sshguard port; OK sthen@

security/sshguard/Makefile

@@ -0,0 +1,25 @@
+# $OpenBSD: Makefile,v 1.1.1.1 2010/09/07 12:23:43 millert Exp $
+
+COMMENT=	protect against brute force attacks on sshd and others
+
+DISTNAME=	sshguard-1.5rc4
+CATEGORIES=	security
+
+# BSD
+PERMIT_PACKAGE_CDROM=	Yes
+PERMIT_PACKAGE_FTP=	Yes
+PERMIT_DISTFILES_CDROM=	Yes
+PERMIT_DISTFILES_FTP=	Yes
+
+WANTLIB+=	c pthread
+
+HOMEPAGE=	http://www.sshguard.net/
+MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=sshguard/}
+EXTRACT_SUFX=	.tar.bz2
+
+CONFIGURE_STYLE=gnu
+CONFIGURE_ARGS=	--with-firewall=pf
+
+NO_REGRESS=	Yes
+
+.include <bsd.port.mk>

security/sshguard/distinfo

@@ -0,0 +1,5 @@
+MD5 (sshguard-1.5rc4.tar.bz2) = sl2kawJUh5YJ+qmEGhReug==
+RMD160 (sshguard-1.5rc4.tar.bz2) = 0aHYO8dZEDWQywBzPC0z6S9siIM=
+SHA1 (sshguard-1.5rc4.tar.bz2) = AFhTvNIEVmqr4zwXkybjFF+NQsA=
+SHA256 (sshguard-1.5rc4.tar.bz2) = opAocT5cc54BYa91AXq11GvX2kkFaw7aiTwP/tP9bTU=
+SIZE (sshguard-1.5rc4.tar.bz2) = 296447

security/sshguard/patches/patch-src_sshguard_logsuck_c

@@ -0,0 +1,12 @@
+$OpenBSD: patch-src_sshguard_logsuck_c,v 1.1.1.1 2010/09/07 12:23:43 millert Exp $
+--- src/sshguard_logsuck.c.orig	Mon Aug  9 02:44:15 2010
++++ src/sshguard_logsuck.c	Mon Aug 30 13:06:02 2010
+@@ -242,7 +242,7 @@ int logsuck_getline(char *restrict buf, size_t buflen,
+         if (ret > 0) {
+             if (kevs[0].filter == EVFILT_READ) {
+                 /* got data on this one. Read from it */
+-                sshguard_log(LOG_DEBUG, "Searching for fd %lu in list.", kevs[0].ident);
++                sshguard_log(LOG_DEBUG, "Searching for fd %u in list.", kevs[0].ident);
+                 readentry = list_seek(& sources_list, & kevs[0].ident);
+                 assert(readentry != NULL);
+                 assert(readentry->active);

security/sshguard/patches/patch-src_sshguard_procauth_c

@@ -0,0 +1,12 @@
+$OpenBSD: patch-src_sshguard_procauth_c,v 1.1.1.1 2010/09/07 12:23:43 millert Exp $
+--- src/sshguard_procauth.c.orig	Mon Aug  9 02:44:15 2010
++++ src/sshguard_procauth.c	Mon Aug 30 13:05:40 2010
+@@ -192,7 +192,7 @@ static int procauth_ischildof(pid_t child, pid_t paren
+         dup2(ps2me[1], 1);
+ 
+         sshguard_log(LOG_DEBUG, "Running 'ps axo pid,ppid'.");
+-        execlp("ps", "ps", "axo", "pid,ppid", NULL);
++        execlp("ps", "ps", "axo", "pid,ppid", (char *)0);
+ 
+         sshguard_log(LOG_ERR, "Unable to run 'ps axo pid,ppid': %s.", strerror(errno));
+         exit(-1);

security/sshguard/pkg/DESCR

@@ -0,0 +1,4 @@
+sshguard protects hosts from brute force attacks. It supports IPv6,
+whitelists and log authentication, interfaces with all the major
+firewalling systems, has a remarkably clever log analyzer, and is
+independent, fast and lightweight as it's written in C.

security/sshguard/pkg/MESSAGE

@@ -0,0 +1,9 @@
+To use sshguard you must add the following to /etc/pf.conf:
+
+table <sshguard> persist
+
+block in quick on egress proto tcp from <sshguard> \
+	to any port ssh label "ssh bruteforce"
+
+When running sshguard, pass it the path to authlog, e.g.
+    /usr/local/sbin/sshguard -l /var/log/authlog

security/sshguard/pkg/PLIST

@@ -0,0 +1,3 @@
+@comment $OpenBSD: PLIST,v 1.1.1.1 2010/09/07 12:23:43 millert Exp $
+@man man/man8/sshguard.8
+@bin sbin/sshguard