diff options
Diffstat (limited to 'net-analyzer')
-rw-r--r-- | net-analyzer/fail2ban/Manifest | 4 | ||||
-rw-r--r-- | net-analyzer/fail2ban/fail2ban-0.8.3-r1.ebuild | 63 | ||||
-rw-r--r-- | net-analyzer/fail2ban/files/fail2ban-0.8.0-regexp.patch | 18 | ||||
-rw-r--r-- | net-analyzer/fail2ban/files/fail2ban-CVE-2009-0362.patch | 264 |
4 files changed, 0 insertions, 349 deletions
diff --git a/net-analyzer/fail2ban/Manifest b/net-analyzer/fail2ban/Manifest index 88cb1c8db686..3b7105c4f2ce 100644 --- a/net-analyzer/fail2ban/Manifest +++ b/net-analyzer/fail2ban/Manifest @@ -1,10 +1,6 @@ -AUX fail2ban-0.8.0-regexp.patch 854 RMD160 24caae16d90adcf39577bd641ff6a09857908f73 SHA1 c5f47134328744a1597b8fcb67105ec82d61a14c SHA256 6019024dbf067f8a78618eb728f3afef90daa75bbcd201be2119c323c1afd6d1 -AUX fail2ban-CVE-2009-0362.patch 12380 RMD160 cf7dc9955eba027d9a7ed8fe66aabf1321de52df SHA1 866d2a3d65afef580aa2fed90cec821dcdf7fad1 SHA256 ad7706d455e5f0f89d21594be68597b26bf7c291443632255c9aaccb8c7094d0 AUX fail2ban-logrotate 163 RMD160 8b64b7af9c0ee6bb9064f5858c0e58cda0609958 SHA1 287a067a369b1da6ddfee855e4950d6b222e2ba2 SHA256 6a668bc9383371f258eae6008b925a18d587e6120edd4a7add3e1a20ac3ca4b0 AUX fail2ban.conf.d 217 RMD160 7d8b079d1b569caf1d822af0ec8a040723f492c5 SHA1 9592b732be3d96699c9872add7287e82260f37c0 SHA256 e35f1f820bfe5ecaac2696d60155c348d84af428e8c615e97b900c24a587d233 -DIST fail2ban-0.8.3.tar.bz2 64028 RMD160 ba0704371e989ded372915e7cc4b2ec4c46899b2 SHA1 0cb9f058fb93523f0f34e26d324ba4ed6be8248d SHA256 b32fd9ee849bf36d23685a91d1d96f29a2fa383069d7d789e4956c9268dca5cd DIST fail2ban-0.8.4.tar.bz2 71818 RMD160 05a9dfd206f734bea9d063a2527695c1b033ea43 SHA1 0816a9f8d54013dc9b395284caff3c54f44377d8 SHA256 7a4fc0ea6dffde1db1d096757878e1b2c5f0b087a05ed7e7ca0202fb0b127982 -EBUILD fail2ban-0.8.3-r1.ebuild 1727 RMD160 0d4b88f404426604f773de33a40e1c2d23884c8b SHA1 208080ba6c0a72235ae8c7c2cb884f4cb1b4096e SHA256 b778b0090109561ce07b2a1120d573402da5027064c3c010dbaf3eaf472b1580 EBUILD fail2ban-0.8.4.ebuild 1643 RMD160 39cd31142f4415aab038eb5d9203e4188c79fde6 SHA1 66fb9cbad7425bc97f2347b6325a9e19fb023d79 SHA256 d7e907e859cec324156749f5c4e00f1ad990515373fdfc62ff48aeaad4d88b93 MISC ChangeLog 9026 RMD160 9806069eded3964cc9bbab31e11b32f822664dc5 SHA1 3417608994aea113354f7dbf2521943debc366b2 SHA256 ab5e3bfe36eac8a50e74ef4eccdc79bed52db8f15ee756a5555c19e824ce01e3 MISC metadata.xml 159 RMD160 28e799fe0fd02aaab9d4bbe5595f133101606f5b SHA1 9f5df3eabd621951a959cc8e0e2e0d352cd1fe1e SHA256 b75c711bd971e46f0ec957e833c60879b0c5023e0bb94409a6255781b69f6dc6 diff --git a/net-analyzer/fail2ban/fail2ban-0.8.3-r1.ebuild b/net-analyzer/fail2ban/fail2ban-0.8.3-r1.ebuild deleted file mode 100644 index 4137c771932a..000000000000 --- a/net-analyzer/fail2ban/fail2ban-0.8.3-r1.ebuild +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright 1999-2010 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/fail2ban/fail2ban-0.8.3-r1.ebuild,v 1.5 2010/02/08 08:35:18 pva Exp $ - -inherit eutils distutils - -DESCRIPTION="Bans IP that make too many password failures" -HOMEPAGE="http://fail2ban.sourceforge.net/" -SRC_URI="mirror://sourceforge/fail2ban/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 hppa ~ppc ~ppc64 ~sparc x86 ~x86-fbsd" -IUSE="" - -DEPEND=">=dev-lang/python-2.4" -RDEPEND="${DEPEND} - virtual/mta" - -src_unpack() { - unpack ${A} - cd "${S}" - - epatch "${FILESDIR}/${PN}-CVE-2009-0362.patch" -} - -src_install() { - distutils_src_install - - diropts -m 0755 -o root -g root - dodir /var/run/${PN} - keepdir /var/run/${PN} - - newconfd files/gentoo-confd fail2ban - newinitd files/gentoo-initd fail2ban - dodoc ChangeLog README TODO || die "dodoc failed" - doman man/*.1 || die "doman failed" - - # Use INSTALL_MASK if you do not want to touch /etc/logrotate.d. - # See http://thread.gmane.org/gmane.linux.gentoo.devel/35675 - insinto /etc/logrotate.d - newins "${FILESDIR}"/${PN}-logrotate ${PN} || die -} - -pkg_preinst() { - has_version "<${CATEGORY}/${PN}-0.7" - previous_less_than_0_7=$? -} - -pkg_postinst() { - if [[ $previous_less_than_0_7 = 0 ]] ; then - elog - elog "Configuration files are now in /etc/fail2ban/" - elog "You probably have to manually update your configuration" - elog "files before restarting Fail2ban!" - elog - elog "Fail2ban is not installed under /usr/lib anymore. The" - elog "new location is under /usr/share." - elog - elog "You are upgrading from version 0.6.x, please see:" - elog "http://www.fail2ban.org/wiki/index.php/HOWTO_Upgrade_from_0.6_to_0.8" - fi -} diff --git a/net-analyzer/fail2ban/files/fail2ban-0.8.0-regexp.patch b/net-analyzer/fail2ban/files/fail2ban-0.8.0-regexp.patch deleted file mode 100644 index e403d41b600f..000000000000 --- a/net-analyzer/fail2ban/files/fail2ban-0.8.0-regexp.patch +++ /dev/null @@ -1,18 +0,0 @@ -diff -uNr -r fail2ban-0.8.0/config/filter.d/sshd.conf fail2ban-0.8.0-r1/config/filter.d/sshd.conf ---- fail2ban-0.8.0/config/filter.d/sshd.conf 2007-02-22 21:52:37.000000000 +0100 -+++ fail2ban-0.8.0-r1/config/filter.d/sshd.conf 2007-06-08 19:49:09.952874839 +0200 -@@ -14,10 +14,10 @@ - # (?:::f{4,6}:)?(?P<host>\S+) - # Values: TEXT - # --failregex = Authentication failure for .* from <HOST> -- Failed [-/\w]+ for .* from <HOST> -- ROOT LOGIN REFUSED .* FROM <HOST> -- [iI](?:llegal|nvalid) user .* from <HOST> -+failregex = Authentication failure for .* from <HOST>$ -+ Failed [-/\w]+ for .* from <HOST>$ -+ ROOT LOGIN REFUSED .* FROM <HOST>$ -+ [iI](?:llegal|nvalid) user .* from <HOST>$ - - # Option: ignoreregex - # Notes.: regex to ignore. If this regex matches, the line is ignored. diff --git a/net-analyzer/fail2ban/files/fail2ban-CVE-2009-0362.patch b/net-analyzer/fail2ban/files/fail2ban-CVE-2009-0362.patch deleted file mode 100644 index 434988715eb3..000000000000 --- a/net-analyzer/fail2ban/files/fail2ban-CVE-2009-0362.patch +++ /dev/null @@ -1,264 +0,0 @@ -Patch for bug 258866. Taken via svn diff from upstream SVN. -Removed Changelog and cyrus filter changes as they didn't apply. --a3li - -Index: testcases/filtertestcase.py -=================================================================== ---- testcases/filtertestcase.py (revision 727) -+++ testcases/filtertestcase.py (revision 728) -@@ -99,7 +99,7 @@ - output = ('193.168.0.128', 3, 1124013599.0) - - self.__filter.addLogPath(GetFailures.FILENAME_01) -- self.__filter.addFailRegex("(?:(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|nvalid) user)?|[Ii](?:llegal|nvalid) user|ROOT LOGIN REFUSED) .*(?: from|FROM) (?:::f{4,6}:)?(?P<host>\S*)") -+ self.__filter.addFailRegex("(?:(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|nvalid) user)?|[Ii](?:llegal|nvalid) user|ROOT LOGIN REFUSED) .*(?: from|FROM) <HOST>") - - self.__filter.getFailures(GetFailures.FILENAME_01) - -@@ -116,7 +116,7 @@ - output = ('141.3.81.106', 4, 1124013539.0) - - self.__filter.addLogPath(GetFailures.FILENAME_02) -- self.__filter.addFailRegex("Failed .