2018-11-25 00:24:22 +01:00
|
|
|
################################################################################
|
|
|
|
#
|
|
|
|
# fail2ban
|
|
|
|
#
|
|
|
|
################################################################################
|
|
|
|
|
2021-04-06 22:09:10 +02:00
|
|
|
FAIL2BAN_VERSION = 0.11.2
|
2018-11-25 00:24:22 +01:00
|
|
|
FAIL2BAN_SITE = $(call github,fail2ban,fail2ban,$(FAIL2BAN_VERSION))
|
|
|
|
FAIL2BAN_LICENSE = GPL-2.0+
|
|
|
|
FAIL2BAN_LICENSE_FILES = COPYING
|
2021-02-12 22:39:02 +01:00
|
|
|
FAIL2BAN_CPE_ID_VENDOR = fail2ban
|
2021-07-26 10:25:53 +02:00
|
|
|
FAIL2BAN_SELINUX_MODULES = fail2ban
|
2018-11-25 00:24:22 +01:00
|
|
|
FAIL2BAN_SETUP_TYPE = distutils
|
|
|
|
|
2021-07-30 14:56:11 +02:00
|
|
|
# 0001-fixed-possible-RCE-vulnerability-unset-escape-variable.patch
|
|
|
|
FAIL2BAN_IGNORE_CVES += CVE-2021-32749
|
|
|
|
|
2020-01-22 14:15:14 +01:00
|
|
|
define FAIL2BAN_PYTHON_2TO3
|
|
|
|
$(HOST_DIR)/bin/2to3 --write --nobackups --no-diffs $(@D)/bin/* $(@D)/fail2ban
|
|
|
|
endef
|
2022-02-09 17:50:39 +01:00
|
|
|
FAIL2BAN_DEPENDENCIES = host-python3
|
2020-02-26 09:28:18 +01:00
|
|
|
# We can't use _POST_PATCH_HOOKS because dependencies are not guaranteed
|
|
|
|
# to build and install before _POST_PATCH_HOOKS run.
|
|
|
|
FAIL2BAN_PRE_CONFIGURE_HOOKS += FAIL2BAN_PYTHON_2TO3
|
2020-01-22 14:15:14 +01:00
|
|
|
|
2019-03-28 14:41:00 +01:00
|
|
|
define FAIL2BAN_FIX_DEFAULT_CONFIG
|
|
|
|
$(SED) '/^socket/c\socket = /run/fail2ban.sock' $(TARGET_DIR)/etc/fail2ban/fail2ban.conf
|
|
|
|
$(SED) '/^pidfile/c\pidfile = /run/fail2ban.pid' $(TARGET_DIR)/etc/fail2ban/fail2ban.conf
|
|
|
|
$(SED) '/^dbfile/c\dbfile = None' $(TARGET_DIR)/etc/fail2ban/fail2ban.conf
|
|
|
|
endef
|
|
|
|
FAIL2BAN_POST_INSTALL_TARGET_HOOKS += FAIL2BAN_FIX_DEFAULT_CONFIG
|
|
|
|
|
2020-10-05 07:58:08 +02:00
|
|
|
# fail2ban-python points to host python
|
|
|
|
define FAIL2BAN_FIX_FAIL2BAN_PYTHON_SYMLINK
|
2022-02-09 17:50:39 +01:00
|
|
|
ln -snf python3 $(TARGET_DIR)/usr/bin/fail2ban-python
|
2020-10-05 07:58:08 +02:00
|
|
|
endef
|
|
|
|
FAIL2BAN_POST_INSTALL_TARGET_HOOKS += FAIL2BAN_FIX_FAIL2BAN_PYTHON_SYMLINK
|
|
|
|
|
2018-11-25 00:24:22 +01:00
|
|
|
define FAIL2BAN_INSTALL_INIT_SYSV
|
|
|
|
$(INSTALL) -D -m 755 package/fail2ban/S60fail2ban \
|
|
|
|
$(TARGET_DIR)/etc/init.d/S60fail2ban
|
|
|
|
endef
|
|
|
|
|
|
|
|
define FAIL2BAN_INSTALL_INIT_SYSTEMD
|
|
|
|
$(INSTALL) -D -m 0644 $(@D)/files/fail2ban.service.in \
|
|
|
|
$(TARGET_DIR)/usr/lib/systemd/system/fail2ban.service
|
|
|
|
$(SED) 's,@BINDIR@,/usr/bin,g' $(TARGET_DIR)/usr/lib/systemd/system/fail2ban.service
|
2019-03-28 14:41:00 +01:00
|
|
|
$(SED) '/^PIDFile/c\PIDFile=/run/fail2ban.pid' $(TARGET_DIR)/usr/lib/systemd/system/fail2ban.service
|
2018-11-25 00:24:22 +01:00
|
|
|
endef
|
|
|
|
|
|
|
|
$(eval $(python-package))
|