Git-Url:
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=043bd03be7a21d08d94983d7279eb6ce0e6748b1
commit 043bd03be7a21d08d94983d7279eb6ce0e6748b1
Author: DeX77 <de...@frugalware.org>
Date: Tue Aug 8 14:49:34 2017 +0200
denyhosts-2.6-6-x86_64
* replaced by fail2ban
diff --git a/source/network-extra/denyhosts/CVE-2013-6890.patch
b/source/network-extra/denyhosts/CVE-2013-6890.patch
deleted file mode 100644
index 496f3f1..0000000
--- a/source/network-extra/denyhosts/CVE-2013-6890.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-diff -up DenyHosts-2.6/DenyHosts/regex.py.CVE-2013-6890
DenyHosts-2.6/DenyHosts/regex.py
---- DenyHosts-2.6/DenyHosts/regex.py.CVE-2013-6890 2014-01-06
16:39:32.505865176 -0600
-+++ DenyHosts-2.6/DenyHosts/regex.py 2014-01-06 22:05:52.675094771 -0600
-@@ -6,23 +6,22 @@ import re
-
- #DATE_FORMAT_REGEX = re.compile(r"""(?P<month>[A-z]{3,3})\s*(?P<day>\d+)""")
-
--SSHD_FORMAT_REGEX = re.compile(r""".* (sshd.*:|\[sshd\]) (?P<message>.*)""")
-+SSHD_FORMAT_REGEX = re.compile(r""".*? (sshd.*?:|\[sshd\]) (?P<message>.*)""")
- #SSHD_FORMAT_REGEX = re.compile(r""".* sshd.*: (?P<message>.*)""")
-
--FAILED_ENTRY_REGEX = re.compile(r"""Failed (?P<method>.*) for
(?P<invalid>invalid user |illegal user )?(?P<user>.*?) .*from
(::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
-+FAILED_ENTRY_REGEX = re.compile(r"""Failed (?P<method>\S*) for
(?P<invalid>invalid user |illegal user )?(?P<user>.*) from
(::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""")
-
--FAILED_ENTRY_REGEX2 = re.compile(r"""(?P<invalid>(Illegal|Invalid)) user
(?P<user>.*?) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
-+FAILED_ENTRY_REGEX2 = re.compile(r"""(?P<invalid>(Illegal|Invalid)) user
(?P<user>.*) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""")
-
--FAILED_ENTRY_REGEX3 = re.compile(r"""Authentication failure for (?P<user>.*)
.*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
-+FAILED_ENTRY_REGEX3 = None
-
--FAILED_ENTRY_REGEX4 = re.compile(r"""Authentication failure for (?P<user>.*)
.*from (?P<host>.*)""")
-+FAILED_ENTRY_REGEX4 = re.compile(r"""Authentication failure for (?P<user>.*)
from (::ffff:)?(?P<host>\S+)$""")
-
--FAILED_ENTRY_REGEX5 = re.compile(r"""User (?P<user>.*) .*from (?P<host>.*)
not allowed because none of user's groups are listed in AllowGroups""")
-+FAILED_ENTRY_REGEX5 = re.compile(r"""User (?P<user>.*) from
(::ffff:)?(?P<host>\S+) not allowed because none of user's groups are listed in
AllowGroups$""")
-
--FAILED_ENTRY_REGEX6 = re.compile(r"""Did not receive identification string
.*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
--
--FAILED_ENTRY_REGEX7 = re.compile(r"""User (?P<user>.*) not allowed because
not listed in AllowUsers""")
-+FAILED_ENTRY_REGEX6 = re.compile(r"""Did not receive identification string
.*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""")
-
-+FAILED_ENTRY_REGEX7 = re.compile(r"""User (?P<user>.*) from
(::ffff:)?(?P<host>\S+) not allowed because not listed in AllowUsers$""")
-
- # these are reserved for future versions
- FAILED_ENTRY_REGEX8 = None
-@@ -42,7 +41,7 @@ for i in FAILED_ENTRY_REGEX_RANGE:
- FAILED_ENTRY_REGEX_MAP[i] = rx
-
-
--SUCCESSFUL_ENTRY_REGEX = re.compile(r"""Accepted (?P<method>.*) for
(?P<user>.*?) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
-+SUCCESSFUL_ENTRY_REGEX = re.compile(r"""Accepted (?P<method>\S+) for
(?P<user>.*?) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""")
-
- TIME_SPEC_REGEX = re.compile(r"""(?P<units>\d*)\s*(?P<period>[smhdwy])?""")
