
8 LICENSE="GPL2"
9 TARBALL="${PACKAGE}_${VERSION}.orig.tar.gz"
10 WEB_SITE="http://www.fail2ban.org/wiki/index.php/Main_Page"
11 WGET_URL="https://github.com/downloads/$PACKAGE/$PACKAGE/$TARBALL"
12 TAGS="monitor network"
13 CONFIG_FILES="/etc/fail2ban"
15 DEPENDS="iptables"
16 BUILD_DEPENDS="python wget"
18 # Rules to configure and make the package.
19 compile_rules()
20 {
21 cd $src
22 python setup.py install --root=$DESTDIR
23 }
25 # Rules to gen a SliTaz package suitable for Tazpkg.
26 genpkg_rules()
27 {
28 mkdir -p $fs/etc/logrotate.d $fs/etc/init.d
29 cp -a $install/* $fs
30 sed -i 's/= \\s\*(/= \\s*\\S+\\s\*(/' > $fs/etc/fail2ban/filter.d/common.conf
31 sed -i -e 's|127.0.0.1|& 192.168.0.0/16|;s|sshd.log|messages|' \
32 -e '/ssh-iptables/{nn;s/false/true/}' $fs/etc/fail2ban/jail.conf
33 cat >> $fs/etc/fail2ban/jail.conf <<EOT
34 [apache-noscript]
36 enabled = false
37 port = http,https
38 filter = apache-noscript
39 action = iptables-allports[name=APACHE-NOSCRIPT]
40 logpath = /var/log/apache/*errors
41 maxretry = 2
43 [apache-proxy]
45 enabled = false
46 port = http,https
47 filter = apache-proxy
48 action = iptables-allports[name=APACHE-PROXY]
49 logpath = /var/log/apache/*access
50 bantime = 172800
51 maxretry = 2
53 [lighttpd-fastcgi]
55 enabled = false
56 port = http,https
57 filter = lighttpd-fastcgi
58 action = iptables-allports[name=LIGHTTPD-FASTCGI]
59 logpath = /var/log/lighttpd/*error*.log
60 maxretry = 2
62 [ssh-ddos]
64 enabled = true
65 port = ssh,sftp
66 filter = sshd-ddos
67 action = iptables-allports[name=SSHDDOS]
68 logpath = /var/log/messages
69 maxretry = 2
71 [fail2ban]
72 enabled = true
73 filter = fail2ban
74 action = iptables-allports[name=FAIL2BAN]
75 logpath = /var/log/fail2ban.log
76 maxretry = 5
77 findtime = 604800
78 bantime = 604800
79 EOT
80 ln -s /usr/bin/fail2ban-client $fs/etc/init.d/fail2ban
81 cat > $fs/etc/logrotate.d/fail2ban <<EOT
82 /var/log/fail2ban.log {
83 weekly
84 rotate 10
85 compress
86 postrotate
87 /etc/init.d/fail2ban reload >/dev/null || true
88 endscript
89 }
90 EOT
91 }