diff options
Diffstat (limited to 'config/denyhosts')
| -rw-r--r-- | config/denyhosts/denyhosts.inc | 199 | ||||
| -rw-r--r-- | config/denyhosts/denyhosts.xml | 121 | ||||
| -rw-r--r-- | config/denyhosts/denyhosts_log.tmp | 177 |
3 files changed, 0 insertions, 497 deletions
diff --git a/config/denyhosts/denyhosts.inc b/config/denyhosts/denyhosts.inc deleted file mode 100644 index 37209715..00000000 --- a/config/denyhosts/denyhosts.inc +++ /dev/null @@ -1,199 +0,0 @@ -<?php -/* $Id$ */ -/* -/* ========================================================================== */ -/* - denyhosts.inc - Copyright (C) 2009 Mark J Crane - All rights reserved. - */ -/* ========================================================================== */ -/* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -function denyhosts_sync_package() -{ - - //global $config; - -} - -// bounty: https://forum.pfsense.org/index.php/topic,15791.0/topicseen.html -// pkg_add -r denyhosts -// python /usr/local/share/denyhosts/denyhosts.py –file=/var/log/auth.log -// /var/run/denyhosts.pid -// http://en.wikipedia.org/wiki/DenyHosts - - -function denyhosts_install_command() -{ - - global $config; - conf_mount_rw(); - config_lock(); - - if (!is_dir('/usr/local/www/packages/')) { - exec("mkdir /usr/local/www/packages/"); - } - - if (!is_dir('/usr/local/www/packages/denyhosts/')) { - exec("mkdir /usr/local/www/packages/denyhosts/"); - } - - exec("pkg_add -r https://files.pfsense.org/packages/security/denyhosts-2.5.tbz"); - - //misc files - if (!is_dir('/usr/local/www/edit_area/')) { - chdir('/tmp/'); - exec("cd /tmp/;fetch ".$download_path."edit_area.tgz"); - chdir('/usr/local/www'); - system('tar xvpfz /tmp/edit_area.tgz edit_area'); - unlink_if_exists("/tmp/edit_area.tgz"); - } - - //backup the original hosts.allow file - exec ("cp /etc/hosts.allow /etc/hosts.allow.bak"); - - $hosts_allow = "#\n"; - $hosts_allow .= "# hosts.allow access control file for \"tcp wrapped\" applications.\n"; - $hosts_allow .= "#\n"; - $hosts_allow .= "sshd : /etc/hosts.deniedssh : deny\n"; - $hosts_allow .= "sshd : ALL : allow\n"; - $hosts_allow .= "ALL : ALL : allow\n"; - $fout = fopen("/etc/hosts.allow","w"); - fwrite($fout, $hosts_allow); - unset($hosts_allow); - fclose($fout); - - if(!is_file("/etc/hosts.deniedssh")) { - exec("touch /etc/hosts.deniedssh"); - exec("chmod 755 /etc/hosts.deniedssh"); - } - - if(!is_file("/var/log/denyhosts")) { - exec ('touch /var/log/denyhosts'); - } - - $download_path = 'https://packages.pfsense.org/packages/config/denyhosts/'; - - //rename PHP files from .tmp to .php - chdir('/tmp/'); - exec("cd /tmp/;fetch ".$download_path."denyhosts_log.tmp"); - exec("cp /tmp/denyhosts_log.tmp /usr/local/www/packages/denyhosts/denyhosts_log.php"); - unlink_if_exists("/tmp/denyhosts_log.tmp"); - - - //$denyhosts_sh = "\n"; - //$denyhosts_sh .= "name=\"denyhosts\"\n"; - //$denyhosts_sh .= "rcvar=\${name}_enable\n"; - //$denyhosts_sh .= "\n"; - //$denyhosts_sh .= "command=\"/usr/local/bin/denyhosts.py\"\n"; - //$denyhosts_sh .= "command_interpreter=\"/usr/local/bin/python2.5\"\n"; - //$denyhosts_sh .= "command_args=\"--config /usr/local/etc/denyhosts.conf --daemon\"\n"; - //$denyhosts_sh .= "pidfile=\"/var/run/\${name}.pid\"\n"; - //$denyhosts_sh .= "\n"; - //$denyhosts_sh .= "load_rc_config \$name\n"; - //$denyhosts_sh .= "\n"; - //$denyhosts_sh .= ": \${denyhosts_enable=\"YES\"}\n"; - //$denyhosts_sh .= "\n"; - //$denyhosts_sh .= "run_rc_command \"\$1\"\n"; - //$fout = fopen("/usr/local/etc/rc.d/denyhosts.sh","w"); - //fwrite($fout, $denyhosts_sh); - //unset($denyhosts_sh); - //fclose($fout); - //exec("chmod 755 /usr/local/etc/rc.d/denyhosts.sh"); - - $filename = "/usr/local/etc/denyhosts.conf"; - $handle = fopen($filename,"rb"); - $denyhosts_conf = fread($handle, filesize($filename)); - fclose($handle); - $denyhosts_conf = str_replace("SECURE_LOG = /var/log/auth.log", "SECURE_LOG = /var/log/system.log", $denyhosts_conf); - $denyhosts_conf = str_replace("#BLOCK_SERVICE = sshd", "BLOCK_SERVICE = sshd", $denyhosts_conf); - $denyhosts_conf = str_replace("#SYNC_SERVER = http://xmlrpc.denyhosts.net:9911", "SYNC_SERVER = http://xmlrpc.denyhosts.net:9911", $denyhosts_conf); - $fout = fopen($filename,"w"); - fwrite($fout, $denyhosts_conf); - unset($filename); - fclose($fout); - - $filename = "/usr/local/etc/denyhosts.conf-dist"; - $fout = fopen($filename,"w"); - fwrite($fout, $denyhosts_conf); - unset($filename); - unset($denyhosts_conf); - fclose($fout); - - write_rcfile(array( - "file" => "denyhosts.sh", - "start" => "/usr/local/bin/python2.5 /usr/local/bin/denyhosts.py --config /usr/local/etc/denyhosts.conf --daemon", - "stop" => "rm /var/run/denyhosts.pid" - ) - ); - - denyhosts_sync_package(); - - //start denyhosts - exec("/usr/local/etc/rc.d/denyhosts.sh start"); - - //if (pkg_is_service_running('notes')) { - //documentation purposes - //} - - conf_mount_ro(); - config_unlock(); - -} - - -function denyhosts_deinstall_command() -{ - - conf_mount_rw(); - config_lock(); - - exec("pkg_delete denyhosts"); - exec("rm -R /usr/local/www/packages/denyhosts/"); - - //restore original hosts.allow file - if (file_exists('/usr/local/www/exec.php')) { - exec ("rm /etc/hosts.allow"); - exec ("cp /etc/hosts.allow.bak /etc/hosts.allow"); - } - - //remove the configuration - exec ("rm /usr/local/etc/denyhosts*"); - - //create a new hosts.allow file - //$hosts_allow = "#\n"; - //$hosts_allow .= "# hosts.allow access control file for \"tcp wrapped\" applications.\n"; - //$hosts_allow .= "#\n"; - //$hosts_allow .= "ALL : ALL : allow\n"; - //$fout = fopen("/etc/hosts.allow","w"); - //fwrite($fout, $tmp); - //unset($tmp); - //fclose($fout); - - conf_mount_ro(); - config_unlock(); -} - -?>
\ No newline at end of file diff --git a/config/denyhosts/denyhosts.xml b/config/denyhosts/denyhosts.xml deleted file mode 100644 index 720f1b95..00000000 --- a/config/denyhosts/denyhosts.xml +++ /dev/null @@ -1,121 +0,0 @@ -<?xml version="1.0" encoding="utf-8" ?> -<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> -<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> -<packagegui> - <copyright> - <![CDATA[ -/* $Id$ */ -/* ========================================================================== */ -/* - denyhosts.xml - Copyright (C) 2008 Mark J Crane - All rights reserved. - */ -/* ========================================================================== */ -/* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> - <description>DenyHosts</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> - <name>DenyHosts</name> - <version>0.5.1</version> - <title>Settings</title> - <include_file>/usr/local/pkg/denyhosts.inc</include_file> - <menu> - <name>DenyHosts</name> - <tooltiptext>DenyHosts.</tooltiptext> - <section>Services</section> - <configfile>denyhosts.xml</configfile> - <url>/packages/denyhosts/denyhosts_log.php</url> - </menu> - <service> - <name>denyhosts</name> - <rcfile>denyhosts.sh</rcfile> - <executable>denyhosts</executable> - <description>DenyHosts analyzes logs for SSH login attempts and blocks offending IP addresses.</description> - </service> - <tabs> - <tab> - <text>Settings</text> - <url>/packages/denyhosts/denyhosts_log.php</url> - <active/> - </tab> - </tabs> - <configpath>installedpackages->package->denyhosts</configpath> - <additional_files_needed> - <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> - <item>https://packages.pfsense.org/packages/config/denyhosts/denyhosts.inc</item> - </additional_files_needed> - <adddeleteeditpagefields> - <columnitem> - <fielddescr>Title</fielddescr> - <fieldname>title</fieldname> - </columnitem> - <columnitem> - <fielddescr>Category</fielddescr> - <fieldname>category</fieldname> - </columnitem> - </adddeleteeditpagefields> - <fields> - <field> - <fielddescr>Title</fielddescr> - <fieldname>title</fieldname> - <description>Enter the title.</description> - <type>input</type> - </field> - <field> - <fielddescr>Category</fielddescr> - <fieldname>category</fieldname> - <description>Enter a category.</description> - <type>input</type> - </field> - <field> - <fielddescr><b>zzz</b> <br /> <br /></fielddescr> - <fieldname>zzz</fieldname> - <description></description> - <type>textarea</type> - <encoding>base64</encoding> - <size>30</size> - <cols>70</cols> - <rows>20</rows> - </field> - </fields> - <custom_add_php_command> - </custom_add_php_command> - <custom_php_resync_config_command> - denyhosts_sync_package(); - </custom_php_resync_config_command> - <custom_delete_php_command> - denyhosts_sync_package(); - </custom_delete_php_command> - <custom_php_install_command> - denyhosts_install_command(); - </custom_php_install_command> - <custom_php_deinstall_command> - denyhosts_deinstall_command(); - </custom_php_deinstall_command> -</packagegui>
