diff options
author | nils <nils> | 2015-02-09 10:05:25 +0000 |
---|---|---|
committer | nils <nils> | 2015-02-09 10:05:25 +0000 |
commit | e9d8e536ae35f145fdb11399070b54be1acfdc00 (patch) | |
tree | b9f37e857f38f768d80f31a88603ccab4067153e /security/fail2ban/files/fail2ban.sh | |
parent | d5c652f0ba108249f00d35d69b93d5390791eaf5 (diff) | |
download | pkgsrc-e9d8e536ae35f145fdb11399070b54be1acfdc00.tar.gz |
Initial import of security/fail2ban, version 0.9.1, into the NetBSD Packages Collection.
Fail2Ban scans log files like /var/log/pwdfail and bans IP
that makes too many password failures. It updates firewall
rules to reject the IP address. Theses rules can be defined by
the user. Fail2Ban can read multiple log files such as sshd
or Apache web server ones.
Diffstat (limited to 'security/fail2ban/files/fail2ban.sh')
-rw-r--r-- | security/fail2ban/files/fail2ban.sh | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/security/fail2ban/files/fail2ban.sh b/security/fail2ban/files/fail2ban.sh new file mode 100644 index 00000000000..fc999022416 --- /dev/null +++ b/security/fail2ban/files/fail2ban.sh @@ -0,0 +1,32 @@ +#!@RCD_SCRIPTS_SHELL@ +# +# PROVIDE: fail2ban +# REQUIRE: NETWORKING syslogd +# +# Add the following lines to /etc/rc.conf to enable fail2ban: +# fail2ban=YES +# fail2ban_flags="<set as needed>" + +. /etc/rc.subr + +name="@PKGBASE@" +rcvar=${name} +command="@PREFIX@/bin/fail2ban-server" +command_interpreter="@PYTHON_INTERP@" +client="@PREFIX@/bin/fail2ban-client" +pidfile="@VARBASE@/${name}/${name}.pid" +extra_commands="reload" + +load_rc_config ${name} + +start_precmd="fail2ban_precmd" +start_cmd="${client} ${fail2ban_flags} start" +stop_cmd="${client} ${fail2ban_flags} stop" +status_cmd="${client} ${fail2ban_flags} status" +reload_cmd="${client} ${fail2ban_flags} reload" + +fail2ban_precmd () { + mkdir -p /var/run/fail2ban +} + +run_rc_command "$1" |