Mail archive
alpine-devel

[alpine-devel] [PATCH] testing/sshguard: fix parsing of busybox syslog

From: Roger Pau Monne <roger.pau_at_entel.upc.edu>
Date: Tue, 7 Feb 2012 20:50:30 +0100

---
 testing/sshguard/APKBUILD     |    8 +++++---
 testing/sshguard/parser.patch |   11 +++++++++++
 2 files changed, 16 insertions(+), 3 deletions(-)
 create mode 100644 testing/sshguard/parser.patch
diff --git a/testing/sshguard/APKBUILD b/testing/sshguard/APKBUILD
index 089c587..c6a69b4 100644
--- a/testing/sshguard/APKBUILD
+++ b/testing/sshguard/APKBUILD
_at_@ -2,7 +2,7 @@
 # Maintainer: Natanael Copa <ncopa_at_alpinelinux.org>
 pkgname=sshguard
 pkgver=1.5
-pkgrel=0
+pkgrel=1
 pkgdesc="Log monitor that blocks with iptables on bad behaviour"
 url="http://www.sshguard.net/"
 arch="all"
_at_@ -14,7 +14,8 @@ install=""
 subpackages="$pkgname-doc"
 source="http://downloads.sourceforge.net/project/sshguard/sshguard/sshguard-$pkgver/sshguard-$pkgver.tar.bz2
 	sshguard.initd
-	sshguard.confd"
+	sshguard.confd
+	parser.patch"
 
 _builddir="$srcdir"/sshguard-$pkgver
 prepare() {
_at_@ -46,4 +47,5 @@ package() {
 
 md5sums="11b9f47f9051e25bdfe84a365c961ec1  sshguard-1.5.tar.bz2
 13eb7c7e7a91cc347dbd6ff111d662c4  sshguard.initd
-02dc914d310ea759a66ebb136f495e4e  sshguard.confd"
+02dc914d310ea759a66ebb136f495e4e  sshguard.confd
+84ff8858abb8d5a673037cf592bb6794  parser.patch"
diff --git a/testing/sshguard/parser.patch b/testing/sshguard/parser.patch
new file mode 100644
index 0000000..51f9915
--- /dev/null
+++ b/testing/sshguard/parser.patch
_at_@ -0,0 +1,11 @@
+--- sshguard-1.5/src/parser/attack_scanner.l
++++ sshguard-1.5-mod/src/parser/attack_scanner.l
+_at_@ -107,7 +107,7 @@
+   */
+ 
+  /* handle entries with PID and without PID from processes other than sshguard */
+-{TIMESTAMP_SYSLOG}[ ]+([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+{PROCESSNAME}"["{NUMBER}"]: "{SOLARIS_MSGID_TAG}? {
++{TIMESTAMP_SYSLOG}[ ]+([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+{PROCESSNAME}"["{NUMBER}"]: "{SOLARIS_MSGID_TAG}? {
+         /* extract PID */
+         yylval.num = getsyslogpid(yytext, yyleng);
+         return SYSLOG_BANNER_PID;
-- 
1.7.9
---
Unsubscribe:  alpine-devel+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-devel+help_at_lists.alpinelinux.org
---
Received on Tue Feb 07 2012 - 20:50:30 UTC