diff options
| author | Bernard Spil <brnrd@FreeBSD.org> | 2019-11-03 18:02:20 +0000 |
|---|---|---|
| committer | Bernard Spil <brnrd@FreeBSD.org> | 2019-11-03 18:02:20 +0000 |
| commit | 09cc7a5ffbc250598ea2c3c0c18c1775c8b390e7 (patch) | |
| tree | 991dfc9f19634ebcd6a9fc6bb1de71e22c6f2a39 /net | |
| parent | 831dffcecc9b9d8418d3c09556fb66c65e9d2600 (diff) | |
| download | ports-09cc7a5ffbc250598ea2c3c0c18c1775c8b390e7.tar.gz ports-09cc7a5ffbc250598ea2c3c0c18c1775c8b390e7.zip | |
net/endlessh: New SSH tarpit port
Notes
Notes:
svn path=/head/; revision=516582
Diffstat (limited to 'net')
| -rw-r--r-- | net/Makefile | 1 | ||||
| -rw-r--r-- | net/endlessh/Makefile | 30 | ||||
| -rw-r--r-- | net/endlessh/distinfo | 3 | ||||
| -rw-r--r-- | net/endlessh/files/endlessh.conf.sample | 27 | ||||
| -rw-r--r-- | net/endlessh/files/endlessh.in | 36 | ||||
| -rw-r--r-- | net/endlessh/pkg-descr | 6 | ||||
| -rw-r--r-- | net/endlessh/pkg-message | 21 |
7 files changed, 124 insertions, 0 deletions
diff --git a/net/Makefile b/net/Makefile index bd594e2fbd6c..774bcf6afc2b 100644 --- a/net/Makefile +++ b/net/Makefile @@ -140,6 +140,7 @@ SUBDIR += elixir-kafka_ex SUBDIR += elixir-oauth2 SUBDIR += empty + SUBDIR += endlessh SUBDIR += enet SUBDIR += erlang-ranch SUBDIR += erlang-xmlrpc diff --git a/net/endlessh/Makefile b/net/endlessh/Makefile new file mode 100644 index 000000000000..61a49fe0bc05 --- /dev/null +++ b/net/endlessh/Makefile @@ -0,0 +1,30 @@ +# $FreeBSD$ + +PORTNAME= endlessh +PORTVERSION= 1.0 +CATEGORIES= net + +MAINTAINER= brnrd@FreeBSD.org +COMMENT= SSH tarpit + +LICENSE= UNLICENSE +LICENSE_FILE= ${WRKSRC}/UNLICENSE + +USE_RC_SUBR= endlessh + +USE_GITHUB= yes +GH_ACCOUNT= skeeto + +PLIST_FILES= bin/endlessh \ + man/man1/endlessh.1.gz \ + "@sample ${PREFIX}/etc/endlessh.conf.sample" + +post-patch: + ${REINPLACE_CMD} 's|share/man|man|;s|/usr/local|${PREFIX}|' ${WRKSRC}/Makefile + ${REINPLACE_CMD} 's|/etc/endlessh/config|${PREFIX}/etc/endlessh.conf|' \ + ${WRKSRC}/endlessh.c ${WRKSRC}/endlessh.1 + +post-install: + ${INSTALL_DATA} ${FILESDIR}/endlessh.conf.sample ${STAGEDIR}${PREFIX}/etc/ + +.include <bsd.port.mk> diff --git a/net/endlessh/distinfo b/net/endlessh/distinfo new file mode 100644 index 000000000000..ca3da5949adf --- /dev/null +++ b/net/endlessh/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1567361886 +SHA256 (skeeto-endlessh-1.0_GH0.tar.gz) = 6ae377354fa7547c15fde19ebc5e0dbc4f9f562f28eab3a48c2f36b819d7e524 +SIZE (skeeto-endlessh-1.0_GH0.tar.gz) = 12258 diff --git a/net/endlessh/files/endlessh.conf.sample b/net/endlessh/files/endlessh.conf.sample new file mode 100644 index 000000000000..ff7fb3beebb0 --- /dev/null +++ b/net/endlessh/files/endlessh.conf.sample @@ -0,0 +1,27 @@ +# The port on which to listen for new SSH connections. +# Port 2222 + +# The endless banner is sent one line at a time. This is the delay +# in milliseconds between individual lines. +# Delay 10000 + +# The length of each line is randomized. This controls the maximum +# length of each line. Shorter