testing/sshguard: fix parsing of busybox syslog

Roger Pau Monne: 1
 testing/sshguard: fix parsing of busybox syslog

 2 files changed, 16 insertions(+), 3 deletions(-)

Roger Pau Monné <roger.pau@entel.upc.edu>

12 years ago

2012/2/8 Natanael Copa <ncopa@alpinelinux.org>:

Export patchset (mbox)

How do I use this?

Copy & paste the following snippet into your terminal to import this patchset into git:

curl -s https://lists.alpinelinux.org/~alpine/devel/patches/326/mbox | git am -3

Learn more about email & git

Reply to thread View this thread in the archives

[alpine-devel] [PATCH] testing/sshguard: fix parsing of busybox syslog Export this patch

Roger Pau Monne <roger.pau@entel.upc.edu>

12 years ago

---
 testing/sshguard/APKBUILD     |    8 +++++---
 testing/sshguard/parser.patch |   11 +++++++++++
 2 files changed, 16 insertions(+), 3 deletions(-)
 create mode 100644 testing/sshguard/parser.patch

Natanael Copa <ncopa@alpinelinux.org>

12 years ago

Applied.

Can I assume that you have tested it and it works, more or less?

Roger Pau Monné <roger.pau@entel.upc.edu>

12 years ago
It looks like, lines are parsed ok now (unless there are some hidden
bugs that I'm still not aware of)
Next

Then I'll move it to main.

Thanks!

Roger Pau Monné <roger.pau@entel.upc.edu>

12 years ago

---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---

---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---

diff --git a/testing/sshguard/APKBUILD b/testing/sshguard/APKBUILD
index 089c587..c6a69b4 100644
--- a/testing/sshguard/APKBUILD
+++ b/testing/sshguard/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=sshguard
 pkgver=1.5
-pkgrel=0
+pkgrel=1
 pkgdesc="Log monitor that blocks with iptables on bad behaviour"
 url="http://www.sshguard.net/"
 arch="all"
@@ -14,7 +14,8 @@ install=""
 subpackages="$pkgname-doc"
 source="http://downloads.sourceforge.net/project/sshguard/sshguard/sshguard-$pkgver/sshguard-$pkgver.tar.bz2
 	sshguard.initd
-	sshguard.confd"
+	sshguard.confd
+	parser.patch"
 
 _builddir="$srcdir"/sshguard-$pkgver
 prepare() {
@@ -46,4 +47,5 @@ package() {
 
 md5sums="11b9f47f9051e25bdfe84a365c961ec1  sshguard-1.5.tar.bz2
 13eb7c7e7a91cc347dbd6ff111d662c4  sshguard.initd
-02dc914d310ea759a66ebb136f495e4e  sshguard.confd"
+02dc914d310ea759a66ebb136f495e4e  sshguard.confd
+84ff8858abb8d5a673037cf592bb6794  parser.patch"
diff --git a/testing/sshguard/parser.patch b/testing/sshguard/parser.patch
new file mode 100644
index 0000000..51f9915
--- /dev/null
+++ b/testing/sshguard/parser.patch
@@ -0,0 +1,11 @@
+--- sshguard-1.5/src/parser/attack_scanner.l
++++ sshguard-1.5-mod/src/parser/attack_scanner.l
+@@ -107,7 +107,7 @@
+   */
+ 
+  /* handle entries with PID and without PID from processes other than sshguard */
+-{TIMESTAMP_SYSLOG}[ ]+([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+{PROCESSNAME}"["{NUMBER}"]: "{SOLARIS_MSGID_TAG}? {
++{TIMESTAMP_SYSLOG}[ ]+([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+([a-zA-Z0-9]|{WORD}|{HOSTADDR})[ ]+{PROCESSNAME}"["{NUMBER}"]: "{SOLARIS_MSGID_TAG}? {
+         /* extract PID */
+         yylval.num = getsyslogpid(yytext, yyleng);
+         return SYSLOG_BANNER_PID;
-- 
1.7.9



---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---

~alpine/devel

testing/sshguard: fix parsing of busybox syslog v1 PROPOSED

[alpine-devel] [PATCH] testing/sshguard: fix parsing of busybox syslog Export this patch