Attachment #162898 for bug #204373

View | Details | Raw Unified | Return to bug 204373
Collapse All | Expand All





PORTNAME=	fail2ban
PORTVERSION=	0.9.3
PORTREVISION=	1
CATEGORIES=	security python
PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}



RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}sqlite3>0:${PORTSDIR}/databases/py-sqlite3

USES=		python shebangfix
USE_GITHUB=	yes
USE_PYTHON=	autoplist distutils
USE_RC_SUBR=	fail2ban

NO_ARCH=	yes

SHEBANG_FILES=	config/filter.d/ignorecommands/apache-fakegooglebot
USE_PYTHON=	distutils py3kplist

USE_RC_SUBR=	fail2ban
SUB_LIST+=	PYTHON_CMD=${PYTHON_CMD}

PYDISTUTILS_INSTALLARGS+=	--install-data=${ETCDIR}
				--install-data=${ETCDIR}
PYDISTUTILS_PKGVERSION=	${PORTVERSION}

PORTDOCS=	README.md DEVELOP


	@${REINPLACE_CMD} -e 's,/etc/fail2ban,${ETCDIR},g' ${FILES}
	@${REINPLACE_CMD} -e 's,paths-debian.conf,paths-freebsd.conf,g' \
		${WRKSRC}/config/jail.conf
	@${REINPLACE_CMD} -e 's,/var/lib/fail2ban/,${FAIL2BAN_DBDIR}/,g' \
		${WRKSRC}/config/fail2ban.conf

post-install:

.endfor
	${INSTALL_MAN} ${WRKSRC}/man/jail.conf.5 ${STAGEDIR}${MANPREFIX}/man/man5/fail2ban-jail.conf.5

do-test:
	@cd ${WRKSRC} && ${PYTHON_CMD} ${PYDISTUTILS_SETUP} test

.include <bsd.port.mk>




--- /dev/null	2012-11-27 18:33:00.000000000 +0100
+++ config/filter.d/bsd-sendmail.conf	2012-11-27 18:32:47.000000000 +0100
@@ -0,0 +1,35 @@
+# Fail2Ban configuration file
+#
+# Source: http://www.the-art-of-web.com/system/fail2ban-sendmail
+# Contributors: Gutza, the SASL regex
+#
+# $Revision$
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+# Option:  failregex
+# Notes.:  regex to match the password failures messages in the logfile. 
+#          The host must be matched by a group named "host". 
+#          The tag "<HOST>" can be used for standard IP/hostname matching
+#          and is only an alias for (':::f{4,6}:)?(?P<host>\S+)
+# Values:  TEXT
+
+failregex = \[<HOST>\] .*to MTA
+#           \[<HOST>\] \(may be forged\)
+            \[<HOST>\], reject.*\.\.\. Relaying denied
+            (User unknown)\n* \[<HOST>\]
+            badlogin: .* \[<HOST>\] plaintext .* SASL
+            \[<HOST>\]: possible SMTP attack:
+
+# Option:  ignoreregex
+# Notes.:  regex to ignore. If this regex matces, the line is ignored.
+# Values:  TEXT
+
+ignoreregex = 
+




--- /dev/null	2010-01-12 16:33:00.000000000 -0500
+++ ./config/filter.d/bsd-sshd.conf	2010-01-12 16:26:22.000000000 -0500
@@ -0,0 +1,40 @@
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+# $Revision: 663 $
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+
+[Definition]
+
+_daemon = sshd
+
+# Option:  failregex
+# Notes.:  regex to match the password failures messages in the logfile. The
+#          host must be matched by a group named "host". The tag "<HOST>" can
+#          be used for standard IP/hostname matching and is only an alias for
+#          (?:::f{4,6}:)?(?P<host>\S+)
+# Values:  TEXT
+#
+failregex = ^%(__prefix_line)s(?:error: PAM: )?[A|a]uthentication (?:failure|error) for .* from <HOST>\s*$
+            ^%(__prefix_line)sDid not receive identification string from <HOST>$
+            ^%(__prefix_line)sFailed [-/\w]+ for .* from <HOST>(?: port \d*)?(?: ssh\d*)?$
+            ^%(__prefix_line)sROOT LOGIN REFUSED.* FROM <HOST>\s*$
+            ^%(__prefix_line)s[iI](?:llegal|nvalid) user .* from <HOST>\s*$
+            ^%(__prefix_line)sUser \S+ from <HOST> not allowed because not listed in AllowUsers$
+            ^%(__prefix_line)sauthentication failure; logname=\S* uid=\S* euid=\S* tty=\S* ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$
+            ^%(__prefix_line)srefused connect from \S+ \(<HOST>\)\s*$
+            ^%(__prefix_line)sreverse mapping checking getaddrinfo for .* \[<HOST>\] .* POSSIBLE BREAK-IN ATTEMPT!$
+
+# Option:  ignoreregex
+# Notes.:  regex to ignore. If this regex matches, the line is ignored.
+# Values:  TEXT
+#
+ignoreregex = 




--- /dev/null	2010-01-12 16:33:00.000000000 -0500
+++ ./config/filter.d/bsdftp.conf	2010-01-12 16:26:27.000000000 -0500
@@ -0,0 +1,40 @@
+# Fail2Ban configuration file
+#
+# Author: Ken Menzel
+#
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+
+[Definition]
+
+_daemon = ftpd
+#
+#
+# Option: failregex
+# Notes.: regex to match the password failures messages in the logfile. The
+#          host must be matched by a group named "host". The tag "<HOST>" can
+#          be used for standard IP/hostname matching and is only an alias for
+#          (?:::f{4,6}:)?(?P<host>\S+)
+# Values: TEXT
+#
+failregex = ^%(__prefix_line)sFTP LOGIN FAILED FROM <HOST>,\s*.*$
+
+
+#	\(\S+\[<HOST>\]\)[: -]+ USER \S+: no such user found from \S+ \[\S+\] to \S+:\S+$
+#     \(\S+\[<HOST>\]\)[: -]+ USER \S+ \(Login failed\): Incorrect password\.$
+#     \(\S+\[<HOST>\]\)[: -]+ SECURITY VIOLATION: \S+ login attempted\.$
+#     \(\S+\[<HOST>\]\)[: -]+ Maximum login attempts \(\d+\) exceeded$
+
+# May 28 15:11:53 freebsd4 ftpd[26191]: FTP LOGIN FAILED FROM freebsd4, dsf
+#
+# Option:  ignoreregex
+# Notes.:  regex to ignore. If this regex matches, the line is ignored.
+# Values:  TEXT
+#
+ignoreregex = 




--- config/filter.d/common.conf.orig	2012-01-20 22:50:22.000000000 +0100
+++ config/filter.d/common.conf	2012-01-20 23:10:52.000000000 +0100
@@ -35,6 +35,9 @@
 # EXAMPLES: sshd[31607], pop(pam_unix)[4920]
 __daemon_combs_re = (?:%(__pid_re)s?:\s+%(__daemon_re)s|%(__daemon_re)s%(__pid_re)s?:)
 
+# Logging facility and priority for BSD "-v" verbose mode
+__bsd_verbose_mode = (?:\s*\<\S+\.\S+\>\s*)
+
 # Some messages have a kernel prefix with a timestamp
 # EXAMPLES: kernel: [769570.846956]
 __kernel_prefix = kernel: \[\d+\.\d+\]