-
diff --git a/source/network-extra/denyhosts/FrugalBuild
b/source/network-extra/denyhosts/FrugalBuild
deleted file mode 100644
index 4ae5174..0000000
--- a/source/network-extra/denyhosts/FrugalBuild
+++ /dev/null
@@ -1,48 +0,0 @@
-# Compiling Time: 0.01 SBU
-# Maintainer: crazy <cr...@frugalware.org>
-# Contributor: BMH1980 <bmh1...@frugalware.org>
-
-options+=('asneeded')
-
-pkgname=denyhosts
-pkgver=2.6
-pkgrel=6
-pkgdesc="DenyHosts is a utility to help sys admins thwart ssh hackers"
-_F_sourceforge_name="DenyHosts"
-Finclude sourceforge
-source=($source http://$pkgname.sf.net/faq.html $pkgname.service $pkgname.cfg)
-groups=('network-extra')
-archs=('i686' 'x86_64')
-depends=('python>=2.7')
-backup=('etc/denyhosts.cfg')
-_F_systemd_units=($pkgname=)
-Finclude systemd
-options+=('noversrc')
-sha1sums=('02143843cb7c37c986c222b7acc11f7b75eb7373' \
- '1b5277da9da5474af2eab1468a6bf6219f346b6e' \
- '0c5343b66970b4084b9bf600fc4d71447288adbc' \
- 'a8d7e5762e6b5c6d9f70243e98bc96cec760b1b3')
-
-
-# FSA fix ***
-source=(${source[@]} CVE-2013-6890.patch)
-sha1sums=(${sha1sums[@]} '04b64d2befcc1ae3f0f842a018e4d8cda2f31a7d')
-# ***********
-
-
-build()
-{
- Fcd DenyHosts-$pkgver
- Fbuild
- Fmkdir /etc /usr/share/{denyhosts/data,doc/$pkgname-$pkgver}
- Fln denyhosts.py /usr/bin/denyhosts
- Fmv /usr/share/denyhosts/*.txt /usr/share/doc/$pkgname-$pkgver/
- Fmv /usr/share/denyhosts/plugins/README.contrib
/usr/share/doc/$pkgname-$pkgver/
- Frm /usr/share/denyhosts/{daemon-control-dist,setup.py}
- Ffile /etc/$pkgname.cfg
- Fdoc faq.html
- Ffile /lib/systemd/system/$pkgname.service
- Fgenscriptlet
-}
-
-
diff --git a/source/network-extra/denyhosts/denyhosts.cfg
b/source/network-extra/denyhosts/denyhosts.cfg
deleted file mode 100644
index 676dc2e..0000000
--- a/source/network-extra/denyhosts/denyhosts.cfg
+++ /dev/null
@@ -1,464 +0,0 @@
- ############ THESE SETTINGS ARE REQUIRED ############
-
-########################################################################
-#
-# SECURE_LOG: the log file that contains sshd logging info
-# if you are not sure, grep "sshd:" /var/log/*
-#
-# The file to process can be overridden with the --file command line
-# argument
-#
-SECURE_LOG = /var/log/messages
-########################################################################
-
-########################################################################
-# HOSTS_DENY: the file which contains restricted host access information
-#
-HOSTS_DENY = /etc/hosts.deny
-#######################################################################
-
-########################################################################
-# PURGE_DENY: removed HOSTS_DENY entries that are older than this time
-# when DenyHosts is invoked with the --purge flag
-#
-# format is: i[dhwmy]
-# Where 'i' is an integer (eg. 7)
-# 'm' = minutes
-# 'h' = hours
-# 'd' = days
-# 'w' = weeks
-# 'y' = years
-#
-PURGE_DENY =
-#######################################################################
-
-#######################################################################
-# BLOCK_SERVICE: the service name that should be blocked in HOSTS_DENY
-#
-# man 5 hosts_access for details
-#
-# eg. sshd: 127.0.0.1 # will block sshd logins from 127.0.0.1
-#
-BLOCK_SERVICE = sshd
-#######################################################################
-
-#######################################################################
-#
-# DENY_THRESHOLD_INVALID: block each host after the number of failed login
-# attempts has exceeded this value. This value applies to invalid
-# user login attempts (eg. non-existent user accounts)
-#
-DENY_THRESHOLD_INVALID = 5
-#######################################################################
-
-#######################################################################
-#
-# DENY_THRESHOLD_VALID: block each host after the number of failed
-# login attempts has exceeded this value. This value applies to valid
-# user login attempts (eg. user accounts that exist in /etc/passwd) except
-# for the "root" user
-#
-DENY_THRESHOLD_VALID = 10
-#######################################################################
-
-#######################################################################
-#
-# DENY_THRESHOLD_ROOT: block each host after the number of failed
-# login attempts has exceeded this value. This value applies to
-# "root" user login attempts only.
-#
