# HG changeset patch # User Pascal Bellard # Date 1344878101 -7200 # Node ID 19fbe1c329d09222cb8cb1747de7e03fdc2ffff1 # Parent a13a6c5b176e3a94875697a985240b08c0d211d2 fail2ban: add fail2ban filter diff -r a13a6c5b176e -r 19fbe1c329d0 dev86/stuff/com2exe --- a/dev86/stuff/com2exe Sun Aug 12 15:55:25 2012 +0200 +++ b/dev86/stuff/com2exe Mon Aug 13 19:15:01 2012 +0200 @@ -1,10 +1,10 @@ #!/bin/sh -[ ! -s "$1" ] && echo "Usage: $0 file.com > file.exe" && exit 1 -S=$(stat -c %s $1) +[ ! -s "$1" ] && echo "Usage: $0 file.com [extra_ss]> file.exe" && exit 1 +S=$((32+$(stat -c %s $1))) P=$((($S+511)/512)) E=$((4096-(32*$P))) -for i in 0x5A4D $(($S%512)) $P 0 2 $E $E $((($P/128)*256-16)) -2 0 256 -16 28 0 0 0 +for i in 0x5A4D $(($S%512)) $P 0 2 $E $E $((${2:-0}-16)) -2 0 256 -16 28 0 0 0 do printf '\\\\x%02X\\\\x%02X' $(($i&255)) $((($i>>8)&255)) | xargs echo -en done cat $1 diff -r a13a6c5b176e -r 19fbe1c329d0 fail2ban/receipt --- a/fail2ban/receipt Sun Aug 12 15:55:25 2012 +0200 +++ b/fail2ban/receipt Mon Aug 13 19:15:01 2012 +0200 @@ -26,6 +26,7 @@ { mkdir -p $fs/etc/logrotate.d $fs/etc/init.d cp -a $install/* $fs + sed -i 's/= \\s\*(/= \\s*\\S+\\s\*(/' > /etc/fail2ban/filter.d/common.conf sed -i -e 's|127.0.0.1|& 192.168.0.0/16|;s|sshd.log|messages|' \ -e '/ssh-iptables/{nn;s/false/true/}' $fs/etc/fail2ban/jail.conf cat >> $fs/etc/fail2ban/jail.conf < $fs/etc/logrotate.d/fail2ban <" can +# be used for standard IP/hostname matching and is only an alias for +# (?:::f{4,6}:)?(?P\S+) +# Values: TEXT +# + +# Count all bans in the logfile +failregex = fail2ban.actions: WARNING \[(.*)\] Ban + +# Option: ignoreregex +# Notes.: regex to ignore. If this regex matches, the line is ignored. +# Values: TEXT +# +# Ignore our own bans, to keep our counts exact. +# In your config, name your jail 'fail2ban', or change this line! +ignoreregex = fail2ban.actions: WARNING \[fail2ban\] Ban +