[NEW] net/pftbld

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[NEW] net/pftbld

mpfr
Any comments/OKs/commits are welcome.


Index: infrastructure/db/user.list
===================================================================
RCS file: /cvs/ports/infrastructure/db/user.list,v
retrieving revision 1.375
diff -u -p -u -p -r1.375 user.list
--- infrastructure/db/user.list 12 Sep 2020 15:33:51 -0000 1.375
+++ infrastructure/db/user.list 16 Sep 2020 11:07:04 -0000
@@ -368,3 +368,4 @@ id  user group port
 857 _web2ldap _web2ldap sysutils/web2ldap
 858 _purritobin _purritobin www/purritobin
 859 _miniflux _miniflux net/miniflux
+860 _pftbld _pftbld net/pftbld
Index: net/Makefile
===================================================================
RCS file: /cvs/ports/net/Makefile,v
retrieving revision 1.1222
diff -u -p -u -p -r1.1222 Makefile
--- net/Makefile 12 Sep 2020 15:33:31 -0000 1.1222
+++ net/Makefile 16 Sep 2020 11:07:04 -0000
@@ -513,6 +513,7 @@
      SUBDIR += pear-Services-oEmbed
      SUBDIR += pen
      SUBDIR += pfstat
+     SUBDIR += pftbld
      SUBDIR += php-weathermap
      SUBDIR += pidgin
      SUBDIR += pidgin,gtkspell
Index: net/pftbld/Makefile
===================================================================
RCS file: net/pftbld/Makefile
diff -N net/pftbld/Makefile
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ net/pftbld/Makefile 16 Sep 2020 11:07:04 -0000
@@ -0,0 +1,27 @@
+# $OpenBSD$
+
+COMMENT = automate pf(4) table content management
+
+VERSION = 0.1.0
+DISTNAME = pftbld-${VERSION}
+CATEGORIES = net
+MAINTAINER = Matthias Pressfreund <[hidden email]>
+
+HOMEPAGE = https://github.com/mpfr/pftbld/
+
+PERMIT_PACKAGE = Yes
+
+MASTER_SITES = https://mpfr.net/downloads/ \
+ ${HOMEPAGE}releases/download/v${VERSION}/
+
+WANTLIB += c pthread
+
+NO_TEST = Yes
+
+EXAMPLES_DIR = share/examples/pftbld
+
+post-install:
+ ${INSTALL_DATA_DIR} ${PREFIX}/${EXAMPLES_DIR}
+ ${INSTALL_DATA} ${FILESDIR}/pftbld.conf ${PREFIX}/${EXAMPLES_DIR}
+
+.include <bsd.port.mk>
Index: net/pftbld/distinfo
===================================================================
RCS file: net/pftbld/distinfo
diff -N net/pftbld/distinfo
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ net/pftbld/distinfo 16 Sep 2020 11:07:04 -0000
@@ -0,0 +1,2 @@
+SHA256 (pftbld-0.1.0.tar.gz) = u8RovHxLIh0Odea3TVcFSq/dTdby/CrGcU25ae5l3o0=
+SIZE (pftbld-0.1.0.tar.gz) = 40372
Index: net/pftbld/files/pftbld.conf
===================================================================
RCS file: net/pftbld/files/pftbld.conf
diff -N net/pftbld/files/pftbld.conf
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ net/pftbld/files/pftbld.conf 16 Sep 2020 11:07:04 -0000
@@ -0,0 +1,34 @@
+#log "/var/log/pftbld.log"
+
+exclude {
+ localhosts
+# net "10.0.0/24"
+}
+
+drop 3w
+
+target "www" {
+ persist "/etc/pftbld/clientaddr-www.list"
+# exclude keyterms "/etc/pftbld/keyterms-www.list"
+
+ socket "/var/www/run/pftbld-www.sock" {
+ owner "www"
+ group "www"
+ }
+
+ cascade {
+ table "attackers"
+ hits 4
+ expire 1h
+
+ step {
+ hits 12
+ expire 6h
+ }
+ step {
+ expire 5d
+ no drop
+ kill nodes
+ }
+ }
+}
Index: net/pftbld/pkg/DESCR
===================================================================
RCS file: net/pftbld/pkg/DESCR
diff -N net/pftbld/pkg/DESCR
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ net/pftbld/pkg/DESCR 16 Sep 2020 11:07:04 -0000
@@ -0,0 +1,8 @@
+The pftbld(8) program was primarily designed to automate the
+management of dynamic firewall blacklists.  It listens on UNIX-domain
+sockets for incoming IP addresses, usually sent by client programs
+such as network services and applications, and makes them traverse
+pf(4) tables according to its configuration and the history of their
+occurrance.  As pftbld(8) can persist managed addresses and meta-data,
+it is capable of restoring its runtime status and corresponding
+pf(4) tables through system reboots and migrations.
Index: net/pftbld/pkg/PLIST
===================================================================
RCS file: net/pftbld/pkg/PLIST
diff -N net/pftbld/pkg/PLIST
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ net/pftbld/pkg/PLIST 16 Sep 2020 11:07:04 -0000
@@ -0,0 +1,11 @@
+@comment $OpenBSD: PLIST,v$
+@newgroup _pftbld:860
+@newuser _pftbld:860:_pftbld::pftbld unprivileged user:/var/empty:/sbin/nologin
+@rcscript ${RCDIR}/pftbld
+@man man/man5/pftbld.conf.5
+@man man/man8/pftblctl.8
+@man man/man8/pftbld.8
+@bin sbin/pftblctl
+@bin sbin/pftbld
+share/examples/pftbld/
+share/examples/pftbld/pftbld.conf
Index: net/pftbld/pkg/pftbld.rc
===================================================================
RCS file: net/pftbld/pkg/pftbld.rc
diff -N net/pftbld/pkg/pftbld.rc
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ net/pftbld/pkg/pftbld.rc 16 Sep 2020 11:07:04 -0000
@@ -0,0 +1,9 @@
+#!/bin/ksh
+#
+# $OpenBSD$
+
+daemon="${PREFIX}/sbin/pftbld"
+
+. /etc/rc.d/rc.subr
+
+rc_cmd $1