fail2ban: initial package of fail2ban version 0.11.2
authorKerma Gérald <gandalf@gk2.net>
Thu, 11 Mar 2021 13:15:40 +0000 (14:15 +0100)
committerRosen Penev <rosenp@gmail.com>
Wed, 1 Sep 2021 21:08:17 +0000 (14:08 -0700)
python3-pyinotify: initial package version 0.9.6 of pyinotify for python3

Signed-off-by: Kerma Gérald <gandalf@gk2.net>
lang/python/python3-pyinotify/Makefile [new file with mode: 0644]
net/fail2ban/Makefile [new file with mode: 0644]
net/fail2ban/files/db.conf [new file with mode: 0644]
net/fail2ban/files/fail2ban.config [new file with mode: 0644]
net/fail2ban/files/fail2ban.defaults [new file with mode: 0644]
net/fail2ban/files/fail2ban.init [new file with mode: 0755]
net/fail2ban/files/firewall.fail2ban [new file with mode: 0644]
net/fail2ban/files/uci.conf [new file with mode: 0644]

diff --git a/lang/python/python3-pyinotify/Makefile b/lang/python/python3-pyinotify/Makefile
new file mode 100644 (file)
index 0000000..ea64bd7
--- /dev/null
@@ -0,0 +1,40 @@
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python3-pyinotify
+PKG_VERSION:=0.9.6
+PKG_RELEASE:=1
+
+PYPI_NAME:=pyinotify
+PKG_HASH:=9c998a5d7606ca835065cdabc013ae6c66eb9ea76a00a1e3bc6e0cfe2b4f71f4
+
+PKG_MAINTAINER:=Gerald Kerma <gandalf@gk2.net>
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=COPYING
+
+include ../pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include ../python3-package.mk
+
+define Package/python3-pyinotify
+  SUBMENU:=Python
+  SECTION:=lang
+  CATEGORY:=Languages
+  TITLE:=Linux filesystem events monitoring
+  URL:=https://github.com/seb-m/pyinotify
+  DEPENDS:= +python3-light \
+  +python3-ctypes \
+  +python3-logging
+endef
+
+define Package/python3-pyinotify/description
+  Pyinotify is a Python module for monitoring filesystems changes.
+endef
+
+$(eval $(call Py3Package,python3-pyinotify))
+$(eval $(call BuildPackage,python3-pyinotify))
+$(eval $(call BuildPackage,python3-pyinotify-src))
diff --git a/net/fail2ban/Makefile b/net/fail2ban/Makefile
new file mode 100644 (file)
index 0000000..19f8768
--- /dev/null
@@ -0,0 +1,76 @@
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=fail2ban
+PKG_VERSION:=0.11.2
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/fail2ban/fail2ban/tar.gz/$(PKG_VERSION)?
+PKG_HASH:=383108e5f8644cefb288537950923b7520f642e7e114efb843f6e7ea9268b1e0
+
+PKG_MAINTAINER:=Gerald Kerma <gandalf@gk2.net>
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING
+
+include $(INCLUDE_DIR)/package.mk
+include ../../lang/python/python3-package.mk
+
+define Package/fail2ban
+  SECTION:=net
+  CATEGORY:=Network
+  TITLE:=ban hosts that cause multiple authentication errors
+  URL:=https://www.fail2ban.org/
+  DEPENDS:= \
+  +iptables \
+  +python3-light \
+  +python3-ctypes \
+  +python3-distutils \
+  +python3-email \
+  +python3-logging \
+  +python3-sqlite3 \
+  +python3-urllib \
+  +python3-pkg-resources
+endef
+
+define Package/fail2ban/description
+  Fail2Ban scans log files like /var/log/auth.log and bans IP addresses conducting too many failed login attempts.