-DENY_THRESHOLD_ROOT = 1
-#######################################################################
-
-#######################################################################
-#
-# DENY_THRESHOLD_RESTRICTED: block each host after the number of failed
-# login attempts has exceeded this value. This value applies to
-# usernames that appear in the WORK_DIR/restricted-usernames file only.
-#
-DENY_THRESHOLD_RESTRICTED = 1
-#######################################################################
-
-#######################################################################
-#
-# WORK_DIR: the path that DenyHosts will use for writing data to
-# (it will be created if it does not already exist).
-#
-# Note: it is recommended that you use an absolute pathname
-# for this value (eg. /home/foo/denyhosts/data)
-#
-WORK_DIR = /usr/share/denyhosts/data
-#######################################################################
-
-#######################################################################
-#
-# SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS
-#
-# SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES|NO
-# If set to YES, if a suspicious login attempt results from an allowed-host
-# then it is considered suspicious. If this is NO, then suspicious logins
-# from allowed-hosts will not be reported. All suspicious logins from
-# ip addresses that are not in allowed-hosts will always be reported.
-#
-SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
-######################################################################
-
-######################################################################
-#
-# HOSTNAME_LOOKUP
-#
-# HOSTNAME_LOOKUP=YES|NO
-# If set to YES, for each IP address that is reported by Denyhosts,
-# the corresponding hostname will be looked up and reported as well
-# (if available).
-#
-HOSTNAME_LOOKUP=YES
-######################################################################
-
-######################################################################
-#
-# LOCK_FILE
-#
-# LOCK_FILE=/path/denyhosts
-# If this file exists when DenyHosts is run, then DenyHosts will exit
-# immediately. Otherwise, this file will be created upon invocation
-# and deleted upon exit. This ensures that only one instance is
-# running at a time.
-#
-LOCK_FILE = /var/run/denyhosts.pid
-######################################################################
-
- ############ THESE SETTINGS ARE OPTIONAL ############
-
-
-#######################################################################
-#
-# ADMIN_EMAIL: if you would like to receive emails regarding newly
-# restricted hosts and suspicious logins, set this address to
-# match your email address. If you do not want to receive these reports
-# leave this field blank (or run with the --noemail option)
-#
-ADMIN_EMAIL =
-#######################################################################
-
-#######################################################################
-#
-# SMTP_HOST and SMTP_PORT: if DenyHosts is configured to email
-# reports (see ADMIN_EMAIL) then these settings specify the
-# email server address (SMTP_HOST) and the server port (SMTP_PORT)
-#
-SMTP_HOST = localhost
-SMTP_PORT = 25
-#######################################################################
-
-#######################################################################
-#
-# SMTP_USERNAME and SMTP_PASSWORD: set these parameters if your
-# smtp email server requires authentication
-#
-#SMTP_USERNAME=foo
-#SMTP_PASSWORD=bar
-######################################################################
-
-#######################################################################
-#
-# SMTP_FROM: you can specify the "From:" address in messages sent
-# from DenyHosts when it reports thwarted abuse attempts
-#
-SMTP_FROM = DenyHosts <nobody@localhost>
-#######################################################################
-
-#######################################################################
-#
-# SMTP_SUBJECT: you can specify the "Subject:" of messages sent
-# by DenyHosts when it reports thwarted abuse attempts
-SMTP_SUBJECT = DenyHosts Report
-######################################################################
-
-######################################################################
-#
-# SMTP_DATE_FORMAT: specifies the format used for the "Date:" header
-# when sending email messages.
