svn commit: r386613 - in head/security/sshguard: . files

Mark Felder feld at FreeBSD.org
Sun May 17 13:47:42 UTC 2015 

Author: feld
Date: Sun May 17 13:47:41 2015
New Revision: 386613
URL: https://svnweb.freebsd.org/changeset/ports/386613

Log:
  Add patch to support syslog in verbose mode
  
  This was previously a patch in the FreeBSD ports tree and was sent
  upstream but did not make it into 1.6.0
  
  Submitted by:	gregp at n0qds.org

Added:
  head/security/sshguard/files/patch-src-parser-attack_scanner.l   (contents, props changed)
Modified:
  head/security/sshguard/Makefile

Modified: head/security/sshguard/Makefile
==============================================================================
--- head/security/sshguard/Makefile	Sun May 17 13:15:02 2015	(r386612)
+++ head/security/sshguard/Makefile	Sun May 17 13:47:41 2015	(r386613)
@@ -3,7 +3,7 @@
 
 PORTNAME=	sshguard
 PORTVERSION=	1.6.0
-PORTREVISION=	0
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	SF/sshguard/sshguard/${PORTVERSION}
 

Added: head/security/sshguard/files/patch-src-parser-attack_scanner.l
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/sshguard/files/patch-src-parser-attack_scanner.l	Sun May 17 13:47:41 2015	(r386613)
@@ -0,0 +1,27 @@
+--- src/parser/attack_scanner.l.orig	2015-05-16 19:49:47.000000000 -0500
++++ src/parser/attack_scanner.l	2015-05-16 19:57:07.000000000 -0500
+@@ -74,6 +74,7 @@
+ IPV4MAPPED6 ((:(:0{1,4}){0,4}|0{1,4}:(:0{1,4}){1,3}|(0{1,4}:){2}(0{1,4}:0{0,4}:0{1,4}|(:0{1,4}){1,2})|(0{1,4}:){1,4}):[fF]{4}:(((2[0-4]|1[0-9]|[1-9])?[0-9]|25[0-5])\.){3}((2[0-4]|1[0-9]|[1-9])?[0-9]|25[0-5]))
+ 
+ HOSTADDR    localhost|([-a-zA-Z0-9]+\.)+[a-zA-Z]+|{IPV4}|{IPV6}|{IPV4MAPPED6}
++FACLEVEL    (<[a-zA-Z0-9]+\.[a-zA-Z0-9]+>)
+ 
+ %%
+ 
+@@ -87,13 +88,14 @@
+   */
+ 
+  /* handle entries with PID and without PID from processes other than sshguard */
+-({TIMESTAMP_SYSLOG}|{TIMESTAMP_ISO8601})[ ]+([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+{PROCESSNAME}("/"{PROCESSNAME})?"["{NUMBER}"]: "{SOLARIS_MSGID_TAG}? {
++({TIMESTAMP_SYSLOG}|{TIMESTAMP_ISO8601})[ ]+{FACLEVEL}?[ ]*([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+{PROCESSNAME}("/"{PROCESSNAME})?"["{NUMBER}"]: "{SOLARIS_MSGID_TAG}? {
+         /* extract PID */
+         yylval.num = getsyslogpid(yytext, yyleng);
+         return SYSLOG_BANNER_PID;
+         }
+ 
+-({TIMESTAMP_SYSLOG}|{TIMESTAMP_ISO8601})[ ]+([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+({PROCESSNAME}("/"{PROCESSNAME})?":")?   { return SYSLOG_BANNER; }
++({TIMESTAMP_SYSLOG}|{TIMESTAMP_ISO8601})[ ]+{FACLEVEL}?[ ]*([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+({PROCESSNAME}("/"{PROCESSNAME})?":")?   { return SYSLOG_BANNER; }
++
+ 
+  /* syslog style  "last message repeated N times" */
+ "last message repeated "([1-9][0-9]*)" times"                   {

More information about the svn-ports-all mailing list