svn commit: r386613 - in head/security/sshguard: . files
Mark Felder
feld at FreeBSD.org
Sun May 17 13:47:42 UTC 2015
Author: feld
Date: Sun May 17 13:47:41 2015
New Revision: 386613
URL: https://svnweb.freebsd.org/changeset/ports/386613
Log:
Add patch to support syslog in verbose mode
This was previously a patch in the FreeBSD ports tree and was sent
upstream but did not make it into 1.6.0
Submitted by: gregp at n0qds.org
Added:
head/security/sshguard/files/patch-src-parser-attack_scanner.l (contents, props changed)
Modified:
head/security/sshguard/Makefile
Modified: head/security/sshguard/Makefile
==============================================================================
--- head/security/sshguard/Makefile Sun May 17 13:15:02 2015 (r386612)
+++ head/security/sshguard/Makefile Sun May 17 13:47:41 2015 (r386613)
@@ -3,7 +3,7 @@
PORTNAME= sshguard
PORTVERSION= 1.6.0
-PORTREVISION= 0
+PORTREVISION= 1
CATEGORIES= security
MASTER_SITES= SF/sshguard/sshguard/${PORTVERSION}
Added: head/security/sshguard/files/patch-src-parser-attack_scanner.l
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/sshguard/files/patch-src-parser-attack_scanner.l Sun May 17 13:47:41 2015 (r386613)
@@ -0,0 +1,27 @@
+--- src/parser/attack_scanner.l.orig 2015-05-16 19:49:47.000000000 -0500
++++ src/parser/attack_scanner.l 2015-05-16 19:57:07.000000000 -0500
+@@ -74,6 +74,7 @@
+ IPV4MAPPED6 ((:(:0{1,4}){0,4}|0{1,4}:(:0{1,4}){1,3}|(0{1,4}:){2}(0{1,4}:0{0,4}:0{1,4}|(:0{1,4}){1,2})|(0{1,4}:){1,4}):[fF]{4}:(((2[0-4]|1[0-9]|[1-9])?[0-9]|25[0-5])\.){3}((2[0-4]|1[0-9]|[1-9])?[0-9]|25[0-5]))
+
+ HOSTADDR localhost|([-a-zA-Z0-9]+\.)+[a-zA-Z]+|{IPV4}|{IPV6}|{IPV4MAPPED6}
++FACLEVEL (<[a-zA-Z0-9]+\.[a-zA-Z0-9]+>)
+
+ %%
+
+@@ -87,13 +88,14 @@
+ */
+
+ /* handle entries with PID and without PID from processes other than sshguard */
+-({TIMESTAMP_SYSLOG}|{TIMESTAMP_ISO8601})[ ]+([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+{PROCESSNAME}("/"{PROCESSNAME})?"["{NUMBER}"]: "{SOLARIS_MSGID_TAG}? {
++({TIMESTAMP_SYSLOG}|{TIMESTAMP_ISO8601})[ ]+{FACLEVEL}?[ ]*([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+{PROCESSNAME}("/"{PROCESSNAME})?"["{NUMBER}"]: "{SOLARIS_MSGID_TAG}? {
+ /* extract PID */
+ yylval.num = getsyslogpid(yytext, yyleng);
+ return SYSLOG_BANNER_PID;
+ }
+
+-({TIMESTAMP_SYSLOG}|{TIMESTAMP_ISO8601})[ ]+([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+({PROCESSNAME}("/"{PROCESSNAME})?":")? { return SYSLOG_BANNER; }
++({TIMESTAMP_SYSLOG}|{TIMESTAMP_ISO8601})[ ]+{FACLEVEL}?[ ]*([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+({PROCESSNAME}("/"{PROCESSNAME})?":")? { return SYSLOG_BANNER; }
++
+
+ /* syslog style "last message repeated N times" */
+ "last message repeated "([1-9][0-9]*)" times" {
More information about the svn-ports-all
mailing list