--- /dev/null
+fail2ban-cn
+~~~~~~~~~~~
+
+Paket donosi neke minimalne izmjene u konfiguraciji osnovnog Debian paketa
+radi poboljsanja lokalne sigurnosti. Tipicno, paket omogucuje
+detekciju/citanje SSH bruteforcing uzoraka (auth.log), kao i reakciju na
+bruteforcing PAM modula (auth.log).
+
+ -- Dinko Korunic <kreator@carnet.hr> Fri, 16 Jan 2009 18:52:22 +0100
--- /dev/null
+changelog.Debian
\ No newline at end of file
--- /dev/null
+fail2ban-cn (0.8.3-1) stable; urgency=low
+
+ * inicijalna verzija paketa
+ * omogucava se integracija s auth greskama u PAM sustavu, te sshd detekcija
+
+ -- Dinko Korunic <kreator@carnet.hr> Fri, 16 Jan 2009 19:52:28 +0100
--- /dev/null
+Source: fail2ban-cn
+Section: net
+Priority: optional
+Maintainer: Dinko Korunic <kreator@CARNet.hr>
+Build-Depends: debhelper (>= 4)
+Standards-Version: 3.7.2
+
+Package: fail2ban-cn
+Architecture: all
+Depends: fail2ban (>= 0.8.3-1~bpo40+1)
+Description: bans IPs that cause multiple authentication errors
+ Monitors log files (e.g. /var/log/auth.log,
+ /var/log/apache/access.log) and temporarily or persistently bans
+ failure-prone addresses by updating existing firewall rules. The
+ software was completely rewritten at version 0.7.0 and now allows
+ easy specification of different actions to be taken such as to ban an
+ IP using iptables or hostsdeny rules, or simply to send a
+ notification email. Currently, by default, supports ssh/apache/vsftpd
+ but configuration can be easily extended for monitoring any other ASCII
+ file. All filters and actions are given in the config files, thus
+ fail2ban can be adopted to be used with a variety of files and
+ firewalls.
+ .
+ This package brings CARNet-related configuration.
--- /dev/null
+changelog.CARNet
+README.CARNet
--- /dev/null
+#!/bin/sh
+# postinst script for bind9-cn
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+# * <postinst> `configure' <most-recently-configured-version>
+# * <old-postinst> `abort-upgrade' <new version>
+# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
+# <new-version>
+# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
+# <failed-install-package> <version> `removing'
+# <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+#
+
+case "$1" in
+ configure|reconfigure)
+ # continue below
+ ;;
+
+ *)
+ exit 0
+ ;;
+esac
+
+# import CN-functions
+. /usr/share/carnet-tools/functions.sh
+
+CONF=/etc/fail2ban/jail.conf
+
+if [ -e "$CONF" ]; then
+ # enable ssh and pam-generic services
+ perl -ne 'if (/\[(ssh|pam-generic)\]/ .. /enabled/) { $_ =~ s/enabled = false/enabled = true/gi }; print $_' "$CONF" > "$CONF.$$" && \
+ mv "$CONF.$$" "$CONF"
+ rm -f "$CONF.$$"
+
+ # add network address and class if needed
+ cp_get_netaddr || true
+ NETADDR="$RET"
+ IGNOREIP=$(grep '^ignoreip' "$CONF")
+ if ! echo "$IGNOREIP" | grep -q "$NETADDR"; then
+ cp_check_and_sed '^ignoreip' \
+ "s;^\(ignoreip.*\)$;\1 $NETADDR;g" "$CONF" || true
+ fi
+fi
+
+# restart the services
+if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
+ invoke-rc.d fail2ban restart || exit $?
+else
+ /etc/init.d/fail2ban restart || exit $?
+fi
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#!/usr/bin/make -f
+# Sample debian/rules that uses debhelper.
+# This file is public domain software, originally written by Joey Hess.
+#
+# This version is for packages that are architecture independent.
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+build: build-stamp
+build-stamp:
+ dh_testdir
+
+ # Add here commands to compile the package.
+ #$(MAKE)
+
+ touch build-stamp
+
+clean:
+ dh_testdir
+ dh_testroot
+ rm -f build-stamp
+
+ # Add here commands to clean up after the build process.
+ #-$(MAKE) clean
+ #-$(MAKE) distclean
+
+ dh_clean
+
+install: build
+ dh_testdir
+ dh_testroot
+ dh_clean -k
+ dh_installdirs
+
+ # Add here commands to install the package into debian/<packagename>.
+ #$(MAKE) prefix=`pwd`/debian/`dh_listpackages`/usr install
+
+# Build architecture-independent files here.
+binary-indep: build install
+ dh_testdir
+ dh_testroot
+ dh_installchangelogs
+ dh_installdocs
+# dh_installexamples
+# dh_installmenu
+# dh_installdebconf
+# dh_installlogrotate
+# dh_installemacsen
+# dh_installcatalogs
+# dh_installpam
+# dh_installmime
+# dh_installinit
+# dh_installcron
+# dh_installinfo
+# dh_undocumented
+ dh_installman
+ dh_link
+ dh_compress
+ dh_fixperms
+# dh_perl
+# dh_python
+ dh_installdeb
+ dh_gencontrol
+ dh_md5sums
+ dh_builddeb
+
+# Build architecture-dependent files here.
+binary-arch: build install
+# We have nothing to do by default.
+
+binary: binary-indep binary-arch
+.PHONY: build clean binary-indep binary-arch binary install
projects / fail2ban-cn.git / commitdiff