--- config/filter.d/bsd-sendmail.conf.orig	2015-11-03 04:11:30 UTC
+++ config/filter.d/bsd-sendmail.conf
@@ -0,0 +1,35 @@
+# Fail2Ban configuration file
+#
+# Source: http://www.the-art-of-web.com/system/fail2ban-sendmail
+# Contributors: Gutza, the SASL regex
+#
+# $Revision$
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+# Option:  failregex
+# Notes.:  regex to match the password failures messages in the logfile. 
+#          The host must be matched by a group named "host". 
+#          The tag "<HOST>" can be used for standard IP/hostname matching
+#          and is only an alias for (':::f{4,6}:)?(?P<host>\S+)
+# Values:  TEXT
+
+failregex = \[<HOST>\] .*to MTA
+#           \[<HOST>\] \(may be forged\)
+            \[<HOST>\], reject.*\.\.\. Relaying denied
+            (User unknown)\n* \[<HOST>\]
+            badlogin: .* \[<HOST>\] plaintext .* SASL
+            \[<HOST>\]: possible SMTP attack:
+
+# Option:  ignoreregex
+# Notes.:  regex to ignore. If this regex matces, the line is ignored.
+# Values:  TEXT
+
+ignoreregex = 
+




--- config/filter.d/bsd-sshd.conf.orig	2015-11-03 04:11:30 UTC
+++ config/filter.d/bsd-sshd.conf
@@ -0,0 +1,40 @@
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+# $Revision: 663 $
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+
+[Definition]
+
+_daemon = sshd
+
+# Option:  failregex
+# Notes.:  regex to match the password failures messages in the logfile. The
+#          host must be matched by a group named "host". The tag "<HOST>" can
+#          be used for standard IP/hostname matching and is only an alias for
+#          (?:::f{4,6}:)?(?P<host>\S+)
+# Values:  TEXT
+#
+failregex = ^%(__prefix_line)s(?:error: PAM: )?[A|a]uthentication (?:failure|error) for .* from <HOST>\s*$
+            ^%(__prefix_line)sDid not receive identification string from <HOST>$
+            ^%(__prefix_line)sFailed [-/\w]+ for .* from <HOST>(?: port \d*)?(?: ssh\d*)?$
+            ^%(__prefix_line)sROOT LOGIN REFUSED.* FROM <HOST>\s*$
+            ^%(__prefix_line)s[iI](?:llegal|nvalid) user .* from <HOST>\s*$
+            ^%(__prefix_line)sUser \S+ from <HOST> not allowed because not listed in AllowUsers$
+            ^%(__prefix_line)sauthentication failure; logname=\S* uid=\S* euid=\S* tty=\S* ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$
+            ^%(__prefix_line)srefused connect from \S+ \(<HOST>\)\s*$
+            ^%(__prefix_line)sreverse mapping checking getaddrinfo for .* \[<HOST>\] .* POSSIBLE BREAK-IN ATTEMPT!$
+
+# Option:  ignoreregex
+# Notes.:  regex to ignore. If this regex matches, the line is ignored.
+# Values:  TEXT
+#
+ignoreregex = 




--- config/filter.d/bsdftp.conf.orig	2015-11-03 04:11:30 UTC
+++ config/filter.d/bsdftp.conf
@@ -0,0 +1,40 @@
+# Fail2Ban configuration file
+#
+# Author: Ken Menzel
+#
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+
+[Definition]
+
+_daemon = ftpd
+#
+#
+# Option: failregex
+# Notes.: regex to match the password failures messages in the logfile. The
+#          host must be matched by a group named "host". The tag "<HOST>" can
+#          be used for standard IP/hostname matching and is only an alias for
+#          (?:::f{4,6}:)?(?P<host>\S+)
+# Values: TEXT
+#
+failregex = ^%(__prefix_line)sFTP LOGIN FAILED FROM <HOST>,\s*.*$
+
+
+#	\(\S+\[<HOST>\]\)[: -]+ USER \S+: no such user found from \S+ \[\S+\] to \S+:\S+$
+#     \(\S+\[<HOST>\]\)[: -]+ USER \S+ \(Login failed\): Incorrect password\.$
+#     \(\S+\[<HOST>\]\)[: -]+ SECURITY VIOLATION: \S+ login attempted\.$
+#     \(\S+\[<HOST>\]\)[: -]+ Maximum login attempts \(\d+\) exceeded$
+
+# May 28 15:11:53 freebsd4 ftpd[26191]: FTP LOGIN FAILED FROM freebsd4, dsf
+#
+# Option:  ignoreregex
+# Notes.:  regex to ignore. If this regex matches, the line is ignored.
+# Values:  TEXT
+#
+ignoreregex = 




--- config/filter.d/common.conf.orig	2015-08-01 01:32:13 UTC
+++ config/filter.d/common.conf
@@ -32,6 +32,9 @@ __daemon_extra_re = (?:\[ID \d+ \S+\])
 # EXAMPLES: sshd[31607], pop(pam_unix)[4920]
 __daemon_combs_re = (?:%(__pid_re)s?:\s+%(__daemon_re)s|%(__daemon_re)s%(__pid_re)s?:?)
 
+# Logging facility and priority for BSD "-v" verbose mode
+__bsd_verbose_mode = (?:\s*\<\S+\.\S+\>\s*)
+
 # Some messages have a kernel prefix with a timestamp
 # EXAMPLES: kernel: [769570.846956]
 __kernel_prefix = kernel: \[ *\d+\.\d+\]




