fail2ban: cherry picked openssh 9.8 support, fixed default dovecot path
This commit is contained in:
parent
dca04582b9
commit
262720ee8f
GPG Key ID:
42F8B4E30B673606
@ -1,7 +1,9 @@
|
|||||||
untrusted comment: verify with /etc/ports/contrib.pub
|
untrusted comment: verify with /etc/ports/contrib.pub
|
||||||
RWSagIOpLGJF33o9DDq2YFji6O8kFa1yGvguKAZMuFNtL4zaYbPqV3/4xWZTjOeXBYRZUVfRMGQqrj4zlSUWZMZZLxfTTeBUDQA=
|
RWSagIOpLGJF3xFFFJKXR0GoJGIw/MMwGPQXStLZGdxab+yvW+pR8kU9qMPu/yTIolUu6HiJ+59R2BjFZwZj9VdwrEwi3YM7ngA=
|
||||||
SHA256 (Pkgfile) = 8374f641deb4de9fe2c3bf1d99e0f7338a72d11c2ade7c5acecd4bf5e6c26127
|
SHA256 (Pkgfile) = c28eb3eb6c8af0cdcc8e978f6594d1dc17d19920eb25b518893bcbe9263e40ae
|
||||||
SHA256 (.footprint) = 820f8ec11bd2570df5ff505cc059a5f46e8aa7a24956065289cbb0bf543a64c7
|
SHA256 (.footprint) = 820f8ec11bd2570df5ff505cc059a5f46e8aa7a24956065289cbb0bf543a64c7
|
||||||
SHA256 (fail2ban-1.1.0.tar.gz) = 474fcc25afdaf929c74329d1e4d24420caabeea1ef2e041a267ce19269570bae
|
SHA256 (fail2ban-1.1.0.tar.gz) = 474fcc25afdaf929c74329d1e4d24420caabeea1ef2e041a267ce19269570bae
|
||||||
|
SHA256 (2fed408c05ac5206b490368d94599869bd6a056d.patch) = 1a1a251de039cf567ac81be76ab2b516a44a68751b4432145159fe3b3a59a24a
|
||||||
|
SHA256 (50ff131a0fd8f54fdeb14b48353f842ee8ae8c1a.patch) = b959a99fcdf1aa9966e33845fa7522cdf2cc256e98d5230ac47b28057ca70690
|
||||||
SHA256 (fail2ban.rc) = 2ce3ca9c641dcaa29028909b4f9a2d7f22533ac9d3be9aba45a8362fcb4e36b0
|
SHA256 (fail2ban.rc) = 2ce3ca9c641dcaa29028909b4f9a2d7f22533ac9d3be9aba45a8362fcb4e36b0
|
||||||
SHA256 (paths-crux.conf) = 41e6c077c568d7e2fe600e893aa70d7912dcd0316a88f5a695f5ff0d558c8f82
|
SHA256 (paths-crux.conf) = 7362f8bfadb65a670ccaf5fe6d318776c7f08dd065f8c772da5c825354674e7e
|
||||||
|
|||||||
22
fail2ban/2fed408c05ac5206b490368d94599869bd6a056d.patch
Normal file
22
fail2ban/2fed408c05ac5206b490368d94599869bd6a056d.patch
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
From 2fed408c05ac5206b490368d94599869bd6a056d Mon Sep 17 00:00:00 2001
|
||||||
|
From: Fabian Dellwing <fabian.dellwing@mbconnectline.de>
|
||||||
|
Date: Tue, 2 Jul 2024 07:54:15 +0200
|
||||||
|
Subject: [PATCH] Adjust sshd filter for OpenSSH 9.8 new daemon name
|
||||||
|
|
||||||
|
---
|
||||||
|
config/filter.d/sshd.conf | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/config/filter.d/sshd.conf b/config/filter.d/sshd.conf
|
||||||
|
index 1c8a02deb5..a1fd749aed 100644
|
||||||
|
--- a/config/filter.d/sshd.conf
|
||||||
|
+++ b/config/filter.d/sshd.conf
|
||||||
|
@@ -16,7 +16,7 @@ before = common.conf
|
||||||
|
|
||||||
|
[DEFAULT]
|
||||||
|
|
||||||
|
-_daemon = sshd
|
||||||
|
+_daemon = (?:sshd(?:-session)?)
