diff options
Diffstat (limited to 'community/sshguard')
| -rw-r--r-- | community/sshguard/ChangeLog | 3 | ||||
| -rw-r--r-- | community/sshguard/PKGBUILD | 40 | ||||
| -rw-r--r-- | community/sshguard/sshguard-journalctl | 2 | ||||
| -rw-r--r-- | community/sshguard/sshguard.install | 14 | ||||
| -rw-r--r-- | community/sshguard/sshguard.service | 10 |
5 files changed, 69 insertions, 0 deletions
diff --git a/community/sshguard/ChangeLog b/community/sshguard/ChangeLog new file mode 100644 index 000000000..811f87d4f --- /dev/null +++ b/community/sshguard/ChangeLog @@ -0,0 +1,3 @@ +2007-06-28 tardo <tardo@nagi-fanboi.net> +* Built for x86_64 + diff --git a/community/sshguard/PKGBUILD b/community/sshguard/PKGBUILD new file mode 100644 index 000000000..758fa96da --- /dev/null +++ b/community/sshguard/PKGBUILD @@ -0,0 +1,40 @@ +# $Id: PKGBUILD 92088 2013-05-31 11:33:59Z mtorromeo $ +# Maintainer: Sergej Pupykin <pupykin.s+arch@gmail.com> +# Maintainer: Massimiliano Torromeo <massimiliano.torromeo@gmail.com> + +pkgname=sshguard +pkgver=1.5 +pkgrel=13 +pkgdesc="Brute force detector for SSH, Exim, VSFTPD and more. Blocks by ip with iptables" +arch=('i686' 'x86_64') +#url="http://sourceforge.net/projects/sshguard/" +url="http://www.sshguard.net/" +license=('GPL') +depends=('iptables') +options=(zipman) +install=sshguard.install +source=("http://downloads.sourceforge.net/sourceforge/sshguard/sshguard-$pkgver.tar.bz2" + sshguard.service + sshguard-journalctl) +sha256sums=('b537f8765455fdf8424f87d4bd695e5b675b88e5d164865452137947093e7e19' + 'e9713a067b33b8ea91d203853a033c0b9f6d40ebebd77f2e72903ed4fd355ebd' + '7423224107b28cabb69489056968581f1c9e94f3edc6a1d189e56a9df0bab4f7') + +build() { + cd "$srcdir/$pkgname-$pkgver" + sed -i 's|^DAYNO.*|DAYNO [0-9]?[1-9]|' src/parser/attack_scanner.l + ./configure --prefix=/usr --sbindir=/usr/bin --with-firewall=iptables + make +} + +check() { + cd "$srcdir/$pkgname-$pkgver" + strings src/sshguard | grep -E "^`which iptables`[[:space:]]" >/dev/null +} + +package() { + cd "$srcdir/$pkgname-$pkgver" + make DESTDIR="$pkgdir" install + install -Dm0644 "$srcdir/sshguard.service" "$pkgdir/usr/lib/systemd/system/sshguard.service" + install -Dm0755 "$srcdir/sshguard-journalctl" "$pkgdir/usr/lib/systemd/scripts/sshguard-journalctl" +} diff --git a/community/sshguard/sshguard-journalctl b/community/sshguard/sshguard-journalctl new file mode 100644 index 000000000..fb106f5b6 --- /dev/null +++ b/community/sshguard/sshguard-journalctl @@ -0,0 +1,2 @@ +#!/bin/sh +/usr/bin/journalctl -afbp info -n1 SYSLOG_FACILITY=4 SYSLOG_FACILITY=10 | /usr/bin/sshguard -l- "$@" diff --git a/community/sshguard/sshguard.install b/community/sshguard/sshguard.install new file mode 100644 index 000000000..486e55fbd --- /dev/null +++ b/community/sshguard/sshguard.install @@ -0,0 +1,14 @@ +post_install() { + mkdir -p var/db/sshguard + echo "-- You should add chains to your firewall:" + echo "-- iptables -N sshguard" + echo "-- iptables -A INPUT -p tcp --dport 22 -j sshguard" + echo "-- ip6tables -N sshguard" + echo "-- ip6tables -A INPUT -p tcp --dport 22 -j sshguard" + echo "-- touch /etc/iptables/ip6tables.rules if you don't use IPv6" + echo "-- For more information, see https://wiki.archlinux.org/index.php/Sshguard" +} + +post_upgrade() { + echo "-- touch /etc/iptables/ip6tables.rules if you don't use IPv6" +} diff --git a/community/sshguard/sshguard.service b/community/sshguard/sshguard.service new file mode 100644 index 000000000..d6324d459 --- /dev/null +++ b/community/sshguard/sshguard.service @@ -0,0 +1,10 @@ +[Unit] +Description=Block hacking attempts +After=iptables.service ip6tables.service network.target +Wants=iptables.service ip6tables.service + +[Service] +ExecStart=/usr/lib/systemd/scripts/sshguard-journalctl -b /var/db/sshguard/blacklist.db + +[Install] +WantedBy=multi-user.target |