Attachment #255251 for bug #282821




PORTNAME=	bruteblock
PORTVERSION=	0.0.6
DISTVERSIONPREFIX=	v
CATEGORIES=	security
MASTER_SITES=	https://samm.kiev.ua/bruteblock/

MAINTAINER=	amdmi3@FreeBSD.org
COMMENT=	Software for blocking bruteforce attacks with ipfw

LICENSE=	BSD3CLAUSE
LICENSE_FILE=	${WRKSRC}/doc/LICENSE

LIB_DEPENDS=	libpcre2-8.so:devel/pcre2

SUB_FILES=	pkg-message

USE_RC_SUBR=	bruteblockd
USE_GITHUB=		yes
GH_ACCOUNT=		samm-git

CONFDIR=	${PREFIX}/etc/${PORTNAME}


Lines 1-2 Link Here

(-)b/security/bruteblock/distinfo (-2 / +3 lines)
1	SHA256 (bruteblock-0.0.5.tar.gz) = 7c7ef533b27be1d72e43a7fa6828896124a4f22808f2a0ecca2e587e1563e253	1	TIMESTAMP = 1731881673
2	SIZE (bruteblock-0.0.5.tar.gz) = 24971	2	SHA256 (samm-git-bruteblock-v0.0.6_GH0.tar.gz) = f13df4444c9686ff109e1fadaa62e95608630c0284e57bcad27f0528e3bcf51a
		3	SIZE (samm-git-bruteblock-v0.0.6_GH0.tar.gz) = 24665

Removed Link Here

(-)a/security/bruteblock/files/patch-Makefile (-11 lines)
1	--- Makefile.orig 2006-08-20 10:22:37.000000000 +0400
2	+++ Makefile 2009-03-24 22:12:58.000000000 +0300
3	@@ -18,7 +18,7 @@
4	bruteblock: $(BRUTEBLOCK_OBJS) iniparse/libiniparser.a
5	$(CC) $(LDFLAGS) -o $@ $(BRUTEBLOCK_OBJS) $(EXTRA_LIBS)
6
7	-bruteblockd: $(BRUTEBLOCKD_OBJS) pidfile.h
8	+bruteblockd: $(BRUTEBLOCKD_OBJS) iniparse/libiniparser.a pidfile.h
9	$(CC) $(LDFLAGS) -o $@ $(BRUTEBLOCKD_OBJS) $(EXTRA_LIBS)
10
11	clean:




--- bruteblock.c.orig	2006-08-20 08:22:37.000000000 +0200
+++ bruteblock.c	2014-10-15 16:19:19.000000000 +0200
@@ -99,7 +99,7 @@
 				snprintf(table, sizeof(table), "%d", ipfw2_table_no);
 				argv[1] = table;
 				argv[2] = command;
-				snprintf(utime, sizeof(utime), "%d",
-				time(NULL) + reset_ip);
+				snprintf(utime, sizeof(utime), "%lld",
+				(long long)(time(NULL) + reset_ip));
 				argv[4] = utime;
 				argv[3] = host;




--- etc/ssh.conf.orig	2006-08-20 10:22:37.000000000 +0400
+++ etc/ssh.conf	2009-10-14 03:46:53.000000000 +0400
@@ -14,8 +14,17 @@
 # comment: correct user, but wrong password
 #sshd[72626]: Failed password for samm from 1.2.3.4
 #
-regexp		= sshd.*Illegal user \S+ from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
-regexp1 	= sshd.*Failed password for (?:illegal user )?\S+ from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
+# comment: other messages
+#sshd[41945]: error: PAM: authentication error for alice from 192.168.0.1
+#sshd[41945]: error: PAM: authentication error for illegal user root from 192.168.0.1
+#sshd[41945]: Failed keyboard-interactive/pam for invalid user root from 192.168.0.1 port 64507 ssh2
+#sshd[16666]: Failed unknown for illegal user asdfasdfasd from 192.168.0.1 port 52652 ssh2
+#sshd[16666]: Did not receive identification string from 192.168.0.1
+#
+regexp		= sshd.*(?:Illegal|Invalid) user \S+ from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
+regexp1 	= sshd.*Failed \S+ for (?:(?:illegal|invalid) user )?\S+ from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
+regexp2         = sshd.*error: PAM: authentication error for (?:(?:illegal|invalid) user )?\S+ from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
+regexp3         = sshd.*Did not receive identification string from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
 
