1 --- /dev/null 2015-01-23 17:30:40.000000000 -0500
2 +++ pfilter.c 2015-01-23 17:12:02.000000000 -0500
5 +#include <blacklist.h>
9 +static struct blacklist *blstate;
14 + if (blstate == NULL)
15 + blstate = blacklist_open();
19 +pfilter_notify(int what, const char *msg)
23 + if (blstate == NULL)
26 + blacklist_r(blstate, what, 0, msg);
28 --- /dev/null 2015-01-23 17:30:40.000000000 -0500
29 +++ pfilter.h 2015-01-23 17:07:25.000000000 -0500
31 +void pfilter_open(void);
32 +void pfilter_notify(int, const char *);
34 ===================================================================
35 RCS file: /cvsroot/src/libexec/ftpd/Makefile,v
36 retrieving revision 1.63
37 diff -u -p -u -r1.63 Makefile
38 --- Makefile 14 Aug 2011 11:46:28 -0000 1.63
39 +++ Makefile 23 Jan 2015 22:32:20 -0000
40 @@ -11,6 +11,10 @@ LDADD+= -lcrypt -lutil
41 MAN= ftpd.conf.5 ftpusers.5 ftpd.8
42 MLINKS= ftpusers.5 ftpchroot.5
46 +DPADD+= ${LIBBLACKLIST}
48 .if defined(NO_INTERNAL_LS)
49 CPPFLAGS+=-DNO_INTERNAL_LS
52 ===================================================================
53 RCS file: /cvsroot/src/libexec/ftpd/ftpd.c,v
54 retrieving revision 1.200
55 diff -u -p -u -r1.200 ftpd.c
56 --- ftpd.c 31 Jul 2013 19:50:47 -0000 1.200
57 +++ ftpd.c 23 Jan 2015 22:32:20 -0000
58 @@ -165,6 +165,8 @@ __RCSID("$NetBSD: ftpd.c,v 1.200 2013/07
59 #include <security/pam_appl.h>
66 #include "pathnames.h"
67 @@ -471,6 +473,8 @@ main(int argc, char *argv[])
68 if (EMPTYSTR(confdir))
69 confdir = _DEFAULT_CONFDIR;
76 @@ -1401,6 +1405,7 @@ do_pass(int pass_checked, int pass_rval,
78 reply(530, "%s", rval == 2 ? "Password expired." :
80 + pfilter_notify(1, rval == 2 ? "exppass" : "badpass");
83 "FTP LOGIN FAILED FROM %s", remoteloghost);
84 @@ -1444,6 +1449,7 @@ do_pass(int pass_checked, int pass_rval,
86 remote_ip[sizeof(remote_ip) - 1] = 0;
87 if (!auth_hostok(lc, remotehost, remote_ip)) {
88 + pfilter_notify(1, "bannedhost");
89 syslog(LOG_INFO|LOG_AUTH,
90 "FTP LOGIN FAILED (HOST) as %s: permission denied.",