Merge remote branch 'origin/2.2' into 2.2

sshdfilter/.footprint

@@ -0,0 +1,12 @@
+drwxr-xr-x	root/root	etc/
+drwxr-xr-x	root/root	etc/rc.d/
+-rwxr-xr-x	root/root	etc/rc.d/sshdfilter
+-rw-------	root/root	etc/sshdfilterrc
+drwxr-xr-x	root/root	usr/
+drwxr-xr-x	root/root	usr/man/
+drwxr-xr-x	root/root	usr/man/man1/
+-rw-r--r--	root/root	usr/man/man1/sshdfilter.1.gz
+drwxr-xr-x	root/root	usr/man/man5/
+-rw-r--r--	root/root	usr/man/man5/sshdfilterrc.5.gz
+drwxr-xr-x	root/root	usr/sbin/
+-rwxr-xr-x	root/root	usr/sbin/sshdfilter

sshdfilter/.md5sum

@@ -0,0 +1,2 @@
+868770ad15031f4cf7deca28ae0cc27a  sshdfilter
+81b1438123138bb9e6a2e2b6c2e42f5d  sshdfilter-1.4.5.tar.gz

sshdfilter/Pkgfile

@@ -0,0 +1,18 @@
+# Description:	ssh brute force attack blocker
+# URL:		http://www.csc.liv.ac.uk/~greg/sshdfilter/
+# Maintainer:	Alan Mizrahi, alan at mizrahi dot com dot ve
+# Depends on:	openssh, iptables, perl
+
+name=sshdfilter
+version=1.4.5
+release=1
+source=(http://www.csc.liv.ac.uk/~greg/sshdfilter-$version.tar.gz sshdfilter)
+
+build () {
+	cd $name-$version
+	install -m 755 -o root -g root -D sshdfilter.rhFC30 $PKG/usr/sbin/sshdfilter
+	install -m 755 -o root -g root -D $SRC/sshdfilter $PKG/etc/rc.d/sshdfilter
+	install -m 600 -o root -g root -D etc/sshdfilterrc $PKG/etc/sshdfilterrc
+	install -m 644 -o root -g root -D docs/sshdfilter.1 $PKG/usr/man/man1/sshdfilter.1
+	install -m 644 -o root -g root -D docs/sshdfilterrc.5 $PKG/usr/man/man5/sshdfilterrc.5
+}

sshdfilter/README

@@ -0,0 +1,20 @@
+REQUIREMENTS
+
+PRE-INSTALL
+
+	* This port depends on having netfilter enabled in the kernel
+
+POST-INSTALL
+
+	* Add the SSHD chain to your firewall setup:
+	iptables -N SSHD
+
+	* Add a jump to SSHD rule:
+	iptables -A INPUT -p tcp -m tcp --dport 22 -j SSHD
+
+	* Store your new iptables rules somewhere persistent
+
+	* To start sshd with filtering, use /etc/rc.d/sshdfilter instead of
+	  /etc/rc.d/sshd
+
+PRECAUTION

sshdfilter/sshdfilter

@@ -0,0 +1,37 @@
+#!/bin/sh
+#
+# /etc/rc.d/sshd: start/stop ssh daemon with filtering enabled
+#
+
+case $1 in
+start)
+	if [ ! -f /etc/ssh/ssh_host_key ]; then
+		/usr/bin/ssh-keygen -t rsa1 -N "" -f /etc/ssh/ssh_host_key > /dev/null
+	fi
+	if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
+		/usr/bin/ssh-keygen -t rsa -N "" -f /etc/ssh/ssh_host_rsa_key > /dev/null
+	fi
+	if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
+		/usr/bin/ssh-keygen -t dsa -N "" -f /etc/ssh/ssh_host_dsa_key > /dev/null
+	fi
+	/usr/sbin/sshdfilter
+	;;
+stop)
+	if [ -f /var/run/sshd.pid ]; then
+		kill `cat /var/run/sshd.pid`
+		rm -f /var/run/ssh.pid
+	else
+		killall -q /usr/sbin/sshd
+	fi
+	;;
+restart)
+	$0 stop
+	sleep 2
+	$0 start
+	;;
+*)
+	echo "usage: $0 [start|stop|restart]"
+	;;
+esac
+
+# End of file

uptimed/.footprint

@@ -6,7 +6,6 @@ drwxr-xr-x	root/root	usr/
 drwxr-xr-x	root/root	usr/bin/
 -rwxr-xr-x	root/root	usr/bin/uprecords
 drwxr-xr-x	root/root	usr/lib/
--rw-r--r--	root/root	usr/lib/libuptimed.a
 -rwxr-xr-x	root/root	usr/lib/libuptimed.la
 lrwxrwxrwx	root/root	usr/lib/libuptimed.so -> libuptimed.so.0.0.0
 lrwxrwxrwx	root/root	usr/lib/libuptimed.so.0 -> libuptimed.so.0.0.0

uptimed/.md5sum

@@ -1,2 +1,2 @@
 e6ef350822a8ce092e3810c6c67cbf75  rc.uptimed
-23018bc24b33709ab98c99367595fa4f  uptimed-0.3.8.tar.bz2
+f1aa5b40c021fc839dde0381366027aa  uptimed-0.3.9.tar.bz2

uptimed/Pkgfile

@@ -3,7 +3,7 @@
 # Maintainer:	Mark Rosenstand, mark at borkware dot net
 
 name=uptimed
-version=0.3.8
+version=0.3.9
 release=1
 source=(http://podgorny.cz/uptimed/releases/uptimed-$version.tar.bz2
 	rc.uptimed)
@@ -14,7 +14,11 @@ build() {
 	sed -i etc/uptimed.conf-dist \
 	    -e /^SENDMAIL=/s:lib:sbin: \
 	    -e s:^PIDFILE=.*:'&.pid':
-	./configure --prefix=/usr --sysconfdir=/etc --mandir=/usr/man
+	./configure \
+		--prefix=/usr \
+		--sysconfdir=/etc \
+		--mandir=/usr/man \
+		--disable-static
 	make
 	make DESTDIR=$PKG install
 	mv $PKG/etc/uptimed.conf-dist $PKG/etc/uptimed.conf