Index: head/security/py-fail2ban/Makefile
===================================================================
--- head/security/py-fail2ban/Makefile	(revision 529263)
+++ head/security/py-fail2ban/Makefile	(revision 529264)
@@ -1,89 +1,90 @@
 # $FreeBSD$
 
 PORTNAME=	fail2ban
 PORTVERSION=	0.11.1
+PORTREVISION=	1
 CATEGORIES=	security python
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}
 
 MAINTAINER=	theis@gmx.at
 COMMENT=	Scans log files and bans IP that makes too many password failures
 
 LICENSE=	GPLv2
 LICENSE_FILE=	${WRKSRC}/COPYING
 
 RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}sqlite3>0:databases/py-sqlite3@${PY_FLAVOR}
 
 USES=		python:patch shebangfix
 USE_GITHUB=	yes
 USE_PYTHON=	autoplist distutils
 USE_RC_SUBR=	fail2ban
 
 NO_ARCH=	yes
 
 SHEBANG_FILES=	config/filter.d/ignorecommands/apache-fakegooglebot
 SHEBANG_LANG=	fail2ban-python
 
 SUB_LIST+=	PYTHON_CMD=${PYTHON_CMD}
 
 PYDISTUTILS_INSTALLARGS+=	--install-data=${ETCDIR} --without-test
 
 PORTDOCS=	README.md DEVELOP
 
 OPTIONS_DEFINE=	DOCS INOTIFY
 OPTIONS_DEFAULT=INOTIFY
 
 INOTIFY_DESC=		Support for (lib)inotify to monitor filesystem changes
 
 INOTIFY_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}pyinotify>=0.8.3:devel/py-pyinotify@${PY_FLAVOR}
 
 FILES=		${WRKSRC}/bin/fail2ban-client \
 		${WRKSRC}/fail2ban/client/configreader.py \
 		${WRKSRC}/fail2ban/client/fail2bancmdline.py \
 		${WRKSRC}/fail2ban/client/fail2banregex.py \
 		${WRKSRC}/man/fail2ban-client.1 \
 		${WRKSRC}/man/fail2ban-client.h2m \
 		${WRKSRC}/setup.py
 
 MAN_FILES=	${WRKSRC}/man/fail2ban-client.1 \
 		${WRKSRC}/man/fail2ban-client.h2m \
 		${WRKSRC}/man/fail2ban-regex.1 \
 		${WRKSRC}/man/fail2ban-server.1 \
 		${WRKSRC}/man/fail2ban.1
 
 FAIL2BAN_DBDIR=	/var/db/${PORTNAME}
 
 PY2TO3_CMD=	${LOCALBASE}/bin/2to3-${PYTHON_VER}
 PY2TO3_ARG=	--no-diffs --write --nobackups --fix=all
 
 .include <bsd.port.pre.mk>
 
 post-patch:
 	@${REINPLACE_CMD} -e 's,/etc/fail2ban,${ETCDIR},g' ${FILES}
 	@${REINPLACE_CMD} -e 's,paths-debian.conf,paths-freebsd.conf,g' \
 		${WRKSRC}/config/jail.conf
 	@${REINPLACE_CMD} -e 's,/var/lib/fail2ban/,${FAIL2BAN_DBDIR}/,g' \
 		${WRKSRC}/config/fail2ban.conf
 	@${REINPLACE_CMD} -e 's,jail.conf(5),fail2ban-jail.conf(5),g' \
 		${MAN_FILES}
 	@${REINPLACE_CMD} -e 's, sed , ${SED} ,g' \
 		${WRKSRC}/config/action.d/hostsdeny.conf
 
 .	if ${PYTHON_MAJOR_VER} >= 3
 		(cd ${WRKSRC}/ && ${PY2TO3_CMD} ${PY2TO3_ARG} bin/* fail2ban)
 .	endif
 
 post-install:
 	@${MKDIR} ${STAGEDIR}${FAIL2BAN_DBDIR} ${STAGEDIR}/var/run/fail2ban
 .for file in fail2ban-client fail2ban-regex fail2ban-server fail2ban
 	${INSTALL_MAN} ${WRKSRC}/man/${file}.1 ${STAGEDIR}${MANPREFIX}/man/man1
 .endfor
 	${INSTALL_MAN} ${WRKSRC}/man/jail.conf.5 ${STAGEDIR}${MANPREFIX}/man/man5/fail2ban-jail.conf.5
 
 post-install-DOCS-on:
 	@${MKDIR} ${STAGEDIR}${DOCSDIR}
 	(cd ${WRKSRC}/ && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR})
 
 do-test:
 	@cd ${WRKSRC} && ${PYTHON_CMD} ${PYDISTUTILS_SETUP} test
 
 .include <bsd.port.post.mk>
Index: head/security/py-fail2ban/files/patch-config_filter.d_bsd-sshd.conf
===================================================================
--- head/security/py-fail2ban/files/patch-config_filter.d_bsd-sshd.conf	(revision 529263)
+++ head/security/py-fail2ban/files/patch-config_filter.d_bsd-sshd.conf	(revision 529264)
@@ -1,43 +1,44 @@
---- config/filter.d/bsd-sshd.conf.orig	2015-11-03 04:11:30 UTC
+--- config/filter.d/bsd-sshd.conf.orig	2020-03-27 11:15:56 UTC
 +++ config/filter.d/bsd-sshd.conf
-@@ -0,0 +1,40 @@
+@@ -0,0 +1,41 @@
 +# Fail2Ban configuration file
 +#
 +# Author: Cyril Jaquier
 +#
 +# $Revision: 663 $
 +#
 +
 +[INCLUDES]
 +
 +# Read common prefixes. If any customizations available -- read them from
 +# common.local
 +before = common.conf
 +
 +
 +[Definition]
 +
 +_daemon = sshd
 +
 +# Option:  failregex
 +# Notes.:  regex to match the password failures messages in the logfile. The
 +#          host must be matched by a group named "host". The tag "<HOST>" can
 +#          be used for standard IP/hostname matching and is only an alias for
 +#          (?:::f{4,6}:)?(?P<host>\S+)
 +# Values:  TEXT
 +#
 +failregex = ^%(__prefix_line)s(?:error: PAM: )?[A|a]uthentication (?:failure|error) for .* from <HOST>\s*$
 +            ^%(__prefix_line)sDid not receive identification string from <HOST>$
 +            ^%(__prefix_line)sFailed [-/\w]+ for .* from <HOST>(?: port \d*)?(?: ssh\d*)?$
 +            ^%(__prefix_line)sROOT LOGIN REFUSED.* FROM <HOST>\s*$
 +            ^%(__prefix_line)s[iI](?:llegal|nvalid) user .* from <HOST>\s*$
++            ^%(__prefix_line)s[iI](?:llegal|nvalid) user .* from <HOST> port \d*$
 +            ^%(__prefix_line)sUser \S+ from <HOST> not allowed because not listed in AllowUsers$
 +            ^%(__prefix_line)sauthentication failure; logname=\S* uid=\S* euid=\S* tty=\S* ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$
 +            ^%(__prefix_line)srefused connect from \S+ \(<HOST>\)\s*$
 +            ^%(__prefix_line)sreverse mapping checking getaddrinfo for .* \[<HOST>\] .* POSSIBLE BREAK-IN ATTEMPT!$
 +
 +# Option:  ignoreregex
 +# Notes.:  regex to ignore. If this regex matches, the line is ignored.
 +# Values:  TEXT
 +#
 +ignoreregex =