+endef
+
+define Package/fail2ban/conffiles
+/etc/fail2ban/
+/etc/config/fail2ban
+endef
+
+define Py3Package/fail2ban/install
+       $(INSTALL_DIR) $(1)/usr/bin
+       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/fail2ban-server $(1)/usr/bin/
+       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/fail2ban-client $(1)/usr/bin/
+       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/fail2ban-regex $(1)/usr/bin/
+       $(LN) /usr/bin/python3 $(1)/usr/bin/fail2ban-python
+
+       $(INSTALL_DIR) $(1)/etc/config
+       $(INSTALL_CONF) ./files/fail2ban.config $(1)/etc/config/fail2ban
+       $(INSTALL_BIN) ./files/firewall.fail2ban $(1)/etc/firewall.fail2ban
+
+       $(INSTALL_DIR) $(1)/etc/init.d
+       $(INSTALL_BIN) ./files/fail2ban.init $(1)/etc/init.d/fail2ban
+
+       $(INSTALL_DIR) $(1)/etc/fail2ban/
+       $(CP) $(PKG_BUILD_DIR)/config/* $(1)/etc/fail2ban/
+
+       $(INSTALL_DIR) $(1)/etc/fail2ban/fail2ban.d
+       $(INSTALL_DATA) ./files/db.conf $(1)/etc/fail2ban/fail2ban.d/db.conf
+       $(INSTALL_DATA) ./files/uci.conf $(1)/etc/fail2ban/fail2ban.d/uci.conf
+
+       $(INSTALL_DIR) $(1)/etc/uci-defaults
+       $(INSTALL_BIN) ./files/fail2ban.defaults $(1)/etc/uci-defaults/99_fail2ban
+endef
+
+$(eval $(call Py3Package,fail2ban))
+$(eval $(call BuildPackage,fail2ban))
+$(eval $(call BuildPackage,fail2ban-src))
diff --git a/net/fail2ban/files/db.conf b/net/fail2ban/files/db.conf
new file mode 100644 (file)
index 0000000..2a2c64c
--- /dev/null
@@ -0,0 +1,2 @@
+[DEFAULT]
+dbpurgeage = 10d
diff --git a/net/fail2ban/files/fail2ban.config b/net/fail2ban/files/fail2ban.config
new file mode 100644 (file)
index 0000000..f6a773c
--- /dev/null
@@ -0,0 +1,2 @@
+config fail2ban 'fail2ban'
+       option dbfile '/var/lib/fail2ban/fail2ban.sqlite3'
diff --git a/net/fail2ban/files/fail2ban.defaults b/net/fail2ban/files/fail2ban.defaults
new file mode 100644 (file)
index 0000000..f2c094d
--- /dev/null
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+# unfortunately, UCI doesn't provide a nice way to add an anonymous section only if it doesn't already exist
+if ! uci show firewall | grep -q firewall.fail2ban; then
+  name="$(uci add firewall include)"
+  uci set "firewall.${name}.path=/etc/firewall.fail2ban"
+  uci set "firewall.${name}.enabled=1"
+  uci set "firewall.${name}.reload=1"
+  echo -e "Adding the following UCI config:\n $(uci changes)"
+  uci commit
+fi
+
+exit 0
diff --git a/net/fail2ban/files/fail2ban.init b/net/fail2ban/files/fail2ban.init
new file mode 100755 (executable)
index 0000000..ad82026
--- /dev/null
@@ -0,0 +1,57 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2020 Martin Pecka, 3-clause BSD license (see LICENSE file)
+
+START=95
+
+USE_PROCD=1
+
+RUNDIR=/var/run/fail2ban
+CONFDIR=/etc/fail2ban
+RUNCONFDIR=/var/etc/fail2ban
+RUNCONF="${RUNCONFDIR}/fail2ban.conf"
+
+service_triggers() {
+       procd_add_reload_trigger fail2ban
+}
+
+init_config() {
+       mkdir -m 0755 -p "${RUNCONFDIR}"
+
+       rm -f "${RUNCONF}"
+
+       config_load fail2ban
+       config_get dbfile fail2ban dbfile /var/lib/fail2ban/fail2ban.sqlite3
+
+       echo "[Definition]" > "${RUNCONF}"
+       echo -n "dbfile = " >> "${RUNCONF}"
+       echo $dbfile >> "${RUNCONF}"
+}
+
+start_service() {
+       init_config
+
+       mkdir -m 0755 -p "${RUNDIR}"
+
+       procd_open_instance
+
+       procd_set_param file ${CONFDIR}/action.d/*.conf
+       procd_set_param file ${CONFDIR}/action.d/*.local
+       procd_set_param file ${CONFDIR}/filter.d/*.conf
+       procd_set_param file ${CONFDIR}/filter.d/*.local
+       procd_set_param file ${CONFDIR}/jail.d/*.conf
+       procd_set_param file ${CONFDIR}/jail.d/*.local
+       procd_set_param file ${CONFDIR}/fail2ban.d/*.conf
+       procd_set_param file ${CONFDIR}/fail2ban.d/*.local
+       procd_set_param file ${CONFDIR}/*.conf
+       procd_set_param file ${CONFDIR}/*.local
+
+       procd_set_param command /usr/bin/fail2ban-server -xf -p "${RUNDIR}/fail2ban.pid" -s "${RUNDIR}/fail2ban.sock" start
+       procd_set_param respawn ${respawn_threshold:-3600} ${respawn_timeout:-5} ${respawn_retry:-5}
+       procd_close_instance
+}
+
+reload_service()
+{
+       stop
+       start
+}
diff --git a/net/fail2ban/files/firewall.fail2ban b/net/fail2ban/files/firewall.fail2ban
new file mode 100644 (file)
index 0000000..99507da
--- /dev/null
@@ -0,0 +1,3 @@
+#!/bin/sh
+/etc/init.d/fail2ban restart
+exit 0
diff --git a/net/fail2ban/files/uci.conf b/net/fail2ban/files/uci.conf
new file mode 100644 (file)
index 0000000..ddf2034
--- /dev/null
@@ -0,0 +1,2 @@
+[INCLUDES]
+after = /var/etc/fail2ban/fail2ban.conf