- Update regexps for newer sh versions
PR: 139545 (partially) Submitted by: Dmitry Morozovsky <marck@freebsd.org>
This commit is contained in:
parent
8ed6a58394
commit
fb192eb588
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=243046
@ -7,7 +7,7 @@
|
||||
|
||||
PORTNAME= bruteblock
|
||||
PORTVERSION= 0.0.5
|
||||
PORTREVISION= 1
|
||||
PORTREVISION= 2
|
||||
CATEGORIES= security
|
||||
MASTER_SITES= http://samm.kiev.ua/bruteblock/ \
|
||||
http://mirror.amdmi3.ru/distfiles/
|
||||
|
22
security/bruteblock/files/patch-etc_ssh.conf
Normal file
22
security/bruteblock/files/patch-etc_ssh.conf
Normal file
@ -0,0 +1,22 @@
|
||||
--- etc/ssh.conf.orig 2006-08-20 10:22:37.000000000 +0400
|
||||
+++ etc/ssh.conf 2009-10-14 03:46:53.000000000 +0400
|
||||
@@ -14,8 +14,17 @@
|
||||
# comment: correct user, but wrong password
|
||||
#sshd[72626]: Failed password for samm from 1.2.3.4
|
||||
#
|
||||
-regexp = sshd.*Illegal user \S+ from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
|
||||
-regexp1 = sshd.*Failed password for (?:illegal user )?\S+ from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
|
||||
+# comment: other messages
|
||||
+#sshd[41945]: error: PAM: authentication error for alice from 192.168.0.1
|
||||
+#sshd[41945]: error: PAM: authentication error for illegal user root from 192.168.0.1
|
||||
+#sshd[41945]: Failed keyboard-interactive/pam for invalid user root from 192.168.0.1 port 64507 ssh2
|
||||
+#sshd[16666]: Failed unknown for illegal user asdfasdfasd from 192.168.0.1 port 52652 ssh2
|
||||
+#sshd[16666]: Did not receive identification string from 192.168.0.1
|
||||
+#
|
||||
+regexp = sshd.*(?:Illegal|Invalid) user \S+ from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
|
||||
+regexp1 = sshd.*Failed \S+ for (?:(?:illegal|invalid) user )?\S+ from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
|
||||
+regexp2 = sshd.*error: PAM: authentication error for (?:(?:illegal|invalid) user )\S+ from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
|
||||
+regexp3 = sshd.*Did not receive identification string from (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
|
||||
|
||||
# Number of failed login attempts within time before we block
|
||||
max_count = 4
|
Loading…
Reference in New Issue
Block a user