On Tue, Sep 10, 2024 at 08:22:25AM +0200, Landry Breuil wrote:
> hi,
>
> here's a port for https://reaction.ppom.me/, which is a lightweight
> fail2ban-like, currently written in go (but uses few modules and builds
> quickly) and pending a rewrite in rust (per
> https://framagit.org/ppom/reaction/-/issues/103)
>
> the configuration can be in jsonnet or yaml format (cf
> https://blog.ppom.me/en-reaction/), i've included under files/ an
> authlog.jsonnet sample that upstream provides to add ssh bots to a
> blocked_ssh table, one only needs to append two lines to pf.conf to
> block those (a MESSAGE files advises so).
If I understand correctly, this needs to run as root since the authlog
script issues pfctl commands.
I'd replace the 'cp -r' in the Makefile with ${INSTALL_DATA}. Other than
that this looks ok (haven't tested more than packaging on amd64).
