FS#13691 - sshguard package from community has wrong paths for iptables
Attached to Project:
Community Packages
Opened by Matthew William Cox (mwc) - Saturday, 07 March 2009, 04:48 GMT
Last edited by Sergej Pupykin (sergej) - Monday, 09 March 2009, 21:12 GMT
Opened by Matthew William Cox (mwc) - Saturday, 07 March 2009, 04:48 GMT
Last edited by Sergej Pupykin (sergej) - Monday, 09 March 2009, 21:12 GMT
|
Details
Description:
The sshguard package in community is broken (completely nonfunctional) because it was compiled with the wrong path for iptables. Steps to reproduce: On my 32 bit VPS, sshguard has the wrong paths: /sbin/iptables -F sshguard ; /sbin/ip6tables -F sshguard case $SSHG_ADDRKIND in 4) exec /sbin/iptables -D sshguard -s $SSHG_ADDR -j DROP ;; 6) exec /sbin/ip6tables -D sshguard -s $SSHG_ADDR -j DROP ;; *) exit -2 ;; esac case $SSHG_ADDRKIND in 4) exec /sbin/iptables -A sshguard -s $SSHG_ADDR -j DROP ;; 6) exec /sbin/ip6tables -A sshguard -s $SSHG_ADDR -j DROP ;; *) exit -2 ;; esac The iptables package provides iptables in /usr/sbin. Here's the output on a 64-bit arch system, which has the correct paths for ip{6,}tables: % strings /usr/sbin/sshguard | grep iptables /usr/sbin/iptables -F sshguard ; /usr/sbin/ip6tables -F sshguard case $SSHG_ADDRKIND in 4) exec /usr/sbin/iptables -D sshguard -s $SSHG_ADDR -j DROP ;; 6) exec /usr/sbin/ip6tables -D sshguard -s $SSHG_ADDR -j DROP ;; *) exit -2 ;; esac case $SSHG_ADDRKIND in 4) exec /usr/sbin/iptables -A sshguard -s $SSHG_ADDR -j DROP ;; 6) exec /usr/sbin/ip6tables -A sshguard -s $SSHG_ADDR -j DROP ;; *) exit -2 ;; esac |
This task depends upon
Closed by Sergej Pupykin (sergej)
Monday, 09 March 2009, 21:12 GMT
Reason for closing: Fixed
Additional comments about closing: try 1.4rc3-1
Monday, 09 March 2009, 21:12 GMT
Reason for closing: Fixed
Additional comments about closing: try 1.4rc3-1