Index: head/security/bruteforceblocker/Makefile =================================================================== --- head/security/bruteforceblocker/Makefile (revision 465399) +++ head/security/bruteforceblocker/Makefile (revision 465400) @@ -1,37 +1,38 @@ # Created by: Daniel Gerzo # $FreeBSD$ PORTNAME= bruteforceblocker PORTVERSION= 1.2.4 +PORTREVISION= 1 CATEGORIES= security MAINTAINER= danger@FreeBSD.org COMMENT= Checks for SSH bruteforce and blocks given IPs LICENSE= NONE RUN_DEPENDS= p5-Unix-Syslog>=0:sysutils/p5-Unix-Syslog \ p5-Sys-Hostname-Long>=0:sysutils/p5-Sys-Hostname-Long \ p5-libwww>=0:www/p5-libwww \ p5-Net-DNS>=0:dns/p5-Net-DNS USE_GITHUB= yes GH_ACCOUNT= dgerzo NO_BUILD= yes USES= perl5 shebangfix USE_PERL5= run OPTIONS_DEFINE= DOCS SUB_FILES= pkg-message SHEBANG_FILES= ${PORTNAME}.pl do-install: ${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME}.pl ${STAGEDIR}${PREFIX}/sbin/${PORTNAME} ${INSTALL_DATA} ${WRKSRC}/${PORTNAME}.conf ${STAGEDIR}${PREFIX}/etc/${PORTNAME}.conf.sample @${MKDIR} ${STAGEDIR}${DOCSDIR} .for FILE in INSTALL CHANGELOG CREDITS ${INSTALL_DATA} ${WRKSRC}/${FILE} ${STAGEDIR}${DOCSDIR} .endfor .include Index: head/security/bruteforceblocker/files/patch-bruteforceblocker.pl =================================================================== --- head/security/bruteforceblocker/files/patch-bruteforceblocker.pl (nonexistent) +++ head/security/bruteforceblocker/files/patch-bruteforceblocker.pl (revision 465400) @@ -0,0 +1,12 @@ +--- bruteforceblocker.pl.orig 2018-02-05 04:11:53 UTC ++++ bruteforceblocker.pl +@@ -82,7 +82,8 @@ while (<>) { + /.*Did not receive identification string from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn})$/i || + /.*Bad protocol version identification .* from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn})$/i || + /.*User.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) not allowed because.*/i || +- /.*error: maximum authentication attempts exceeded for.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}).*/i) { ++ /.*error: maximum authentication attempts exceeded for.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}).*/i || ++ /.*fatal: Unable to negotiate with ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}).*/i) { + + my $IP = $1; + if ($IP =~ /$work->{fqdn}/i) { Property changes on: head/security/bruteforceblocker/files/patch-bruteforceblocker.pl ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/bruteforceblocker/pkg-descr =================================================================== --- head/security/bruteforceblocker/pkg-descr (revision 465399) +++ head/security/bruteforceblocker/pkg-descr (revision 465400) @@ -1,11 +1,11 @@ BruteForceBlocker is a Perl script that works along with pf - OpenBSD's firewall (which is also available on FreeBSD since version 5.2 is out). Its main purpose is to block SSH bruteforce attacks via firewall. When this script is running, it checks sshd logs from syslog and looks for failed login attempts - mostly some annoying script attacks, and counts number of such attempts. When given IP reaches configured limit of fails, script puts this IP to the pf's table and blocks any further traffic to the that box from given IP (this also depends on configuration done in pf.conf). -WWW: http://danger.rulez.sk/projects/bruteforceblocker/ +WWW: http://danger.rulez.sk/index.php/bruteforceblocker/