* (?:::f{4,6}:)(?P<host>\S*)") -+ self.__filter.addFailRegex("Failed .* from <HOST>") - - self.__filter.getFailures(GetFailures.FILENAME_02) - -@@ -133,7 +133,7 @@ - output = ('203.162.223.135', 6, 1124013544.0) - - self.__filter.addLogPath(GetFailures.FILENAME_03) -- self.__filter.addFailRegex("error,relay=(?:::f{4,6}:)?(?P<host>\S*),.*550 User unknown") -+ self.__filter.addFailRegex("error,relay=<HOST>,.*550 User unknown") - - self.__filter.getFailures(GetFailures.FILENAME_03) - -@@ -151,7 +151,7 @@ - ('212.41.96.185', 4, 1124013598.0)] - - self.__filter.addLogPath(GetFailures.FILENAME_04) -- self.__filter.addFailRegex("Invalid user .* (?P<host>\S*)") -+ self.__filter.addFailRegex("Invalid user .* <HOST>") - - self.__filter.getFailures(GetFailures.FILENAME_04) - -Index: config/filter.d/postfix.conf -=================================================================== ---- config/filter.d/postfix.conf (revision 727) -+++ config/filter.d/postfix.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = reject: RCPT from (.*)\[<HOST>\]: 554 -Index: config/filter.d/sshd.conf -=================================================================== ---- config/filter.d/sshd.conf (revision 727) -+++ config/filter.d/sshd.conf (revision 728) -@@ -20,7 +20,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = ^%(__prefix_line)s(?:error: PAM: )?Authentication failure for .* from <HOST>\s*$ -Index: config/filter.d/courierlogin.conf -=================================================================== ---- config/filter.d/courierlogin.conf (revision 727) -+++ config/filter.d/courierlogin.conf (revision 728) -@@ -12,7 +12,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = LOGIN FAILED, .*, ip=\[<HOST>\]$ -Index: config/filter.d/sasl.conf -=================================================================== ---- config/filter.d/sasl.conf (revision 727) -+++ config/filter.d/sasl.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = (?i): warning: [-._\w]+\[<HOST>\]: SASL (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed(: [A-Za-z0-9+/]*={0,2})?$ -Index: config/filter.d/exim.conf -=================================================================== ---- config/filter.d/exim.conf (revision 727) -+++ config/filter.d/exim.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = \[<HOST>\] .*(?:rejected by local_scan|Unrouteable address) -Index: config/filter.d/qmail.conf -=================================================================== ---- config/filter.d/qmail.conf (revision 727) -+++ config/filter.d/qmail.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = (?:[\d,.]+[\d,.] rblsmtpd: |421 badiprbl: ip )<HOST> -Index: config/filter.d/xinetd-fail.conf -=================================================================== ---- config/filter.d/xinetd-fail.conf (revision 727) -+++ config/filter.d/xinetd-fail.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - # Cfr.: /var/log/(daemon\.|sys)log -Index: config/filter.d/vsftpd.conf -=================================================================== ---- config/filter.d/vsftpd.conf (revision 727) -+++ config/filter.d/vsftpd.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = vsftpd(?:\(pam_unix\))?(?:\[\d+\])?:.* authentication failure; .* rhost=<HOST>(?:\s+user=\S*)?\s*$ -Index: config/filter.d/pure-ftpd.conf -=================================================================== ---- config/filter.d/pure-ftpd.conf (revision 727) -+++ config/filter.d/pure-ftpd.conf (revision 728) -@@ -16,7 +16,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = pure-ftpd(?:\[\d+\])?: (.