Name:           sshguard
Version:        1.6.1
Release:        3%{?dist}
Summary:        Protect hosts from brute-force attacks
License:        ISC and BSD and Public Domain
URL:            http://www.sshguard.net/
Source0:        http://downloads.sourceforge.net/project/sshguard/sshguard/%{version}/sshguard-%{version}.tar.xz
Source1:        sshguard.service

BuildRequires:  systemd
Requires:       firewalld
Requires:       rsyslog
%{?systemd_requires}


%description
sshguard protects hosts from brute-force attacks against SSH and other
services.  It aggregates system logs and blocks repeat offenders using
iptables.

sshguard can read log messages from standard input (suitable for piping from
syslog) or monitor one or more log files.  Log messages are parsed,
line-by-line, for recognized patterns.  If an attack, such as several login
failures within a few seconds, is detected, the offending IP is blocked.
Offenders are unblocked after a set interval, but can be semi-permanently
banned using the blacklist option.


%prep
%setup -q
find src \( -name '*.h' -o -name '*.c' \) -exec chmod -x {} +
cp -a %{SOURCE1} .


%build
# glibc headers need POSIX_C_SOURCE:
export CFLAGS="$CFLAGS -D_POSIX_C_SOURCE=200112L"
%configure --with-firewall=iptables
make %{?_smp_mflags} V=1


%install
rm -rf $RPM_BUILD_ROOT
%make_install

mkdir -p $RPM_BUILD_ROOT%{_unitdir}/
install -m 644 sshguard.service $RPM_BUILD_ROOT%{_unitdir}/


%post
%systemd_post sshguard.service


%preun
%systemd_preun sshguard.service


%postun
%systemd_postun_with_restart sshguard.service


%files
%doc README.rst COPYING examples
%{_mandir}/man8/sshguard.8*
%{_sbindir}/sshguard
%{_unitdir}/sshguard.service


%changelog
* Mon Dec 28 2015 Conrad Meyer <cemeyer@uw.edu> - 1.6.1-3
- Add POSIX defines to get addrinfo, again
- Build verbosely so cc flags are logged

* Sat Dec 26 2015 Conrad Meyer <cemeyer@uw.edu> - 1.6.1-2
- Add POSIX defines to get addrinfo

* Tue Sep 8 2015 Conrad Meyer <cemeyer@uw.edu> - 1.6.1-1
- Bump to latest version

* Mon Sep 7 2015 Conrad Meyer <cemeyer@uw.edu> - 1.5-1
- Initial package