ports/contrib (3.1): denyhost: renamed from denyhosts which is a dead project, denyhost is a active fork of denyhosts
commit 91b14108362325e05933117cffef9ffa4b5422a4 Author: Danny Rawlins <monster.romster@gmail.com> Date: Fri Nov 21 23:40:52 2014 +1100 denyhost: renamed from denyhosts which is a dead project, denyhost is a active fork of denyhosts diff --git a/denyhost/.footprint b/denyhost/.footprint new file mode 100644 index 0000000..422af98 --- /dev/null +++ b/denyhost/.footprint @@ -0,0 +1,58 @@ +drwxr-xr-x root/root etc/ +drwxr-xr-x root/root etc/denyhosts/ +-rw-r--r-- root/root etc/denyhosts/denyhosts.conf +drwxr-xr-x root/root etc/rc.d/ +-rwxr-xr-x root/root etc/rc.d/denyhosts +drwxr-xr-x root/root usr/ +drwxr-xr-x root/root usr/lib/ +drwxr-xr-x root/root usr/lib/python2.7/ +drwxr-xr-x root/root usr/lib/python2.7/site-packages/ +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHost-2.9-py2.7.egg-info +drwxr-xr-x root/root usr/lib/python2.7/site-packages/DenyHosts/ +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/__init__.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/__init__.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/allowedhosts.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/allowedhosts.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/constants.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/constants.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/counter.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/counter.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/daemon.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/daemon.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/deny_hosts.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/deny_hosts.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/denyfileutil.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/denyfileutil.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/filetracker.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/filetracker.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/lockfile.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/lockfile.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/loginattempt.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/loginattempt.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/old-daemon.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/old-daemon.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/plugin.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/plugin.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/prefs.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/prefs.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/purgecounter.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/purgecounter.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/python_version.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/python_version.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/regex.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/regex.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/report.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/report.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/restricted.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/restricted.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/sync.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/sync.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/util.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/util.pyc +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/version.py +-rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/version.pyc +drwxr-xr-x root/root usr/man/ +drwxr-xr-x root/root usr/man/man8/ +-rw-r--r-- root/root usr/man/man8/denyhosts.8.gz +drwxr-xr-x root/root usr/sbin/ +-rwxr-xr-x root/root usr/sbin/denyhosts diff --git a/denyhost/.md5sum b/denyhost/.md5sum new file mode 100644 index 0000000..d5b5601 --- /dev/null +++ b/denyhost/.md5sum @@ -0,0 +1 @@ +2c1d82799e43676db667c447959d9d97 denyhosts-2.9.tar.gz diff --git a/denyhost/Pkgfile b/denyhost/Pkgfile new file mode 100644 index 0000000..a08cb78 --- /dev/null +++ b/denyhost/Pkgfile @@ -0,0 +1,40 @@ +# Description: A script intended to be run by Linux system administrators to help thwart ssh server attacks. (fork of denyhosts) +# URL: http://denyhost.sourceforge.net/ +# Maintainer: Danny Rawlins, crux at romster dot me +# Packager: Danny Rawlins, crux at romster dot me +# Depends on: python + +name=denyhost +version=2.9 +release=1 +source=(http://downloads.sourceforge.net/project/$name/$name-$version/denyhosts-$ver...) + +build() { + cd DenyHosts-$version + + /usr/bin/python setup.py install --root=$PKG + + install -d $PKG/etc/{denyhosts,rc.d} $PKG/usr/sbin + + mv $PKG/etc/denyhosts.conf \ + $PKG/etc/denyhosts/denyhosts.conf + + mv $PKG/usr/bin/daemon-control-dist \ + $PKG/etc/rc.d/denyhosts + + mv $PKG/usr/bin/denyhosts.py $PKG/usr/sbin/denyhosts + mv $PKG/usr/share/man $PKG/usr/man + + rmdir $PKG/usr/share $PKG/usr/bin + + sed -i \ + -e 's|^DENYHOSTS_LOCK = .*|DENYHOSTS_LOCK = "/var/run/denyhosts.pid"|' \ + -e 's|^DENYHOSTS_CFG = .*|DENYHOSTS_CFG = "/etc/denyhosts/denyhosts.conf"|' \ + $PKG/etc/rc.d/denyhosts + + sed -i \ + -e 's|^SECURE_LOG = /var/log/auth.log|SECURE_LOG = /var/log/auth|' \ + -e 's|^IPTABLES = /sbin/iptables|IPTABLES = /usr/sbin/iptables|' \ + -e 's|^# BLOCKPORT = 22|BLOCKPORT = 22|' \ + $PKG/etc/denyhosts/denyhosts.conf +} diff --git a/denyhost/README b/denyhost/README new file mode 100644 index 0000000..b66fd63 --- /dev/null +++ b/denyhost/README @@ -0,0 +1,37 @@ +This is a fork of denyhosts, it'll run the same with a few small changes. I +expect more code cleanup and a total shift to iptables in future. + +REQUIREMENTS: + +PRECAUTION: + +PRE-INSTALL: + +POST-INSTALL: + +Edit /etc/denyhosts/denyhosts.conf as needed. + +Edit /etc/inetd.conf, I added: + +#<service_name> <sock_type> <proto> <flags> <user> <server_path> <args> +sshd stream tcp nowait root /usr/sbin/sshd in.sshd + +Add inetd and denyhosts to services array on /etc/rc.conf, after net and before sshd is loaded (and any other services used by denyhost and inetd (not sure if this is necessary but i believe its good to allow protection before the services start). + +PRE-REMOVE: + +POST-REMOVE: + +NOTES: + +To protect sshd. + +Edit /etc/hosts.allow and comment out everything, everything will have access