bin/fail2ban-client
bin/fail2ban-regex
bin/fail2ban-server
%%ETCDIR%%/fail2ban.conf
%%ETCDIR%%/jail.conf
%%ETCDIR%%/paths-common.conf
%%ETCDIR%%/paths-debian.conf
%%ETCDIR%%/paths-fedora.conf
%%ETCDIR%%/paths-freebsd.conf
%%ETCDIR%%/paths-osx.conf
%%ETCDIR%%/action.d/apf.conf
%%ETCDIR%%/action.d/badips.conf
%%ETCDIR%%/action.d/badips.py
%%ETCDIR%%/action.d/blocklist_de.conf
%%ETCDIR%%/action.d/bsd-ipfw.conf
%%ETCDIR%%/action.d/cloudflare.conf
%%ETCDIR%%/action.d/complain.conf
%%ETCDIR%%/action.d/dshield.conf
%%ETCDIR%%/action.d/dummy.conf
%%ETCDIR%%/action.d/firewallcmd-allports.conf
%%ETCDIR%%/action.d/firewallcmd-ipset.conf
%%ETCDIR%%/action.d/firewallcmd-multiport.conf
%%ETCDIR%%/action.d/firewallcmd-new.conf
%%ETCDIR%%/action.d/hostsdeny.conf
%%ETCDIR%%/action.d/ipfilter.conf
%%ETCDIR%%/action.d/ipfw.conf
%%ETCDIR%%/action.d/iptables-allports.conf
%%ETCDIR%%/action.d/iptables-common.conf
%%ETCDIR%%/action.d/iptables-ipset-proto4.conf
%%ETCDIR%%/action.d/iptables-ipset-proto6-allports.conf
%%ETCDIR%%/action.d/iptables-ipset-proto6.conf
%%ETCDIR%%/action.d/iptables-multiport-log.conf
%%ETCDIR%%/action.d/iptables-multiport.conf
%%ETCDIR%%/action.d/iptables-new.conf
%%ETCDIR%%/action.d/iptables-xt_recent-echo.conf
%%ETCDIR%%/action.d/iptables.conf
%%ETCDIR%%/action.d/mail-buffered.conf
%%ETCDIR%%/action.d/mail-whois-common.conf
%%ETCDIR%%/action.d/mail-whois-lines.conf
%%ETCDIR%%/action.d/mail-whois.conf
%%ETCDIR%%/action.d/mail.conf
%%ETCDIR%%/action.d/mynetwatchman.conf
%%ETCDIR%%/action.d/nsupdate.conf
%%ETCDIR%%/action.d/osx-afctl.conf
%%ETCDIR%%/action.d/osx-ipfw.conf
%%ETCDIR%%/action.d/pf.conf
%%ETCDIR%%/action.d/route.conf
%%ETCDIR%%/action.d/sendmail-buffered.conf
%%ETCDIR%%/action.d/sendmail-common.conf
%%ETCDIR%%/action.d/sendmail-geoip-lines.conf
%%ETCDIR%%/action.d/sendmail-whois-ipjailmatches.conf
%%ETCDIR%%/action.d/sendmail-whois-ipmatches.conf
%%ETCDIR%%/action.d/sendmail-whois-lines.conf
%%ETCDIR%%/action.d/sendmail-whois-matches.conf
%%ETCDIR%%/action.d/sendmail-whois.conf
%%ETCDIR%%/action.d/sendmail.conf
%%ETCDIR%%/action.d/shorewall.conf
%%ETCDIR%%/action.d/shorewall-ipset-proto6.conf
%%ETCDIR%%/action.d/smtp.py
%%ETCDIR%%/action.d/symbiosis-blacklist-allports.conf
%%ETCDIR%%/action.d/ufw.conf
%%ETCDIR%%/action.d/xarf-login-attack.conf
%%ETCDIR%%/filter.d/3proxy.conf
%%ETCDIR%%/filter.d/apache-auth.conf
%%ETCDIR%%/filter.d/apache-badbots.conf
%%ETCDIR%%/filter.d/apache-botsearch.conf
%%ETCDIR%%/filter.d/apache-common.conf
%%ETCDIR%%/filter.d/apache-fakegooglebot.conf
%%ETCDIR%%/filter.d/apache-modsecurity.conf
%%ETCDIR%%/filter.d/apache-nohome.conf
%%ETCDIR%%/filter.d/apache-noscript.conf
%%ETCDIR%%/filter.d/apache-overflows.conf
%%ETCDIR%%/filter.d/apache-pass.conf
%%ETCDIR%%/filter.d/apache-shellshock.conf
%%ETCDIR%%/filter.d/assp.conf
%%ETCDIR%%/filter.d/asterisk.conf
%%ETCDIR%%/filter.d/botsearch-common.conf
%%ETCDIR%%/filter.d/bsd-sendmail.conf
%%ETCDIR%%/filter.d/bsd-sshd.conf
%%ETCDIR%%/filter.d/bsdftp.conf
%%ETCDIR%%/filter.d/common.conf
%%ETCDIR%%/filter.d/counter-strike.conf
%%ETCDIR%%/filter.d/courier-auth.conf
%%ETCDIR%%/filter.d/courier-smtp.conf
%%ETCDIR%%/filter.d/cyrus-imap.conf
%%ETCDIR%%/filter.d/directadmin.conf
%%ETCDIR%%/filter.d/dovecot.conf
%%ETCDIR%%/filter.d/dropbear.conf
%%ETCDIR%%/filter.d/drupal-auth.conf
%%ETCDIR%%/filter.d/ejabberd-auth.conf
%%ETCDIR%%/filter.d/exim-common.conf
%%ETCDIR%%/filter.d/exim-spam.conf
%%ETCDIR%%/filter.d/exim.conf
%%ETCDIR%%/filter.d/freeswitch.conf
%%ETCDIR%%/filter.d/froxlor-auth.conf
%%ETCDIR%%/filter.d/groupoffice.conf
%%ETCDIR%%/filter.d/gssftpd.conf
%%ETCDIR%%/filter.d/guacamole.conf
%%ETCDIR%%/filter.d/horde.conf
%%ETCDIR%%/filter.d/kerio.conf
%%ETCDIR%%/filter.d/lighttpd-auth.conf
%%ETCDIR%%/filter.d/monit.conf
%%ETCDIR%%/filter.d/mysqld-auth.conf
%%ETCDIR%%/filter.d/nagios.conf
%%ETCDIR%%/filter.d/named-refused.conf
%%ETCDIR%%/filter.d/nginx-botsearch.conf
%%ETCDIR%%/filter.d/nginx-http-auth.conf
%%ETCDIR%%/filter.d/nsd.conf
%%ETCDIR%%/filter.d/openwebmail.conf
%%ETCDIR%%/filter.d/oracleims.conf
%%ETCDIR%%/filter.d/pam-generic.conf
%%ETCDIR%%/filter.d/perdition.conf
%%ETCDIR%%/filter.d/php-url-fopen.conf
%%ETCDIR%%/filter.d/portsentry.conf
%%ETCDIR%%/filter.d/postfix.conf
%%ETCDIR%%/filter.d/postfix-sasl.conf
%%ETCDIR%%/filter.d/postfix-rbl.conf
%%ETCDIR%%/filter.d/proftpd.conf
%%ETCDIR%%/filter.d/pure-ftpd.conf
%%ETCDIR%%/filter.d/qmail.conf
%%ETCDIR%%/filter.d/recidive.conf
%%ETCDIR%%/filter.d/roundcube-auth.conf
%%ETCDIR%%/filter.d/selinux-common.conf
%%ETCDIR%%/filter.d/selinux-ssh.conf
%%ETCDIR%%/filter.d/sendmail-auth.conf
%%ETCDIR%%/filter.d/sendmail-reject.conf
%%ETCDIR%%/filter.d/sieve.conf
%%ETCDIR%%/filter.d/sogo-auth.conf
%%ETCDIR%%/filter.d/solid-pop3d.conf
%%ETCDIR%%/filter.d/squid.conf
%%ETCDIR%%/filter.d/squirrelmail.conf
%%ETCDIR%%/filter.d/sshd-ddos.conf
%%ETCDIR%%/filter.d/sshd.conf
%%ETCDIR%%/filter.d/stunnel.conf
%%ETCDIR%%/filter.d/suhosin.conf
%%ETCDIR%%/filter.d/tine20.conf
%%ETCDIR%%/filter.d/uwimap-auth.conf
%%ETCDIR%%/filter.d/vsftpd.conf
%%ETCDIR%%/filter.d/webmin-auth.conf
%%ETCDIR%%/filter.d/wuftpd.conf
%%ETCDIR%%/filter.d/xinetd-fail.conf
%%ETCDIR%%/filter.d/ignorecommands/apache-fakegooglebot
%%PYTHON_SITELIBDIR%%/fail2ban/__init__.py
%%PYTHON_SITELIBDIR%%/fail2ban/__init__.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/exceptions.py
%%PYTHON_SITELIBDIR%%/fail2ban/exceptions.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/helpers.py
%%PYTHON_SITELIBDIR%%/fail2ban/helpers.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/protocol.py
%%PYTHON_SITELIBDIR%%/fail2ban/protocol.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/version.py
%%PYTHON_SITELIBDIR%%/fail2ban/version.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/client/__init__.py
%%PYTHON_SITELIBDIR%%/fail2ban/client/__init__.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/client/actionreader.py
%%PYTHON_SITELIBDIR%%/fail2ban/client/actionreader.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/client/beautifier.py
%%PYTHON_SITELIBDIR%%/fail2ban/client/beautifier.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/client/configparserinc.py
%%PYTHON_SITELIBDIR%%/fail2ban/client/configparserinc.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/client/configreader.py
%%PYTHON_SITELIBDIR%%/fail2ban/client/configreader.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/client/configurator.py
%%PYTHON_SITELIBDIR%%/fail2ban/client/configurator.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/client/csocket.py
%%PYTHON_SITELIBDIR%%/fail2ban/client/csocket.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/client/fail2banreader.py
%%PYTHON_SITELIBDIR%%/fail2ban/client/fail2banreader.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/client/filterreader.py
%%PYTHON_SITELIBDIR%%/fail2ban/client/filterreader.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/client/jailreader.py
%%PYTHON_SITELIBDIR%%/fail2ban/client/jailreader.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/client/jailsreader.py
%%PYTHON_SITELIBDIR%%/fail2ban/client/jailsreader.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/__init__.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/__init__.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/action.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/action.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/actions.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/actions.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/asyncserver.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/asyncserver.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/banmanager.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/banmanager.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/database.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/database.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/datedetector.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/datedetector.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/datetemplate.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/datetemplate.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/faildata.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/faildata.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/failmanager.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/failmanager.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/failregex.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/failregex.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/filter.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/filter.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/filtergamin.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/filtergamin.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/filterpoll.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/filterpoll.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/filterpyinotify.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/filterpyinotify.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/filtersystemd.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/filtersystemd.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/jail.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/jail.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/jails.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/jails.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/jailthread.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/jailthread.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/mytime.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/mytime.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/server.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/server.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/strptime.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/strptime.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/ticket.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/ticket.pyc
%%PYTHON_SITELIBDIR%%/fail2ban/server/transmitter.py
%%PYTHON_SITELIBDIR%%/fail2ban/server/transmitter.pyc
man/man1/fail2ban-client.1.gz
man/man1/fail2ban-regex.1.gz
man/man1/fail2ban-server.1.gz
man/man1/fail2ban.1.gz
man/man5/fail2ban-jail.conf.5.gz
@dir %%ETCDIR%%/fail2ban.d
@dir %%PYTHON_SITELIBDIR%%/fail2ban/client
@dir %%PYTHON_SITELIBDIR%%/fail2ban
@dir %%ETCDIR%%/jail.d
@dir %%ETCDIR%%/filter.d/ignorecommands
@dir %%ETCDIR%%/filter.d
@dir %%ETCDIR%%/fail2ban.d
@dir %%ETCDIR%%/action.d
@dir %%ETCDIR%%
@dir /var/run/fail2ban
@dir /var/db/fail2ban
@dir /var/lib/fail2ban
@dir /var/lib
@dir /var/run/fail2ban


