# HG changeset patch
# User Eric Joseph-Alexandre <erjo@slitaz.org>
# Date 1401748594 -7200
# Node ID 0cdb4f15eec57208f07b10dbbfb3f390878eaff3
# Parent  0878663ea676c5c00c77193e257de45e28fa1720
Up: fail2ban (0.9.0). Add W00t00 filter and improve init script

diff -r 0878663ea676 -r 0cdb4f15eec5 fail2ban/receipt
--- a/fail2ban/receipt	Tue Jun 03 00:33:06 2014 +0200
+++ b/fail2ban/receipt	Tue Jun 03 00:36:34 2014 +0200
@@ -1,7 +1,7 @@
 # SliTaz package receipt.
 
 PACKAGE="fail2ban"
-VERSION="0.8.12"
+VERSION="0.9.0"
 CATEGORY="network"
 SHORT_DESC="Scans log files to bans IP that makes too many password failures."
 MAINTAINER="pascal.bellard@slitaz.org"
@@ -27,9 +27,13 @@
 {
 	mkdir -p $fs/etc/logrotate.d $fs/etc/init.d
 	cp -a $install/* $fs
-	sed -i 's/= \\s\*(/= \\s*\\S+\\s\*(/' > $fs/etc/fail2ban/filter.d/common.conf
+	sed -i 's/= \\s\*(/= \\s*\\S+\\s\*(/'  $fs/etc/fail2ban/filter.d/common.conf
 	sed -i -e 's|127.0.0.1|& 192.168.0.0/16|;s|sshd.log|messages|' \
 		-e '/ssh-iptables/{nn;s/false/true/}' $fs/etc/fail2ban/jail.conf
+		
+	cp -a $stuff/etc/fail2ban/  $fs/etc/
+	cp -a $stuff/etc/init.d  $fs/etc/
+	
 	cat >> $fs/etc/fail2ban/jail.conf <<EOT
 [apache-noscript]
 
@@ -50,6 +54,14 @@
 bantime  = 172800
 maxretry = 2
 
+[apache-w00tw00t]                                                             
+enabled = false
+filter = apache-w00tw00t                                                      
+action = iptables[name=Apache-w00tw00t,port=80,protocol=tcp]                  
+        logpath = /var/log/apache/*access                                          
+        maxretry = 1                                                        
+        bantime  = 172800 
+
 [lighttpd-fastcgi]
 
 enabled  = false
@@ -77,7 +89,7 @@
 findtime = 604800
 bantime  = 604800
 EOT
-	ln -s /usr/bin/fail2ban-client $fs/etc/init.d/fail2ban
+	#ln -s /usr/bin/fail2ban-client $fs/etc/init.d/fail2ban
 	cat > $fs/etc/logrotate.d/fail2ban <<EOT
 /var/log/fail2ban.log {
 	weekly
diff -r 0878663ea676 -r 0cdb4f15eec5 fail2ban/stuff/etc/fail2ban/filter.d/apache-w00tw00t.conf
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/fail2ban/stuff/etc/fail2ban/filter.d/apache-w00tw00t.conf	Tue Jun 03 00:36:34 2014 +0200
@@ -0,0 +1,5 @@
+[Definition]
+
+failregex = ^<HOST> -.*"GET \/w00tw00t\.at\.ISC\.SANS\.DFind\:\).*".*
+
+ignoreregex =
diff -r 0878663ea676 -r 0cdb4f15eec5 fail2ban/stuff/etc/init.d/fail2ban
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/fail2ban/stuff/etc/init.d/fail2ban	Tue Jun 03 00:36:34 2014 +0200
@@ -0,0 +1,60 @@
+#!/bin/sh
+# /etc/init.d/fail2ban: Start, stop and restart Apache web server on SliTaz, 
+# at boot time or with the command line. Daemons options are configured
+# with /etc/daemons.conf
+#
+. /etc/init.d/rc.functions
+. /etc/daemons.conf
+
+NAME=Fail2ban
+DESC="Fail2ban Server"
+DAEMON=/usr/bin/fail2ban-client
+OPTIONS=
+PIDFILE=/var/run/fail2ban/fail2ban.pid
+SOCKET=/var/run/fail2ban/fail2ban.sock
+
+case "$1" in
+  start)
+    if active_pidfile $PIDFILE fail2ban-server ; then
+      echo "$NAME already running."
+      exit 1
+    fi
+    echo -n "Starting $DESC: $NAME... "
+    rm -f $SOCKET
+    $DAEMON start > /dev/null
+    status
+    ;;
+  stop)
+    echo -n "Stopping $DESC: $NAME... "
+    $DAEMON stop
+    rm -f $PIDFILE
+    status
+    ;;
+  reload)
+    if ! active_pidfile $PIDFILE fail2ban-server  ; then
+      echo "$NAME is not running."
+      exit 1
+    fi
+    echo -n "Stopping $DESC: $NAME... "
+    $DAEMON stop
+    status
+    ;;
+  restart)
+    if ! active_pidfile $PIDFILE fail2ban-server ; then
+      echo "$NAME is not running."
+      exit 1
+    fi
+    echo -n "Restarting $DESC: $NAME... "
+    $0 stop
+    $0 start
+    status
+    ;;
+  *)
+    echo ""
+    echo -e "\033[1mUsage:\033[0m /etc/init.d/`basename $0` [start|stop|reload|restart]"
+    echo ""
+    exit 1
+    ;;
+esac
+
+exit 0