-#
-# for possible values for this parameter refer to: man strftime
-#
-# the default:
-#
-#SMTP_DATE_FORMAT = %a, %d %b %Y %H:%M:%S %z
-######################################################################
-
-######################################################################
-#
-# ALLOWED_HOSTS_HOSTNAME_LOOKUP
-#
-# ALLOWED_HOSTS_HOSTNAME_LOOKUP=YES|NO
-# If set to YES, for each entry in the WORK_DIR/allowed-hosts file,
-# the hostname will be looked up. If your versions of tcp_wrappers
-# and sshd sometimes log hostnames in addition to ip addresses
-# then you may wish to specify this option.
-#
-#ALLOWED_HOSTS_HOSTNAME_LOOKUP=NO
-######################################################################
-
-######################################################################
-#
-# AGE_RESET_VALID: Specifies the period of time between failed login
-# attempts that, when exceeded will result in the failed count for
-# this host to be reset to 0. This value applies to login attempts
-# to all valid users (those within /etc/passwd) with the
-# exception of root. If not defined, this count will never
-# be reset.
-#
-# See the comments in the PURGE_DENY section (above)
-# for details on specifying this value or for complete details
-# refer to: http://denyhosts.sourceforge.net/faq.html#timespec
-#
-AGE_RESET_VALID=5d
-######################################################################
-
-######################################################################
-#
-# AGE_RESET_ROOT: Specifies the period of time between failed login
-# attempts that, when exceeded will result in the failed count for
-# this host to be reset to 0. This value applies to all login
-# attempts to the "root" user account. If not defined,
-# this count will never be reset.
-#
-# See the comments in the PURGE_DENY section (above)
-# for details on specifying this value or for complete details
-# refer to: http://denyhosts.sourceforge.net/faq.html#timespec
-#
-AGE_RESET_ROOT=25d
-######################################################################
-
-######################################################################
-#
-# AGE_RESET_RESTRICTED: Specifies the period of time between failed login
-# attempts that, when exceeded will result in the failed count for
-# this host to be reset to 0. This value applies to all login
-# attempts to entries found in the WORK_DIR/restricted-usernames file.
-# If not defined, the count will never be reset.
-#
-# See the comments in the PURGE_DENY section (above)
-# for details on specifying this value or for complete details
-# refer to: http://denyhosts.sourceforge.net/faq.html#timespec
-#
-AGE_RESET_RESTRICTED=25d
-######################################################################
-
-######################################################################
-#
-# AGE_RESET_INVALID: Specifies the period of time between failed login
-# attempts that, when exceeded will result in the failed count for
-# this host to be reset to 0. This value applies to login attempts
-# made to any invalid username (those that do not appear
-# in /etc/passwd). If not defined, count will never be reset.
-#
-# See the comments in the PURGE_DENY section (above)
-# for details on specifying this value or for complete details
-# refer to: http://denyhosts.sourceforge.net/faq.html#timespec
-#
-AGE_RESET_INVALID=10d
-######################################################################
-
-######################################################################
-#
-# RESET_ON_SUCCESS: If this parameter is set to "yes" then the
-# failed count for the respective ip address will be reset to 0
-# if the login is successful.