Return to bug 204373

Lines 2-7 Link Here

(-)Makefile (-7 / +11 lines)
2		2
3	PORTNAME= fail2ban	3	PORTNAME= fail2ban
4	PORTVERSION= 0.9.3	4	PORTVERSION= 0.9.3
		5	PORTREVISION= 1
5	CATEGORIES= security python	6	CATEGORIES= security python
6	PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX}	7	PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX}
7		8
Lines 13-30 Link Here
13		14
14	RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}sqlite3>0:${PORTSDIR}/databases/py-sqlite3	15	RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}sqlite3>0:${PORTSDIR}/databases/py-sqlite3
15		16
		17	USES= python shebangfix
16	USE_GITHUB= yes	18	USE_GITHUB= yes
		19	USE_PYTHON= autoplist distutils
		20	USE_RC_SUBR= fail2ban
17		21
18	USES= python shebangfix	22	NO_ARCH= yes
		23
19	SHEBANG_FILES= config/filter.d/ignorecommands/apache-fakegooglebot	24	SHEBANG_FILES= config/filter.d/ignorecommands/apache-fakegooglebot
20	USE_PYTHON= distutils py3kplist
21		25
22	USE_RC_SUBR= fail2ban
23	SUB_LIST+= PYTHON_CMD=${PYTHON_CMD}	26	SUB_LIST+= PYTHON_CMD=${PYTHON_CMD}
24		27
25	PYDISTUTILS_INSTALLARGS+= --install-purelib=${PYTHON_SITELIBDIR} \	28	PYDISTUTILS_INSTALLARGS+= --install-data=${ETCDIR}
26	--install-data=${ETCDIR}
27	PYDISTUTILS_PKGVERSION= ${PORTVERSION}
28		29
29	PORTDOCS= README.md DEVELOP	30	PORTDOCS= README.md DEVELOP
30		31
Lines 39-45 Link Here
39	@${REINPLACE_CMD} -e 's,/etc/fail2ban,${ETCDIR},g' ${FILES}	40	@${REINPLACE_CMD} -e 's,/etc/fail2ban,${ETCDIR},g' ${FILES}
40	@${REINPLACE_CMD} -e 's,paths-debian.conf,paths-freebsd.conf,g' \	41	@${REINPLACE_CMD} -e 's,paths-debian.conf,paths-freebsd.conf,g' \
41	${WRKSRC}/config/jail.conf	42	${WRKSRC}/config/jail.conf
42	@${REINPLACE_CMD} -e 's,/var/lib/fail2ban/fail2ban.sqlite3,${FAIL2BAN_DBDIR}/fail2ban.sqlite3,g' \	43	@${REINPLACE_CMD} -e 's,/var/lib/fail2ban/,${FAIL2BAN_DBDIR}/,g' \
43	${WRKSRC}/config/fail2ban.conf	44	${WRKSRC}/config/fail2ban.conf
44		45
45	post-install:	46	post-install:
Lines 51-54 Link Here
51	.endfor	52	.endfor
52	${INSTALL_MAN} ${WRKSRC}/man/jail.conf.5 ${STAGEDIR}${MANPREFIX}/man/man5/fail2ban-jail.conf.5	53	${INSTALL_MAN} ${WRKSRC}/man/jail.conf.5 ${STAGEDIR}${MANPREFIX}/man/man5/fail2ban-jail.conf.5
53		54
		55	do-test:
		56	@cd ${WRKSRC} && ${PYTHON_CMD} ${PYDISTUTILS_SETUP} test
		57
54	.include <bsd.port.mk>	58	.include <bsd.port.mk>

Lines 1-38 Link Here

(-)files/patch-bsd-sendmail.conf (-38 lines)
1	--- /dev/null 2012-11-27 18:33:00.000000000 +0100
2	+++ config/filter.d/bsd-sendmail.conf 2012-11-27 18:32:47.000000000 +0100
3	@@ -0,0 +1,35 @@
4	+# Fail2Ban configuration file
5	+#
6	+# Source: http://www.the-art-of-web.com/system/fail2ban-sendmail
7	+# Contributors: Gutza, the SASL regex
8	+#
9	+# $Revision$
10	+
11	+[INCLUDES]
12	+
13	+# Read common prefixes. If any customizations available -- read them from
14	+# common.local
15	+before = common.conf
16	+
17	+[Definition]
18	+
19	+# Option: failregex
20	+# Notes.: regex to match the password failures messages in the logfile.
21	+# The host must be matched by a group named "host".
22	+# The tag "<HOST>" can be used for standard IP/hostname matching
23	+# and is only an alias for (':::f{4,6}:)?(?P<host>\S+)
24	+# Values: TEXT
25	+
26	+failregex = \[<HOST>\] .*to MTA
27	+# \[<HOST>\] \(may be forged\)
28	+ \[<HOST>\], reject.*\.\.\. Relaying denied
29	+ (User unknown)\n* \[<HOST>\]
30	+ badlogin: .* \[<HOST>\] plaintext .* SASL
31	+ \[<HOST>\]: possible SMTP attack:
32	+
33	+# Option: ignoreregex
34	+# Notes.: regex to ignore. If this regex matces, the line is ignored.
35	+# Values: TEXT
36	+
37	+ignoreregex =
38	+

