wok view fail2ban/receipt @ rev 25793
reverted version 4.14.1 to 4.12.0 for xfconf packages
author | Hans-G?nter Theisgen |
---|---|
date | Wed Oct 23 15:16:12 2024 +0100 (7 days ago) |
parents | 528420e28cb9 |
children |
line source
1 # SliTaz package receipt.
3 PACKAGE="fail2ban"
4 VERSION="0.11.2"
5 CATEGORY="network"
6 TAGS="monitor network"
7 SHORT_DESC="Scans log files to ban IPs that make too many password failures."
8 MAINTAINER="pascal.bellard@slitaz.org"
9 LICENSE="GPL2"
10 WEB_SITE="https://www.fail2ban.org/wiki/index.php/Main_Page"
12 TARBALL="$PACKAGE-$VERSION.tar.gz"
13 WGET_URL="https://github.com/$PACKAGE/$PACKAGE/archive/$VERSION.tar.gz"
15 DEPENDS="iptables python"
16 BUILD_DEPENDS="python"
18 CONFIG_FILES="/etc/fail2ban"
20 # What is the latest version available today?
21 current_version()
22 {
23 wget -O - ${WGET_URL%/arch*}/releases 2>/dev/null | \
24 sed '/tag\//!d;s|.*tag/v*||;s|".*||;q'
25 }
27 # Rules to configure and make the package.
28 compile_rules()
29 {
30 python setup.py install --root=$DESTDIR
31 }
33 # Rules to gen a SliTaz package suitable for Tazpkg.
34 genpkg_rules()
35 {
36 mkdir -p $fs/etc/logrotate.d
37 mkdir -p $fs/etc/init.d
39 cp -a $install/* $fs
40 sed -i -e 's|127.0.0.1.*|& 192.168.0.0/16|;s|sshd.log|messages|' \
41 -e '/ssh-iptables/{nn;s/false/true/}' \
42 $fs/etc/fail2ban/jail.conf
44 cp -a $stuff/etc/fail2ban $fs/etc
45 cp -a $stuff/etc/init.d $fs/etc
47 cat >> $fs/etc/fail2ban/jail.conf <<EOT
48 [apache-noscript]
50 enabled = false
51 port = http,https
52 filter = apache-noscript
53 action = iptables-allports[name=APACHE-NOSCRIPT]
54 logpath = /var/log/apache/*errors
55 maxretry = 2
57 [apache-proxy]
59 enabled = false
60 port = http,https
61 filter = apache-proxy
62 action = iptables-allports[name=APACHE-PROXY]
63 logpath = /var/log/apache/*access
64 bantime = 172800
65 maxretry = 2
67 [apache-w00tw00t]
68 enabled = false
69 filter = apache-w00tw00t
70 action = iptables[name=Apache-w00tw00t,port=80,protocol=tcp]
71 logpath = /var/log/apache/*access
72 maxretry = 1
73 bantime = 172800
75 [lighttpd-fastcgi]
77 enabled = false
78 port = http,https
79 filter = lighttpd-fastcgi
80 action = iptables-allports[name=LIGHTTPD-FASTCGI]
81 logpath = /var/log/lighttpd/*error*.log
82 maxretry = 2
84 [ssh-ddos]
86 enabled = true
87 port = ssh,sftp
88 filter = sshd-ddos
89 action = iptables-allports[name=SSHDDOS]
90 logpath = /var/log/messages
91 maxretry = 2
93 [fail2ban]
94 enabled = true
95 filter = fail2ban
96 action = iptables-allports[name=FAIL2BAN]
97 logpath = /var/log/fail2ban.log
98 maxretry = 5
99 findtime = 604800
100 bantime = 604800
101 EOT
102 #ln -s /usr/bin/fail2ban-client $fs/etc/init.d/fail2ban
103 cat > $fs/etc/logrotate.d/fail2ban <<EOT
104 /var/log/fail2ban.log {
105 weekly
106 rotate 10
107 compress
108 postrotate
109 /etc/init.d/fail2ban reload >/dev/null || true
110 endscript
111 }
112 EOT
113 }