wok-current annotate fail2ban/receipt @ rev 25117
updated pcre2 and pcre2-dev (10.34 -> 10.40)
author | Hans-G?nter Theisgen |
---|---|
date | Sat Jun 25 16:50:46 2022 +0100 (2022-06-25) |
parents | 5ea0ce1cecc0 |
children |
rev | line source |
---|---|
pascal@1809 | 1 # SliTaz package receipt. |
pascal@1809 | 2 |
pascal@1809 | 3 PACKAGE="fail2ban" |
Hans-G?nter@24536 | 4 VERSION="0.11.2" |
pascal@1809 | 5 CATEGORY="network" |
Hans-G?nter@20908 | 6 TAGS="monitor network" |
Hans-G?nter@20908 | 7 SHORT_DESC="Scans log files to ban IPs that make too many password failures." |
pascal@1809 | 8 MAINTAINER="pascal.bellard@slitaz.org" |
pascal@15002 | 9 LICENSE="GPL2" |
Hans-G?nter@24536 | 10 WEB_SITE="https://www.fail2ban.org/wiki/index.php/Main_Page" |
Hans-G?nter@20908 | 11 |
pascal@15799 | 12 TARBALL="$PACKAGE-$VERSION.tar.gz" |
Hans-G?nter@20908 | 13 WGET_URL="https://github.com/$PACKAGE/$PACKAGE/archive/$VERSION.tar.gz" |
pascal@1809 | 14 |
Hans-G?nter@24536 | 15 DEPENDS="iptables python" |
Hans-G?nter@20908 | 16 BUILD_DEPENDS="python" |
Hans-G?nter@24536 | 17 |
Hans-G?nter@20908 | 18 CONFIG_FILES="/etc/fail2ban" |
pascal@13206 | 19 |
pascal@24055 | 20 current_version() |
pascal@24055 | 21 { |
pascal@24055 | 22 wget -O - ${WGET_URL%/arch*}/releases 2>/dev/null | \ |
pascal@24055 | 23 sed '/archive.*tar/!d;s|.*/\(.*\).tar.*|\1|;q' |
pascal@24055 | 24 } |
pascal@24055 | 25 |
pascal@1809 | 26 # Rules to configure and make the package. |
pascal@1809 | 27 compile_rules() |
pascal@1809 | 28 { |
pascal@11341 | 29 python setup.py install --root=$DESTDIR |
pascal@1809 | 30 } |
pascal@1809 | 31 |
pascal@1809 | 32 # Rules to gen a SliTaz package suitable for Tazpkg. |
pascal@1809 | 33 genpkg_rules() |
pascal@1809 | 34 { |
Hans-G?nter@24536 | 35 mkdir -p $fs/etc/logrotate.d |
Hans-G?nter@24536 | 36 mkdir -p $fs/etc/init.d |
al@18077 | 37 |
Hans-G?nter@24536 | 38 cp -a $install/* $fs |
Hans-G?nter@24536 | 39 sed -i -e 's|127.0.0.1.*|& 192.168.0.0/16|;s|sshd.log|messages|' \ |
Hans-G?nter@24536 | 40 -e '/ssh-iptables/{nn;s/false/true/}' \ |
Hans-G?nter@24536 | 41 $fs/etc/fail2ban/jail.conf |
Hans-G?nter@24536 | 42 |
Hans-G?nter@24536 | 43 cp -a $stuff/etc/fail2ban $fs/etc |
Hans-G?nter@24536 | 44 cp -a $stuff/etc/init.d $fs/etc |
al@18077 | 45 |
pascal@11341 | 46 cat >> $fs/etc/fail2ban/jail.conf <<EOT |
pascal@13258 | 47 [apache-noscript] |
pascal@13258 | 48 |
pascal@13258 | 49 enabled = false |
pascal@13258 | 50 port = http,https |
pascal@13258 | 51 filter = apache-noscript |
pascal@13258 | 52 action = iptables-allports[name=APACHE-NOSCRIPT] |
pascal@13258 | 53 logpath = /var/log/apache/*errors |
pascal@13258 | 54 maxretry = 2 |
pascal@13258 | 55 |
pascal@13258 | 56 [apache-proxy] |
pascal@13258 | 57 |
pascal@13258 | 58 enabled = false |
pascal@13258 | 59 port = http,https |
pascal@13258 | 60 filter = apache-proxy |
pascal@13258 | 61 action = iptables-allports[name=APACHE-PROXY] |
pascal@13258 | 62 logpath = /var/log/apache/*access |
pascal@13258 | 63 bantime = 172800 |
pascal@13258 | 64 maxretry = 2 |
pascal@13258 | 65 |
al@18077 | 66 [apache-w00tw00t] |
erjo@16729 | 67 enabled = false |
al@18077 | 68 filter = apache-w00tw00t |
al@18077 | 69 action = iptables[name=Apache-w00tw00t,port=80,protocol=tcp] |
al@18077 | 70 logpath = /var/log/apache/*access |
al@18077 | 71 maxretry = 1 |
al@18077 | 72 bantime = 172800 |
erjo@16729 | 73 |
pascal@13257 | 74 [lighttpd-fastcgi] |
pascal@13257 | 75 |
pascal@13257 | 76 enabled = false |
pascal@13257 | 77 port = http,https |
pascal@13257 | 78 filter = lighttpd-fastcgi |
pascal@13258 | 79 action = iptables-allports[name=LIGHTTPD-FASTCGI] |
pascal@13257 | 80 logpath = /var/log/lighttpd/*error*.log |
pascal@13257 | 81 maxretry = 2 |
pascal@13257 | 82 |
pascal@11341 | 83 [ssh-ddos] |
pascal@11341 | 84 |
pascal@11341 | 85 enabled = true |
pascal@11341 | 86 port = ssh,sftp |
pascal@11341 | 87 filter = sshd-ddos |
pascal@11341 | 88 action = iptables-allports[name=SSHDDOS] |
pascal@11341 | 89 logpath = /var/log/messages |
pascal@11341 | 90 maxretry = 2 |
pascal@11341 | 91 |
pascal@13225 | 92 [fail2ban] |
pascal@13225 | 93 enabled = true |
pascal@13225 | 94 filter = fail2ban |
pascal@13225 | 95 action = iptables-allports[name=FAIL2BAN] |
pascal@13225 | 96 logpath = /var/log/fail2ban.log |
pascal@13225 | 97 maxretry = 5 |
pascal@13225 | 98 findtime = 604800 |
pascal@13225 | 99 bantime = 604800 |
pascal@11341 | 100 EOT |
erjo@16729 | 101 #ln -s /usr/bin/fail2ban-client $fs/etc/init.d/fail2ban |
pascal@11341 | 102 cat > $fs/etc/logrotate.d/fail2ban <<EOT |
pascal@11341 | 103 /var/log/fail2ban.log { |
pascal@11341 | 104 weekly |
pascal@11341 | 105 rotate 10 |
pascal@11341 | 106 compress |
pascal@11341 | 107 postrotate |
pascal@11341 | 108 /etc/init.d/fail2ban reload >/dev/null || true |
pascal@11341 | 109 endscript |
pascal@1809 | 110 } |
pascal@11341 | 111 EOT |
pascal@11341 | 112 } |