From 391e0bad90da42e64f244b979b83167b8acb744b Mon Sep 17 00:00:00 2001
From: mcrane <mctch@yahoo.com>
Date: Sat, 1 Aug 2009 03:42:04 -0600
Subject: New pfSense package DenyHosts for protecting SSH.

---
 config/denyhosts/denyhosts.inc     | 167 +++++++++++++++++++++++++++++++++++++
 config/denyhosts/denyhosts.xml     | 115 +++++++++++++++++++++++++
 config/denyhosts/denyhosts_log.tmp | 166 ++++++++++++++++++++++++++++++++++++
 pkg_config.7.xml                   |  14 ++++
 4 files changed, 462 insertions(+)
 create mode 100644 config/denyhosts/denyhosts.inc
 create mode 100644 config/denyhosts/denyhosts.xml
 create mode 100644 config/denyhosts/denyhosts_log.tmp

diff --git a/config/denyhosts/denyhosts.inc b/config/denyhosts/denyhosts.inc
new file mode 100644
index 00000000..d83f2878
--- /dev/null
+++ b/config/denyhosts/denyhosts.inc
@@ -0,0 +1,167 @@
+<?php
+/* $Id$ */
+/*
+/* ========================================================================== */
+/*
+    denyhosts.inc
+    Copyright (C) 2009 Mark J Crane
+    All rights reserved.
+                                                                              */
+/* ========================================================================== */
+/*
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+
+function php_sync_package() 
+{
+  
+	//global $config; 
+
+}
+    
+// bounty: http://forum.pfsense.org/index.php/topic,15791.0/topicseen.html
+// pkg_add -r denyhosts
+// python /usr/local/share/denyhosts/denyhosts.py –file=/var/log/auth.log
+// /var/run/denyhosts.pid
+// http://en.wikipedia.org/wiki/DenyHosts
+
+
+function php_install_command() 
+{
+
+	global $config;
+
+	if (!is_dir('/usr/local/www/packages/')) {
+	   exec("mkdir /usr/local/www/packages/");
+	}
+	
+	if (!is_dir('/usr/local/www/packages/denyhosts/')) {
+	   exec("mkdir /usr/local/www/packages/denyhosts/");
+	}
+
+	exec("pkg_delete denyhosts");
+	
+
+	
+	$hosts_allow = "#\n";
+	$hosts_allow .= "# hosts.allow access control file for \"tcp wrapped\" applications.\n";
+	$hosts_allow .= "#\n;
+	$hosts_allow .= "sshd : /etc/hosts.deniedssh : deny\n";
+	$hosts_allow .= "sshd : ALL : allow\n";
+	$hosts_allow .= "ALL : ALL : allow\n";
+	$fout = fopen("/etc/hosts.allow","w");
+	fwrite($fout, $hosts_allow);
+	unset($hosts_allow);
+	fclose($fout);
+	
+	exec("touch /etc/hosts.deniedssh");
+	exec("chmod 755 /etc/hosts.deniedssh");
+	
+	$download_path = 'http://www.pfsense.com/packages/config/denyhosts/';
+	
+	//rename PHP files from .tmp to .php
+	chdir('/tmp/');
+	exec("cd /tmp/;fetch ".$download_path."denyhosts_log.tmp");
+	exec("cp /tmp/denyhosts_log.tmp /usr/local/www/packages/denyhosts/denyhosts_log.php");
+	unlink_if_exists("/tmp/denyhosts_log.tmp");
+	
+
+	$denyhosts_sh = "\n";
+	$denyhosts_sh .= "name=\"denyhosts\"\n";
+	$denyhosts_sh .= "rcvar=\${name}_enable\n";
+	$denyhosts_sh .= "\n";
+	$denyhosts_sh .= "command=\"/usr/local/bin/denyhosts.py\"\n";
+	$denyhosts_sh .= "command_interpreter=\"/usr/local/bin/python2.5\"\n";
+	$denyhosts_sh .= "command_args=\"--config /usr/local/etc/denyhosts.conf --daemon\"\n";
+	$denyhosts_sh .= "pidfile=\"/var/run/\${name}.pid\"\n";
+	$denyhosts_sh .= "\n";
