From ae060529d4968d995b6d7fc156808e9c401174eb Mon Sep 17 00:00:00 2001 From: "Andrew J. Hesford" Date: Wed, 22 Jan 2020 16:35:49 -0500 Subject: [PATCH] sshguard: support dynamic firewall config and remove iptables dependency --- srcpkgs/sshguard/files/sshguard-socklog/run | 15 ++++++++++++--- srcpkgs/sshguard/template | 3 +-- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/srcpkgs/sshguard/files/sshguard-socklog/run b/srcpkgs/sshguard/files/sshguard-socklog/run index 720e467678..746df4822c 100755 --- a/srcpkgs/sshguard/files/sshguard-socklog/run +++ b/srcpkgs/sshguard/files/sshguard-socklog/run @@ -1,5 +1,14 @@ #!/bin/sh -sv check iptables >/dev/null || exit 1 -sv check socklog-unix >/dev/null || exit 1 -exec sshguard -l /var/log/socklog/secure/current -b 200:/var/db/sshguard/blacklist.db 2>&1 +# Defaults that mabe be overridden (or erased entirely) by configuration +LOGFILE="${LOGFILE:-/var/log/socklog/secure/current}" +BLACKLIST_SPEC="${BLACKLIST_SPEC:-200:/var/db/sshguard/blacklist.db}" + +# Allow the firewall and logger backends to be specified +[ -f ./conf ] && . ./conf + +# If specified, add blacklist spec and log source to OPTS +[ -n "$BLACKLIST_SPEC" ] && OPTS="-b $BLACKLIST_SPEC" +[ -n "$LOGFILE" ] && OPTS="-l $LOGFILE $OPTS" + +exec sshguard $OPTS 2>&1 diff --git a/srcpkgs/sshguard/template b/srcpkgs/sshguard/template index 8c08d1f112..235a612939 100644 --- a/srcpkgs/sshguard/template +++ b/srcpkgs/sshguard/template @@ -1,10 +1,9 @@ # Template file for 'sshguard' pkgname=sshguard version=2.4.0 -revision=1 +revision=2 build_style=gnu-configure hostmakedepends="flex" -depends="iptables" short_desc="Protects networked hosts from brute force attacks" maintainer="Lodvær " license="BSD-3-Clause"