- Setup and dist files

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@22 a942ae1a-1317-0410-a47c-b1dcaea8d605

CHANGELOG

@@ -0,0 +1,12 @@
+               __      _ _ ___ _               
+              / _|__ _(_) |_  ) |__  __ _ _ _  
+             |  _/ _` | | |/ /| '_ \/ _` | ' \ 
+             |_| \__,_|_|_/___|_.__/\__,_|_||_|
+
+=============================================================
+Fail2Ban (version 0.1.0)                           10/12/2004
+=============================================================
+
+ver. 0.1.0 (10/12/2004) - alpha
+----------
+- Initial release

MANIFEST

@@ -0,0 +1,12 @@
+README
+CHANGELOG
+setup.cfg
+setup.py
+version.py
+fail2ban.py
+firewall/__init__.py
+firewall/firewall.py
+firewall/iptables.py
+logreader/__init__.py
+logreader/logreader.py
+logreader/metalog.py

README

@@ -0,0 +1,116 @@
+               __      _ _ ___ _               
+              / _|__ _(_) |_  ) |__  __ _ _ _  
+             |  _/ _` | | |/ /| '_ \/ _` | ' \ 
+             |_| \__,_|_|_/___|_.__/\__,_|_||_|
+
+=============================================================
+Fail2Ban (version 0.1.0)                           10/12/2004
+=============================================================
+
+Fail2Ban scans log files like /var/log/pwdfail and bans IP
+that makes too much password failures. It updates firewall
+rules to reject the IP address. Currently metalog and
+iptables are supported but it should work with other syslog
+daemons. It needs log4py.
+
+This is my first Python program. I began learning Python for
+less than one week so please be understanding ;-) English is
+not either my mother tongue...
+
+
+More details:
+-------------
+
+Fail2Ban is rather simple. I have a home server connected to
+the Internet which runs apache, samba, sshd, ... I see in my
+logs that people are trying to log into my box using "manual"
+brute force or scripts. They try 10, 20 and sometimes more
+user/password (without success anyway). In order to
+discourage these script kiddies, I wanted that sshd refuse
+login from a specific ip after 3 password failures. After
+some google searches, I found that sshd was not able of that.
+So I search for a script or program that do it. Found
+nothing :-( So I decide to write mine and to learn Python :-)
+
+I read the log file (/var/log/pwdfail/current on metalog) and
+search for line with "Failed password". Then get the ip and
+if it has already done 3 or more password failure in the last
+banTime, I ban the ip for banTime using a iptable rule. After
+banTime, the rule is deleted.
+
+Runs on my server and does its job rather well :-) The idea
+is to make fail2ban usable with most syslog daemons and
+services that require a login (sshd, telnetd, ...). It should
+also support others firewalls than iptables.
+
+
+Installation:
+-------------
+
+Require: python-2.? (http://www.python.org)
+         log4py-1.1 (http://sourceforge.net/projects/log4py)
+
+To install, just do:
+
+> tar xvfj fail2ban-0.1.0.tar.bz2
+> cd fail2ban-0.1.0
+> python setup.py install
+
+Fail2Ban should now be correctly installed. Just type:
+
+> fail2ban.py -h
+
+to see if everything is alright.
+
+
+Configuration:
+--------------
+
+For the time, there is no configuration file. You must use
+commande line options instead. Here are the options:
+
+  -b         start fail2ban in background
+  -d         start fail2ban in debug mode
+  -f <FILE>  read password failure from FILE
+  -h         display this help message
+  -l <FILE>  log message in FILE
+  -t <TIME>  ban IP for TIME seconds
+  -v         verbose
+
+
+Contact:
+--------
+
+You need some new features, you found bugs or you just
+appreciate this program, you can contact me at :
+
+Website: http://www.sourceforge.net/projects/fail2ban
+
+Cyril Jaquier: <lostcontrol@users.sourceforge.net>
+
+
+Thanks:
+-------
+
+Kévin Drapel, Marvin Rouge
+
+
+License:
+--------
+
+Fail2Ban is free software; you can redistribute it
+and/or modify it under the terms of the GNU General Public
+License as published by the Free Software Foundation; either
+version 2 of the License, or (at your option) any later
+version.
+
+Fail2Ban is distributed in the hope that it will be
+useful, but WITHOUT ANY WARRANTY; without even the implied
+warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+PURPOSE.  See the GNU General Public License for more
+details.
+
+You should have received a copy of the GNU General Public
+License along with Fail2Ban; if not, write to the Free
+Software Foundation, Inc., 59 Temple Place, Suite 330,
+Boston, MA  02111-1307  USA

setup.cfg

@@ -0,0 +1,5 @@
+[install]
+install-purelib=/usr/lib/fail2ban
+
+[sdist]
+formats=bztar

setup.py

@@ -0,0 +1,42 @@
+#!/usr/bin/env python
+
+# This file is part of Fail2Ban.
+#
+# Fail2Ban is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# Fail2Ban is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Fail2Ban; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+
+# Author: Cyril Jaquier
+# 
+# $Revision$
+
+__author__ = "Cyril Jaquier"
+__version__ = "$Revision$"
+__date__ = "$Date$"
+__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
+__license__ = "GPL"
+
+from distutils.core import setup
+from version import version
+
+setup(
+        name = "fail2ban",
+        version = version,
+        description = "Ban IPs that make too much password failure",
+        author = "Cyril Jaquier",
+        author_email = "lostcontrol@users.sourceforge.net",
+        url = "http://www.sourceforge.net/projects/fail2ban",
+        scripts = ['fail2ban.py'],
+        py_modules = ['version'],
+        packages = ['firewall', 'logreader']
+)

version.py

@@ -0,0 +1,27 @@
+# This file is part of Fail2Ban.
+#
+# Fail2Ban is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# Fail2Ban is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Fail2Ban; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+
+# Author: Cyril Jaquier
+# 
+# $Revision$
+
+__author__ = "Cyril Jaquier"
+__version__ = "$Revision$"
+__date__ = "$Date$"
+__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
+__license__ = "GPL"
+
+version = "0.1.0"