Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-misc
diff options
context:
space:
mode:
authorGeorgy Yakovlev <gyakovlev@gentoo.org>2019-03-25 14:56:38 -0700
committerGeorgy Yakovlev <gyakovlev@gentoo.org>2019-03-25 14:57:22 -0700
commitd838e64623453aa3ec106d76b34509327d583066 (patch)
tree28ad76273aabf92ad61c75f931d425ce250745c5 /net-misc
parentapp-editors/gvim: apply #669306 fix to gvim ebuilds. (diff)
downloadgentoo-d838e64623453aa3ec106d76b34509327d583066.tar.gz
gentoo-d838e64623453aa3ec106d76b34509327d583066.tar.bz2
gentoo-d838e64623453aa3ec106d76b34509327d583066.zip
net-misc/endlessh: new package, ssh tarpit service
Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>
Diffstat (limited to 'net-misc')
-rw-r--r--net-misc/endlessh/Manifest1
-rw-r--r--net-misc/endlessh/endlessh-0.1.ebuild70
-rw-r--r--net-misc/endlessh/endlessh-9999.ebuild70
-rw-r--r--net-misc/endlessh/files/endlessh.confd22
-rwxr-xr-xnet-misc/endlessh/files/endlessh.initd22
-rw-r--r--net-misc/endlessh/files/logrotated7
-rw-r--r--net-misc/endlessh/metadata.xml23
7 files changed, 215 insertions, 0 deletions
diff --git a/net-misc/endlessh/Manifest b/net-misc/endlessh/Manifest
new file mode 100644
index 000000000000..997e300902ac
--- /dev/null
+++ b/net-misc/endlessh/Manifest
@@ -0,0 +1 @@
+DIST endlessh-0.1.tar.gz 8566 BLAKE2B e8fefd6ef80d26c25f57ffe1cef502af05322e348d63ca17c0bb626e35d5c1d35cb98384b35c86c579f2876573f4c13468605c3f44325a48d19e27c499657853 SHA512 0d11c82a708a26bd77ca85f7f3bd0eda2807ded9de88e3e518da09a38b3e94fc2658ea6f210e4f1493d38ca5948968c5488c8f2f09ff2adf22b799622b4952b8
diff --git a/net-misc/endlessh/endlessh-0.1.ebuild b/net-misc/endlessh/endlessh-0.1.ebuild
new file mode 100644
index 000000000000..105c786b1013
--- /dev/null
+++ b/net-misc/endlessh/endlessh-0.1.ebuild
@@ -0,0 +1,70 @@
+# Copyright 2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_6 )
+
+inherit python-single-r1 systemd toolchain-funcs
+
+DESCRIPTION="SSH tarpit that slowly sends and endless banner"
+HOMEPAGE="https://github.com/skeeto/endlessh"
+
+if [ ${PV} == "9999" ] ; then
+ inherit git-r3
+ EGIT_REPO_URI="https://github.com/skeeto/${PN}.git"
+else
+ SRC_URI="https://github.com/skeeto/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
+ KEYWORDS="~amd64 ~x86"
+fi
+
+LICENSE="Unlicense"
+SLOT="0"
+IUSE="tools"
+REQUIRED_USE="tools? ( ${PYTHON_REQUIRED_USE} )"
+
+DEPEND=""
+
+RDEPEND="${DEPEND}
+ tools? (
+ ${PYTHON_DEPS}
+ dev-db/sqlite
+ dev-python/pyrfc3339[${PYTHON_USEDEP}]
+ )
+"
+
+BDEPEND=""
+
+pkg_setup() {
+ use tools && python-single-r1_pkg_setup
+}
+
+src_prepare() {
+ default
+
+ tc-export CC
+
+ sed -i \
+ -e 's/^CC/CC?/' \
+ -e 's/^CFLAGS =/CFLAGS +=/' \
+ -e 's/ -Os//' \
+ -e 's/^LDFLAGS/LDFLAGS?/' \
+ Makefile || die
+
+ sed -i -e "/^ExecStart=/ s:=/opt/endlessh:=${EPREFIX}/usr/bin:" \
+ util/endlessh.service || die
+}
+
+src_install() {
+ dobin endlessh
+
+ newinitd "${FILESDIR}"/endlessh.initd endlessh
+ newconfd "${FILESDIR}"/endlessh.confd endlessh
+
+ systemd_dounit util/endlessh.service
+
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}/logrotated" endlessh
+
+ einstalldocs
+}
diff --git a/net-misc/endlessh/endlessh-9999.ebuild b/net-misc/endlessh/endlessh-9999.ebuild
new file mode 100644
index 000000000000..105c786b1013
--- /dev/null
+++ b/net-misc/endlessh/endlessh-9999.ebuild
@@ -0,0 +1,70 @@
+# Copyright 2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_6 )
+
+inherit python-single-r1 systemd toolchain-funcs
+
+DESCRIPTION="SSH tarpit that slowly sends and endless banner"
+HOMEPAGE="https://github.com/skeeto/endlessh"
+
+if [ ${PV} == "9999" ] ; then
+ inherit git-r3
+ EGIT_REPO_URI="https://github.com/skeeto/${PN}.git"
+else
+ SRC_URI="https://github.com/skeeto/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
+ KEYWORDS="~amd64 ~x86"
+fi
+
+LICENSE="Unlicense"
+SLOT="0"
+IUSE="tools"
+REQUIRED_USE="tools? ( ${PYTHON_REQUIRED_USE} )"
+
+DEPEND=""
+
+RDEPEND="${DEPEND}
