package/fail2ban: new package

author Angelo Compagnucci <angelo.compagnucci@gmail.com>

Sat, 24 Nov 2018 23:24:22 +0000 (00:24 +0100)

committer Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Sun, 25 Nov 2018 08:32:06 +0000 (09:32 +0100)
author Angelo Compagnucci <angelo.compagnucci@gmail.com>
Sat, 24 Nov 2018 23:24:22 +0000 (00:24 +0100)
committer Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Sun, 25 Nov 2018 08:32:06 +0000 (09:32 +0100)
diff --git a/DEVELOPERS b/DEVELOPERS

index 1cfa9969bff8696028f67fdb398c4ab73011241f..1ed266eafcc999ec825804838caf41451ea9ce6d 100644 (file)
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -146,6 +146,7 @@ F:  package/libunwind/
  
  N:     Angelo Compagnucci <angelo.compagnucci@gmail.com>
  F:     package/corkscrew/
+F:     package/fail2ban/
  F:     package/i2c-tools/
  F:     package/mender/
  F:     package/mono/
diff --git a/package/Config.in b/package/Config.in

index ce8d70c458da1622b994c6d56203eb040c64b733..6e0f3c9a928e6801783cf8844266c2a36740cbac 100644 (file)
--- a/package/Config.in
+++ b/package/Config.in
@@ -1832,6 +1832,7 @@ menu "Networking applications"
         source "package/ejabberd/Config.in"
         source "package/ethtool/Config.in"
         source "package/faifa/Config.in"
+       source "package/fail2ban/Config.in"
         source "package/fastd/Config.in"
         source "package/fcgiwrap/Config.in"
         source "package/flannel/Config.in"
diff --git a/package/fail2ban/Config.in b/package/fail2ban/Config.in

new file mode 100644 (file)

index 0000000..8fa63bf
--- /dev/null
+++ b/package/fail2ban/Config.in
@@ -0,0 +1,15 @@
+config BR2_PACKAGE_FAIL2BAN
+       bool "fail2ban"
+       depends on BR2_PACKAGE_PYTHON
+       help
+         Fail2ban scans log files (e.g. /var/log/apache/error_log) and
+         bans IPs that show the malicious signs -- too many password
+         failures, seeking for exploits, etc. Out of the box Fail2Ban
+         comes with filters for various services (apache, courier,
+         ssh, etc).
+
+         Fail2Ban is able to reduce the rate of incorrect
+         authentications attempts however it cannot eliminate the risk
+         that weak authentication presents.
+
+         https://www.fail2ban.org
diff --git a/package/fail2ban/S60fail2ban b/package/fail2ban/S60fail2ban

new file mode 100644 (file)

index 0000000..b181ecd
--- /dev/null
+++ b/package/fail2ban/S60fail2ban
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+case "$1" in
+       start)
+               printf "Starting fail2ban: "
+               start-stop-daemon -S -q -m -p /var/run/fail2ban.pid \
+                       -b -x fail2ban-server -- -xf start
+               [ $? = 0 ] && echo "OK" || echo "FAIL"
+               ;;
+       stop)
+               printf "Stopping fail2ban: "
+               start-stop-daemon -K -q -p /var/run/fail2ban.pid
+               [ $? = 0 ] && echo "OK" || echo "FAIL"
+               ;;
+       restart)
+               "$0" stop
+               sleep 1
+               "$0" start
+               ;;
+       *)
+               echo "Usage: $0 {start|stop|restart}"
+               ;;
+esac
diff --git a/package/fail2ban/fail2ban.hash b/package/fail2ban/fail2ban.hash

new file mode 100644 (file)

index 0000000..25d120c
--- /dev/null
+++ b/package/fail2ban/fail2ban.hash
@@ -0,0 +1,3 @@
+# sha256 locally computed
+sha256  d6ca1bbc7e7944f7acb2ba7c1065953cd9837680bc4d175f30ed155c6a372449  fail2ban-0.10.4.tar.gz
+sha256  a75fec0260742fe6275d63ff6a5d97b924b28766558306b3fa4069763096929b  COPYING
diff --git a/package/fail2ban/fail2ban.mk b/package/fail2ban/fail2ban.mk

new file mode 100644 (file)

index 0000000..b7e6bdc
--- /dev/null
+++ b/package/fail2ban/fail2ban.mk
@@ -0,0 +1,27 @@
+################################################################################
+#
+# fail2ban
+#
+################################################################################
+
+FAIL2BAN_VERSION = 0.10.4
+FAIL2BAN_SITE = $(call github,fail2ban,fail2ban,$(FAIL2BAN_VERSION))
+FAIL2BAN_LICENSE = GPL-2.0+
+FAIL2BAN_LICENSE_FILES = COPYING
+FAIL2BAN_SETUP_TYPE = distutils
+
+define FAIL2BAN_INSTALL_INIT_SYSV
+       $(INSTALL) -D -m 755 package/fail2ban/S60fail2ban \
+               $(TARGET_DIR)/etc/init.d/S60fail2ban
+endef
+
+define FAIL2BAN_INSTALL_INIT_SYSTEMD
+       $(INSTALL) -D -m 0644 $(@D)/files/fail2ban.service.in \
+               $(TARGET_DIR)/usr/lib/systemd/system/fail2ban.service
+       mkdir -p $(TARGET_DIR)/etc/systemd/system/multi-user.target.wants
+       ln -fs ../../../../usr/lib//systemd/system/fail2ban.service \
+               $(TARGET_DIR)/etc/systemd/system/multi-user.target.wants/fail2ban.service
+       $(SED) 's,@BINDIR@,/usr/bin,g' $(TARGET_DIR)/usr/lib/systemd/system/fail2ban.service
+endef
+
+$(eval $(python-package))
author	Angelo Compagnucci <angelo.compagnucci@gmail.com>
	Sat, 24 Nov 2018 23:24:22 +0000 (00:24 +0100)
committer	Thomas Petazzoni <thomas.petazzoni@bootlin.com>
	Sun, 25 Nov 2018 08:32:06 +0000 (09:32 +0100)
DEVELOPERS		patch \| blob \| history
package/Config.in		patch \| blob \| history
package/fail2ban/Config.in	[new file with mode: 0644]	patch \| blob
package/fail2ban/S60fail2ban	[new file with mode: 0644]	patch \| blob
package/fail2ban/fail2ban.hash	[new file with mode: 0644]	patch \| blob
package/fail2ban/fail2ban.mk	[new file with mode: 0644]	patch \| blob