about summary refs log tree commit diff
path: root/pkgs/tools/security/sshguard/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/tools/security/sshguard/default.nix')
-rw-r--r--pkgs/tools/security/sshguard/default.nix32
1 files changed, 32 insertions, 0 deletions
diff --git a/pkgs/tools/security/sshguard/default.nix b/pkgs/tools/security/sshguard/default.nix
new file mode 100644
index 000000000000..bb165e53c73d
--- /dev/null
+++ b/pkgs/tools/security/sshguard/default.nix
@@ -0,0 +1,32 @@
+{ stdenv, fetchurl, autoreconfHook, yacc, flex}:
+
+
+stdenv.mkDerivation rec {
+  version = "2.0.0";
+  name = "sshguard-${version}";
+
+  src = fetchurl {
+    url = "mirror://sourceforge/sshguard/sshguard-2.0.0.tar.gz";
+    sha256 = "e87c6c4a6dddf06f440ea76464eb6197869c0293f0a60ffa51f8a6a0d7b0cb06";
+  };
+
+  doCheck = true;
+
+  nativeBuildInputs = [ autoreconfHook yacc flex ];
+
+  configureFlags = [ "--sysconfdir=/etc" ];
+
+  patches = [ ./0001-Remove-the-unnecessary-from-ipset-cmds.patch ];
+
+  meta = with stdenv.lib; {
+    description = "SSHGuard protects hosts from brute-force attacks";
+    longDescription = ''
+      SSHGuard can read log messages from various input sources. Log messages are parsed, line-by-line, for recognized patterns.
+      If an attack, such as several login failures within a few seconds, is detected, the offending IP is blocked.
+    '';
+    homepage = https://sshguard.net;
+    license = licenses.bsd3;
+    maintainers = with maintainers; [ sargon ];
+    platforms = with platforms; linux ++ darwin ++ freebsd ++ netbsd ++ openbsd;
+  };
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-21 16:02:03 +0000