Lines 1-43 Link Here

(-)files/patch-bsd-sshd.conf (-43 lines)
1	--- /dev/null 2010-01-12 16:33:00.000000000 -0500
2	+++ ./config/filter.d/bsd-sshd.conf 2010-01-12 16:26:22.000000000 -0500
3	@@ -0,0 +1,40 @@
4	+# Fail2Ban configuration file
5	+#
6	+# Author: Cyril Jaquier
7	+#
8	+# $Revision: 663 $
9	+#
10	+
11	+[INCLUDES]
12	+
13	+# Read common prefixes. If any customizations available -- read them from
14	+# common.local
15	+before = common.conf
16	+
17	+
18	+[Definition]
19	+
20	+_daemon = sshd
21	+
22	+# Option: failregex
23	+# Notes.: regex to match the password failures messages in the logfile. The
24	+# host must be matched by a group named "host". The tag "<HOST>" can
25	+# be used for standard IP/hostname matching and is only an alias for
26	+# (?:::f{4,6}:)?(?P<host>\S+)
27	+# Values: TEXT
28	+#
29	+failregex = ^%(__prefix_line)s(?:error: PAM: )?[A\|a]uthentication (?:failure\|error) for .* from <HOST>\s*$
30	+ ^%(__prefix_line)sDid not receive identification string from <HOST>$
31	+ ^%(__prefix_line)sFailed [-/\w]+ for .* from <HOST>(?: port \d)?(?: ssh\d)?$
32	+ ^%(__prefix_line)sROOT LOGIN REFUSED.* FROM <HOST>\s*$
33	+ ^%(__prefix_line)s[iI](?:llegal\|nvalid) user .* from <HOST>\s*$
34	+ ^%(__prefix_line)sUser \S+ from <HOST> not allowed because not listed in AllowUsers$
35	+ ^%(__prefix_line)sauthentication failure; logname=\S* uid=\S* euid=\S* tty=\S* ruser=\S* rhost=<HOST>(?:\s+user=.)?\s$
36	+ ^%(__prefix_line)srefused connect from \S+ \(<HOST>\)\s*$
37	+ ^%(__prefix_line)sreverse mapping checking getaddrinfo for .* \[<HOST>\] .* POSSIBLE BREAK-IN ATTEMPT!$
38	+
39	+# Option: ignoreregex
40	+# Notes.: regex to ignore. If this regex matches, the line is ignored.
41	+# Values: TEXT
42	+#
43	+ignoreregex =

Lines 1-43 Link Here

(-)files/patch-bsdftp.conf (-43 lines)
1	--- /dev/null 2010-01-12 16:33:00.000000000 -0500
2	+++ ./config/filter.d/bsdftp.conf 2010-01-12 16:26:27.000000000 -0500
3	@@ -0,0 +1,40 @@
4	+# Fail2Ban configuration file
5	+#
6	+# Author: Ken Menzel
7	+#
8	+#
9	+
10	+[INCLUDES]
11	+
12	+# Read common prefixes. If any customizations available -- read them from
13	+# common.local
14	+before = common.conf
15	+
16	+
17	+[Definition]
18	+
19	+_daemon = ftpd
20	+#
21	+#
22	+# Option: failregex
23	+# Notes.: regex to match the password failures messages in the logfile. The
24	+# host must be matched by a group named "host". The tag "<HOST>" can
25	+# be used for standard IP/hostname matching and is only an alias for
26	+# (?:::f{4,6}:)?(?P<host>\S+)
27	+# Values: TEXT
28	+#
29	+failregex = ^%(__prefix_line)sFTP LOGIN FAILED FROM <HOST>,\s.$
30	+
31	+
32	+# \(\S+\[<HOST>\]\)[: -]+ USER \S+: no such user found from \S+ \[\S+\] to \S+:\S+$
33	+# \(\S+\[<HOST>\]\)[: -]+ USER \S+ \(Login failed\): Incorrect password\.$
34	+# \(\S+\[<HOST>\]\)[: -]+ SECURITY VIOLATION: \S+ login attempted\.$
35	+# \(\S+\[<HOST>\]\)[: -]+ Maximum login attempts \(\d+\) exceeded$
36	+
37	+# May 28 15:11:53 freebsd4 ftpd[26191]: FTP LOGIN FAILED FROM freebsd4, dsf
38	+#
39	+# Option: ignoreregex
40	+# Notes.: regex to ignore. If this regex matches, the line is ignored.
41	+# Values: TEXT
42	+#
43	+ignoreregex =

Lines 1-12 Link Here

(-)files/patch-common.conf (-12 lines)
1	--- config/filter.d/common.conf.orig 2012-01-20 22:50:22.000000000 +0100
2	+++ config/filter.d/common.conf 2012-01-20 23:10:52.000000000 +0100
3	@@ -35,6 +35,9 @@
4	# EXAMPLES: sshd[31607], pop(pam_unix)[4920]
5	__daemon_combs_re = (?:%(__pid_re)s?:\s+%(__daemon_re)s\|%(__daemon_re)s%(__pid_re)s?:)
6
7	+# Logging facility and priority for BSD "-v" verbose mode
8	+__bsd_verbose_mode = (?:\s\<\S+\.\S+\>\s)
9	+
10	# Some messages have a kernel prefix with a timestamp
11	# EXAMPLES: kernel: [769570.846956]
12	__kernel_prefix = kernel: \[\d+\.\d+\]

Line 0 Link Here

(-)files/patch-config_filter.d_bsd-sendmail.conf (+38 lines)
	1	--- config/filter.d/bsd-sendmail.conf.orig 2015-11-03 04:11:30 UTC
	2	+++ config/filter.d/bsd-sendmail.conf
	3	@@ -0,0 +1,35 @@
	4	+# Fail2Ban configuration file
	5	+#
	6	+# Source: http://www.the-art-of-web.com/system/fail2ban-sendmail
	7	+# Contributors: Gutza, the SASL regex
	8	+#
	9	+# $Revision$
	10	+
	11	+[INCLUDES]
	12	+
	13	+# Read common prefixes. If any customizations available -- read them from
	14	+# common.local
	15	+before = common.conf
	16	+
	17	+[Definition]
	18	+
	19	+# Option: failregex
	20	+# Notes.: regex to match the password failures messages in the logfile.
	21	+# The host must be matched by a group named "host".
	22	+# The tag "<HOST>" can be used for standard IP/hostname matching
	23	+# and is only an alias for (':::f{4,6}:)?(?P<host>\S+)
	24	+# Values: TEXT
	25	+
	26	+failregex = \[<HOST>\] .*to MTA
	27	+# \[<HOST>\] \(may be forged\)
	28	+ \[<HOST>\], reject.*\.\.\. Relaying denied
	29	+ (User unknown)\n* \[<HOST>\]
	30	+ badlogin: .* \[<HOST>\] plaintext .* SASL
	31	+ \[<HOST>\]: possible SMTP attack:
	32	+
	33	+# Option: ignoreregex
	34	+# Notes.: regex to ignore. If this regex matces, the line is ignored.
	35	+# Values: TEXT
	36	+
	37	+ignoreregex =
	38	+

