From ca499bc628fe0760b59eaf7fa69633876d5f5431 Mon Sep 17 00:00:00 2001 From: athimm Date: Dec 30 2006 19:12:03 +0000 Subject: auto-import fail2ban-0.6.2-3.at on branch devel from fail2ban-0.6.2-3.at.src.rpm --- diff --git a/.cvsignore b/.cvsignore index e69de29..a075c08 100644 --- a/.cvsignore +++ b/.cvsignore @@ -0,0 +1 @@ +fail2ban-0.6.2.tar.bz2 diff --git a/fail2ban-0.6.2-init.patch b/fail2ban-0.6.2-init.patch new file mode 100644 index 0000000..5caaa2e --- /dev/null +++ b/fail2ban-0.6.2-init.patch @@ -0,0 +1,34 @@ +--- fail2ban-0.6.2/config/redhat-initd.init 2006-12-29 00:46:19.000000000 +0100 ++++ fail2ban-0.6.2/config/redhat-initd 2006-12-29 00:46:54.000000000 +0100 +@@ -2,7 +2,7 @@ + # + # fail2ban + # +-# chkconfig: 345 91 9 ++# chkconfig: - 91 9 + # description: if many unsuccessfull login attempts from some ip address \ + # during a short period happen, this address is banned \ + # by the firewall +@@ -31,14 +31,17 @@ + "${FAIL2BAN}" -b > /dev/null + RETVAL=$? + echo ++ [ $RETVAL -eq 0 ] && touch /var/lock/subsys/fail2ban ++ return $RETVAL + } + + stop() { +- if [ -f "${PIDFILE}" ]; then +- echo -n $"Stopping fail2ban: " +- "${FAIL2BAN}" -k > /dev/null +- echo +- fi ++ echo -n $"Stopping fail2ban: " ++ "${FAIL2BAN}" -k > /dev/null ++ RETVAL=$? ++ echo ++ [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/fail2ban ++ return $RETVAL + } + + restart() { diff --git a/fail2ban.spec b/fail2ban.spec new file mode 100644 index 0000000..e7400eb --- /dev/null +++ b/fail2ban.spec @@ -0,0 +1,78 @@ +Summary: Ban IPs that make too many password failures +Name: fail2ban +Version: 0.6.2 +Release: 3%{?dist} +License: GPL +Group: System Environment/Daemons +URL: http://fail2ban.sourceforge.net/ +Source0: http://prdownloads.sourceforge.net/%{name}/%{name}-%{version}.tar.bz2 +Patch0: fail2ban-0.6.2-init.patch +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root +BuildRequires: python-devel >= 2.3, dos2unix +BuildArch: noarch +Requires: iptables, tcp_wrappers, shorewall +Requires(post): /sbin/chkconfig +Requires(preun): /sbin/chkconfig +Requires(preun): /sbin/service + +%description +Fail2ban scans log files like /var/log/pwdfail or +/var/log/apache/error_log and bans IP that makes too many password +failures. It updates firewall rules to reject the IP address. + +%prep +%setup -q +grep -rl /usr/lib/fail2ban . \ + | xargs sed -i -e's,/usr/lib/fail2ban,%{_datadir}/fail2ban,g' +dos2unix config/redhat-initd +%patch0 -p1 -b .init + +%build +python setup.py build + +%install +rm -rf %{buildroot} +python setup.py install -O1 --root %{buildroot} +mkdir -p %{buildroot}%{_initrddir} +install -p -m 755 config/redhat-initd %{buildroot}%{_initrddir}/fail2ban +mkdir -p %{buildroot}%{_sysconfdir} +install -p -m 644 config/fail2ban.conf.iptables %{buildroot}%{_sysconfdir}/fail2ban.conf +mkdir -p %{buildroot}%{_mandir}/man{8,5} +install -p -m 644 man/fail2ban.8 %{buildroot}%{_mandir}/man8 +install -p -m 644 man/fail2ban.conf.5 %{buildroot}%{_mandir}/man5 + +%clean +rm -rf %{buildroot} + +%post +/sbin/chkconfig --add %{name} + +%preun +if [ $1 = 0 ]; then + /sbin/service %{name} stop > /dev/null 2>&1 + /sbin/chkconfig --del %{name} +fi + +%files +%defattr(-,root,root,-) +%doc README TODO CHANGELOG +%doc config/fail2ban.conf* +%config(noreplace) %{_sysconfdir}/fail2ban.conf +%{_bindir}/fail2ban +%{_datadir}/fail2ban +%{_initrddir}/fail2ban +%{_mandir}/man8/fail2ban.8* +%{_mandir}/man5/fail2ban.conf.5* + +%changelog +* Sat Dec 30 2006 Axel Thimm - 0.6.2-3 +- Remove forgotten condrestart. + +* Fri Dec 29 2006 Axel Thimm - 0.6.2-2 +- Move /usr/lib/fail2ban to %%{_datadir}/fail2ban. +- Don't default chkconfig to enabled. +- Add dependencies on service/chkconfig. +- Use example iptables/ssh config as default config. + +* Mon Dec 25 2006 Axel Thimm - 0.6.2-1 +- Initial build. diff --git a/sources b/sources index e69de29..0f3defb 100644 --- a/sources +++ b/sources @@ -0,0 +1 @@ +7c686e610f0ad7678688a1bb2cd913da fail2ban-0.6.2.tar.bz2