diff options
| author |   Jeroen Roovers <jer@gentoo.org> | 2010-08-11 04:04:51 +0000 |
|---|---|---|
| committer | Jeroen Roovers <jer@gentoo.org> | 2010-08-11 04:04:51 +0000 |
| commit | 84bdbb72d666f540f465a884397002ea5ee0e089 (patch) | |
| tree | 36299aa53330ab44639038d2e32658c6a1a1d494 /net-analyzer/fail2ban/files | |
| parent | Initial import. (diff) | |
| download | gentoo-2-84bdbb72d666f540f465a884397002ea5ee0e089.tar.gz gentoo-2-84bdbb72d666f540f465a884397002ea5ee0e089.tar.bz2 gentoo-2-84bdbb72d666f540f465a884397002ea5ee0e089.zip | |
Old.
(Portage version: 2.2_rc67/cvs/Linux i686)
Diffstat (limited to 'net-analyzer/fail2ban/files')
| -rw-r--r-- | net-analyzer/fail2ban/files/fail2ban-0.8.0-regexp.patch | 18 | ||||
| -rw-r--r-- | net-analyzer/fail2ban/files/fail2ban-CVE-2009-0362.patch | 264 |
2 files changed, 0 insertions, 282 deletions
diff --git a/net-analyzer/fail2ban/files/fail2ban-0.8.0-regexp.patch b/net-analyzer/fail2ban/files/fail2ban-0.8.0-regexp.patch deleted file mode 100644 index e403d41b600f..000000000000 --- a/net-analyzer/fail2ban/files/fail2ban-0.8.0-regexp.patch +++ /dev/null @@ -1,18 +0,0 @@ -diff -uNr -r fail2ban-0.8.0/config/filter.d/sshd.conf fail2ban-0.8.0-r1/config/filter.d/sshd.conf ---- fail2ban-0.8.0/config/filter.d/sshd.conf 2007-02-22 21:52:37.000000000 +0100 -+++ fail2ban-0.8.0-r1/config/filter.d/sshd.conf 2007-06-08 19:49:09.952874839 +0200 -@@ -14,10 +14,10 @@ - # (?:::f{4,6}:)?(?P<host>\S+) - # Values: TEXT - # --failregex = Authentication failure for .* from <HOST> -- Failed [-/\w]+ for .* from <HOST> -- ROOT LOGIN REFUSED .* FROM <HOST> -- [iI](?:llegal|nvalid) user .* from <HOST> -+failregex = Authentication failure for .* from <HOST>$ -+ Failed [-/\w]+ for .* from <HOST>$ -+ ROOT LOGIN REFUSED .* FROM <HOST>$ -+ [iI](?:llegal|nvalid) user .* from <HOST>$ - - # Option: ignoreregex - # Notes.: regex to ignore. If this regex matches, the line is ignored. diff --git a/net-analyzer/fail2ban/files/fail2ban-CVE-2009-0362.patch b/net-analyzer/fail2ban/files/fail2ban-CVE-2009-0362.patch deleted file mode 100644 index 434988715eb3..000000000000 --- a/net-analyzer/fail2ban/files/fail2ban-CVE-2009-0362.patch +++ /dev/null @@ -1,264 +0,0 @@ -Patch for bug 258866. Taken via svn diff from upstream SVN. -Removed Changelog and cyrus filter changes as they didn't apply. --a3li - -Index: testcases/filtertestcase.py -=================================================================== ---- testcases/filtertestcase.py (revision 727) -+++ testcases/filtertestcase.py (revision 728) -@@ -99,7 +99,7 @@ - output = ('193.168.0.128', 3, 1124013599.0) - - self.__filter.addLogPath(GetFailures.FILENAME_01) -- self.__filter.addFailRegex("(?:(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|nvalid) user)?|[Ii](?:llegal|nvalid) user|ROOT LOGIN REFUSED) .*(?: from|FROM) (?:::f{4,6}:)?(?P<host>\S*)") -+ self.__filter.addFailRegex("(?:(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|nvalid) user)?|[Ii](?:llegal|nvalid) user|ROOT LOGIN REFUSED) .*(?: from|FROM) <HOST>") - - self.__filter.getFailures(GetFailures.FILENAME_01) - -@@ -116,7 +116,7 @@ - output = ('141.3.81.106', 4, 1124013539.0) - - self.__filter.addLogPath(GetFailures.FILENAME_02) -- self.__filter.addFailRegex("Failed .* (?:::f{4,6}:)(?P<host>\S*)") -+ self.__filter.addFailRegex("Failed .* from <HOST>") - - self.__filter.getFailures(GetFailures.FILENAME_02) - -@@ -133,7 +133,7 @@ - output = ('203.162.223.135', 6, 1124013544.0) - - self.__filter.addLogPath(GetFailures.FILENAME_03) -- self.__filter.addFailRegex("error,relay=(?:::f{4,6}:)?(?P<host>\S*),.*550 User unknown") -+ self.__filter.addFailRegex("error,relay=<HOST>,.*550 User unknown") - - self.__filter.getFailures(GetFailures.FILENAME_03) - -@@ -151,7 +151,7 @@ - ('212.41.96.185', 4, 1124013598.0)] - - self.__filter.addLogPath(GetFailures.FILENAME_04) -- self.__filter.addFailRegex("Invalid user .* (?P<host>\S*)") -+ self.__filter.addFailRegex("Invalid user .* <HOST>") - - self.__filter.getFailures(GetFailures.FILENAME_04) - -Index: config/filter.d/postfix.conf -=================================================================== ---- config/filter.d/postfix.conf (revision 727) -+++ config/filter.d/postfix.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = reject: RCPT from (.*)\[<HOST>\]: 554 -Index: config/filter.d/sshd.conf -=================================================================== ---- config/filter.d/sshd.conf (revision 727) -+++ config/filter.d/sshd.conf (revision 728) -@@ -20,7 +20,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = ^%(__prefix_line)s(?:error: PAM: )?Authentication failure for .* from <HOST>\s*$ -Index: config/filter.d/courierlogin.conf -=================================================================== ---- config/filter.d/courierlogin.conf (revision 727) -+++ config/filter.d/courierlogin.conf (revision 728) -@@ -12,7 +12,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = LOGIN FAILED, .