+	$denyhosts_sh .= "load_rc_config \$name\n";
+	$denyhosts_sh .= "\n";
+	$denyhosts_sh .= ": \${denyhosts_enable=\"YES\"}\n";
+	$denyhosts_sh .= "\n";
+	$denyhosts_sh .= "run_rc_command \"\$1\"\n";
+	$fout = fopen("/usr/local/etc/rc.d/denyhosts.sh","w");
+	fwrite($fout, $denyhosts_sh);
+	unset($denyhosts_sh);
+	fclose($fout);
+	
+
+	$filename = "/usr/local/etc/denyhosts.conf";
+	$handle = fopen($filename,"rb");
+	$denyhosts_conf = fread($handle, filesize($filename));	
+	fclose($handle);	
+	$denyhosts_conf = str_replace("SECURE_LOG = /var/log/auth.log", "SECURE_LOG = /var/log/system.log", $denyhosts_conf);
+	$denyhosts_conf = str_replace("#BLOCK_SERVICE  = sshd", "BLOCK_SERVICE  = sshd", $denyhosts_conf);
+	$denyhosts_conf = str_replace("#SYNC_SERVER = http://xmlrpc.denyhosts.net:9911", "SYNC_SERVER = http://xmlrpc.denyhosts.net:9911", $denyhosts_conf);
+	$fout = fopen($filename,"w");
+	fwrite($fout, $denyhosts_conf);
+	unset($filename);
+	fclose($fout);
+	
+	$filename = "/usr/local/etc/denyhosts.conf-dist";
+	$fout = fopen($filename,"w");
+	fwrite($fout, $denyhosts_conf);
+	unset($filename);
+	unset($denyhosts_conf);
+	fclose($fout);
+	
+	//Error reading file: denyhosts.cfg
+	//write_rcfile(array(
+	//	"file" => "denyhosts.sh",
+	//	"start" => "start command",
+	//	"stop" => "rm /var/run/nameofservice.pid"
+	//	)
+	//);
+	
+		  	       
+	php_sync_package();
+	
+	//start denyhosts
+	exec("/usr/local/etc/rc.d/denyhosts.sh start");
+	
+	//if (pkg_is_service_running('notes')) {  
+		//documentation purposes
+	//}
+
+
+  
+}
+
+
+function deinstall_command() 
+{
+
+	$hosts_allow = "#\n";
+	$hosts_allow .= "# hosts.allow access control file for \"tcp wrapped\" applications.\n";
+	$hosts_allow .= "#\n;
+	$hosts_allow .= "ALL : ALL : allow\n";
+	$fout = fopen("/etc/hosts.allow","w");
+	fwrite($fout, $tmp);
+	unset($tmp);
+	fclose($fout);
+	
+	exec("pkg_delete denyhosts");
+	exec("rm -R /usr/local/www/packages/denyhosts/");
+	
+}
+
+?>
\ No newline at end of file
diff --git a/config/denyhosts/denyhosts.xml b/config/denyhosts/denyhosts.xml
new file mode 100644
index 00000000..35878c7a
--- /dev/null
+++ b/config/denyhosts/denyhosts.xml
@@ -0,0 +1,115 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+        <copyright>
+        <![CDATA[
+/* $Id$ */
+/* ========================================================================== */
+/*
+    notes.xml
+    Copyright (C) 2008 Mark J Crane
+    All rights reserved.
+                                                                              */
+/* ========================================================================== */
+/*
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are met:
+
+     1. Redistributions of source code must retain the above copyright notice,
+        this list of conditions and the following disclaimer.
+
+     2. Redistributions in binary form must reproduce the above copyright
+        notice, this list of conditions and the following disclaimer in the
+        documentation and/or other materials provided with the distribution.
+
+    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+    POSSIBILITY OF SUCH DAMAGE.
