--- /dev/null
+/var/log/fail2ban.log {
+ missingok
+ notifempty
+ size 30k
+ create 0600 root root
+ postrotate
+ /usr/bin/fail2ban-client set logtarget SYSLOG 2> /dev/null || true
+ endscript
+}
--- /dev/null
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007, 2008 Michael Tremer & Christian Schmidt #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include $(PKGROOT)/Include
+
+PKG_NAME = fail2ban
+PKG_VER = 0.8.4
+PKG_REL = 0
+
+PKG_MAINTAINER =
+PKG_GROUP = Security/Tools
+PKG_URL = http://fail2ban.sourceforge.net/
+PKG_LICENSE = GPLv2+
+PKG_SUMMARY = Ban IPs that make too many password failures.
+
+PKG_BUILD_DEPS+= python-devel
+
+
+define PKG_DESCRIPTION
+ Fail2ban scans log files like /var/log/pwdfail or
+ /var/log/apache/error_log and bans IP that makes too many password
+ failures. It updates firewall rules to reject the IP address.
+endef
+
+PKG_TARBALL = $(THISAPP).tar.bz2
+
+STAGE_BUILD = # nothing to do
+
+define STAGE_INSTALL
+ cd $(DIR_APP) && python setup.py install --root=$(BUILDROOT)
+ -mkdir -pv $(BUILDROOT)/etc/logrotate.d/
+ cp -vf $(DIR_SOURCE)/fail2ban.logrotate $(BUILDROOT)/etc/logrotate.d/fail2ban
+endef
--- /dev/null
+--- fail2ban-0.8.1/config/jail.conf.sshd 2007-08-09 00:49:59.000000000 +0200
++++ fail2ban-0.8.1/config/jail.conf 2007-08-15 21:41:33.000000000 +0200
+@@ -42,11 +42,11 @@
+
+ [ssh-iptables]
+
+-enabled = false
++enabled = true
+ filter = sshd
+ action = iptables[name=SSH, port=ssh, protocol=tcp]
+- sendmail-whois[name=SSH, dest=you@mail.com, sender=fail2ban@mail.com]
+-logpath = /var/log/sshd.log
++ sendmail-whois[name=SSH, dest=root, sender=fail2ban@mail.com]
++logpath = /var/log/secure
+ maxretry = 5
+
+ [proftpd-iptables]
--- /dev/null
+--- fail2ban-0.8.2/server/filter.py.orig 2008-03-27 16:26:59.000000000 +0000
++++ fail2ban-0.8.2/server/filter.py 2008-03-27 15:29:48.000000000 +0000
+@@ -428,6 +428,7 @@
+ # is computed and compared to the previous hash of this line.
+
+ import md5
++import fcntl
+
+ class FileContainer:
+
+@@ -455,6 +456,11 @@
+
+ def open(self):
+ self.__handler = open(self.__filename)
++
++ # Set the file descriptor to be FD_CLOEXEC
++ fd = self.__handler.fileno()
++ fcntl.fcntl (self.__handler.fileno(), fcntl.F_SETFD, fd | fcntl.FD_CLOEXEC)
++
+ firstLine = self.__handler.readline()
+ # Computes the MD5 of the first line.
+ myHash = md5.new(firstLine).digest()
--- /dev/null
+--- fail2ban-0.8.3/files/redhat-initd.init 2008-03-10 23:36:22.000000000 +0100
++++ fail2ban-0.8.3/files/redhat-initd 2008-08-24 20:46:01.000000000 +0200
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ #
+-# chkconfig: 345 92 08
++# chkconfig: - 92 08
+ # description: Fail2ban daemon
+ # http://fail2ban.sourceforge.net/wiki/index.php/Main_Page
+ # process name: fail2ban-server
+@@ -27,8 +27,7 @@
+ echo -n $"Starting fail2ban: "
+ getpid
+ if [ -z "$pid" ]; then
+- rm -rf /var/run/fail2ban/fail2ban.sock # in case of unclean shutdown
+- $FAIL2BAN start > /dev/null
++ $FAIL2BAN -x start > /dev/null
+ RETVAL=$?
+ fi
+ if [ $RETVAL -eq 0 ]; then
--- /dev/null
+--- fail2ban-0.8.3/config/fail2ban.conf~ 2008-02-27 22:44:55.000000000 +0100
++++ fail2ban-0.8.3/config/fail2ban.conf 2009-08-27 20:48:25.000000000 +0200
+@@ -22,7 +22,7 @@
+ # Only one log target can be specified.
+ # Values: STDOUT STDERR SYSLOG file Default: /var/log/fail2ban.log
+ #
+-logtarget = /var/log/fail2ban.log
++logtarget = SYSLOG
+
+ # Option: socket
+ # Notes.: Set the socket file. This is used to communicate with the daemon. Do