 # Number of failed login attempts within time before we block
 max_count       = 4

Return to bug 282821

Lines 1-8 Link Here

(-)b/security/bruteblock/Makefile (-4 / +5 lines)
1	PORTNAME= bruteblock	1	PORTNAME= bruteblock
2	PORTVERSION= 0.0.5	2	PORTVERSION= 0.0.6
3	PORTREVISION= 11	3	DISTVERSIONPREFIX= v
4	CATEGORIES= security	4	CATEGORIES= security
5	MASTER_SITES= https://samm.kiev.ua/bruteblock/
6		5
7	MAINTAINER= amdmi3@FreeBSD.org	6	MAINTAINER= amdmi3@FreeBSD.org
8	COMMENT= Software for blocking bruteforce attacks with ipfw	7	COMMENT= Software for blocking bruteforce attacks with ipfw
Lines 11-21 WWW= https://samm.kiev.ua/bruteblock/ Link Here
11	LICENSE= BSD3CLAUSE	10	LICENSE= BSD3CLAUSE
12	LICENSE_FILE= ${WRKSRC}/doc/LICENSE	11	LICENSE_FILE= ${WRKSRC}/doc/LICENSE
13		12
14	LIB_DEPENDS= libpcre.so:devel/pcre	13	LIB_DEPENDS= libpcre2-8.so:devel/pcre2
15		14
16	SUB_FILES= pkg-message	15	SUB_FILES= pkg-message
17		16
18	USE_RC_SUBR= bruteblockd	17	USE_RC_SUBR= bruteblockd
		18	USE_GITHUB= yes
		19	GH_ACCOUNT= samm-git
19		20
20	CONFDIR= ${PREFIX}/etc/${PORTNAME}	21	CONFDIR= ${PREFIX}/etc/${PORTNAME}
21		22

Removed Link Here

(-)a/security/bruteblock/files/patch-bruteblock.c (-12 lines)
1	--- bruteblock.c.orig 2006-08-20 08:22:37.000000000 +0200
2	+++ bruteblock.c 2014-10-15 16:19:19.000000000 +0200
3	@@ -99,7 +99,7 @@
4	snprintf(table, sizeof(table), "%d", ipfw2_table_no);
5	argv[1] = table;
6	argv[2] = command;
7	- snprintf(utime, sizeof(utime), "%d",
8	- time(NULL) + reset_ip);
9	+ snprintf(utime, sizeof(utime), "%lld",
10	+ (long long)(time(NULL) + reset_ip));
11	argv[4] = utime;
12	argv[3] = host;

Removed Link Here

(-)a/security/bruteblock/files/patch-etc-ssh.conf (-22 lines)
1	--- etc/ssh.conf.orig 2006-08-20 10:22:37.000000000 +0400
2	+++ etc/ssh.conf 2009-10-14 03:46:53.000000000 +0400
3	@@ -14,8 +14,17 @@
4	# comment: correct user, but wrong password
5	#sshd[72626]: Failed password for samm from 1.2.3.4
6	#
7	-regexp = sshd.*Illegal user \S+ from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
8	-regexp1 = sshd.*Failed password for (?:illegal user )?\S+ from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
9	+# comment: other messages
10	+#sshd[41945]: error: PAM: authentication error for alice from 192.168.0.1
11	+#sshd[41945]: error: PAM: authentication error for illegal user root from 192.168.0.1
12	+#sshd[41945]: Failed keyboard-interactive/pam for invalid user root from 192.168.0.1 port 64507 ssh2
13	+#sshd[16666]: Failed unknown for illegal user asdfasdfasd from 192.168.0.1 port 52652 ssh2
14	+#sshd[16666]: Did not receive identification string from 192.168.0.1
15	+#
16	+regexp = sshd.*(?:Illegal\|Invalid) user \S+ from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
17	+regexp1 = sshd.*Failed \S+ for (?:(?:illegal\|invalid) user )?\S+ from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
18	+regexp2 = sshd.*error: PAM: authentication error for (?:(?:illegal\|invalid) user )?\S+ from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
19	+regexp3 = sshd.*Did not receive identification string from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
20
21	# Number of failed login attempts within time before we block
22	max_count = 4