wok view fail2ban/receipt @ rev 11341
fail2ban: enable ssh filter
author | Pascal Bellard <pascal.bellard@slitaz.org> |
---|---|
date | Sat Nov 26 15:38:48 2011 +0100 (2011-11-26) |
parents | 59009b1c6878 |
children | ad0b23f0fdd8 |
line source
1 # SliTaz package receipt.
3 PACKAGE="fail2ban"
4 VERSION="0.8.4"
5 CATEGORY="network"
6 SHORT_DESC="Scans log files to bans IP that makes too many password failures."
7 MAINTAINER="pascal.bellard@slitaz.org"
8 TARBALL="$PACKAGE-$VERSION.tar.bz2"
9 WEB_SITE="http://www.fail2ban.org/wiki/index.php/Main_Page"
10 DEPENDS="iptables"
11 BUILD_DEPENDS="python"
12 WGET_URL="$SF_MIRROR/$PACKAGE/$TARBALL"
13 TAGS="monitor network"
14 CONFIG_FILES="/etc/fail2ban"
16 # Rules to configure and make the package.
17 compile_rules()
18 {
19 cd $src
20 python setup.py install --root=$DESTDIR
21 }
23 # Rules to gen a SliTaz package suitable for Tazpkg.
24 genpkg_rules()
25 {
26 mkdir -p $fs/etc/logrotate.d
27 cp -a $_pkg/* $fs
28 sed -i -e 's|127.0.01|& 192.168.0.0/16|;s|sshd.log|messages|' \
29 -e '/ssh-iptables/{nn;s/false/true/}' $fs/etc/fail2ban/jail.conf
30 cat >> $fs/etc/fail2ban/jail.conf <<EOT
31 [ssh-ddos]
33 enabled = true
34 port = ssh,sftp
35 filter = sshd-ddos
36 action = iptables-allports[name=SSHDDOS]
37 logpath = /var/log/messages
38 maxretry = 2
40 EOT
41 ln -s /usr/bin/fail2ban-client $fs/etc/init.d/fail2ban
42 cat > $fs/etc/logrotate.d/fail2ban <<EOT
43 /var/log/fail2ban.log {
44 weekly
45 rotate 10
46 compress
47 postrotate
48 /etc/init.d/fail2ban reload >/dev/null || true
49 endscript
50 }
51 EOT
52 }