summaryrefslogtreecommitdiff
path: root/community/sshguard
diff options
context:
space:
mode:
Diffstat (limited to 'community/sshguard')
-rw-r--r--community/sshguard/ChangeLog3
-rw-r--r--community/sshguard/PKGBUILD40
-rw-r--r--community/sshguard/sshguard-journalctl2
-rw-r--r--community/sshguard/sshguard.install14
-rw-r--r--community/sshguard/sshguard.service10
5 files changed, 69 insertions, 0 deletions
diff --git a/community/sshguard/ChangeLog b/community/sshguard/ChangeLog
new file mode 100644
index 000000000..811f87d4f
--- /dev/null
+++ b/community/sshguard/ChangeLog
@@ -0,0 +1,3 @@
+2007-06-28 tardo <tardo@nagi-fanboi.net>
+* Built for x86_64
+
diff --git a/community/sshguard/PKGBUILD b/community/sshguard/PKGBUILD
new file mode 100644
index 000000000..758fa96da
--- /dev/null
+++ b/community/sshguard/PKGBUILD
@@ -0,0 +1,40 @@
+# $Id: PKGBUILD 92088 2013-05-31 11:33:59Z mtorromeo $
+# Maintainer: Sergej Pupykin <pupykin.s+arch@gmail.com>
+# Maintainer: Massimiliano Torromeo <massimiliano.torromeo@gmail.com>
+
+pkgname=sshguard
+pkgver=1.5
+pkgrel=13
+pkgdesc="Brute force detector for SSH, Exim, VSFTPD and more. Blocks by ip with iptables"
+arch=('i686' 'x86_64')
+#url="http://sourceforge.net/projects/sshguard/"
+url="http://www.sshguard.net/"
+license=('GPL')
+depends=('iptables')
+options=(zipman)
+install=sshguard.install
+source=("http://downloads.sourceforge.net/sourceforge/sshguard/sshguard-$pkgver.tar.bz2"
+ sshguard.service
+ sshguard-journalctl)
+sha256sums=('b537f8765455fdf8424f87d4bd695e5b675b88e5d164865452137947093e7e19'
+ 'e9713a067b33b8ea91d203853a033c0b9f6d40ebebd77f2e72903ed4fd355ebd'
+ '7423224107b28cabb69489056968581f1c9e94f3edc6a1d189e56a9df0bab4f7')
+
+build() {
+ cd "$srcdir/$pkgname-$pkgver"
+ sed -i 's|^DAYNO.*|DAYNO [0-9]?[1-9]|' src/parser/attack_scanner.l
+ ./configure --prefix=/usr --sbindir=/usr/bin --with-firewall=iptables
+ make
+}
+
+check() {
+ cd "$srcdir/$pkgname-$pkgver"
+ strings src/sshguard | grep -E "^`which iptables`[[:space:]]" >/dev/null
+}
+
+package() {
+ cd "$srcdir/$pkgname-$pkgver"
+ make DESTDIR="$pkgdir" install
+ install -Dm0644 "$srcdir/sshguard.service" "$pkgdir/usr/lib/systemd/system/sshguard.service"
+ install -Dm0755 "$srcdir/sshguard-journalctl" "$pkgdir/usr/lib/systemd/scripts/sshguard-journalctl"
+}
diff --git a/community/sshguard/sshguard-journalctl b/community/sshguard/sshguard-journalctl
new file mode 100644
index 000000000..fb106f5b6
--- /dev/null
+++ b/community/sshguard/sshguard-journalctl
@@ -0,0 +1,2 @@
+#!/bin/sh
+/usr/bin/journalctl -afbp info -n1 SYSLOG_FACILITY=4 SYSLOG_FACILITY=10 | /usr/bin/sshguard -l- "$@"
diff --git a/community/sshguard/sshguard.install b/community/sshguard/sshguard.install
new file mode 100644
index 000000000..486e55fbd
--- /dev/null
+++ b/community/sshguard/sshguard.install
@@ -0,0 +1,14 @@
+post_install() {
+ mkdir -p var/db/sshguard
+ echo "-- You should add chains to your firewall:"
+ echo "-- iptables -N sshguard"
+ echo "-- iptables -A INPUT -p tcp --dport 22 -j sshguard"
+ echo "-- ip6tables -N sshguard"
+ echo "-- ip6tables -A INPUT -p tcp --dport 22 -j sshguard"
+ echo "-- touch /etc/iptables/ip6tables.rules if you don't use IPv6"
+ echo "-- For more information, see https://wiki.archlinux.org/index.php/Sshguard"
+}
+
+post_upgrade() {
+ echo "-- touch /etc/iptables/ip6tables.rules if you don't use IPv6"
+}
diff --git a/community/sshguard/sshguard.service b/community/sshguard/sshguard.service
new file mode 100644
index 000000000..d6324d459
--- /dev/null
+++ b/community/sshguard/sshguard.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=Block hacking attempts
+After=iptables.service ip6tables.service network.target
+Wants=iptables.service ip6tables.service
+
+[Service]
+ExecStart=/usr/lib/systemd/scripts/sshguard-journalctl -b /var/db/sshguard/blacklist.db
+
+[Install]
+WantedBy=multi-user.target