fail2ban: add datepattern and conf for sshd

* add the jail.local config to enable fail2ban on ssh to prevent brute force attack * add datepattern for fail2ban to be able to function with syslog-ng generated /var/log/messages

fail2ban: add datepattern and conf for sshd
* add the jail.local config to enable fail2ban on ssh to prevent brute force attack * add datepattern for fail2ban to be able to function with syslog-ng generated /var/log/messages
7613351a · Rahul Thakur · 5e7006f2 · 7613351a · 7613351a · 7613351a
Commit 7613351a authored 11 months ago by Rahul Thakur
--- a/net/fail2ban/Makefile
+++ b/net/fail2ban/Makefile
@@ -73,6 +73,7 @@ define Py3Package/fail2ban/install
 	$(INSTALL_DIR) $(1)/etc/fail2ban/
 	$(CP) $(PKG_BUILD_DIR)/config/* $(1)/etc/fail2ban/
+	$(INSTALL_DATA) ./files/jail.local $(1)/etc/fail2ban/
 	$(INSTALL_DIR) $(1)/etc/fail2ban/fail2ban.d
 	$(INSTALL_DATA) ./files/db.conf $(1)/etc/fail2ban/fail2ban.d/db.conf

--- a/net/fail2ban/files/jail.local
+++ b/net/fail2ban/files/jail.local
+[sshd]
+enabled = true
+port = ssh
+filter = sshd
+logpath = /var/log/messages
+maxretry = 3
+findtime = 10
+bantime = 120
+ignoreip = 127.0.0.1
--- a/net/fail2ban/patches/030-sshd-datepattern.patch
+++ b/net/fail2ban/patches/030-sshd-datepattern.patch
+--- a/config/filter.d/sshd.conf
+++ b/config/filter.d/sshd.conf
+@@ -36,6 +36,8 @@
+ [Definition]
+datepattern = ^%%b %%d %%H:%%M:%%S
+
+ prefregex = ^<F-MLFID>%(__prefix_line)s</F-MLFID>%(__pref)s<F-CONTENT>.+</F-CONTENT>$
+ cmnfailre = ^[aA]uthentication (?:failure|error|failed) for <F-USER>.*</F-USER> from <HOST>( via \S+)?%(__suff)s$