\ No newline at end of file diff --git a/config/denyhosts/denyhosts_log.tmp b/config/denyhosts/denyhosts_log.tmp deleted file mode 100644 index 0b06d4f5..00000000 --- a/config/denyhosts/denyhosts_log.tmp +++ /dev/null @@ -1,177 +0,0 @@ -<?php -/* $Id$ */ -/* - denyhosts_log.php - Copyright (C) 2008 Mark J Crane - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require("guiconfig.inc"); -require("/usr/local/pkg/denyhosts.inc"); - -//$a_extensions = &$config['installedpackages']['profiles']['config']; - -/* -if ($_GET['a'] == "default") { - //conf_mount_rw(); - exec("cp /usr/local/zzz/conf.orig/zzz /usr/local/zzz/conf/zzz"); - $savemsg = "Default Restored"; - //conf_mount_ro(); -} - -if ($_POST['a'] == "save") { - //conf_mount_rw(); - $content = ereg_replace("\r","",$_POST['code']); - $fd = fopen("/usr/local/zzz/conf/zzz", "w"); - fwrite($fd, $content); - fclose($fd); - $savemsg = "Saved"; - //conf_mount_ro(); -} -*/ - -if(!is_file("/var/log/denyhosts")) { - exec ('touch /var/log/denyhosts'); -} - -$filename = '/var/log/denyhosts'; -$fd = fopen($filename, "r"); -if (filesize($filename) > 0) { - $content = fread($fd, filesize($filename)); -} -else { - $content = ''; -} -fclose($fd); - -include("head.inc"); - -?> - - -<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> - -<script language="Javascript"> -function sf() { document.forms[0].savetopath.focus(); } -</script> -<script language="Javascript" type="text/javascript" src="/edit_area/edit_area_full.js"></script> -<script language="Javascript" type="text/javascript"> - // initialisation - editAreaLoader.init({ - id: "code" // id of the textarea to transform - ,start_highlight: false - ,allow_toggle: false - ,language: "en" - ,syntax: "html" - ,toolbar: "search, go_to_line,|, fullscreen, |, undo, redo, |, select_font, |, syntax_selection, |, change_smooth_selection, highlight, reset_highlight, |, help" - ,syntax_selection_allow: "css,html,js,php,xml,c,cpp,sql" - ,show_line_colors: true - }); -</script> - -<?php -include("fbegin.inc"); -echo "<p class=\"pgtitle\">Deny Hosts</p>\n"; -?> - -<div id="mainlevel"> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> -<tr><td class="tabnavtbl"> -<?php - -//display_top_tabs(build_menu()); - -?> -</td></tr> -</table> - - -<table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td class="tabcont" > -<!-- -<form action="zzz.php" method="post" name="iform" id="iform"> ---> -<?php - -?> - - <table width="98%" border="0" cellpadding="6" cellspacing="0"> - <tr> - <td width='90%'><p><span class="vexpl"><span class="red"><strong>DenyHosts Logs<br> - </strong></span> - DenyHosts analyzes logs for SSH login attempts and blocks offending IP addresses. - </p> - </td> - <td width='10%' align='right' valign='middle'><!--<input type="submit" value="save" />--></td> - </tr> - </table> - - <br /> - <br /> - - <textarea style="width:98%" id="code" name="code" rows="30" cols="<?php echo $cols; ?>" name="content"><?php echo htmlentities($content); ?></textarea> - <br /> - <br /> - - <table width="98%" border="0" cellpadding="6" cellspacing="0"> - <tr> - <td>/var/log/denyhosts</td> - <td align='right'> - <input type="hidden" name="f" value="<?php echo $_GET['f']; ?>" /> - <input type="hidden" name="a" value="save" /> - <?php - //echo "<input type='button' value='Restore Default' onclick=\"document.location.href='/packages/zzz/zzz.php?a=default&f=zzz';\" />"; - ?> - </td> - </tr> - </table> - -<!-- -</form> ---> - -<br> -<br> - -<br> -<br> -<br> -<br> -<br> -<br> -<br> -<br> - -</td> -</tr> -</table> - -</div> - - - -<?php include("fend.inc"); ?> -</body> -</html> |