-#
-# The default is RESET_ON_SUCCESS = no
-#
-#RESET_ON_SUCCESS = yes
-#####################################################################
-
-######################################################################
-#
-# PLUGIN_DENY: If set, this value should point to an executable
-# program that will be invoked when a host is added to the
-# HOSTS_DENY file. This executable will be passed the host
-# that will be added as it's only argument.
-#
-#PLUGIN_DENY=/usr/bin/true
-######################################################################
-
-######################################################################
-#
-# PLUGIN_PURGE: If set, this value should point to an executable
-# program that will be invoked when a host is removed from the
-# HOSTS_DENY file. This executable will be passed the host
-# that is to be purged as it's only argument.
-#
-#PLUGIN_PURGE=/usr/bin/true
-######################################################################
-
-######################################################################
-#
-# USERDEF_FAILED_ENTRY_REGEX: if set, this value should contain
-# a regular expression that can be used to identify additional
-# hackers for your particular ssh configuration. This functionality
-# extends the built-in regular expressions that DenyHosts uses.
-# This parameter can be specified multiple times.
-# See this faq entry for more details:
-# http://denyhosts.sf.net/faq.html#userdef_regex
-#
-#USERDEF_FAILED_ENTRY_REGEX=
-######################################################################
-
- ######### THESE SETTINGS ARE SPECIFIC TO DAEMON MODE ##########
-
-#######################################################################
-#
-# DAEMON_LOG: when DenyHosts is run in daemon mode (--daemon flag)
-# this is the logfile that DenyHosts uses to report it's status.
-# To disable logging, leave blank. (default is: /var/log/denyhosts)
-#
-DAEMON_LOG = /var/log/denyhosts
-######################################################################
-
-#######################################################################
-#
-# DAEMON_LOG_TIME_FORMAT: when DenyHosts is run in daemon mode
-# (--daemon flag) this specifies the timestamp format of
-# the DAEMON_LOG messages (default is the ISO8061 format:
-# ie. 2005-07-22 10:38:01,745)
-#
-# for possible values for this parameter refer to: man strftime
-#
-#DAEMON_LOG_TIME_FORMAT = %b %d %H:%M:%S
-######################################################################
-
-#######################################################################
-#
-# DAEMON_LOG_MESSAGE_FORMAT: when DenyHosts is run in daemon mode
-# (--daemon flag) this specifies the message format of each logged
-# entry. By default the following format is used:
-#
-# %(asctime)s - %(name)-12s: %(levelname)-8s %(message)s
-#
-# Where the "%(asctime)s" portion is expanded to the format
-# defined by DAEMON_LOG_TIME_FORMAT
-#
-# This string is passed to python's logging.Formatter contstuctor.
-# For details on the possible format types please refer to:
-# http://docs.python.org/lib/node357.html
-#
-#DAEMON_LOG_MESSAGE_FORMAT = %(asctime)s - %(name)-12s: %(levelname)-8s
%(message)s
-######################################################################
-
-#######################################################################
-#
-# DAEMON_SLEEP: when DenyHosts is run in daemon mode (--daemon flag)
-# this is the amount of time DenyHosts will sleep between polling
-# the SECURE_LOG. See the comments in the PURGE_DENY section (above)
-# for details on specifying this value or for complete details
-# refer to: http://denyhosts.sourceforge.net/faq.html#timespec
-#
-DAEMON_SLEEP = 30s
-#######################################################################
-
-#######################################################################
-#
-# DAEMON_PURGE: How often should DenyHosts, when run in daemon mode,
-# run the purge mechanism to expire old entries in HOSTS_DENY
-# This has no effect if PURGE_DENY is blank.
-#
-DAEMON_PURGE = 1h
-#######################################################################
-
- ######### THESE SETTINGS ARE SPECIFIC TO ##########
- ######### DAEMON SYNCHRONIZATION ##########
-
-#######################################################################
-#
-# Synchronization mode allows the DenyHosts daemon the ability
-# to periodically send and receive denied host data such that
-# DenyHosts daemons worldwide can automatically inform one
-# another regarding banned hosts. This mode is disabled by
-# default, you must uncomment SYNC_SERVER to enable this mode.
