Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log

and bans IP that makes too many password failures. It updates
firewall rules to reject the IP address.

WWW: http://www.fail2ban.org/wiki/index.php/Main_Page

5 files changed, 163 insertions, 0 deletions

diff --git a/security/Makefile b/security/Makefile
index 158998bb8ecf..f18ed9757fe3 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -635,6 +635,7 @@
     SUBDIR += py-clamav
     SUBDIR += py-crack
     SUBDIR += py-cryptkit
+    SUBDIR += py-fail2ban
     SUBDIR += py-fchksum
     SUBDIR += py-gnupg
     SUBDIR += py-gnutls
diff --git a/security/py-fail2ban/Makefile b/security/py-fail2ban/Makefile
new file mode 100644
index 000000000000..a662d80884eb
--- /dev/null
+++ b/security/py-fail2ban/Makefile
@@ -0,0 +1,35 @@
+# New ports collection makefile for:	fail2ban
+# Date created:				13 January 2009
+# Whom:					    Philip M. Gollucci <pgollucci@p6m7g8.com>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	fail2ban
+PORTVERSION=	0.8.3
+CATEGORIES=	security python
+MASTER_SITES=	SF
+PKGNAMEPREFIX=  ${PYTHON_PKGNAMEPREFIX}
+
+MAINTAINER=	pgollucci@FreeBSD.org
+COMMENT=	 scans log files and bans IP that makes too many password failures. 
+
+USE_BZIP2=	yes
+
+USE_PYTHON=	yes
+USE_PYDISTUTILS=	yes
+
+PYDISTUTILS_INSTALLARGS+=	--install-purelib=${PYTHON_SITELIBDIR} \
+							--install-data=${ETCDIR} 
+
+FILES=	${WRKSRC}/fail2ban-regex \
+		${WRKSRC}/man/fail2ban-client.1 \
+		${WRKSRC}/man/fail2ban-client.h2m \
+		${WRKSRC}/setup.py \
+		${WRKSRC}/client/configreader.py \
+		${WRKSRC}/fail2ban-client
+
+post-patch:
+	@${ECHO_CMD} ${FILES} | ${XARGS} ${REINPLACE_CMD} -e 's,/etc/fail2ban,${ETCDIR},g'
+
+.include <bsd.port.mk>
diff --git a/security/py-fail2ban/distinfo b/security/py-fail2ban/distinfo
new file mode 100644
index 000000000000..4268236b40e2
--- /dev/null
+++ b/security/py-fail2ban/distinfo
@@ -0,0 +1,3 @@
+MD5 (fail2ban-0.8.3.tar.bz2) = b438d7e2ce77a469fb0cca2a5cc0b81c
+SHA256 (fail2ban-0.8.3.tar.bz2) = b32fd9ee849bf36d23685a91d1d96f29a2fa383069d7d789e4956c9268dca5cd
+SIZE (fail2ban-0.8.3.tar.bz2) = 64028
diff --git a/security/py-fail2ban/pkg-descr b/security/py-fail2ban/pkg-descr
new file mode 100644
index 000000000000..22c794b1decb
--- /dev/null
+++ b/security/py-fail2ban/pkg-descr
@@ -0,0 +1,5 @@
+Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log 
+and bans IP that makes too many password failures. It updates 
+firewall rules to reject the IP address. 