+                                                                              */
+/* ========================================================================== */
+        ]]>
+        </copyright>
+    <description>DenyHosts</description>
+    <requirements>Describe your package requirements here</requirements>
+    <faq>Currently there are no FAQ items provided.</faq>
+	<name>DenyHosts</name>
+	<version>0.1</version>
+	<title>Settings</title>
+	<include_file>/usr/local/pkg/denyhosts.inc</include_file>
+	<menu>
+		<name>DenyHosts</name>
+		<tooltiptext>DenyHosts.</tooltiptext>
+		<section>Services</section>
+		<configfile>denyhosts.xml</configfile>
+		<url>/packages/denyhosts/denyhosts_log.php</url>
+	</menu>
+	<tabs>
+		<tab>
+			<text>Settings</text>
+			<url>/packages/denyhosts/denyhosts_log.php</url>
+			<active/>
+		</tab>	
+	</tabs>
+	<configpath>installedpackages->package->$packagename->configuration->denyhosts</configpath>	
+	<additional_files_needed>
+		<prefix>/usr/local/pkg/</prefix>
+		<chmod>0755</chmod>		
+		<item>http://www.pfsense.com/packages/config/denyhosts/denyhosts.inc</item>
+	</additional_files_needed>
+	<adddeleteeditpagefields>
+		<columnitem>
+			<fielddescr>Title</fielddescr>
+			<fieldname>title</fieldname>
+		</columnitem>		
+		<columnitem>
+			<fielddescr>Category</fielddescr>
+			<fieldname>category</fieldname>
+		</columnitem>
+	</adddeleteeditpagefields>				
+	<fields>
+		<field>
+			<fielddescr>Title</fielddescr>
+			<fieldname>title</fieldname>
+			<description>Enter the title.</description>
+			<type>input</type>
+		</field>
+		<field>
+			<fielddescr>Category</fielddescr>
+			<fieldname>category</fieldname>
+			<description>Enter a category.</description>
+			<type>input</type>
+		</field>		
+		<field>
+			<fielddescr>&lt;b&gt;zzz&lt;/b&gt; &lt;br /&gt; &lt;br /&gt;</fielddescr>
+			<fieldname>zzz</fieldname>
+			<description></description>
+			<type>textarea</type>
+			<encoding>base64</encoding>
+			<size>30</size>
+			<cols>70</cols>			
+			<rows>20</rows>
+		</field>
+	</fields>	
+	<custom_add_php_command>
+	</custom_add_php_command>
+	<custom_php_resync_config_command>
+		php_sync_package();
+	</custom_php_resync_config_command>
+	<custom_delete_php_command>    
+		php_sync_package();
+	</custom_delete_php_command>
+	<custom_php_install_command>
+		php_install_command();
+	</custom_php_install_command>
+	<custom_php_deinstall_command>
+		deinstall_command();
+	</custom_php_deinstall_command>
+</packagegui>
\ No newline at end of file
diff --git a/config/denyhosts/denyhosts_log.tmp b/config/denyhosts/denyhosts_log.tmp
new file mode 100644
index 00000000..69d16cce
--- /dev/null
+++ b/config/denyhosts/denyhosts_log.tmp
@@ -0,0 +1,166 @@
+<?php
+/* $Id$ */
+/*
+	denyhosts_log.php
+	Copyright (C) 2008 Mark J Crane
+	All rights reserved.
