# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4 # $Id$ PortSystem 1.0 PortGroup github 1.0 PortGroup python27 1.0 github.setup fail2ban fail2ban 0.8.10 categories security python license GPL-2+ maintainers free.fr:fclaire openmaintainer platforms darwin homepage http://www.fail2ban.org supported_archs noarch description Fail2ban protects computer against brute-force attacks long_description Fail2ban scans log files (e.g. /var/log/apache/error_log) and \ bans IPs that show the malicious signs -- too many password failures, \ seeking for exploits, etc. Generally Fail2Ban then used to update \ firewall rules to reject the IP addresses for a specified amount \ of time, although any arbitrary other action (e.g. sending an email, \ or ejecting CD-ROM tray) could also be configured. Out of the box \ Fail2Ban comes with filters for various services (apache, curier, ssh, etc). checksums rmd160 17f3535a4b92740f5203dfdee874d71d2377e5c9 \ sha256 7bed38372a24e35268d9c9ff5b272f7e88e91074f9bb24d5be5c70196f19e7be set f2bconfdir ${prefix}/etc/${name} set f2bbindir ${prefix}/bin set f2brundir ${prefix}/var/run/${name} set f2bsock ${f2brundir}/${name}.sock set f2bpid ${f2brundir}/${name}.pid python.link_binaries_suffix patchfiles patch-setup.py.diff \ patch-setup.cfg.diff \ patch-fail2ban-client.diff \ patch-fail2ban-regex.diff \ patch-fail2ban-server.diff \ patch-config-fail2ban.conf.diff \ patch-config-jail.conf.diff \ patch-client-csocket.py.diff \ patch-server-server.py.diff post-patch { reinplace "s|@@PREFIX@@|${prefix}|g" ${worksrcpath}/setup.py \ ${worksrcpath}/setup.cfg \ ${worksrcpath}/fail2ban-client \ ${worksrcpath}/fail2ban-regex \ ${worksrcpath}/fail2ban-server \ ${worksrcpath}/client/csocket.py \ ${worksrcpath}/config/fail2ban.conf \ ${worksrcpath}/server/server.py } startupitem.create yes startupitem.start "if \[ -r ${f2bsock} && ! -r ${f2bpid} \]; then rm ${f2bsock}; fi; ${f2bbindir}/${name}-client start" startupitem.stop "${f2bbindir}/${name}-client stop" destroot.keepdirs ${destroot}${f2brundir} post-destroot { # Adding dedicated OSX pf-icefloor action file xinstall -m 644 ${filespath}/pf-icefloor.conf ${destroot}${f2bconfdir}/action.d/ # Adding a suffix to config files set cfgfiles [concat [glob ${destroot}${f2bconfdir}/*.conf] [glob ${destroot}${f2bconfdir}/action.d/*.conf] [glob ${destroot}${f2bconfdir}/filter.d/*.conf]] foreach cfgfile ${cfgfiles} { move ${cfgfile} ${cfgfile}.${version} } } post-activate { # If not already present we put default config files set cfgfiles [concat [glob ${f2bconfdir}/*.conf.${version}] [glob ${f2bconfdir}/action.d/*.conf.${version}] [glob ${f2bconfdir}/filter.d/*.conf.${version}]] foreach cfgfile ${cfgfiles} { regsub "\.${version}" ${cfgfile} {} origcfgfile if {![file exists ${origcfgfile}]} { file copy ${cfgfile} ${origcfgfile} } } } livecheck.url ${github.raw}/master/ChangeLog livecheck.regex "Fail2Ban \\(version (\[0-9\.\]+)\\)"