--- /dev/null
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+inherit eutils
+
+DESCRIPTION="Protects computers from SSH brute force attacks by dynamically blocking IP addresses by adding iptables rules."
+HOMEPAGE="http://sourceforge.net/projects/blocksshd"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+
+KEYWORDS="~x86"
+IUSE=""
+
+DEPEND=""
+RDEPEND=">=perl-core/Sys-Syslog-0.16
+ >=dev-perl/Sys-Hostname-Long-1.2
+ >=dev-perl/File-Tail-0.99.1
+ >=dev-perl/Net-DNS-0.53-r1
+ >=perl-core/Getopt-Long-2.34
+ >=net-firewall/iptables-1.3.5-r1"
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+
+ # convert CRLF to LF
+ edos2unix blocksshd blocksshd.conf
+
+ #apply patches
+ epatch "${FILESDIR}"/blocksshd-${PV}.conf-dir-change.patch
+ epatch "${FILESDIR}"/blocksshd-${PV}.etc-dir-change.patch
+}
+
+src_install() {
+ dosbin blocksshd || die "dosbin failed"
+ dodoc CHANGELOG CREDITS README VERSION blocksshd.conf
+
+ newinitd ${FILESDIR}/blocksshd.init blocksshd
+
+ insinto /etc/blocksshd
+ newins blocksshd.conf blocksshd.conf.sample
+}
+
+pkg_postinst() {
+ ewarn
+ ewarn "The configuration file ${ROOT}etc/blocksshd/blocksshd.conf.sample"
+ ewarn "must be renamed before blocksshd will run."
+ ewarn "Please review this configuration file for settings that might"
+ ewarn "be appropiate for your setup."
+ ewarn
+}
--- /dev/null
+--- blocksshd.conf.orig 2006-11-08 04:42:39.000000000 -0500
++++ blocksshd.conf 2006-11-13 10:30:51.000000000 -0500
+@@ -3,16 +3,16 @@
+ $cfg = {
+ os => 'linux', # Target OS - either linux or bsd
+ chain => 'blocksshd', # Name of iptables or pf chain
+- logfile => '/var/log/secure', # Log file to monitor
++ logfile => '/var/log/messages', # Log file to monitor
+ logcheck => '10', # How often to check the log file
+ max_attempts => '4', # Max number of failures
+ timeout => '360', # Reset IP count if no activity after time out in seconds
+- unblock => '1', # Enable unblocking
++ unblock => '0', # Enable unblocking
+ unblock_timeout => '43200', # Time in seconds after which to unblock a blocked IP address
+ restore_blocked => '0', # Turn on checking for previously blocked IPs
+- log_ips => '/usr/local/etc/blocksshd.list', # Log file for blocked IPs
++ log_ips => '/etc/blocksshd/blocksshd.list', # Log file for blocked IPs
+ pid_file => '/var/run/blocksshd.pid', # Location of PID file
+- send_email => '1', # Enable the sending of email notifications
++ send_email => '0', # Enable the sending of email notifications
+ email => 'root', # Email address to send notifications
+ mail => '/bin/mail', # Location of mail binary
+ iptables => '/sbin/iptables', # Location of iptables binary - only for Linux
--- /dev/null
+--- blocksshd.orig 2006-11-08 01:58:44.000000000 -0500
++++ blocksshd 2006-11-13 10:26:54.000000000 -0500
+@@ -43,7 +43,7 @@
+ our $cfg;
+
+ # This is where the configuration file is located
+-require '/usr/local/etc/blocksshd.conf';
++require '/etc/blocksshd/blocksshd.conf';
+
+ my $work = {
+ ipv4 => '(?:\d{1,3}\.){3}\d{1,3}', # regexp to match ipv4 address
projects / ~andy / sunrise / commitdiff