head	1.10;
access;
symbols
	RELEASE_8_3_0:1.8
	RELEASE_9_0_0:1.8
	RELEASE_7_4_0:1.8
	RELEASE_8_2_0:1.8
	RELEASE_6_EOL:1.8
	RELEASE_8_1_0:1.8
	RELEASE_7_3_0:1.8
	RELEASE_8_0_0:1.8
	RELEASE_7_2_0:1.8
	RELEASE_7_1_0:1.8
	RELEASE_6_4_0:1.8
	RELEASE_5_EOL:1.8
	RELEASE_7_0_0:1.7
	RELEASE_6_3_0:1.7
	PRE_XORG_7:1.3
	RELEASE_4_EOL:1.3
	RELEASE_6_2_0:1.2
	RELEASE_6_1_0:1.1
	RELEASE_5_5_0:1.1;
locks; strict;
comment	@# @;


1.10
date	2012.11.17.06.01.20;	author svnexp;	state Exp;
branches;
next	1.9;

1.9
date	2012.06.29.18.26.52;	author az;	state Exp;
branches;
next	1.8;

1.8
date	2008.05.10.05.51.26;	author rafan;	state Exp;
branches;
next	1.7;

1.7
date	2007.11.07.07.27.10;	author rafan;	state Exp;
branches;
next	1.6;

1.6
date	2007.09.18.13.16.12;	author tabthorpe;	state Exp;
branches;
next	1.5;

1.5
date	2007.09.08.01.04.00;	author linimon;	state Exp;
branches;
next	1.4;

1.4
date	2007.07.02.08.36.13;	author rafan;	state Exp;
branches;
next	1.3;

1.3
date	2006.11.03.16.01.32;	author clsung;	state Exp;
branches;
next	1.2;

1.2
date	2006.07.27.10.32.55;	author rafan;	state Exp;
branches;
next	1.1;

1.1
date	2005.12.18.16.03.27;	author vanilla;	state Exp;
branches;
next	;


desc
@@


1.10
log
@Switch exporter over
@
text
@# New ports collection makefile for:	sshit
# Date created:				18 December 2005
# Whom:					Jui-Nan Lin <jnlin@@csie.nctu.edu.tw>
#
# $FreeBSD: head/security/sshit/Makefile 300897 2012-07-14 14:29:18Z beat $
#

PORTNAME=	sshit
PORTVERSION=	0.6
PORTREVISION=	4
CATEGORIES=	security
MASTER_SITES=	http://anp.ath.cx/sshit/ \
		${MASTER_SITE_LOCAL}

MAINTAINER=	rafan@@FreeBSD.org
COMMENT=	Checks for SSH/FTP bruteforce and blocks given IPs

RUN_DEPENDS=	p5-Unix-Syslog>=0:${PORTSDIR}/sysutils/p5-Unix-Syslog \
		p5-IPC-Shareable>=0:${PORTSDIR}/devel/p5-IPC-Shareable \
		p5-Proc-PID-File>=0:${PORTSDIR}/devel/p5-Proc-PID-File

NO_BUILD=	yes
USE_PERL5_RUN=	yes

WRKSRC=		${WRKDIR}/${PORTNAME}-${PORTVERSION}
PKGMESSAGE=	${WRKDIR}/pkg-message
SUB_FILES=	pkg-message

post-patch:
	@@${REINPLACE_CMD} -e 's,^#!/usr/bin/perl,#!${PERL},' ${WRKSRC}/sshit

do-install:
	${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME} ${PREFIX}/sbin/${PORTNAME}
	${INSTALL_DATA} ${WRKSRC}/${PORTNAME}.conf ${PREFIX}/etc/${PORTNAME}.conf-dist

post-install:
	@@if [ ! -f ${PREFIX}/etc/${PORTNAME}.conf ]; then \
		${CP} -p ${PREFIX}/etc/${PORTNAME}.conf-dist ${PREFIX}/etc/${PORTNAME}.conf ; \
	fi
.if !defined(BATCH)
	@@${CAT} ${PKGMESSAGE}
.endif