-#
-# for more information, please refer to:
-# http:/denyhosts.sourceforge.net/faq.html#sync
-#
-#######################################################################
-
-#######################################################################
-#
-# SYNC_SERVER: The central server that communicates with DenyHost
-# daemons. Currently, denyhosts.net is the only available server
-# however, in the future, it may be possible for organizations to
-# install their own server for internal network synchronization
-#
-# To disable synchronization (the default), do nothing.
-#
-# To enable synchronization, you must uncomment the following line:
-#
-#SYNC_SERVER = http://xmlrpc.denyhosts.net:9911
-#######################################################################
-
-#######################################################################
-#
-# SYNC_INTERVAL: the interval of time to perform synchronizations if
-# SYNC_SERVER has been uncommented. The default is 1 hour.
-#
-#SYNC_INTERVAL = 1h
-#
-#######################################################################
-
-#######################################################################
-#
-# SYNC_UPLOAD: allow your DenyHosts daemon to transmit hosts that have
-# been denied? This option only applies if SYNC_SERVER has
-# been uncommented.
-# The default is SYNC_UPLOAD = yes
-#
-#SYNC_UPLOAD = no
-#######################################################################
-
-#######################################################################
-#
-# SYNC_DOWNLOAD: allow your DenyHosts daemon to receive hosts that have
-# been denied by others? This option only applies if SYNC_SERVER has
-# been uncommented.
-# The default is SYNC_DOWNLOAD = yes
-#
-#SYNC_DOWNLOAD = no
-#######################################################################
-
-#######################################################################
-#
-# SYNC_DOWNLOAD_THRESHOLD: If SYNC_DOWNLOAD is enabled this paramter
-# filters the returned hosts to those that have been blocked this many
-# times by others. That is, if set to 1, then if a single DenyHosts
-# server has denied an ip address then you will receive the denied host.
-#
-# The default is SYNC_DOWNLOAD_THRESHOLD = 3
-#
-#SYNC_DOWNLOAD_THRESHOLD = 3
-#######################################################################
-
-#######################################################################
-#
-# SYNC_DOWNLOAD_RESILIENCY: If SYNC_DOWNLOAD is enabled then the
-# value specified for this option limits the downloaded data
-# to this resiliency period or greater.
-#
-# Resiliency is defined as the timespan between a hackers first known
-# attack and it's most recent attack. Example:
-#
-# If the centralized denyhosts.net server records an attack at 2 PM
-# and then again at 5 PM, specifying a SYNC_DOWNLOAD_RESILIENCY = 4h
-# will not download this ip address.
-#
-# However, if the attacker is recorded again at 6:15 PM then the
-# ip address will be downloaded by your DenyHosts instance.
-#
-# This value is used in conjunction with the SYNC_DOWNLOAD_THRESHOLD
-# and only hosts that satisfy both values will be downloaded.
-# This value has no effect if SYNC_DOWNLOAD_THRESHOLD = 1
-#
-# The default is SYNC_DOWNLOAD_RESILIENCY = 5h (5 hours)
-#
-# Only obtain hackers that have been at it for 5 hours or more:
-#SYNC_DOWNLOAD_RESILIENCY = 5h
-#######################################################################
diff --git a/source/network-extra/denyhosts/denyhosts.service
b/source/network-extra/denyhosts/denyhosts.service
deleted file mode 100644
index a27dc9c..0000000
--- a/source/network-extra/denyhosts/denyhosts.service
+++ /dev/null
@@ -1,11 +0,0 @@
-[Unit]
-Description=DenyHosts
-After=network.target
-
-[Service]
-ExecStart=/usr/bin/denyhosts --daemon --config=/etc/denyhosts.cfg
-PIDFile=/var/run/denyhosts.pid
-Type=forking
-
-[Install]
-WantedBy=multi-user.target
_______________________________________________
Frugalware-git mailing list
Frugalware-git@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-git
