1 |
%define version 0.1.18 |
2 |
%define release 6 |
3 |
%define name smeserver-fail2ban |
4 |
|
5 |
|
6 |
Summary: fail2ban integration on SME Server |
7 |
Name: %{name} |
8 |
Version: %{version} |
9 |
Release: %{release}%{?dist} |
10 |
Epoch: 9 |
11 |
License: GPL |
12 |
Group: Networking/Daemons |
13 |
Source: %{name}-%{version}.tar.gz |
14 |
Patch0:smeserver-fail2ban-0.1.18.bz10767-adminpanel.patch |
15 |
Patch1: smeserver-fail2ban-0.1.18.bz9709-wordpress.patch |
16 |
Patch2: smeserver-fail2ban-0.1.18.bz10775-sfail2ban.patch |
17 |
Patch3: smeserver-fail2ban-0.1.18-locale-2019-05-15.patch |
18 |
Patch4: smeserver-fail2ban-0.1.18-bz10776-wordpress.patch |
19 |
|
20 |
BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot |
21 |
BuildArchitectures: noarch |
22 |
BuildRequires: e-smith-devtools |
23 |
|
24 |
Requires: e-smith-base >= 5.2.0 |
25 |
Requires: fail2ban |
26 |
|
27 |
%description |
28 |
Configure fail2ban on SME Server |
29 |
|
30 |
%changelog |
31 |
* Mon Jun 03 2019 Jean-Philipe Pialasse <tests@pialasse.com> 0.1.18-6.sme |
32 |
- fix incorrect permissions on sfail2ban [SME: 10775] |
33 |
|
34 |
* Mon Jun 03 2019 Jean-Philipe Pialasse <tests@pialasse.com> 0.1.18-5.sme |
35 |
- fix wordpress fragment error preventing jail.conf to be updated [SME: 10776] |
36 |
|
37 |
* Tue May 14 2019 Jean-Philipe Pialasse <tests@pialasse.com> 0.1.18-4.sme |
38 |
- fix missing sfail2ban exec [SME: 10775] |
39 |
- Apply locals |
40 |
|
41 |
* Tue Apr 09 2019 Jean-Philipe Pialasse <tests@pialasse.com> 0.1.18-3.sme |
42 |
- add admin panel [SME: 10767] |
43 |
- add wordpress jails and filters [SME: 9709] |
44 |
|
45 |
* Fri Oct 27 2017 Daniel Berteaud <daniel@firewall-services.com> - 0.1.18-1.sme |
46 |
- Ignore greylisting, from Michael McCarn [SME: 10447] |
47 |
|
48 |
* Thu Nov 17 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.17-1.sme |
49 |
- Makes sur log files exist before resuming monitoring after a logrotate |
50 |
[SME: 9875] |
51 |
|
52 |
* Tue Aug 2 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.16-1.sme |
53 |
- Add a new prop (FilterValidRemoteHosts) to allow blacklisting of hosts allowed |
54 |
to access the server-manager |
55 |
- Ignore 0.0.0.0/0.0.0.0 by default [SME: 9719] |
56 |
|
57 |
* Tue Jul 5 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.15-1.sme |
58 |
- Fix compat with older qpsmtpd |
59 |
|
60 |
* Thu Jun 9 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.14-1.sme |
61 |
- Update regex for qpsmtpd 0.96 |
62 |
|
63 |
* Mon Feb 29 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.13-1.sme |
64 |
- Ignore failure to get proxy.pac |
65 |
|
66 |
* Fri Jul 24 2015 Daniel Berteaud <daniel@firewall-services.com> - 0.1.12-1.sme |
67 |
- Updates for fail2ban 0.9.2 |
68 |
- Add more httpd jails |
69 |
- Switch to upstream Ejabberd filter |
70 |
|
71 |
* Wed Apr 15 2015 Daniel Berteaud <daniel@firewall-services.com> - 0.1.11-1.sme |
72 |
