# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4 # $Id: Portfile 142815 2015-11-24 03:22:35Z jmr@macports.org $ PortSystem 1.0 PortGroup github 1.0 PortGroup python 1.0 github.setup fail2ban fail2ban 0.9.3 categories security python license GPL-2+ maintainers free.fr:fclaire openmaintainer platforms darwin supported_archs noarch description Fail2ban protects computer against brute-force attacks long_description Fail2ban scans log files (e.g. /var/log/apache/error_log) and \ bans IPs that show the malicious signs -- too many password failures, \ seeking for exploits, etc. Generally Fail2Ban then used to update \ firewall rules to reject the IP addresses for a specified amount \ of time, although any arbitrary other action (e.g. sending an email, \ or ejecting CD-ROM tray) could also be configured. Out of the box \ Fail2Ban comes with filters for various services (apache, curier, ssh, etc). homepage http://www.fail2ban.org/ distname ${version} checksums rmd160 1f1f1b7a504cbade13a3363cc9143d909168f062 \ sha256 146811530b7acf706db6d28068ee60806f6e0c80da14d89b732955a696728c46 python.default_version 27 set f2bconfdir ${prefix}/etc/${name} set f2bbindir ${prefix}/bin set f2brundir ${prefix}/var/run/${name} set f2bsock ${f2brundir}/${name}.sock set f2bpid ${f2brundir}/${name}.pid patchfiles patch-setup.py.diff \ patch-fail2ban-client-configreader.py.diff \ patch-fail2ban-tests-misctestcase.py.diff \ patch-fail2ban-tests-utils.py.diff \ patch-config-fail2ban.conf.diff \ patch-config-jail.conf.diff \ patch-config-paths-common.conf.diff \ patch-config-paths-osx.conf.diff \ patch-config-action.d-osx-afctl.conf.diff \ patch-bin-fail2ban-client.diff \ patch-bin-fail2ban-server.diff \ patch-fail2ban-server-filterpoll.py.diff post-patch { reinplace "s|@@PREFIX@@|${prefix}|g" ${worksrcpath}/setup.py \ ${worksrcpath}/fail2ban/client/configreader.py \ ${worksrcpath}/fail2ban/tests/misctestcase.py \ ${worksrcpath}/fail2ban/tests/utils.py \ ${worksrcpath}/config/fail2ban.conf \ ${worksrcpath}/config/paths-common.conf \ ${worksrcpath}/bin/fail2ban-client \ ${worksrcpath}/bin/fail2ban-server } startupitem.create yes startupitem.start "export LANG=en_GB.UTF-8; if \[ -r ${f2bsock} -a ! -r ${f2bpid} \]; then rm ${f2bsock}; fi; ${f2bbindir}/${name}-client start" startupitem.stop "${f2bbindir}/${name}-client stop" destroot.keepdirs ${destroot}${f2brundir} post-destroot { # Adding dedicated OSX pf-icefloor action file xinstall -m 644 ${filespath}/pf-icefloor.conf ${destroot}${f2bconfdir}/action.d/ # Adding a suffix to config files set cfgfiles [concat [glob ${destroot}${f2bconfdir}/*.conf] [glob ${destroot}${f2bconfdir}/action.d/*.conf] [glob ${destroot}${f2bconfdir}/filter.d/*.conf]] foreach cfgfile ${cfgfiles} { move ${cfgfile} ${cfgfile}.${version} } } post-activate { # If not already present we put default config files set cfgfiles [concat [glob ${f2bconfdir}/*.conf.${version}] [glob ${f2bconfdir}/action.d/*.conf.${version}] [glob ${f2bconfdir}/filter.d/*.conf.${version}]] foreach cfgfile ${cfgfiles} { regsub "\.${version}" ${cfgfile} {} origcfgfile if {![file exists ${origcfgfile}]} { file copy ${cfgfile} ${origcfgfile} } } } notes " Next step is to configure fail2ban. Start to read: ${f2bconfdir}/fail2ban.conf ${f2bconfdir}/jail.conf and create your own fail2ban.local and jail.local Start/stop fail2ban with: sudo port \[un\]load fail2ban More info at ${homepage} " livecheck.type regexm livecheck.url ${homepage}wiki/index.php/Downloads livecheck.regex stable.*?>${name}-(\[0-9.\]+)<