*, ip=\[<HOST>\]$ -Index: config/filter.d/sasl.conf -=================================================================== ---- config/filter.d/sasl.conf (revision 727) -+++ config/filter.d/sasl.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = (?i): warning: [-._\w]+\[<HOST>\]: SASL (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed(: [A-Za-z0-9+/]*={0,2})?$ -Index: config/filter.d/exim.conf -=================================================================== ---- config/filter.d/exim.conf (revision 727) -+++ config/filter.d/exim.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = \[<HOST>\] .*(?:rejected by local_scan|Unrouteable address) -Index: config/filter.d/qmail.conf -=================================================================== ---- config/filter.d/qmail.conf (revision 727) -+++ config/filter.d/qmail.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = (?:[\d,.]+[\d,.] rblsmtpd: |421 badiprbl: ip )<HOST> -Index: config/filter.d/xinetd-fail.conf -=================================================================== ---- config/filter.d/xinetd-fail.conf (revision 727) -+++ config/filter.d/xinetd-fail.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - # Cfr.: /var/log/(daemon\.|sys)log -Index: config/filter.d/vsftpd.conf -=================================================================== ---- config/filter.d/vsftpd.conf (revision 727) -+++ config/filter.d/vsftpd.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = vsftpd(?:\(pam_unix\))?(?:\[\d+\])?:.* authentication failure; .* rhost=<HOST>(?:\s+user=\S*)?\s*$ -Index: config/filter.d/pure-ftpd.conf -=================================================================== ---- config/filter.d/pure-ftpd.conf (revision 727) -+++ config/filter.d/pure-ftpd.conf (revision 728) -@@ -16,7 +16,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = pure-ftpd(?:\[\d+\])?: (.+?@<HOST>) \[WARNING\] %(__errmsg)s \[.+\]$ -Index: config/filter.d/couriersmtp.conf -=================================================================== ---- config/filter.d/couriersmtp.conf (revision 727) -+++ config/filter.d/couriersmtp.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = error,relay=<HOST>,.*550 User unknown -Index: config/filter.d/proftpd.conf -=================================================================== ---- config/filter.d/proftpd.conf (revision 727) -+++ config/filter.d/proftpd.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = \(\S+\[<HOST>\]\)[: -]+ USER \S+: no such user found from \S+ \[\S+\] to \S+:\S+$ -Index: config/filter.d/apache-noscript.conf -=================================================================== ---- config/filter.d/apache-noscript.conf (revision 727) -+++ config/filter.d/apache-noscript.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failure messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = [[]client <HOST>[]] (File does not exist|script not found or unable to stat): /\S*(\.php|\.asp|\.exe|\.pl) -Index: config/filter.d/apache-auth.conf -=================================================================== ---- config/filter.d/apache-auth.conf (revision 727) -+++ config/filter.d/apache-auth.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failure messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = [[]client <HOST>[]] user .* authentication failure -Index: config/filter.d/webmin-auth.conf -=================================================================== ---- config/filter.d/webmin-auth.conf (revision 727) -+++ config/filter.d/webmin-auth.conf (revision 728) -@@ -15,7 +15,7 @@ - # Notes.: regex to match the password failure messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = webmin.* Non-existent login as .+ from <HOST>$ -Index: config/filter.d/sshd-ddos.conf -=================================================================== ---- config/filter.d/sshd-ddos.conf (revision 727) -+++ config/filter.d/sshd-ddos.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = sshd(?:\[\d+\])?: Did not receive identification string from <HOST>$ -Index: server/failregex.py -=================================================================== ---- server/failregex.py (revision 727) -+++ server/failregex.py (revision 728) -@@ -44,7 +44,7 @@ - self._matchCache = None - # Perform shortcuts expansions. - # Replace "<HOST>" with default regular expression for host. -- regex = regex.replace("<HOST>", "(?:::f{4,6}:)?(?P<host>\S+)") -+ regex = regex.replace("<HOST>", "(?:::f{4,6}:)?(?P<host>[\w\-.^_]+)") - if regex.lstrip() == '': - raise RegexException("Cannot add empty regex") - try: -Index: server/filter.py -=================================================================== ---- server/filter.py (revision 727) -+++ server/filter.py (revision 728) -@@ -492,7 +492,7 @@ - - class DNSUtils: - -- IP_CRE = re.compile("(?:\d{1,3}\.){3}\d{1,3}") -+ IP_CRE = re.compile("^(?:\d{1,3}\.){3}\d{1,3}$") - - #@staticmethod - def dnsToIp(dns): |