security/bruteforceblocker: update patterns
- Update patterns to make them match with log messages from recent version of OpenSSH - Remove LICENSE=NONE PR: 234137 Submitted by: Yasuhiro KIMURA <yasu@utahime.org> Approved by: danger (maintainer timeout)
This commit is contained in:
@@ -3,24 +3,24 @@
|
||||
|
||||
PORTNAME= bruteforceblocker
|
||||
PORTVERSION= 1.2.6
|
||||
PORTREVISION= 1
|
||||
CATEGORIES= security
|
||||
|
||||
MAINTAINER= danger@FreeBSD.org
|
||||
COMMENT= Checks for SSH bruteforce and blocks given IPs
|
||||
|
||||
LICENSE= NONE
|
||||
|
||||
RUN_DEPENDS= p5-Unix-Syslog>=0:sysutils/p5-Unix-Syslog \
|
||||
p5-Sys-Hostname-Long>=0:sysutils/p5-Sys-Hostname-Long \
|
||||
p5-libwww>=0:www/p5-libwww \
|
||||
p5-Net-DNS>=0:dns/p5-Net-DNS
|
||||
|
||||
USES= perl5 shebangfix
|
||||
USE_GITHUB= yes
|
||||
GH_ACCOUNT= dgerzo
|
||||
NO_BUILD= yes
|
||||
USES= perl5 shebangfix
|
||||
USE_PERL5= run
|
||||
|
||||
NO_BUILD= yes
|
||||
|
||||
OPTIONS_DEFINE= DOCS
|
||||
|
||||
SUB_FILES= pkg-message
|
||||
|
||||
22
security/bruteforceblocker/files/patch-bruteforceblocker.pl
Normal file
22
security/bruteforceblocker/files/patch-bruteforceblocker.pl
Normal file
@@ -0,0 +1,22 @@
|
||||
--- bruteforceblocker.pl.orig 2018-12-18 11:17:19 UTC
|
||||
+++ bruteforceblocker.pl
|
||||
@@ -79,13 +79,13 @@ my $res = Net::DNS::Resolver->new;
|
||||
while (<>) {
|
||||
if (/.*Failed password.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) port.*/i ||
|
||||
/.*Failed keyboard.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) port.*/i ||
|
||||
- /.*Invalid user.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn})$/i ||
|
||||
- /.*Did not receive identification string from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn})$/i ||
|
||||
- /.*Bad protocol version identification .* from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn})$/i ||
|
||||
+ /.*Invalid user.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) port.*/i ||
|
||||
+ /.*Did not receive identification string from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) port.*/i ||
|
||||
+ /.*Bad protocol version identification .* from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) port.*/i ||
|
||||
/.*User.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) not allowed because.*/i ||
|
||||
- /.*error: maximum authentication attempts exceeded for.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}).*/i ||
|
||||
- /.*error: PAM: authentication error for.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}).*/i ||
|
||||
- /.*fatal: Unable to negotiate with ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}).*/i) {
|
||||
+ /.*error: maximum authentication attempts exceeded for.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) port.*/i ||
|
||||
+ /.*error: PAM: authentication error for.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) port.*/i ||
|
||||
+ /.*Unable to negotiate with ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) port.*/i) {
|
||||
|
||||
my $IP = $1;
|
||||
if ($IP =~ /$work->{fqdn}/i) {
|
||||
Reference in New Issue
Block a user