-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
af3f54c
commit 71af982
Showing
2 changed files
with
104 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,93 @@ | ||
From 2fed408c05ac5206b490368d94599869bd6a056d Mon Sep 17 00:00:00 2001 | ||
From: Fabian Dellwing <fabian.dellwing@mbconnectline.de> | ||
Date: Tue, 2 Jul 2024 07:54:15 +0200 | ||
Subject: [PATCH 1/5] Adjust sshd filter for OpenSSH 9.8 new daemon name | ||
|
||
--- | ||
config/filter.d/sshd.conf | 2 +- | ||
1 file changed, 1 insertion(+), 1 deletion(-) | ||
|
||
diff --git a/config/filter.d/sshd.conf b/config/filter.d/sshd.conf | ||
index 1c8a02deb5..a1fd749aed 100644 | ||
--- a/config/filter.d/sshd.conf | ||
+++ b/config/filter.d/sshd.conf | ||
@@ -16,7 +16,7 @@ before = common.conf | ||
|
||
[DEFAULT] | ||
|
||
-_daemon = sshd | ||
+_daemon = (?:sshd(?:-session)?) | ||
|
||
# optional prefix (logged from several ssh versions) like "error: ", "error: PAM: " or "fatal: " | ||
__pref = (?:(?:error|fatal): (?:PAM: )?)? | ||
|
||
From 7b335f47ea112e2a36e59287582e613aef2fa0a3 Mon Sep 17 00:00:00 2001 | ||
From: "Sergey G. Brester" <serg.brester@sebres.de> | ||
Date: Wed, 3 Jul 2024 19:09:28 +0200 | ||
Subject: [PATCH 2/5] sshd: add test coverage for new format, gh-3782 | ||
|
||
--- | ||
fail2ban/tests/files/logs/sshd | 3 +++ | ||
1 file changed, 3 insertions(+) | ||
|
||
diff --git a/fail2ban/tests/files/logs/sshd b/fail2ban/tests/files/logs/sshd | ||
index ed54ded4d4..7d3948ed80 100644 | ||
--- a/fail2ban/tests/files/logs/sshd | ||
+++ b/fail2ban/tests/files/logs/sshd | ||
@@ -20,6 +20,9 @@ Feb 25 14:34:10 belka sshd[31603]: Failed password for invalid user ROOT from aa | ||
# failJSON: { "time": "2005-02-25T14:34:11", "match": true , "host": "aaaa:bbbb:cccc:1234::1:1" } | ||
Feb 25 14:34:11 belka sshd[31603]: Failed password for invalid user ROOT from aaaa:bbbb:cccc:1234::1:1 | ||
|
||
+# failJSON: { "time": "2005-07-03T14:59:17", "match": true , "host": "192.0.2.1", "desc": "new log with session in daemon prefix, gh-3782" } | ||
+Jul 3 14:59:17 host sshd-session[1571]: Failed password for root from 192.0.2.1 port 56502 ssh2 | ||
+ | ||
#3 | ||
# failJSON: { "time": "2005-01-05T01:31:41", "match": true , "host": "1.2.3.4" } | ||
Jan 5 01:31:41 www sshd[1643]: ROOT LOGIN REFUSED FROM 1.2.3.4 | ||
|
||
From 8360776ce1b119d519a842069c73bec7f5e24fad Mon Sep 17 00:00:00 2001 | ||
From: "Sergey G. Brester" <serg.brester@sebres.de> | ||
Date: Wed, 3 Jul 2024 19:33:39 +0200 | ||
Subject: [PATCH 3/5] zzz-sshd-obsolete-multiline.conf: adjusted to new | ||
sshd-session log format | ||
|
||
--- | ||
fail2ban/tests/config/filter.d/zzz-sshd-obsolete-multiline.conf | 2 +- | ||
1 file changed, 1 insertion(+), 1 deletion(-) | ||
|
||
diff --git a/fail2ban/tests/config/filter.d/zzz-sshd-obsolete-multiline.conf b/fail2ban/tests/config/filter.d/zzz-sshd-obsolete-multiline.conf | ||
