diff options
Diffstat (limited to 'security/ossec-hids-local/files/patch-active-response_host-deny.sh')
| -rw-r--r-- | security/ossec-hids-local/files/patch-active-response_host-deny.sh | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/security/ossec-hids-local/files/patch-active-response_host-deny.sh b/security/ossec-hids-local/files/patch-active-response_host-deny.sh new file mode 100644 index 0000000..aff6243 --- /dev/null +++ b/security/ossec-hids-local/files/patch-active-response_host-deny.sh @@ -0,0 +1,15 @@ +--- active-response/host-deny.sh.orig 2018-06-26 12:15:38 UTC ++++ active-response/host-deny.sh +@@ -126,10 +126,10 @@ if [ "x${ACTION}" = "xadd" ]; then + # Deleting from hosts.deny + elif [ "x${ACTION}" = "xdelete" ]; then + lock; +- TMP_FILE=`mktemp /var/ossec/ossec-hosts.XXXXXXXXXX` ++ TMP_FILE=`mktemp ${PWD}/ossec-hosts.XXXXXXXXXX` + if [ "X${TMP_FILE}" = "X" ]; then + # Cheap fake tmpfile, but should be harder then no random data +- TMP_FILE="/var/ossec/ossec-hosts.`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -1 `" ++ TMP_FILE="${PWD}/ossec-hosts.`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -1 `" + fi + echo "${IP}" | grep "\:" > /dev/null 2>&1 + if [ $? = 0 ]; then |