Line 0 Link Here

(-)files/patch-config_filter.d_bsd-sshd.conf (+43 lines)
	1	--- config/filter.d/bsd-sshd.conf.orig 2015-11-03 04:11:30 UTC
	2	+++ config/filter.d/bsd-sshd.conf
	3	@@ -0,0 +1,40 @@
	4	+# Fail2Ban configuration file
	5	+#
	6	+# Author: Cyril Jaquier
	7	+#
	8	+# $Revision: 663 $
	9	+#
	10	+
	11	+[INCLUDES]
	12	+
	13	+# Read common prefixes. If any customizations available -- read them from
	14	+# common.local
	15	+before = common.conf
	16	+
	17	+
	18	+[Definition]
	19	+
	20	+_daemon = sshd
	21	+
	22	+# Option: failregex
	23	+# Notes.: regex to match the password failures messages in the logfile. The
	24	+# host must be matched by a group named "host". The tag "<HOST>" can
	25	+# be used for standard IP/hostname matching and is only an alias for
	26	+# (?:::f{4,6}:)?(?P<host>\S+)
	27	+# Values: TEXT
	28	+#
	29	+failregex = ^%(__prefix_line)s(?:error: PAM: )?[A\|a]uthentication (?:failure\|error) for .* from <HOST>\s*$
	30	+ ^%(__prefix_line)sDid not receive identification string from <HOST>$
	31	+ ^%(__prefix_line)sFailed [-/\w]+ for .* from <HOST>(?: port \d)?(?: ssh\d)?$
	32	+ ^%(__prefix_line)sROOT LOGIN REFUSED.* FROM <HOST>\s*$
	33	+ ^%(__prefix_line)s[iI](?:llegal\|nvalid) user .* from <HOST>\s*$
	34	+ ^%(__prefix_line)sUser \S+ from <HOST> not allowed because not listed in AllowUsers$
	35	+ ^%(__prefix_line)sauthentication failure; logname=\S* uid=\S* euid=\S* tty=\S* ruser=\S* rhost=<HOST>(?:\s+user=.)?\s$
	36	+ ^%(__prefix_line)srefused connect from \S+ \(<HOST>\)\s*$
	37	+ ^%(__prefix_line)sreverse mapping checking getaddrinfo for .* \[<HOST>\] .* POSSIBLE BREAK-IN ATTEMPT!$
	38	+
	39	+# Option: ignoreregex
	40	+# Notes.: regex to ignore. If this regex matches, the line is ignored.
	41	+# Values: TEXT
	42	+#
	43	+ignoreregex =

Line 0 Link Here

(-)files/patch-config_filter.d_bsdftp.conf (+43 lines)
	1	--- config/filter.d/bsdftp.conf.orig 2015-11-03 04:11:30 UTC
	2	+++ config/filter.d/bsdftp.conf
	3	@@ -0,0 +1,40 @@
	4	+# Fail2Ban configuration file
	5	+#
	6	+# Author: Ken Menzel
	7	+#
	8	+#
	9	+
	10	+[INCLUDES]
	11	+
	12	+# Read common prefixes. If any customizations available -- read them from
	13	+# common.local
	14	+before = common.conf
	15	+
	16	+
	17	+[Definition]
	18	+
	19	+_daemon = ftpd
	20	+#
	21	+#
	22	+# Option: failregex
	23	+# Notes.: regex to match the password failures messages in the logfile. The
	24	+# host must be matched by a group named "host". The tag "<HOST>" can
	25	+# be used for standard IP/hostname matching and is only an alias for
	26	+# (?:::f{4,6}:)?(?P<host>\S+)
	27	+# Values: TEXT
	28	+#
	29	+failregex = ^%(__prefix_line)sFTP LOGIN FAILED FROM <HOST>,\s.$
	30	+
	31	+
	32	+# \(\S+\[<HOST>\]\)[: -]+ USER \S+: no such user found from \S+ \[\S+\] to \S+:\S+$
	33	+# \(\S+\[<HOST>\]\)[: -]+ USER \S+ \(Login failed\): Incorrect password\.$
	34	+# \(\S+\[<HOST>\]\)[: -]+ SECURITY VIOLATION: \S+ login attempted\.$
	35	+# \(\S+\[<HOST>\]\)[: -]+ Maximum login attempts \(\d+\) exceeded$
	36	+
	37	+# May 28 15:11:53 freebsd4 ftpd[26191]: FTP LOGIN FAILED FROM freebsd4, dsf
	38	+#
	39	+# Option: ignoreregex
	40	+# Notes.: regex to ignore. If this regex matches, the line is ignored.
	41	+# Values: TEXT
	42	+#
	43	+ignoreregex =

Line 0 Link Here

(-)files/patch-config_filter.d_common.conf (+12 lines)
	1	--- config/filter.d/common.conf.orig 2015-08-01 01:32:13 UTC
	2	+++ config/filter.d/common.conf
	3	@@ -32,6 +32,9 @@ __daemon_extra_re = (?:\[ID \d+ \S+\])
	4	# EXAMPLES: sshd[31607], pop(pam_unix)[4920]
	5	__daemon_combs_re = (?:%(__pid_re)s?:\s+%(__daemon_re)s\|%(__daemon_re)s%(__pid_re)s?:?)
	6
	7	+# Logging facility and priority for BSD "-v" verbose mode
	8	+__bsd_verbose_mode = (?:\s\<\S+\.\S+\>\s)
	9	+
	10	# Some messages have a kernel prefix with a timestamp
	11	# EXAMPLES: kernel: [769570.846956]
	12	__kernel_prefix = kernel: \[ *\d+\.\d+\]