index ad8adeb69f..14256ba68c 100644 | ||
--- a/fail2ban/tests/config/filter.d/zzz-sshd-obsolete-multiline.conf | ||
+++ b/fail2ban/tests/config/filter.d/zzz-sshd-obsolete-multiline.conf | ||
@@ -9,7 +9,7 @@ before = ../../../../config/filter.d/common.conf | ||
|
||
[DEFAULT] | ||
|
||
-_daemon = sshd | ||
+_daemon = sshd(?:-session)? | ||
|
||
# optional prefix (logged from several ssh versions) like "error: ", "error: PAM: " or "fatal: " | ||
__pref = (?:(?:error|fatal): (?:PAM: )?)? | ||
|
||
From 50ff131a0fd8f54fdeb14b48353f842ee8ae8c1a Mon Sep 17 00:00:00 2001 | ||
From: "Sergey G. Brester" <serg.brester@sebres.de> | ||
Date: Wed, 3 Jul 2024 19:35:28 +0200 | ||
Subject: [PATCH 4/5] filter.d/sshd.conf: ungroup (unneeded for _daemon) | ||
|
||
--- | ||
config/filter.d/sshd.conf | 2 +- | ||
1 file changed, 1 insertion(+), 1 deletion(-) | ||
|
||
diff --git a/config/filter.d/sshd.conf b/config/filter.d/sshd.conf | ||
index a1fd749aed..3a84b1ba52 100644 | ||
--- a/config/filter.d/sshd.conf | ||
+++ b/config/filter.d/sshd.conf | ||
@@ -16,7 +16,7 @@ before = common.conf | ||
|
||
[DEFAULT] | ||
|
||
-_daemon = (?:sshd(?:-session)?) | ||
+_daemon = sshd(?:-session)? | ||
|
||
# optional prefix (logged from several ssh versions) like "error: ", "error: PAM: " or "fatal: " | ||
__pref = (?:(?:error|fatal): (?:PAM: )?)? |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,29 +1,34 @@ | ||
# Template file for 'fail2ban' | ||
pkgname=fail2ban | ||
version=1.0.2 | ||
revision=3 | ||
version=1.1.0 | ||
revision=1 | ||
build_style=python3-module | ||
hostmakedepends="pkg-config python3-setuptools" | ||
depends="python3-pyasynchat" | ||
depends="python3-pyasynchat python3-pyasyncore" | ||
checkdepends="python3-utils ${depends}" | ||
short_desc="Authentication failure monitor system" | ||
maintainer="Orphaned <orphan@voidlinux.org>" | ||
license="GPL-2.0-only" | ||
homepage="https://www.fail2ban.org/" | ||
changelog="https://raw.githubusercontent.com/fail2ban/fail2ban/master/ChangeLog" | ||
distfiles="https://github.com/fail2ban/fail2ban/archive/${version}.tar.gz" | ||
checksum=ae8b0b41f27a7be12d40488789d6c258029b23a01168e3c0d347ee80b325ac23 | ||
checksum=474fcc25afdaf929c74329d1e4d24420caabeea1ef2e041a267ce19269570bae | ||
conf_files=" | ||
/etc/fail2ban/fail2ban.conf | ||
/etc/fail2ban/jail.conf | ||
/etc/fail2ban/action.d/*.conf | ||
/etc/fail2ban/filter.d/*.conf" | ||
make_dirs="/var/lib/fail2ban 0700 root root" | ||
|
||
pre_build() { | ||
./fail2ban-2to3 | ||
do_check() { | ||
# testExecuteTimeoutWithNastyChildren and testKillAfterStart fail on CI | ||
python3 bin/fail2ban-testcases -i "testExecuteTimeoutWithNastyChildren|testKillAfterStart" | ||
} | ||
|
||
post_install() { | ||
rm -rf ${DESTDIR}/${py3_sitelib}/fail2ban/tests | ||
vsv fail2ban | ||
for f in man/*.{1,5}; do | ||
vman "$f" | ||
done | ||
} |