.include <bsd.port.mk>
@


1.9
log
@- Remove SITE_PERL from *_DEPENDS

Approved by: portmgr@@ (bapt@@)
@
text
@d5 1
a5 1
# $FreeBSD$
@


1.8
log
@- Always refer to perl by ${PERL}
- Bump PORTREVISION
@
text
@d18 3
a20 3
RUN_DEPENDS=	${SITE_PERL}/${PERL_ARCH}/Unix/Syslog.pm:${PORTSDIR}/sysutils/p5-Unix-Syslog \
		${SITE_PERL}/IPC/Shareable.pm:${PORTSDIR}/devel/p5-IPC-Shareable \
		${SITE_PERL}/Proc/PID/File.pm:${PORTSDIR}/devel/p5-Proc-PID-File
@


1.7
log
@- After last update, sshit keeps exiting with signal 15 due to wrong
  hostname regexp. Fix the regexp for hostname matching.
- While fixing that, fix IPv6 regexp, too.
- Reduce syslog level from ERROR to INFO for most informational messages.

These changes are submitted to author for inclusion in next version.

- Grab maintainership as current maintainer does not use it anymore.
- Bump PORTREVISION.

Approved by:	portmgr (linimon), maintainer via irc
@
text
@d10 1
a10 1
PORTREVISION=	3
d29 3
@


1.6
log
@- make work with fqdn
- bump PORTREVISION

PR:		ports/115210
Submitted by:	Alex Keda <admin_AT_lissyara.su>
Approved by:	Jui-Nan Lin (maintainer), clsung (mentor)
@
text
@d10 1
a10 1
PORTREVISION=	2
d15 1
a15 1
MAINTAINER=	jnlin@@csie.nctu.edu.tw
@


1.5
log
@Welcome bsd.perl.mk.  Add support for constructs such as USE_PERL5=5.8.0+.
Drop support for antique perl.

Work done by:	gabor
Sponsored by:	Google Summer of Code 2007
Hat:		portmgr
@
text
@d10 1
a10 1
PORTREVISION=	1
@


1.4
log
@- Make sshit catch this type of error login:

PAM: authentication error for lissyara from 192.168.254.193

PR:  		ports/114194
Submitted by:	Alex Keda <admin at lissyara.su>
Approved by:	maintainer via irc
@
text
@a28 6
.include <bsd.port.pre.mk>

.if ${PERL_LEVEL} < 500600
IGNORE=		perl 5.6 or newer required. Install lang/perl5 or lang/perl5.8 and try again
.endif

d41 1
a41 1
.include <bsd.port.post.mk>
@


1.3
log
@- Update to 0.6

PR:		ports/104770
Submitted by:	Joe Horn <joehorn_AT_leobbs dot net>
Approved by:	maintainer (Jui-Nan Lin)
@
text
@d10 1
@


1.2
log
@(c) Rong-En Fan's, http://rafan.infor.org/patch/sshit.diff

In the code, the author uses two level hash, and IPC::Shareable
will create a share memory for those anonymouse object (the second
level hash). Those share memory will not be removed when sshit exists
or when the rule is removed. Running sshit for a period of time,
the number of share memory and semaphore will reach the limit for
one process, then sshit.pl can not get more share memory, thus it
quits. The only solution is to manually remove all share memory and
semaphore.

This is somehow the limitation of using IPC::Shareable. To workaround
this problem. The patch will removes associated firewall rules when
syslogd closes the fd [1], and use IPC::Shareable->clean_up
to remove all shm/sem created by this process. I also set 'destroy'
to 1 so the shm tied to %list can be removed.

The second hunk is to fix a typo for ipfw2. Due to this typo,
ip in ipfw2's table cat not be removed. That means once blocked,
the client is blocked until reboot or admin cleanup the table.

[1] if any log files are rotated, newsyslog sends a HUP to syslogd,
    syslogd will close *all* current open fd and reopen them. At
    that time, the sshit.pl's stdin will be closed, thus the main
    program will exit.

PR:		ports/100726
Submitted by:	Alex Samorukov <samm at os2.kiev.ua>
Approved by:	Jui-Nan Eric Lin <jnlin at csie.NCTU.edu.tw> (maintainer)
Obtained from:	rafan
@
text
@d9 1
a9 2
PORTVERSION=	0.5
PORTREVISION=	1
d35 1
a35 1
	${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME}.pl ${PREFIX}/sbin/${PORTNAME}
@


1.1
log
@Add sshit 0.5, checks for SSH/FTP bruteforce and blocks given IPs.

PR:		ports/90603
Submitted by:	Jui-Nan Lin <jnlin@@csie.nctu.edu.tw>
@
text
@d10 1
@