Lines 1-240 Link Here

(-)pkg-plist (-231 / +3 lines)
1	bin/fail2ban-client
2	bin/fail2ban-regex
3	bin/fail2ban-server
4	%%ETCDIR%%/fail2ban.conf
5	%%ETCDIR%%/jail.conf
6	%%ETCDIR%%/paths-common.conf
7	%%ETCDIR%%/paths-debian.conf
8	%%ETCDIR%%/paths-fedora.conf
9	%%ETCDIR%%/paths-freebsd.conf
10	%%ETCDIR%%/paths-osx.conf
11	%%ETCDIR%%/action.d/apf.conf
12	%%ETCDIR%%/action.d/badips.conf
13	%%ETCDIR%%/action.d/badips.py
14	%%ETCDIR%%/action.d/blocklist_de.conf
15	%%ETCDIR%%/action.d/bsd-ipfw.conf
16	%%ETCDIR%%/action.d/cloudflare.conf
17	%%ETCDIR%%/action.d/complain.conf
18	%%ETCDIR%%/action.d/dshield.conf
19	%%ETCDIR%%/action.d/dummy.conf
20	%%ETCDIR%%/action.d/firewallcmd-allports.conf
21	%%ETCDIR%%/action.d/firewallcmd-ipset.conf
22	%%ETCDIR%%/action.d/firewallcmd-multiport.conf
23	%%ETCDIR%%/action.d/firewallcmd-new.conf
24	%%ETCDIR%%/action.d/hostsdeny.conf
25	%%ETCDIR%%/action.d/ipfilter.conf
26	%%ETCDIR%%/action.d/ipfw.conf
27	%%ETCDIR%%/action.d/iptables-allports.conf
28	%%ETCDIR%%/action.d/iptables-common.conf
29	%%ETCDIR%%/action.d/iptables-ipset-proto4.conf
30	%%ETCDIR%%/action.d/iptables-ipset-proto6-allports.conf
31	%%ETCDIR%%/action.d/iptables-ipset-proto6.conf
32	%%ETCDIR%%/action.d/iptables-multiport-log.conf
33	%%ETCDIR%%/action.d/iptables-multiport.conf
34	%%ETCDIR%%/action.d/iptables-new.conf
35	%%ETCDIR%%/action.d/iptables-xt_recent-echo.conf
36	%%ETCDIR%%/action.d/iptables.conf
37	%%ETCDIR%%/action.d/mail-buffered.conf
38	%%ETCDIR%%/action.d/mail-whois-common.conf
39	%%ETCDIR%%/action.d/mail-whois-lines.conf
40	%%ETCDIR%%/action.d/mail-whois.conf
41	%%ETCDIR%%/action.d/mail.conf
42	%%ETCDIR%%/action.d/mynetwatchman.conf
43	%%ETCDIR%%/action.d/nsupdate.conf
44	%%ETCDIR%%/action.d/osx-afctl.conf
45	%%ETCDIR%%/action.d/osx-ipfw.conf
46	%%ETCDIR%%/action.d/pf.conf
47	%%ETCDIR%%/action.d/route.conf
48	%%ETCDIR%%/action.d/sendmail-buffered.conf
49	%%ETCDIR%%/action.d/sendmail-common.conf
50	%%ETCDIR%%/action.d/sendmail-geoip-lines.conf
51	%%ETCDIR%%/action.d/sendmail-whois-ipjailmatches.conf
52	%%ETCDIR%%/action.d/sendmail-whois-ipmatches.conf
53	%%ETCDIR%%/action.d/sendmail-whois-lines.conf
54	%%ETCDIR%%/action.d/sendmail-whois-matches.conf
55	%%ETCDIR%%/action.d/sendmail-whois.conf
56	%%ETCDIR%%/action.d/sendmail.conf
57	%%ETCDIR%%/action.d/shorewall.conf
58	%%ETCDIR%%/action.d/shorewall-ipset-proto6.conf
59	%%ETCDIR%%/action.d/smtp.py
60	%%ETCDIR%%/action.d/symbiosis-blacklist-allports.conf
61	%%ETCDIR%%/action.d/ufw.conf
62	%%ETCDIR%%/action.d/xarf-login-attack.conf
63	%%ETCDIR%%/filter.d/3proxy.conf
64	%%ETCDIR%%/filter.d/apache-auth.conf
65	%%ETCDIR%%/filter.d/apache-badbots.conf
66	%%ETCDIR%%/filter.d/apache-botsearch.conf
67	%%ETCDIR%%/filter.d/apache-common.conf
68	%%ETCDIR%%/filter.d/apache-fakegooglebot.conf
69	%%ETCDIR%%/filter.d/apache-modsecurity.conf
70	%%ETCDIR%%/filter.d/apache-nohome.conf
71	%%ETCDIR%%/filter.d/apache-noscript.conf
72	%%ETCDIR%%/filter.d/apache-overflows.conf
73	%%ETCDIR%%/filter.d/apache-pass.conf
74	%%ETCDIR%%/filter.d/apache-shellshock.conf
75	%%ETCDIR%%/filter.d/assp.conf
76	%%ETCDIR%%/filter.d/asterisk.conf
77	%%ETCDIR%%/filter.d/botsearch-common.conf
78	%%ETCDIR%%/filter.d/bsd-sendmail.conf
79	%%ETCDIR%%/filter.d/bsd-sshd.conf
80	%%ETCDIR%%/filter.d/bsdftp.conf
81	%%ETCDIR%%/filter.d/common.conf
82	%%ETCDIR%%/filter.d/counter-strike.conf
83	%%ETCDIR%%/filter.d/courier-auth.conf
84	%%ETCDIR%%/filter.d/courier-smtp.conf
85	%%ETCDIR%%/filter.d/cyrus-imap.conf
86	%%ETCDIR%%/filter.d/directadmin.conf
87	%%ETCDIR%%/filter.d/dovecot.conf
88	%%ETCDIR%%/filter.d/dropbear.conf
89	%%ETCDIR%%/filter.d/drupal-auth.conf
90	%%ETCDIR%%/filter.d/ejabberd-auth.conf
91	%%ETCDIR%%/filter.d/exim-common.conf
92	%%ETCDIR%%/filter.d/exim-spam.conf
93	%%ETCDIR%%/filter.d/exim.conf
94	%%ETCDIR%%/filter.d/freeswitch.conf
95	%%ETCDIR%%/filter.d/froxlor-auth.conf
96	%%ETCDIR%%/filter.d/groupoffice.conf
97	%%ETCDIR%%/filter.d/gssftpd.conf
98	%%ETCDIR%%/filter.d/guacamole.conf
99	%%ETCDIR%%/filter.d/horde.conf
100	%%ETCDIR%%/filter.d/kerio.conf
101	%%ETCDIR%%/filter.d/lighttpd-auth.conf
102	%%ETCDIR%%/filter.d/monit.conf
103	%%ETCDIR%%/filter.d/mysqld-auth.conf
104	%%ETCDIR%%/filter.d/nagios.conf
105	%%ETCDIR%%/filter.d/named-refused.conf
106	%%ETCDIR%%/filter.d/nginx-botsearch.conf
107	%%ETCDIR%%/filter.d/nginx-http-auth.conf
108	%%ETCDIR%%/filter.d/nsd.conf
109	%%ETCDIR%%/filter.d/openwebmail.conf
110	%%ETCDIR%%/filter.d/oracleims.conf
111	%%ETCDIR%%/filter.d/pam-generic.conf
112	%%ETCDIR%%/filter.d/perdition.conf
113	%%ETCDIR%%/filter.d/php-url-fopen.conf
114	%%ETCDIR%%/filter.d/portsentry.conf
115	%%ETCDIR%%/filter.d/postfix.conf
116	%%ETCDIR%%/filter.d/postfix-sasl.conf
117	%%ETCDIR%%/filter.d/postfix-rbl.conf
118	%%ETCDIR%%/filter.d/proftpd.conf
119	%%ETCDIR%%/filter.d/pure-ftpd.conf
120	%%ETCDIR%%/filter.d/qmail.conf
121	%%ETCDIR%%/filter.d/recidive.conf
122	%%ETCDIR%%/filter.d/roundcube-auth.conf
123	%%ETCDIR%%/filter.d/selinux-common.conf
124	%%ETCDIR%%/filter.d/selinux-ssh.conf
125	%%ETCDIR%%/filter.d/sendmail-auth.conf
126	%%ETCDIR%%/filter.d/sendmail-reject.conf
127	%%ETCDIR%%/filter.d/sieve.conf
128	%%ETCDIR%%/filter.d/sogo-auth.conf
129	%%ETCDIR%%/filter.d/solid-pop3d.conf
130	%%ETCDIR%%/filter.d/squid.conf
131	%%ETCDIR%%/filter.d/squirrelmail.conf
132	%%ETCDIR%%/filter.d/sshd-ddos.conf
133	%%ETCDIR%%/filter.d/sshd.conf
134	%%ETCDIR%%/filter.d/stunnel.conf
135	%%ETCDIR%%/filter.d/suhosin.conf
136	%%ETCDIR%%/filter.d/tine20.conf
137	%%ETCDIR%%/filter.d/uwimap-auth.conf
