From nobody Thu Oct 19 07:08:28 2023 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4S9zMd1Fc7z4y4RS; Thu, 19 Oct 2023 07:08:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4S9zMd0jFhz3FQY; Thu, 19 Oct 2023 07:08:29 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1697699309; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CZR9aHcZW3NEMsOpGdq8EyAeoh5bDtO1sfSD5UxuwK4=; b=b2G86saBTO/a7+0oci8nbvnHkou4DPfXWXJzf/KpJMyqT/1/eQ4AGJKctm1RVv9ye7J+c9 Pa4h4pyxbzJv/MqwsxHHel8sjYk6IZUSNCXgkW/7mvRgC/t6WLrJLk7hL7V0BgiLqIS93n IFL2CkoHwwRC/TUPQQtjJYvScYMklYTO7erh/4rg8iALODPC3/mBevWvaFvmArmGfRGJpj oR/5sIn74qJFGwVrqKu9qXU3flIJUdB2LDRpZhi7jwSXkC/7hJDOaTvpRMnfNX9kyW7dYb ztlteJkhYnLk7Samp+QowpITkiO1aPAh+VgJmEV1hC3PmlmaToNGG8oYPPfT6A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1697699309; a=rsa-sha256; cv=none; b=Sb6kR88byrr2glV76XUL+fEe8mO9iu2xA6QAt/sVeNv5DwMd/LWHwEPCihnYPVQsiTVjTo bttybLrwoD0AVERXSgWYW6KZBJ5Fi2Eidrz60N36tUPK9BJMxHQRZX4tfbAouzORAo6vQI E/KVipKKf4Fipw9ktQSXofjOu/9C1r/qrR7CMiKS2qz96d1qtZj759P/yO6tsKoBYeiVfa oBgqgKUzAe7y+QHcwsC8OsW4+OZES/Pb+mvBKuBdQsRpqroAicDFtlEz/0UJ6fWYkKR2qD 4MNuBDGVBARwRNzp+hhOS5bWfJKcK8YDEJ0CmUmb3S/HDABXYgTdLNrceij4+g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1697699309; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CZR9aHcZW3NEMsOpGdq8EyAeoh5bDtO1sfSD5UxuwK4=; b=mC3E8WoXl8nsr1fbBaqdPHMsm64/Y4ZoB/Au5yFYwZz9M1hXetW2Y3YtJoSOUMYxzt3+H9 NXPb8WKcCejvLwgbm9D7jyj+aox0KwW70HGhMVIwR/iKZiq7wLKVHoHP8M0P7Q8GOWhb+P e3zU4M7yGG3gNS1oa6VEGy/bWiy5vWZe58rz2LQHFgcIgdsi4gRpru+ZGs1nPJVGvZ1bw6 GgnUFtw6Ay5h7OIW1LmMTozl0k+EHLRh/G5uHDELp3iTdL2n2UA6wYX3/PJ2wNlCeWYCja 21AQFjvUtF9YSbeftrgaMdBMVhbkutXO8NaLYAqX3iYEmKq0wgVTEjC8R1sMmQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4S9zMc6mN2zg11; Thu, 19 Oct 2023 07:08:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 39J78SQI045811; Thu, 19 Oct 2023 07:08:28 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 39J78Sc5045808; Thu, 19 Oct 2023 07:08:28 GMT (envelope-from git) Date: Thu, 19 Oct 2023 07:08:28 GMT Message-Id: <202310190708.39J78Sc5045808@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Robert Clausecker Subject: git: e7efe5be3fb2 - main - security/crowdsec-firewall-bouncer: include configuration patch List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: fuz X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: e7efe5be3fb2d0b3c3bf4738b82f5963e00bc94d Auto-Submitted: auto-generated The branch main has been updated by fuz: URL: https://cgit.FreeBSD.org/ports/commit/?id=e7efe5be3fb2d0b3c3bf4738b82f5963e00bc94d commit e7efe5be3fb2d0b3c3bf4738b82f5963e00bc94d Author: Marco Mariani AuthorDate: 2023-10-17 07:05:20 +0000 Commit: Robert Clausecker CommitDate: 2023-10-19 07:07:30 +0000 security/crowdsec-firewall-bouncer: include configuration patch The update to 0.0.28 from PR 274213 did not include a file that sets backend mode in new installations. If the backend is not set, the application does not start. This version includes the missing patch file, and also sets the $BACKEND environment variable as a fallback. The application will substitute it at runtime if required. PR: 274213, 274529 Fixes: 714e7fb44f516d31f08b657b2eb9a66ae1fbf9c7 --- security/crowdsec-firewall-bouncer/Makefile | 1 + security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in | 2 ++ .../files/patch-config_crowdsec-firewall-bouncer.yaml | 9 +++++++++ 3 files changed, 12 insertions(+) diff --git a/security/crowdsec-firewall-bouncer/Makefile b/security/crowdsec-firewall-bouncer/Makefile index f4488f4953aa..2fe61b09bca2 100644 --- a/security/crowdsec-firewall-bouncer/Makefile +++ b/security/crowdsec-firewall-bouncer/Makefile @@ -1,4 +1,5 @@ PORTNAME= crowdsec-firewall-bouncer +PORTREVISION= 1 DISTVERSIONPREFIX= v DISTVERSION= 0.0.28 CATEGORIES= security diff --git a/security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in b/security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in index dd2e10d6f918..78fed46c27f2 100644 --- a/security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in +++ b/security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in @@ -83,6 +83,8 @@ crowdsec_firewall_stop() } crowdsec_firewall_start() { + # ensure we have a backend if the config file was not patched + export BACKEND=pf /usr/sbin/daemon -f -p "$pidfile" -t "$desc" -- \ "$command" -c "$crowdsec_firewall_config" ${crowdsec_firewall_flags} } diff --git a/security/crowdsec-firewall-bouncer/files/patch-config_crowdsec-firewall-bouncer.yaml b/security/crowdsec-firewall-bouncer/files/patch-config_crowdsec-firewall-bouncer.yaml new file mode 100644 index 000000000000..f09f44420eaa --- /dev/null +++ b/security/crowdsec-firewall-bouncer/files/patch-config_crowdsec-firewall-bouncer.yaml @@ -0,0 +1,9 @@ +--- config/crowdsec-firewall-bouncer.yaml.orig 2023-07-31 19:34:51 UTC ++++ config/crowdsec-firewall-bouncer.yaml +@@ -1,4 +1,5 @@ +-mode: ${BACKEND} ++mode: pf ++retry_initial_connect: true + update_frequency: 10s + log_mode: file + log_dir: /var/log/