+?@<HOST>) \[WARNING\] %(__errmsg)s \[.+\]$ -Index: config/filter.d/couriersmtp.conf -=================================================================== ---- config/filter.d/couriersmtp.conf (revision 727) -+++ config/filter.d/couriersmtp.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = error,relay=<HOST>,.*550 User unknown -Index: config/filter.d/proftpd.conf -=================================================================== ---- config/filter.d/proftpd.conf (revision 727) -+++ config/filter.d/proftpd.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = \(\S+\[<HOST>\]\)[: -]+ USER \S+: no such user found from \S+ \[\S+\] to \S+:\S+$ -Index: config/filter.d/apache-noscript.conf -=================================================================== ---- config/filter.d/apache-noscript.conf (revision 727) -+++ config/filter.d/apache-noscript.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failure messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = [[]client <HOST>[]] (File does not exist|script not found or unable to stat): /\S*(\.php|\.asp|\.exe|\.pl) -Index: config/filter.d/apache-auth.conf -=================================================================== ---- config/filter.d/apache-auth.conf (revision 727) -+++ config/filter.d/apache-auth.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failure messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = [[]client <HOST>[]] user .* authentication failure -Index: config/filter.d/webmin-auth.conf -=================================================================== ---- config/filter.d/webmin-auth.conf (revision 727) -+++ config/filter.d/webmin-auth.conf (revision 728) -@@ -15,7 +15,7 @@ - # Notes.: regex to match the password failure messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = webmin.* Non-existent login as .+ from <HOST>$ -Index: config/filter.d/sshd-ddos.conf -=================================================================== ---- config/filter.d/sshd-ddos.conf (revision 727) -+++ config/filter.d/sshd-ddos.conf (revision 728) -@@ -11,7 +11,7 @@ - # Notes.: regex to match the password failures messages in the logfile. The - # host must be matched by a group named "host". The tag "<HOST>" can - # be used for standard IP/hostname matching and is only an alias for --# (?:::f{4,6}:)?(?P<host>\S+) -+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) - # Values: TEXT - # - failregex = sshd(?:\[\d+\])?: Did not receive identification string from <HOST>$ -Index: server/failregex.py -=================================================================== ---- server/failregex.py (revision 727) -+++ server/failregex.py (revision 728) -@@ -44,7 +44,7 @@ - self._matchCache = None - # Perform shortcuts expansions. - # Replace "<HOST>" with default regular expression for host. -- regex = regex.replace("<HOST>", "(?:::f{4,6}:)?(?P<host>\S+)") -+ regex = regex.replace("<HOST>", "(?:::f{4,6}:)?(?P<host>[\w\-.^_]+)") - if regex.lstrip() == '': - raise RegexException("Cannot add empty regex") - try: -Index: server/filter.py -=================================================================== ---- server/filter.py (revision 727) -+++ server/filter.py (revision 728) -@@ -492,7 +492,7 @@ - - class DNSUtils: - -- IP_CRE = re.compile("(?:\d{1,3}\.){3}\d{1,3}") -+ IP_CRE = re.compile("^(?:\d{1,3}\.){3}\d{1,3}$") - - #@staticmethod - def dnsToIp(dns): |