138	%%ETCDIR%%/filter.d/vsftpd.conf
139	%%ETCDIR%%/filter.d/webmin-auth.conf
140	%%ETCDIR%%/filter.d/wuftpd.conf
141	%%ETCDIR%%/filter.d/xinetd-fail.conf
142	%%ETCDIR%%/filter.d/ignorecommands/apache-fakegooglebot
143	%%PYTHON_SITELIBDIR%%/fail2ban/__init__.py
144	%%PYTHON_SITELIBDIR%%/fail2ban/__init__.pyc
145	%%PYTHON_SITELIBDIR%%/fail2ban/exceptions.py
146	%%PYTHON_SITELIBDIR%%/fail2ban/exceptions.pyc
147	%%PYTHON_SITELIBDIR%%/fail2ban/helpers.py
148	%%PYTHON_SITELIBDIR%%/fail2ban/helpers.pyc
149	%%PYTHON_SITELIBDIR%%/fail2ban/protocol.py
150	%%PYTHON_SITELIBDIR%%/fail2ban/protocol.pyc
151	%%PYTHON_SITELIBDIR%%/fail2ban/version.py
152	%%PYTHON_SITELIBDIR%%/fail2ban/version.pyc
153	%%PYTHON_SITELIBDIR%%/fail2ban/client/__init__.py
154	%%PYTHON_SITELIBDIR%%/fail2ban/client/__init__.pyc
155	%%PYTHON_SITELIBDIR%%/fail2ban/client/actionreader.py
156	%%PYTHON_SITELIBDIR%%/fail2ban/client/actionreader.pyc
157	%%PYTHON_SITELIBDIR%%/fail2ban/client/beautifier.py
158	%%PYTHON_SITELIBDIR%%/fail2ban/client/beautifier.pyc
159	%%PYTHON_SITELIBDIR%%/fail2ban/client/configparserinc.py
160	%%PYTHON_SITELIBDIR%%/fail2ban/client/configparserinc.pyc
161	%%PYTHON_SITELIBDIR%%/fail2ban/client/configreader.py
162	%%PYTHON_SITELIBDIR%%/fail2ban/client/configreader.pyc
163	%%PYTHON_SITELIBDIR%%/fail2ban/client/configurator.py
164	%%PYTHON_SITELIBDIR%%/fail2ban/client/configurator.pyc
165	%%PYTHON_SITELIBDIR%%/fail2ban/client/csocket.py
166	%%PYTHON_SITELIBDIR%%/fail2ban/client/csocket.pyc
167	%%PYTHON_SITELIBDIR%%/fail2ban/client/fail2banreader.py
168	%%PYTHON_SITELIBDIR%%/fail2ban/client/fail2banreader.pyc
169	%%PYTHON_SITELIBDIR%%/fail2ban/client/filterreader.py
170	%%PYTHON_SITELIBDIR%%/fail2ban/client/filterreader.pyc
171	%%PYTHON_SITELIBDIR%%/fail2ban/client/jailreader.py
172	%%PYTHON_SITELIBDIR%%/fail2ban/client/jailreader.pyc
173	%%PYTHON_SITELIBDIR%%/fail2ban/client/jailsreader.py
174	%%PYTHON_SITELIBDIR%%/fail2ban/client/jailsreader.pyc
175	%%PYTHON_SITELIBDIR%%/fail2ban/server/__init__.py
176	%%PYTHON_SITELIBDIR%%/fail2ban/server/__init__.pyc
177	%%PYTHON_SITELIBDIR%%/fail2ban/server/action.py
178	%%PYTHON_SITELIBDIR%%/fail2ban/server/action.pyc
179	%%PYTHON_SITELIBDIR%%/fail2ban/server/actions.py
180	%%PYTHON_SITELIBDIR%%/fail2ban/server/actions.pyc
181	%%PYTHON_SITELIBDIR%%/fail2ban/server/asyncserver.py
182	%%PYTHON_SITELIBDIR%%/fail2ban/server/asyncserver.pyc
183	%%PYTHON_SITELIBDIR%%/fail2ban/server/banmanager.py
184	%%PYTHON_SITELIBDIR%%/fail2ban/server/banmanager.pyc
185	%%PYTHON_SITELIBDIR%%/fail2ban/server/database.py
186	%%PYTHON_SITELIBDIR%%/fail2ban/server/database.pyc
187	%%PYTHON_SITELIBDIR%%/fail2ban/server/datedetector.py
188	%%PYTHON_SITELIBDIR%%/fail2ban/server/datedetector.pyc
189	%%PYTHON_SITELIBDIR%%/fail2ban/server/datetemplate.py
190	%%PYTHON_SITELIBDIR%%/fail2ban/server/datetemplate.pyc
191	%%PYTHON_SITELIBDIR%%/fail2ban/server/faildata.py
192	%%PYTHON_SITELIBDIR%%/fail2ban/server/faildata.pyc
193	%%PYTHON_SITELIBDIR%%/fail2ban/server/failmanager.py
194	%%PYTHON_SITELIBDIR%%/fail2ban/server/failmanager.pyc
195	%%PYTHON_SITELIBDIR%%/fail2ban/server/failregex.py
196	%%PYTHON_SITELIBDIR%%/fail2ban/server/failregex.pyc
197	%%PYTHON_SITELIBDIR%%/fail2ban/server/filter.py
198	%%PYTHON_SITELIBDIR%%/fail2ban/server/filter.pyc
199	%%PYTHON_SITELIBDIR%%/fail2ban/server/filtergamin.py
200	%%PYTHON_SITELIBDIR%%/fail2ban/server/filtergamin.pyc
201	%%PYTHON_SITELIBDIR%%/fail2ban/server/filterpoll.py
202	%%PYTHON_SITELIBDIR%%/fail2ban/server/filterpoll.pyc
203	%%PYTHON_SITELIBDIR%%/fail2ban/server/filterpyinotify.py
204	%%PYTHON_SITELIBDIR%%/fail2ban/server/filterpyinotify.pyc
205	%%PYTHON_SITELIBDIR%%/fail2ban/server/filtersystemd.py
206	%%PYTHON_SITELIBDIR%%/fail2ban/server/filtersystemd.pyc
207	%%PYTHON_SITELIBDIR%%/fail2ban/server/jail.py
208	%%PYTHON_SITELIBDIR%%/fail2ban/server/jail.pyc
209	%%PYTHON_SITELIBDIR%%/fail2ban/server/jails.py
210	%%PYTHON_SITELIBDIR%%/fail2ban/server/jails.pyc
211	%%PYTHON_SITELIBDIR%%/fail2ban/server/jailthread.py
212	%%PYTHON_SITELIBDIR%%/fail2ban/server/jailthread.pyc
213	%%PYTHON_SITELIBDIR%%/fail2ban/server/mytime.py
214	%%PYTHON_SITELIBDIR%%/fail2ban/server/mytime.pyc
215	%%PYTHON_SITELIBDIR%%/fail2ban/server/server.py
216	%%PYTHON_SITELIBDIR%%/fail2ban/server/server.pyc
217	%%PYTHON_SITELIBDIR%%/fail2ban/server/strptime.py
218	%%PYTHON_SITELIBDIR%%/fail2ban/server/strptime.pyc
219	%%PYTHON_SITELIBDIR%%/fail2ban/server/ticket.py
220	%%PYTHON_SITELIBDIR%%/fail2ban/server/ticket.pyc
221	%%PYTHON_SITELIBDIR%%/fail2ban/server/transmitter.py
222	%%PYTHON_SITELIBDIR%%/fail2ban/server/transmitter.pyc
223	man/man1/fail2ban-client.1.gz	1	man/man1/fail2ban-client.1.gz
224	man/man1/fail2ban-regex.1.gz	2	man/man1/fail2ban-regex.1.gz
225	man/man1/fail2ban-server.1.gz	3	man/man1/fail2ban-server.1.gz
226	man/man1/fail2ban.1.gz	4	man/man1/fail2ban.1.gz
227	man/man5/fail2ban-jail.conf.5.gz	5	man/man5/fail2ban-jail.conf.5.gz
228	@dir %%PYTHON_SITELIBDIR%%/fail2ban/server	6	@dir %%ETCDIR%%/fail2ban.d
229	@dir %%PYTHON_SITELIBDIR%%/fail2ban/client
230	@dir %%PYTHON_SITELIBDIR%%/fail2ban
231	@dir %%ETCDIR%%/jail.d	7	@dir %%ETCDIR%%/jail.d
232	@dir %%ETCDIR%%/filter.d/ignorecommands
233	@dir %%ETCDIR%%/filter.d
234	@dir %%ETCDIR%%/fail2ban.d
235	@dir %%ETCDIR%%/action.d
236	@dir %%ETCDIR%%
237	@dir /var/run/fail2ban
238	@dir /var/db/fail2ban	8	@dir /var/db/fail2ban
239	@dir /var/lib/fail2ban	9	@dir /var/lib/fail2ban
240	@dir /var/lib	10	@dir /var/lib
		11	@dir /var/run/fail2ban
		12