Bug 197854 - security/sshguard patch to trigger on syslog entries with <facility.level>
Summary: security/sshguard patch to trigger on syslog entries with <facility.level>
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Mark Felder
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-02-20 16:08 UTC by jakob.alvermark
Modified: 2015-03-24 02:25 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (feld)

Attachments
Patch to attack_scanner.l (1.22 KB, patch)
2015-02-20 16:08 UTC, jakob.alvermark 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description jakob.alvermark 2015-02-20 16:08:54 UTC 
Created attachment 153223 [details]
Patch to attack_scanner.l

syslogd -v adds <facility.level> to the logs.
Attached patch makes sshguard trigger on those lines as well.
Comment 1 Bugzilla Automation freebsd_committer freebsd_triage 2015-02-20 16:08:54 UTC 
Auto-assigned to maintainer feld@FreeBSD.org
Comment 2 Mark Felder freebsd_committer freebsd_triage 2015-02-20 21:11:03 UTC 
Thanks for the patch! Can you confirm if it still matches entries when -v is not passed? I believe that was an issue from way back when this was discussed on the  upstream mailing lists.
Comment 3 jakob.alvermark 2015-02-22 13:29:31 UTC 
(In reply to Mark Felder from comment #2)

Yes. I have run it in debug mode and fed it logs both with and without <facility.level>
Comment 4 Mark Felder freebsd_committer freebsd_triage 2015-03-05 13:58:48 UTC 
This hasn't been overlooked; I've just been looking for more testers. I expect this will land in the tree soon.
Comment 5 commit-hook freebsd_committer freebsd_triage 2015-03-24 02:11:41 UTC 
A commit references this bug:

Author: feld
Date: Tue Mar 24 02:11:27 UTC 2015
New revision: 382063
URL: https://svnweb.freebsd.org/changeset/ports/382063

Log:
  Enable matching of syslog entries with <facility.level>

  PR:		197854

Changes:
  head/security/sshguard/Makefile
  head/security/sshguard/files/patch-src-parser-attack_scanner.l
  head/security/sshguard/files/patch-src-sshguard.c
Comment 6 commit-hook freebsd_committer freebsd_triage 2015-03-24 02:23:44 UTC 
A commit references this bug:

Author: feld
Date: Tue Mar 24 02:23:31 UTC 2015
New revision: 382064
URL: https://svnweb.freebsd.org/changeset/ports/382064

Log:
  Restore lost changes to patch-src-parser-attack_scanner.l

  PR:		197854

Changes:
  head/security/sshguard/Makefile
  head/security/sshguard/files/patch-src-parser-attack_scanner.l