1*4882a593Smuzhiyun################################################################################ 2*4882a593Smuzhiyun# 3*4882a593Smuzhiyun# fail2ban 4*4882a593Smuzhiyun# 5*4882a593Smuzhiyun################################################################################ 6*4882a593Smuzhiyun 7*4882a593SmuzhiyunFAIL2BAN_VERSION = 0.11.2 8*4882a593SmuzhiyunFAIL2BAN_SITE = $(call github,fail2ban,fail2ban,$(FAIL2BAN_VERSION)) 9*4882a593SmuzhiyunFAIL2BAN_LICENSE = GPL-2.0+ 10*4882a593SmuzhiyunFAIL2BAN_LICENSE_FILES = COPYING 11*4882a593SmuzhiyunFAIL2BAN_CPE_ID_VENDOR = fail2ban 12*4882a593SmuzhiyunFAIL2BAN_SELINUX_MODULES = fail2ban 13*4882a593SmuzhiyunFAIL2BAN_SETUP_TYPE = distutils 14*4882a593Smuzhiyun 15*4882a593Smuzhiyun# 0001-fixed-possible-RCE-vulnerability-unset-escape-variable.patch 16*4882a593SmuzhiyunFAIL2BAN_IGNORE_CVES += CVE-2021-32749 17*4882a593Smuzhiyun 18*4882a593Smuzhiyunifeq ($(BR2_PACKAGE_PYTHON3),y) 19*4882a593Smuzhiyundefine FAIL2BAN_PYTHON_2TO3 20*4882a593Smuzhiyun $(HOST_DIR)/bin/2to3 --write --nobackups --no-diffs $(@D)/bin/* $(@D)/fail2ban 21*4882a593Smuzhiyunendef 22*4882a593SmuzhiyunFAIL2BAN_DEPENDENCIES += host-python3 23*4882a593Smuzhiyun# We can't use _POST_PATCH_HOOKS because dependencies are not guaranteed 24*4882a593Smuzhiyun# to build and install before _POST_PATCH_HOOKS run. 25*4882a593SmuzhiyunFAIL2BAN_PRE_CONFIGURE_HOOKS += FAIL2BAN_PYTHON_2TO3 26*4882a593Smuzhiyunendif 27*4882a593Smuzhiyun 28*4882a593Smuzhiyundefine FAIL2BAN_FIX_DEFAULT_CONFIG 29*4882a593Smuzhiyun $(SED) '/^socket/c\socket = /run/fail2ban.sock' $(TARGET_DIR)/etc/fail2ban/fail2ban.conf 30*4882a593Smuzhiyun $(SED) '/^pidfile/c\pidfile = /run/fail2ban.pid' $(TARGET_DIR)/etc/fail2ban/fail2ban.conf 31*4882a593Smuzhiyun $(SED) '/^dbfile/c\dbfile = None' $(TARGET_DIR)/etc/fail2ban/fail2ban.conf 32*4882a593Smuzhiyunendef 33*4882a593SmuzhiyunFAIL2BAN_POST_INSTALL_TARGET_HOOKS += FAIL2BAN_FIX_DEFAULT_CONFIG 34*4882a593Smuzhiyun 35*4882a593Smuzhiyun# fail2ban-python points to host python 36*4882a593Smuzhiyundefine FAIL2BAN_FIX_FAIL2BAN_PYTHON_SYMLINK 37*4882a593Smuzhiyun ln -snf $(if $(BR2_PACKAGE_PYTHON),python,python3) \ 38*4882a593Smuzhiyun $(TARGET_DIR)/usr/bin/fail2ban-python 39*4882a593Smuzhiyunendef 40*4882a593SmuzhiyunFAIL2BAN_POST_INSTALL_TARGET_HOOKS += FAIL2BAN_FIX_FAIL2BAN_PYTHON_SYMLINK 41*4882a593Smuzhiyun 42*4882a593Smuzhiyundefine FAIL2BAN_INSTALL_INIT_SYSV 43*4882a593Smuzhiyun $(INSTALL) -D -m 755 package/fail2ban/S60fail2ban \ 44*4882a593Smuzhiyun $(TARGET_DIR)/etc/init.d/S60fail2ban 45*4882a593Smuzhiyunendef 46*4882a593Smuzhiyun 47*4882a593Smuzhiyundefine FAIL2BAN_INSTALL_INIT_SYSTEMD 48*4882a593Smuzhiyun $(INSTALL) -D -m 0644 $(@D)/files/fail2ban.service.in \ 49*4882a593Smuzhiyun $(TARGET_DIR)/usr/lib/systemd/system/fail2ban.service 50*4882a593Smuzhiyun $(SED) 's,@BINDIR@,/usr/bin,g' $(TARGET_DIR)/usr/lib/systemd/system/fail2ban.service 51*4882a593Smuzhiyun $(SED) '/^PIDFile/c\PIDFile=/run/fail2ban.pid' $(TARGET_DIR)/usr/lib/systemd/system/fail2ban.service 52*4882a593Smuzhiyunendef 53*4882a593Smuzhiyun 54*4882a593Smuzhiyun$(eval $(python-package)) 55