|
|
| @@ -0,0 +1,30 @@
+--- blocksshd-1.1/blocksshd.conf.orig 2008-01-21 16:58:44.000000000 +0100
++++ blocksshd-1.1/blocksshd.conf 2008-01-21 16:59:18.000000000 +0100
+@@ -3,22 +3,22 @@
+ $cfg = {
+ os => 'linux', # Target OS - either linux or bsd
+ chain => 'blocksshd', # Name of iptables or pf chain
+- logfile => '/var/log/secure', # Log file to monitor
++ logfile => '/var/log/messages', # Log file to monitor
+ logcheck => '10', # How often to check the log file
+ max_attempts => '4', # Max number of failures
+ timeout => '360', # Reset IP count if no activity after time out in seconds
+ unblock => '1', # Enable unblocking
+ unblock_timeout => '43200', # Time in seconds after which to unblock a blocked IP address
+ restore_blocked => '0', # Turn on checking for previously blocked IPs
+- log_ips => '/usr/local/etc/blocksshd.list', # Log file for blocked IPs
++ log_ips => '/var/log/blocksshd.list', # Log file for blocked IPs
+ pid_file => '/var/run/blocksshd.pid', # Location of PID file
+ send_email => '1', # Enable the sending of email notifications
+ email => 'root', # Email address to send notifications
+- mail => '/bin/mail', # Location of mail binary
++ mail => '/usr/bin/mail', # Location of mail binary
+ email_whois_lookup => '1', # enable whois lookup of the blocked ip addres in the sent email
+ whois => '/usr/bin/whois', # location of the whois binary
+- sed => '/bin/sed', # location of the sed binary
+- iptables => '/sbin/iptables', # Location of iptables binary - only for Linux
++ sed => '/usr/bin/sed', # location of the sed binary
++ iptables => '/usr/sbin/iptables', # Location of iptables binary - only for Linux
+ pfctl => '/sbin/pfctl', # Location of pfctl binary - only for BSD
+ whitelist => [qw{
+ 127.0.0.1/32
|
| @@ -0,0 +1,71 @@
+#!/bin/bash
+# Copyright (c) 1995-2002 SUSE Linux AG, Nuernberg, Germany.
+# All rights reserved.
+#
+# Author: Stanislav Brabec, feedback to http://www.suse.de/feedback
+#
+### BEGIN INIT INFO
+# Provides: blocksshd
+# Required-Start: $network
+# Should-Start: $network
+# Required-Stop:
+# Should-Stop: $network
+# Default-Start: 3 5
+# Default-Stop:
+# Short-Description: blocksshd
+# Description: BlockSSHD is a Perl script based on BruteForceBlocker v1.2.3 that dynamically adds IPTables rules for Linux and pf firewall rules for BSD that block SSH brute force attacks.
+### END INIT INFO
+
+BLOCKSSHD_BIN=/usr/bin/blocksshd
+test -x $BLOCKSSHD_BIN || { echo "$BLOCKSSHD_BIN not installed";
+ if [ "$1" = "stop" ]; then exit 0; else exit 5; fi; }
+
+# Read config
+. $BLOCKSSHD_CONFIG
+
+. /etc/rc.status
+rc_reset
+
+case "$1" in
+ start)
+ echo -n "Starting blocksshd daemon"
+ startproc $BLOCKSSHD_BIN --start
+ rc_status -v
+ ;;
+ stop)
+ echo -n "Shutting down blocksshd daemon"
+ $BLOCKSSHD_BIN --stop
+ rc_status -v
+ ;;
+ try-restart)
+ $0 status >/dev/null && $0 restart
+ rc_status
+ ;;
+ restart)
+ $0 stop
+ $0 start
+ rc_status
+ ;;
+ force-reload)
+ echo -n "Reload service blocksshd"
+ checkproc $BLOCKSSHD_BIN
+ rc_status -v
+ ;;
+ reload)
+ rc_status -v
+ ;;
+ status)
+ echo -n "Checking for blocksshd: "
+ checkproc $BLOCKSSHD_BIN
+ rc_status -v
+ ;;
+ probe)
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|status|try-restart|\
+restart|force-reload|reload|probe}"
+ exit 1
+ ;;
+esac
+rc_exit
+
|
