[yocto] [meta-security][PATCH] fail2bin: Add new package
Paul Eggleton
paul.eggleton at linux.intel.com
Thu Aug 31 22:35:19 PDT 2017
Hi Armin,
On Friday, 1 September 2017 5:09:23 PM NZST Armin Kuster wrote:
> Fail2Ban scans log files like /var/log/auth.log and bans IP addresses having too
> many failed login attempts. It does this by updating system firewall rules to reject
> new connections from those IP addresses, for a configurable amount of time.
> Fail2Ban comes out-of-the-box ready to read many standard log files, such as
> those for sshd and Apache, and is easy to configure to read any log file you
> choose, for any error you choose.
> ...
> +++ b/recipes-security/fail2ban/fail2ban_0.10.0.bb
> @@ -0,0 +1,41 @@
> +SUMMARY = "Daemon to ban hosts that cause multiple authentication errors."
> +DESCIPTION = "Fail2Ban scans log files like /var/log/auth.log and bans IP addresses having too \
Typo ^. Also typo "fail2bin" in the shortlog.
Great to see this added though, and that it's alive upstream - I wrote a recipe
for fail2ban a few years ago (around the 0.8.4 times) and then noticed it had
a number of security issues and so I dropped it. I just found I still have the recipe
and I was doing a few things like sed'ing the hardcoded paths in the config
and setting CONFFILES that you don't have here, so I could send you a patch
afterwards with those tweaks if you like.
Cheers,
Paul
--
Paul Eggleton
Intel Open Source Technology Centre
More information about the yocto
mailing list