- Start fail2ban a bit later [SME: 8708] |
73 |
|
74 |
* Tue Jan 27 2015 Daniel Berteaud <daniel@firewall-services.com> - 0.1.10-1.sme |
75 |
- Suspend log monitoring during logrotate [SME: 8708] |
76 |
|
77 |
* Thu Jan 15 2015 Daniel Berteaud <daniel@firewall-services.com> - 0.1.9-1.sme |
78 |
- Fix LL::NG jail name |
79 |
|
80 |
* Wed Sep 17 2014 Daniel Berteaud <daniel@firewall-services.com> - 0.1.8-1.sme |
81 |
- Restart fail2ban during logrotate event so it re-open apache log file [SME: 8557] |
82 |
|
83 |
* Wed Jun 25 2014 Daniel Berteaud <daniel@firewall-services.com> - 0.1.7-1.sme |
84 |
- Correctly handle single IP in IgnoreIP prop |
85 |
|
86 |
* Tue Jun 24 2014 Daniel Berteaud <daniel@firewall-services.com> - 0.1.6-1.sme |
87 |
- Relax proxy regex so requests for proxy.pac aren't matched |
88 |
|
89 |
* Mon Jun 23 2014 Daniel Berteaud <daniel@firewall-services.com> - 0.1.5-1.sme |
90 |
- Pre-create the logfile so fail2ban can start the first time |
91 |
- Remove most warnings on startup |
92 |
|
93 |
* Wed Apr 23 2014 Daniel Berteaud <daniel@firewall-services.com> - 0.1.4-1.sme |
94 |
- New branch for SME9 |
95 |
- Remove sogo-auth.conf which is included in EL6 build of fail2ban |
96 |
>>>>>>> sme9 |
97 |
|
98 |
* Wed Dec 18 2013 Daniel Berteaud <daniel@firewall-services.com> - 0.1.3-1.sme |
99 |
- Fix port, which was incorrectly set to proto |
100 |
|
101 |
* Tue Nov 19 2013 Daniel Berteaud <daniel@firewall-services.com> - 0.1.2-1.sme |
102 |
- Create the DB entries in one transaction to reduce the amount of log |
103 |
for each ban |
104 |
|
105 |
* Thu Jul 4 2013 Daniel Berteaud <daniel@firewall-services.com> - 0.1.1-1.sme |
106 |
- Fix service name for LemonLDAP::NG |
107 |
|
108 |
* Tue May 14 2013 Daniel Berteaud <daniel@firewall-services.com> - 0.1.0-1.sme |
109 |
- initial release |
110 |
|
111 |
%prep |
112 |
%setup -q -n %{name}-%{version} |
113 |
%patch0 -p1 |
114 |
%patch1 -p1 |
115 |
%patch2 -p1 |
116 |
%patch3 -p1 |
117 |
%patch4 -p1 |
118 |
|
119 |
%build |
120 |
%{__mkdir_p} root/var/log/fail2ban |
121 |
perl createlinks |
122 |
|
123 |
%install |
124 |
/bin/rm -rf $RPM_BUILD_ROOT |
125 |
(cd root ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT) |
126 |
/bin/rm -f %{name}-%{version}-filelist |
127 |
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \ |
128 |
--dir /var/log/fail2ban 'attr(0750,root,root)' \ |
129 |
--file /var/log/fail2ban/daemon.log 'config(noreplace) %attr(0600,root,root)' \ |
130 |
--file /etc/cron.daily/cleanup_fail2ban 'attr(0755,root,root)' \ |
131 |
--file /etc/fail2ban/filter.d/apache-auth.local 'config(noreplace) %attr(0644,root,root)' \ |
132 |
--file /usr/bin/sfail2ban 'attr(0755,root,root)' \ |
133 |
> %{name}-%{version}-filelist |
134 |
|
135 |
%files -f %{name}-%{version}-filelist |
136 |
%defattr(-,root,root) |
137 |
|
138 |
%clean |
139 |
rm -rf $RPM_BUILD_ROOT |
140 |
|
141 |
%post |
142 |
|
143 |
%preun |
144 |
|