+
+WWW: http://www.fail2ban.org/wiki/index.php/Main_Page
diff --git a/security/py-fail2ban/pkg-plist b/security/py-fail2ban/pkg-plist
new file mode 100644
index 000000000000..03b66c11c33f
--- /dev/null
+++ b/security/py-fail2ban/pkg-plist
@@ -0,0 +1,119 @@
+bin/fail2ban-client
+bin/fail2ban-server
+bin/fail2ban-regex
+%%PYTHON_SITELIBDIR%%/common/protocol.py
+%%PYTHON_SITELIBDIR%%/common/version.py
+%%PYTHON_SITELIBDIR%%/common/__init__.py
+%%PYTHON_SITELIBDIR%%/client/fail2banreader.py
+%%PYTHON_SITELIBDIR%%/client/beautifier.py
+%%PYTHON_SITELIBDIR%%/client/configparserinc.py
+%%PYTHON_SITELIBDIR%%/client/configurator.py
+%%PYTHON_SITELIBDIR%%/client/configreader.py
+%%PYTHON_SITELIBDIR%%/client/actionreader.py
+%%PYTHON_SITELIBDIR%%/client/csocket.py
+%%PYTHON_SITELIBDIR%%/client/jailsreader.py
+%%PYTHON_SITELIBDIR%%/client/__init__.py
+%%PYTHON_SITELIBDIR%%/client/filterreader.py
+%%PYTHON_SITELIBDIR%%/client/jailreader.py
+%%PYTHON_SITELIBDIR%%/server/jail.py
+%%PYTHON_SITELIBDIR%%/server/failmanager.py
+%%PYTHON_SITELIBDIR%%/server/actions.py
+%%PYTHON_SITELIBDIR%%/server/filtergamin.py
+%%PYTHON_SITELIBDIR%%/server/iso8601.py
+%%PYTHON_SITELIBDIR%%/server/banmanager.py
+%%PYTHON_SITELIBDIR%%/server/jailthread.py
+%%PYTHON_SITELIBDIR%%/server/mytime.py
+%%PYTHON_SITELIBDIR%%/server/jails.py
+%%PYTHON_SITELIBDIR%%/server/datetemplate.py
+%%PYTHON_SITELIBDIR%%/server/failregex.py
+%%PYTHON_SITELIBDIR%%/server/server.py
+%%PYTHON_SITELIBDIR%%/server/ticket.py
+%%PYTHON_SITELIBDIR%%/server/filter.py
+%%PYTHON_SITELIBDIR%%/server/asyncserver.py
+%%PYTHON_SITELIBDIR%%/server/transmitter.py
+%%PYTHON_SITELIBDIR%%/server/action.py
+%%PYTHON_SITELIBDIR%%/server/__init__.py
+%%PYTHON_SITELIBDIR%%/server/filterpoll.py
+%%PYTHON_SITELIBDIR%%/server/datedetector.py
+%%PYTHON_SITELIBDIR%%/server/faildata.py
+%%PYTHON_SITELIBDIR%%/common/protocol.pyc
+%%PYTHON_SITELIBDIR%%/common/version.pyc
+%%PYTHON_SITELIBDIR%%/common/__init__.pyc
+%%PYTHON_SITELIBDIR%%/client/fail2banreader.pyc
+%%PYTHON_SITELIBDIR%%/client/beautifier.pyc
+%%PYTHON_SITELIBDIR%%/client/configparserinc.pyc
+%%PYTHON_SITELIBDIR%%/client/configurator.pyc
+%%PYTHON_SITELIBDIR%%/client/configreader.pyc
+%%PYTHON_SITELIBDIR%%/client/actionreader.pyc
+%%PYTHON_SITELIBDIR%%/client/csocket.pyc
+%%PYTHON_SITELIBDIR%%/client/jailsreader.pyc
+%%PYTHON_SITELIBDIR%%/client/__init__.pyc
+%%PYTHON_SITELIBDIR%%/client/filterreader.pyc
+%%PYTHON_SITELIBDIR%%/client/jailreader.pyc
+%%PYTHON_SITELIBDIR%%/server/jail.pyc
