# $Id: Portfile 64382 2010-03-04 20:48:17Z dluke@macports.org $

PortSystem 1.0
name                sshguard-ipfw
version             1.4
categories          net security
platforms           darwin
maintainers         nefar@otherware.org

description         Protects hosts from brute force attacks against ssh and other services using ipfw

long_description    Sshguard monitors services from their logging activity. It \
                    reacts to messages about dangerous activity by blocking the \
                    source address with the local firewall. \
                    \
                    Sshguard employs a clever parser that can recognize several \
                    logging formats at once transparently (syslog, syslog-ng, \
                    metalog, multilog, raw messages), and detects attacks for \
                    many services out of the box, including SSH, FreeBSD's ftpd \
                    and dovecot.  It can operate all the major firewalling \
                    systems, including PF, netfilter/iptables, IPFIREWALL/ipfw, \
                    IPFILTER. \
                    \
                    Sshguard has several relevant features like support for \
                    IPv6, whitelisting, suspension, log message authentication. \
                    It is reliable, easy to set up and demands very few \
                    resources to the system.

distname            sshguard-${version}
homepage            http://sshguard.sourceforge.net
master_sites        sourceforge:sshguard
checksums           md5     76ec42919089c51a64df1cd5caa27e08 \
                    sha1    afd1134199ba41721b3d4032239529040e5dd367 \
                    rmd160  1a34d29d8849ea279049a8eb24ddef839dafdbf7
use_bzip2           yes
configure.args      --with-ipfw=/sbin/ipfw --with-firewall=ipfw
startupitem.create  yes
startupitem.start "tail -n0 -F /var/log/secure.log | ${prefix}/sbin/sshguard 2>&1 > /dev/null &"
startupitem.stop "ps wuax | grep '\[s\]shguard$' | kill `awk '{ print \$2}'`"