+ tools? (
+ ${PYTHON_DEPS}
+ dev-db/sqlite
+ dev-python/pyrfc3339[${PYTHON_USEDEP}]
+ )
+"
+
+BDEPEND=""
+
+pkg_setup() {
+ use tools && python-single-r1_pkg_setup
+}
+
+src_prepare() {
+ default
+
+ tc-export CC
+
+ sed -i \
+ -e 's/^CC/CC?/' \
+ -e 's/^CFLAGS =/CFLAGS +=/' \
+ -e 's/ -Os//' \
+ -e 's/^LDFLAGS/LDFLAGS?/' \
+ Makefile || die
+
+ sed -i -e "/^ExecStart=/ s:=/opt/endlessh:=${EPREFIX}/usr/bin:" \
+ util/endlessh.service || die
+}
+
+src_install() {
+ dobin endlessh
+
+ newinitd "${FILESDIR}"/endlessh.initd endlessh
+ newconfd "${FILESDIR}"/endlessh.confd endlessh
+
+ systemd_dounit util/endlessh.service
+
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}/logrotated" endlessh
+
+ einstalldocs
+}
diff --git a/net-misc/endlessh/files/endlessh.confd b/net-misc/endlessh/files/endlessh.confd
new file mode 100644
index 000000000000..a114889c8cac
--- /dev/null
+++ b/net-misc/endlessh/files/endlessh.confd
@@ -0,0 +1,22 @@
+# /etc/conf.d/endlessh: config file for /etc/init.d/endlessh
+#
+#ENDLESSH_ARGS=""
+#
+# -d INT Message millisecond delay [10000]
+# -f Set and load config file [/etc/endlessh/config]
+# -l INT Maximum banner line length (3-255) [32]
+# -m INT Maximum number of clients [4096]
+# -p INT Listening port [2222]
+# -v Print diagnostics to standard output (repeatable)
+
+# EXAMPLE: listen on port 22, log all queries and errors in very verbose mode
+
+#ENDLESSH_ARGS="-p 22 -vv"
+
+# plain file (preferred), change logrotate file as well if you change this.
+#output_log=/var/log/"${RC_SVCNAME}.log"
+#error_log=/var/log/"${RC_SVCNAME}.error.log"
+
+# syslog support via LOGGER(1). Note this spawns logger processes per io stream
+#output_logger="logger -p daemon.none --"
+#error_logger="logger -p daemon.err --"
diff --git a/net-misc/endlessh/files/endlessh.initd b/net-misc/endlessh/files/endlessh.initd
new file mode 100755
index 000000000000..a88fd9c34c90
--- /dev/null
+++ b/net-misc/endlessh/files/endlessh.initd
@@ -0,0 +1,22 @@
+#!/sbin/openrc-run
+# Copyright 2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+depend() {
+ need localmount
+ use net
+}
+
+description="Starts endlessh tarpit"
+
+command="/usr/bin/endlessh"
+command_args="${ENDLESSH_ARGS}"
+command_background="true"
+extra_started_commands="reload"
+pidfile="/run/${RC_SVCNAME}.pid"
+
+reload() {
+ ebegin "Reloading ${RC_SVCNAME} configuration"
+ start-stop-daemon --exec $command --signal HUP
+ eend $?
+}
diff --git a/net-misc/endlessh/files/logrotated b/net-misc/endlessh/files/logrotated
new file mode 100644
index 000000000000..53c9efbfe873
--- /dev/null
+++ b/net-misc/endlessh/files/logrotated
@@ -0,0 +1,7 @@
+/var/log/endlessh.log /var/log/endlessh.error.log {
+ missingok
+ notifempty
+ postrotate
+ /etc/init.d/endlessh -q reload
+ endscript
+}
diff --git a/net-misc/endlessh/metadata.xml b/net-misc/endlessh/metadata.xml
new file mode 100644
index 000000000000..10db1a22fbfe
--- /dev/null
+++ b/net-misc/endlessh/metadata.xml
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <email>gyakovlev@gentoo.org</email>
+ <name>Georgy Yakovlev</name>
+ </maintainer>
+ <longdescription lang="en">
+ Endlessh is an SSH tarpit that very slowly sends an endless, random SSH banner.
+ It keeps SSH clients locked up for hours or even days at a time.
+ The purpose is to put your real SSH server on another port and then let the script kiddies get stuck in this tarpit instead of bothering a real server.
+
+ Since the tarpit is in the banner before any cryptographic exchange occurs, this program doesn't depend on any cryptographic libraries.
+ It's a simple, single-threaded, standalone C program.
+ It uses poll() to trap multiple clients at a time.
+ </longdescription>
+ <upstream>
+ <remote-id type="github">skeeto/endlessh</remote-id>
+ </upstream>
+ <use>
+ <flag name="tools">Install additional python script which can be used to parse logs and save summary to sqlite database</flag>
+ </use>
+</pkgmetadata>