+%%PYTHON_SITELIBDIR%%/server/failmanager.pyc
+%%PYTHON_SITELIBDIR%%/server/actions.pyc
+%%PYTHON_SITELIBDIR%%/server/filtergamin.pyc
+%%PYTHON_SITELIBDIR%%/server/iso8601.pyc
+%%PYTHON_SITELIBDIR%%/server/banmanager.pyc
+%%PYTHON_SITELIBDIR%%/server/jailthread.pyc
+%%PYTHON_SITELIBDIR%%/server/mytime.pyc
+%%PYTHON_SITELIBDIR%%/server/jails.pyc
+%%PYTHON_SITELIBDIR%%/server/datetemplate.pyc
+%%PYTHON_SITELIBDIR%%/server/failregex.pyc
+%%PYTHON_SITELIBDIR%%/server/server.pyc
+%%PYTHON_SITELIBDIR%%/server/ticket.pyc
+%%PYTHON_SITELIBDIR%%/server/filter.pyc
+%%PYTHON_SITELIBDIR%%/server/asyncserver.pyc
+%%PYTHON_SITELIBDIR%%/server/transmitter.pyc
+%%PYTHON_SITELIBDIR%%/server/action.pyc
+%%PYTHON_SITELIBDIR%%/server/__init__.pyc
+%%PYTHON_SITELIBDIR%%/server/filterpoll.pyc
+%%PYTHON_SITELIBDIR%%/server/datedetector.pyc
+%%PYTHON_SITELIBDIR%%/server/faildata.pyc
+%%ETCDIR%%/fail2ban.conf
+%%ETCDIR%%/jail.conf
+%%ETCDIR%%/filter.d/vsftpd.conf
+%%ETCDIR%%/filter.d/gssftpd.conf
+%%ETCDIR%%/filter.d/proftpd.conf
+%%ETCDIR%%/filter.d/exim.conf
+%%ETCDIR%%/filter.d/apache-auth.conf
+%%ETCDIR%%/filter.d/sshd.conf
+%%ETCDIR%%/filter.d/wuftpd.conf
+%%ETCDIR%%/filter.d/pure-ftpd.conf
+%%ETCDIR%%/filter.d/apache-badbots.conf
+%%ETCDIR%%/filter.d/apache-overflows.conf
+%%ETCDIR%%/filter.d/common.conf
+%%ETCDIR%%/filter.d/couriersmtp.conf
+%%ETCDIR%%/filter.d/sshd-ddos.conf
+%%ETCDIR%%/filter.d/sasl.conf
+%%ETCDIR%%/filter.d/named-refused.conf
+%%ETCDIR%%/filter.d/postfix.conf
+%%ETCDIR%%/filter.d/qmail.conf
+%%ETCDIR%%/filter.d/apache-noscript.conf
+%%ETCDIR%%/filter.d/pam-generic.conf
+%%ETCDIR%%/filter.d/xinetd-fail.conf
+%%ETCDIR%%/filter.d/webmin-auth.conf
+%%ETCDIR%%/filter.d/courierlogin.conf
+%%ETCDIR%%/action.d/iptables-multiport-log.conf
+%%ETCDIR%%/action.d/mail.conf
+%%ETCDIR%%/action.d/iptables-allports.conf
+%%ETCDIR%%/action.d/mail-whois.conf
+%%ETCDIR%%/action.d/iptables-new.conf
+%%ETCDIR%%/action.d/ipfw.conf
+%%ETCDIR%%/action.d/iptables-multiport.conf
+%%ETCDIR%%/action.d/mail-buffered.conf
+%%ETCDIR%%/action.d/mail-whois-lines.conf
+%%ETCDIR%%/action.d/sendmail-whois-lines.conf
+%%ETCDIR%%/action.d/shorewall.conf
+%%ETCDIR%%/action.d/sendmail-buffered.conf
+%%ETCDIR%%/action.d/sendmail.conf
+%%ETCDIR%%/action.d/hostsdeny.conf
+%%ETCDIR%%/action.d/iptables.conf
+%%ETCDIR%%/action.d/sendmail-whois.conf
+@dirrm %%ETCDIR%%/filter.d
+@dirrm %%ETCDIR%%/action.d
+@dirrm %%ETCDIR%%
+@dirrm %%PYTHON_SITELIBDIR%%/client
+@dirrm %%PYTHON_SITELIBDIR%%/common
+@dirrm %%PYTHON_SITELIBDIR%%/server