[yocto] [meta-security][PATCH] fail2bin: Add new package
akuster808
akuster808 at gmail.com
Fri Sep 1 06:41:38 PDT 2017
Hello Paul,
On 08/31/2017 10:35 PM, Paul Eggleton wrote:
> Hi Armin,
>
> On Friday, 1 September 2017 5:09:23 PM NZST Armin Kuster wrote:
>> Fail2Ban scans log files like /var/log/auth.log and bans IP addresses having too
>> many failed login attempts. It does this by updating system firewall rules to reject
>> new connections from those IP addresses, for a configurable amount of time.
>> Fail2Ban comes out-of-the-box ready to read many standard log files, such as
>> those for sshd and Apache, and is easy to configure to read any log file you
>> choose, for any error you choose.
>> ...
>> +++ b/recipes-security/fail2ban/fail2ban_0.10.0.bb
>> @@ -0,0 +1,41 @@
>> +SUMMARY = "Daemon to ban hosts that cause multiple authentication errors."
>> +DESCIPTION = "Fail2Ban scans log files like /var/log/auth.log and bans IP addresses having too \
> Typo ^. Also typo "fail2bin" in the shortlog.
ah.. thanks for the corrections.
>
> Great to see this added though, and that it's alive upstream - I wrote a recipe
> for fail2ban a few years ago (around the 0.8.4 times) and then noticed it had
> a number of security issues and so I dropped it. I just found I still have the recipe
> and I was doing a few things like sed'ing the hardcoded paths in the config
> and setting CONFFILES that you don't have here, so I could send you a patch
> afterwards with those tweaks if you like.
sure.
kind regards,
Armin
>
> Cheers,
> Paul
>
More information about the yocto
mailing list