by default. + +Edit /etc/hosts.deny and comment out the "ALL: ALL: DENY" part, also the "#End of file" bit will be useless as denyhosts appends to the file. + +(note the config in inetd.conf doesn't seem to be right or needed? see +messages upon boot up, any corrections email me :) ) + +Danny Rawlins, <contact at romster dot me + diff --git a/denyhosts/.footprint b/denyhosts/.footprint deleted file mode 100644 index 422af98..0000000 --- a/denyhosts/.footprint +++ /dev/null @@ -1,58 +0,0 @@ -drwxr-xr-x root/root etc/ -drwxr-xr-x root/root etc/denyhosts/ --rw-r--r-- root/root etc/denyhosts/denyhosts.conf -drwxr-xr-x root/root etc/rc.d/ --rwxr-xr-x root/root etc/rc.d/denyhosts -drwxr-xr-x root/root usr/ -drwxr-xr-x root/root usr/lib/ -drwxr-xr-x root/root usr/lib/python2.7/ -drwxr-xr-x root/root usr/lib/python2.7/site-packages/ --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHost-2.9-py2.7.egg-info -drwxr-xr-x root/root usr/lib/python2.7/site-packages/DenyHosts/ --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/__init__.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/__init__.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/allowedhosts.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/allowedhosts.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/constants.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/constants.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/counter.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/counter.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/daemon.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/daemon.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/deny_hosts.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/deny_hosts.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/denyfileutil.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/denyfileutil.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/filetracker.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/filetracker.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/lockfile.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/lockfile.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/loginattempt.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/loginattempt.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/old-daemon.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/old-daemon.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/plugin.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/plugin.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/prefs.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/prefs.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/purgecounter.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/purgecounter.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/python_version.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/python_version.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/regex.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/regex.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/report.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/report.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/restricted.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/restricted.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/sync.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/sync.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/util.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/util.pyc --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/version.py --rw-r--r-- root/root usr/lib/python2.7/site-packages/DenyHosts/version.pyc -drwxr-xr-x root/root usr/man/ -drwxr-xr-x root/root usr/man/man8/ --rw-r--r-- root/root usr/man/man8/denyhosts.8.gz -drwxr-xr-x root/root usr/sbin/ --rwxr-xr-x root/root usr/sbin/denyhosts diff --git a/denyhosts/.md5sum b/denyhosts/.md5sum deleted file mode 100644 index d5b5601..0000000 --- a/denyhosts/.md5sum +++ /dev/null @@ -1 +0,0 @@ -2c1d82799e43676db667c447959d9d97 denyhosts-2.9.tar.gz diff --git a/denyhosts/Pkgfile b/denyhosts/Pkgfile deleted file mode 100644 index 6c7f624..0000000 --- a/denyhosts/Pkgfile +++ /dev/null @@ -1,34 +0,0 @@ -# Description: DenyHosts is a script intended to be run by Linux system administrators to help thwart ssh server attacks. -# URL: http://denyhost.sourceforge.net/ -# Maintainer: Danny Rawlins, crux at romster dot me -# Packager: Danny Rawlins, crux at romster dot me -# Depends on: python - -name=denyhosts -version=2.9 -release=1 -source=(http://downloads.sourceforge.net/project/denyhost/denyhost-$version/$name-$v...) - -build() { - cd DenyHosts-$version - - /usr/bin/python setup.py install --root=$PKG - - install -d $PKG/etc/{denyhosts,rc.d} $PKG/usr/sbin - - mv $PKG/etc/denyhosts.conf \ - $PKG/etc/denyhosts/denyhosts.conf - - mv $PKG/usr/bin/daemon-control-dist \ - $PKG/etc/rc.d/denyhosts - - mv $PKG/usr/bin/denyhosts.py $PKG/usr/sbin/denyhosts - mv $PKG/usr/share/man $PKG/usr/man - - rmdir $PKG/usr/share $PKG/usr/bin - - sed -i \ - -e 's|^DENYHOSTS_LOCK = .*|DENYHOSTS_LOCK = "/var/run/denyhosts.pid"|' \ - -e 's|^DENYHOSTS_CFG = .*|DENYHOSTS_CFG = "/etc/denyhosts/denyhosts.conf"|' \ - $PKG/etc/rc.d/denyhosts -} diff --git a/denyhosts/README b/denyhosts/README deleted file mode 100644 index c2c706b..0000000 --- a/denyhosts/README +++ /dev/null @@ -1,34 +0,0 @@ -REQUIREMENTS: - -PRECAUTION: - -PRE-INSTALL: - -POST-INSTALL: - -Edit /etc/denyhosts/denyhosts.conf as needed. - -Edit /etc/inetd.conf, I added: - -#<service_name> <sock_type> <proto> <flags> <user> <server_path> <args> -sshd stream tcp nowait root /usr/sbin/sshd in.sshd - -Add inetd and denyhosts to services array on /etc/rc.conf, after net and before sshd is loaded (and any other services used by denyhost and inetd (not sure if this is necessary but i believe its good to allow protection before the services start). - -PRE-REMOVE: - -POST-REMOVE: - -NOTES: - -To protect sshd. - -Edit /etc/hosts.allow and comment out everything, everything will have access by default. - -Edit /etc/hosts.deny and comment out the "ALL: ALL: DENY" part, also the "#End of file" bit will be useless as denyhosts appends to the file. - -(note the config in inetd.conf doesn't seem to be right or needed? see -messages upon boot up, any corrections email me :) ) - -Danny Rawlins, <contact at romster dot me -
participants (1)
-
crux@crux.nu