|
||||||
|
|
||||||
|
# optional prefix (logged from several ssh versions) like "error: ", "error: PAM: " or "fatal: "
|
||||||
|
__pref = (?:(?:error|fatal): (?:PAM: )?)?
|
||||||
22
fail2ban/50ff131a0fd8f54fdeb14b48353f842ee8ae8c1a.patch
Normal file
22
fail2ban/50ff131a0fd8f54fdeb14b48353f842ee8ae8c1a.patch
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
From 50ff131a0fd8f54fdeb14b48353f842ee8ae8c1a Mon Sep 17 00:00:00 2001
|
||||||
|
From: "Sergey G. Brester" <serg.brester@sebres.de>
|
||||||
|
Date: Wed, 3 Jul 2024 19:35:28 +0200
|
||||||
|
Subject: [PATCH] filter.d/sshd.conf: ungroup (unneeded for _daemon)
|
||||||
|
|
||||||
|
---
|
||||||
|
config/filter.d/sshd.conf | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/config/filter.d/sshd.conf b/config/filter.d/sshd.conf
|
||||||
|
index a1fd749aed..3a84b1ba52 100644
|
||||||
|
--- a/config/filter.d/sshd.conf
|
||||||
|
+++ b/config/filter.d/sshd.conf
|
||||||
|
@@ -16,7 +16,7 @@ before = common.conf
|
||||||
|
|
||||||
|
[DEFAULT]
|
||||||
|
|
||||||
|
-_daemon = (?:sshd(?:-session)?)
|
||||||
|
+_daemon = sshd(?:-session)?
|
||||||
|
|
||||||
|
# optional prefix (logged from several ssh versions) like "error: ", "error: PAM: " or "fatal: "
|
||||||
|
__pref = (?:(?:error|fatal): (?:PAM: )?)?
|
||||||
@ -6,14 +6,18 @@
|
|||||||
|
|
||||||
name=fail2ban
|
name=fail2ban
|
||||||
version=1.1.0
|
version=1.1.0
|
||||||
release=1
|
release=2
|
||||||
source=(https://github.com/fail2ban/$name/archive/$version/$name-$version.tar.gz
|
source=(https://github.com/fail2ban/$name/archive/$version/$name-$version.tar.gz
|
||||||
|
2fed408c05ac5206b490368d94599869bd6a056d.patch
|
||||||
|
50ff131a0fd8f54fdeb14b48353f842ee8ae8c1a.patch
|
||||||
fail2ban.rc
|
fail2ban.rc
|
||||||
paths-crux.conf)
|
paths-crux.conf)
|
||||||
|
|
||||||
build() {
|
build() {
|
||||||
cd $name-$version
|
cd $name-$version
|
||||||
|
|
||||||
|
patch -Np1 -i $SRC/2fed408c05ac5206b490368d94599869bd6a056d.patch
|
||||||
|
patch -Np1 -i $SRC/50ff131a0fd8f54fdeb14b48353f842ee8ae8c1a.patch
|
||||||
/usr/bin/python3 setup.py build
|
/usr/bin/python3 setup.py build
|
||||||
/usr/bin/python3 setup.py install --root=$PKG --prefix=/usr --skip-build
|
/usr/bin/python3 setup.py install --root=$PKG --prefix=/usr --skip-build
|
||||||
/usr/bin/python3 -mcompileall $PKG
|
/usr/bin/python3 -mcompileall $PKG
|
||||||
|
|||||||
@ -7,8 +7,8 @@ syslog_local0 = /var/log/messages
|
|||||||
syslog_authpriv = /var/log/auth.log
|
syslog_authpriv = /var/log/auth.log
|
||||||
syslog_daemon = %(syslog_local0)s
|
syslog_daemon = %(syslog_local0)s
|
||||||
syslog_ftp = %(syslog_local0)s
|
syslog_ftp = %(syslog_local0)s
|
||||||
syslog_mail =
|
syslog_mail = /var/log/mail
|
||||||
syslog_mail_warn =
|
syslog_mail_warn = %(syslog_mail)s
|
||||||
syslog_user = %(syslog_local0)s
|
syslog_user = %(syslog_local0)s
|
||||||
|
|
||||||
# Set the default syslog backend target to default_backend
|
# Set the default syslog backend target to default_backend
|
||||||
@ -48,12 +48,8 @@ vsftpd_log = /var/log/vsftpd.log
|
|||||||
postfix_log = %(syslog_mail_warn)s
|
postfix_log = %(syslog_mail_warn)s
|
||||||
postfix_backend = %(default_backend)s
|
postfix_backend = %(default_backend)s
|
||||||
|
|
||||||
dovecot_log = /var/log/dovecot
|
dovecot_log = %(syslog_mail_warn)s
|
||||||
dovecot_backend = %(default_backend)s
|
dovecot_backend = %(default_backend)s
|
||||||
|
|
||||||
# todo
|
|
||||||
#mysql_log =
|
|
||||||
#mysql_backend = %(default_backend)s
|
|
||||||
|
|
||||||
# Directory with ignorecommand scripts
|
# Directory with ignorecommand scripts
|
||||||
ignorecommands_dir = /etc/fail2ban/filter.d/ignorecommands
|
ignorecommands_dir = /etc/fail2ban/filter.d/ignorecommands
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user