+
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require("guiconfig.inc");
+require("/usr/local/pkg/denyhosts.inc");
+
+//$a_extensions = &$config['installedpackages']['profiles']['config'];
+
+/*
+if ($_GET['a'] == "default") {
+	//conf_mount_rw();
+	exec("cp /usr/local/zzz/conf.orig/zzz /usr/local/zzz/conf/zzz");
+	$savemsg = "Default Restored";
+	//conf_mount_ro();
+}
+
+if ($_POST['a'] == "save") {
+	//conf_mount_rw();
+	$content = ereg_replace("\r","",$_POST['code']);
+	$fd = fopen("/usr/local/zzz/conf/zzz", "w");
+	fwrite($fd, $content);
+	fclose($fd);
+	$savemsg = "Saved";
+	//conf_mount_ro();
+}
+*/
+
+$filename = '/var/log/denyhosts';
+$fd = fopen($filename, "r");
+$content = fread($fd, filesize($filename));
+fclose($fd);
+	
+include("head.inc");
+
+?>
+
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
+
+<script language="Javascript">
+function sf() { document.forms[0].savetopath.focus(); }
+</script>
+<script language="Javascript" type="text/javascript" src="/edit_area/edit_area_full.js"></script>
+<script language="Javascript" type="text/javascript">
+	// initialisation
+	editAreaLoader.init({
+		id: "code"	// id of the textarea to transform		
+		,start_highlight: false
+		,allow_toggle: false
+		,language: "en"
+		,syntax: "html"	
+		,toolbar: "search, go_to_line,|, fullscreen, |, undo, redo, |, select_font, |, syntax_selection, |, change_smooth_selection, highlight, reset_highlight, |, help"
+		,syntax_selection_allow: "css,html,js,php,xml,c,cpp,sql"
+		,show_line_colors: true
+	});	
+</script>
+
+<?php
+include("fbegin.inc");
+echo "<p class=\"pgtitle\">$v_project_label: Variables</p>\n";
+?>
+
+<div id="mainlevel">
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+<tr><td class="tabnavtbl">
+<?php
+
+//display_top_tabs(build_menu());
+
+?>
+</td></tr>
+</table>
+
+	
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+   <tr>
+     <td class="tabcont" >
+<!--
+<form action="zzz.php" method="post" name="iform" id="iform">
+-->
+<?php
+
+?>
+  	<table width="98%" border="0" cellpadding="6" cellspacing="0">
+      <tr>
+        <td width='90%'><p><span class="vexpl"><span class="red"><strong>DenyHosts Log<br>
+            </strong></span>
+            <!-- Description -->
+            </p>
+		</td>
+		<td width='10%' align='right' valign='middle'><!--<input type="submit" value="save" />--></td>
+      </tr>
+    </table>
+    <br />
+	<br />
+		
+	<textarea style="width:98%" id="code" name="code" rows="30" cols="<?php echo $cols; ?>" name="content"><?php echo htmlentities($content); ?></textarea>
+	<br />
+    <br />
+	<!--
+  	<table width="98%" border="0" cellpadding="6" cellspacing="0">
+      <tr>
+        <td>/usr/local/zzz/conf/zzz.xml</td>
+		<td align='right'>
+			<input type="hidden" name="f" value="<?php echo $_GET['f']; ?>" />
+			<input type="hidden" name="a" value="save" />
+			<?php
+			echo "<input type='button' value='Restore Default' onclick=\"document.location.href='/packages/zzz/zzz.php?a=default&f=zzz';\" />";
+			?>
+		</td>
+      </tr>
+	</table>
+	-->
+<!--
+</form>
+-->
+
+<br>
+<br>
+
+<br>
+<br>
+<br>
+<br>
+<br>
+<br>
+<br>
+<br>
+
+</td>
+</tr>
+</table>
+
+</div>
+
+
+
+<?php include("fend.inc"); ?>
+</body>
+</html>
diff --git a/pkg_config.7.xml b/pkg_config.7.xml
index d1cfdca6..bd1893ea 100755
--- a/pkg_config.7.xml
+++ b/pkg_config.7.xml
@@ -216,6 +216,20 @@
       <maintainer>markjcrane@gmail.com</maintainer>
       <configurationfile>shellcmd.xml</configurationfile>
     </package>
+    <package>
+      <name>DenyHosts</name>
+      <website/>
+      <descr>The DenyHosts utility is used to manage protect SSH.</descr>
+      <category>Services</category>
+      <pkginfolink></pkginfolink>
+      <config_file>http://www.pfsense.com/packages/config/denyhosts/denyhosts.xml</config_file>
+      <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url>
+      <version>0.1</version>
+      <status>Beta</status>
+      <required_version>1.2.3</required_version>
+      <maintainer>markjcrane@gmail.com</maintainer>
+      <configurationfile>denyhosts.xml</configurationfile>
+    </package>
     <package>
       <name>snort</name>
       <descr>Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more.</descr>
-- 
cgit v1.2.3