lines may keep clients on for longer if +# they give up after a certain number of bytes. +# MaxLineLength 32 + +# Maximum number of connections to accept at a time. Connections beyond +# this are not immediately rejected, but will wait in the queue. +# MaxClients 4096 + +# Set the detail level for the log. +# 0 = Quiet +# 1 = Standard, useful log messages +# 2 = Very noisy debugging information +# LogLevel 0 + +# Set the family of the listening socket +# 0 = Use IPv4 Mapped IPv6 (Both v4 and v6, default) +# 4 = Use IPv4 only +# 6 = Use IPv6 only +# BindFamily 0 diff --git a/net/endlessh/files/endlessh.in b/net/endlessh/files/endlessh.in new file mode 100644 index 000000000000..5e5182848c8c --- /dev/null +++ b/net/endlessh/files/endlessh.in @@ -0,0 +1,36 @@ +#!/bin/sh +# +# Author: Bernard Spil <brnrd@FreeBSD.org> +# +# $FreeBSD$ +# + +# PROVIDE: endlessh +# REQUIRE: LOGIN +# KEYWORD: shutdown + +# Add the following lines to /etc/rc.conf to enable endlessh: +# endlessh_enable="YES" +# endlessh_daemonuser="nobody" +# endlessh_config="<config file>" Default %%PREFIX%%/etc/endlessh.conf +# endlessh_logfile"<log file>" Default /var/log/endlessh.log +# endlessh_args="<set as needed>" these override the conf file + +. /etc/rc.subr + +name=endlessh +rcvar=endlessh_enable + +load_rc_config $name + +: ${endlessh_enable:=NO} +: ${endlessh_daemonuser:=nobody} +: ${endlessh_config:=%%PREFIX%%/etc/endlessh.conf} +: ${endlessh_logfile:=/var/log/endlessh.log} + +pidfile=/var/run/endlessh.pid +procname="%%PREFIX%%/bin/endlessh" +command=/usr/sbin/daemon +command_args='-p ${pidfile} -u ${endlessh_daemonuser} -o ${endlessh_logfile} ${procname} -f ${endlessh_config} ${endlessh_args}' + +run_rc_command $1 diff --git a/net/endlessh/pkg-descr b/net/endlessh/pkg-descr new file mode 100644 index 000000000000..e13844ffcf39 --- /dev/null +++ b/net/endlessh/pkg-descr @@ -0,0 +1,6 @@ +Endlessh is an SSH tarpit that very slowly sends an endless, random SSH +banner. It keeps SSH clients locked up for hours or even days at a time. +The purpose is to put your real SSH server on another port and then let the +script kiddies get stuck in this tarpit instead of bothering a real server. + +WWW: https://github.com/skeeto/endlessh diff --git a/net/endlessh/pkg-message b/net/endlessh/pkg-message new file mode 100644 index 000000000000..c34ff0613686 --- /dev/null +++ b/net/endlessh/pkg-message @@ -0,0 +1,21 @@ +[ +{ + type: install + message: <<EOD + +Configure endlessh either via endlessh.conf or using endlessh_args in rc.conf. +The defaults are commented out in endlessh.conf. + +The default configuration only logs starts & stops to /var/log/endlessh.log. +To see the connections set LogLevel 1 in endlessh.conf or add "-v" to +endlessh_args. Sending SIGUSR1 to endlessh (pkill USR1 endlessh) will add +statistics to the /var/log/endlessh.log file + +Neither endlessh nor daemon support rotating the logfile, use periodic or +cron to copy the logfile and truncate it using + + $ echo -n > /var/log/endlessh.log + +EOD +} +] |