From 569e598d38adb1918d127ee31af1cd332b072dcf Mon Sep 17 00:00:00 2001
From: Deposite Pirate
Date: Sun, 16 Sep 2018 23:29:24 +0200
Subject: Initial commit.

---
 sshguard/sshguard-journalctl |   4 ++
 sshguard/sshguard.service    |  12 +++++
 sshguard/sshguard.spec       | 116 +++++++++++++++++++++++++++++++++++++++++++
 sshguard/sysconfig.sshguard  |   9 ++++
 4 files changed, 141 insertions(+)
 create mode 100644 sshguard/sshguard-journalctl
 create mode 100644 sshguard/sshguard.service
 create mode 100644 sshguard/sshguard.spec
 create mode 100644 sshguard/sysconfig.sshguard

(limited to 'sshguard')

diff --git a/sshguard/sshguard-journalctl b/sshguard/sshguard-journalctl
new file mode 100644
index 0000000..8a800ff
--- /dev/null
+++ b/sshguard/sshguard-journalctl
@@ -0,0 +1,4 @@
+#!/bin/sh
+SSHGUARD_OPTS=$1
+shift
+LANG=C /usr/bin/journalctl -afb -p info -n1 -o cat "$@" | /usr/bin/sshguard -l- $SSHGUARD_OPTS
diff --git a/sshguard/sshguard.service b/sshguard/sshguard.service
new file mode 100644
index 0000000..370f085
--- /dev/null
+++ b/sshguard/sshguard.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Protect hosts from brute force attacks against ssh
+After=syslog.target network.target auditd.service
+ConditionPathExists=/etc/sysconfig/sshguard
+
+[Service]
+PIDFile=/var/run/sshguard.pid
+Exec=/usr/libexec/sshguard.init start @
+StandardOutput=syslog
+
+[Install]
+WantedBy=multi-user.target
diff --git a/sshguard/sshguard.spec b/sshguard/sshguard.spec
new file mode 100644
index 0000000..bf9b1e2
--- /dev/null
+++ b/sshguard/sshguard.spec
@@ -0,0 +1,116 @@
+Name:             sshguard
+Version:          1.5
+Release:          6%{?dist}
+# The entire source code is BSD 
+# except src/parser/* witch is GPLv2+ 
+# except src/hash_32a.c witch is Public Domain
+License:          BSD and GPLv2+ and Public Domain
+Group:            Applications/Internet
+Summary:          Network daemon log monitor
+Url:              http://sshguard.sourceforge.net
+Packager:         Christoph J. Thompson <cjsthompson@gmail.com>
+BuildRoot:        %{_tmppath}/%{name}-%{version}-%{release}
+Source0:          http://downloads.sourceforge.net/sshguard/%{name}-%{version}.tar.bz2
+Source1:          sshguard.service
+Source2:          sysconfig.sshguard
+Requires:         iptables
+Requires(post):   systemd
+Requires(preun):  systemd
+Requires(postun): systemd
+
+%description
+Sshguard monitors network daemon logs. It detects attacks and blocks the
+attacker's address with a firewall rule. It supports many services out of
+the box, recognizes several log formats, and can operate many firewall
+systems.
+
+%prep
+%autosetup
+
+%build
+%configure --with-firewall=iptables
+%{__make} %{?_smp_mflags} RPM_OPT_FLAGS="$RPM_OPT_FLAGS"
+
+%install
+make install-strip DESTDIR=$RPM_BUILD_ROOT
+install -D -p -m 644 %{SOURCE2} $RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig/sshguard
+install -D -p -m 644 %{SOURCE1} $RPM_BUILD_ROOT/%{_unitdir}/sshguard.service
+
+%clean
+rm -rf %{buildroot}
+
+%post
+%systemd_post %{name}.service
+
+%preun
+%systemd_preun %{name}.service
+
+%postun
+%systemd_postun_with_restart %{name}.service
+
+%files
+%defattr(-,root,root,0755)
+%doc Changes README
+%config(noreplace) %{_sysconfdir}/sysconfig/sshguard
+%{_sbindir}/%{name}
+%{_mandir}/man8/%{name}.8*
+%{_unitdir}/sshguard.service
+
+%changelog
+* Sun Dec 21 2014 Christoph J. Thompson <cjsthompson@gmail.com> 1.5-6.fc21
+- Update the spec for fedora 21
+
+* Wed Oct 15 2014 Ryan Schlesinger ryan@aceofsales.com 1.5-5.amzn1
+- Removed Log Validation as using it with the Log Sucker is discouraged
+
+* Tue Aug 16 2012 Sebastien Caps sebastien.caps@guardis.com 1.5-4.fc16
+- Fix multi licensed files 
+
+* Tue Aug 16 2012 Sebastien Caps sebastien.caps@guardis.com 1.5-3.fc16
+- Added systemd script,
+- correct license.
+
+* Tue Aug 14 2012 Sebastien Caps sebastien.caps@guardis.com 1.5-2.fc16
+- Fix some spec issue.
+
+* Tue Aug 14 2012 Sebastien Caps sebastien.caps@guardis.com 1.5-1.fc16
+- Rebuilt for Red
+Hat based distro.
+
+* Wed Mar 02 2011 Tomasz Pawel Gajc <tpg@mandriva.org> 1.5-1mdv2011.0
++ Revision: 641382
+- update to new version 1.5
+
+* Sat Sep 26 2009 Tomasz Pawel Gajc <tpg@mandriva.org> 1.4-1mdv2010.0
++ Revision: 449478
+- update to new version 1.4
+
+* Sun Sep 20 2009 Thierry Vignaud <tv@mandriva.org> 1.3-2mdv2010.0
++ Revision: 445231
+- rebuild
+
+* Sun Oct 12 2008 Tomasz Pawel Gajc <tpg@mandriva.org> 1.3-1mdv2009.1
++ Revision: 293010
+- update to new version 1.3
+- update to new version 1.3
+- update to new version 1.2
+
+* Wed Jan 02 2008 Olivier Blin <oblin@mandriva.com> 1.1-0.beta3.1mdv2009.0
++ Revision: 140851
+- restore BuildRoot
+
++ Thierry Vignaud <tv@mandriva.org>
+- kill re-definition of %%buildroot on Pixel's request
+
+* Fri Oct 26 2007 Tomasz Pawel Gajc <tpg@mandriva.org> 1.1-0.beta3.1mdv2008.1
++ Revision: 102372
+- new version
+
+* Tue May 22 2007 Tomasz Pawel Gajc <tpg@mandriva.org> 1.0-0.beta2.2mdv2008.0
++ Revision: 29621
+- fix group
+
+* Tue May 22 2007 Tomasz Pawel Gajc <tpg@mandriva.org> 1.0-0.beta2.1mdv2008.0
++ Revision: 29613
+- Import sshguard
+
diff --git a/sshguard/sysconfig.sshguard b/sshguard/sysconfig.sshguard
new file mode 100644
index 0000000..bab19e2
--- /dev/null
+++ b/sshguard/sysconfig.sshguard
@@ -0,0 +1,9 @@
+# Block IP after how many attempt
+SAFETYTRESH=40
+#
+# Define your sshguard options separate by a space
+# Sample line to protect dovecot and ssh: 
+#OPTIONS="-l /var/log/secure -l /var/log/maillog"
+#
+# Here we listen default ssh log file.
+OPTIONS="-l /var/log/secure"
-- 
cgit v1.2.3-70-g09d2