|
|
Ligne 638 : |
Ligne 638 : |
| # | | # |
| # | | # |
| echo '
| |
| #! /bin/sh
| |
|
| |
| ### BEGIN INIT INFO
| |
| # Provides: sshguard
| |
| # Required-Start: $remote_fs $syslog
| |
| # Required-Stop: $remote_fs $syslog
| |
| # Default-Start: 2 3 4 5
| |
| # Default-Stop:
| |
| # Short-Description: sshguard
| |
| ### END INIT INFO
| |
|
| |
| case "$1" in
| |
| start)
| |
| iptables -N sshguard
| |
| ip6tables -N sshguard
| |
| iptables -A INPUT -m multiport -p tcp --destination-ports 21,22,110,143,80,443 -j sshguard
| |
| ip6tables -A INPUT -m multiport -p tcp --destination-ports 21,22,110,143,80,443 -j sshguard
| |
| tail -n0 -F /var/log/auth.log | /usr/sbin/sshguard -a 2 -p 1800 -w /etc/sshguard_whitelist &
| |
| ;;
| |
| stop)
| |
| killall /usr/sbin/sshguard
| |
| iptables -D INPUT -m multiport -p tcp --destination-ports 21,22,110,143,80,443 -j sshguard
| |
| ip6tables -D INPUT -m multiport -p tcp --destination-ports 21,22,110,143,80,443 -j sshguard
| |
| iptables -X sshguard
| |
| ip6tables -X sshguard
| |
| ;;
| |
| *)
| |
| echo "Usage: $0 {start|stop}"
| |
| exit 1
| |
| ;;
| |
| esac' > ${prefix}/etc/init.d/sshguard
| |
| chmod +x ${prefix}/etc/init.d/sshguard
| |
|
| |
| for ip in `ifconfig | grep "inet addr" | cut -d ":" -f 2 | cut -d " " -f 1`; do | | for ip in `ifconfig | grep "inet addr" | cut -d ":" -f 2 | cut -d " " -f 1`; do |
| if [ ! $ip = "127.0.0.1" ]; then | | if [ ! $ip = "127.0.0.1" ]; then |
Ligne 681 : |
Ligne 647 : |
| done | | done |
|
| |
|
| chroot ${prefix} /sbin/insserv sshguard
| |
| # | | # |
| # Log our finish | | # Log our finish |