diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..f087b42
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1 @@
+*.tar.gz filter=lfs diff=lfs merge=lfs -text
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..1534ba5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+*.rpm
+*.log
+*spec-20*
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..abc9a01
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,21 @@
+# Makefile for source rpm: denyhosts
+# $Id: Makefile,v 1.1 2021/03/14 22:30:08 jpp Exp $
+NAME := denyhosts
+SPECFILE = $(firstword $(wildcard *.spec))
+
+define find-makefile-common
+for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
+endef
+
+MAKEFILE_COMMON := $(shell $(find-makefile-common))
+
+ifeq ($(MAKEFILE_COMMON),)
+# attept a checkout
+define checkout-makefile-common
+test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
+endef
+
+MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
+endif
+
+include $(MAKEFILE_COMMON)
diff --git a/README.md b/README.md
index dc1f2da..a3e0b09 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,9 @@
# denyhosts
-3rd Party (Maintained by Koozali) git repo for denyhosts smecontribs
\ No newline at end of file
+3rd Party (Maintained by Koozali) git repo for denyhosts smecontribs
+
+## Description
+
+
*This description has been generated by an LLM AI system and cannot be relied on to be fully correct.*
+*Once it has been checked, then this comment will be deleted*
+
diff --git a/contriborbase b/contriborbase
new file mode 100644
index 0000000..9b7fd51
--- /dev/null
+++ b/contriborbase
@@ -0,0 +1 @@
+contribs10
diff --git a/denyhosts-3.1.tar.gz b/denyhosts-3.1.tar.gz
new file mode 100644
index 0000000..a054b4d
--- /dev/null
+++ b/denyhosts-3.1.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7a6aee5934a56473ad54d373715da1e715ff2ffd19b9dceb54b0297fe8c3a965
+size 57160
diff --git a/denyhosts-dh_reenable b/denyhosts-dh_reenable
new file mode 100644
index 0000000..bd6e8f0
--- /dev/null
+++ b/denyhosts-dh_reenable
@@ -0,0 +1,97 @@
+#!/usr/bin/python
+# This program help sysadmin to reenable a hosts blocked by denyhosts.
+#
+# dh_reenable (c) 2008 Marco Bertorello and is
+# free software. You can use, modify and redistribute it under terms of
+# GNU General Public License version 2 or later, as you whish, as published by
+# Free Software Foundation.
+#
+# You can get a full copy of license here:
+#
+# http://www.gnu.org/licenses/gpl-2.0.txt
+#
+# and
+#
+# http://www.gnu.org/licenses/gpl-3.0.txt
+
+
+from __future__ import with_statement
+import os
+import sys
+import fileinput
+import re
+
+# file definition:
+
+HOSTSFILE='/var/lib/denyhosts/hosts'
+HOSTRESTFILE='/var/lib/denyhosts/hosts-restricted'
+HOSTROOTFILE='/var/lib/denyhosts/hosts-root'
+HOSTVALIDFILE='/var/lib/denyhosts/hosts-valid'
+HOSTSDENY='/etc/hosts.deny'
+#TEST='/etc/hosts.deny.tmp'
+CONFIGFILE='/etc/denyhosts.conf'
+
+# Parse the configuration file for the location of the HOSTS_DENY file.
+# If it exists, overwrite the hard-coded value for HOSTSDENY from the
+# top of the file.
+if os.path.isfile(CONFIGFILE):
+ with open(CONFIGFILE) as file:
+ for line in file:
+ result = re.search('^(HOSTS_DENY\s*=\s*)(.*)', line)
+ if result != None:
+ HOSTSDENY = result.group(2)
+
+def usage():
+ print "Usage:"
+ print sys.argv[0]+" --help: Show this help"
+ print sys.argv[0]+" : check if the ip address was denied and reenable it"
+ print sys.argv[0]+" : check if the hostname was denied and reenable it"
+
+try:
+ host=sys.argv[1]
+except:
+ print sys.argv[0]+" need a hostname or a ip address input. See --help."
+ sys.exit(1)
+
+if host == "--help":
+ usage()
+ sys.exit(1)
+
+def search(file_txt,host):
+ for lines in fileinput.FileInput(file_txt, inplace=1):
+ lines = lines.strip()
+ if lines.find(host) != -1:
+ continue
+ else:
+ print lines
+
+
+try:
+ search(HOSTSFILE,host)
+except:
+ print "Problem parsing file "+HOSTSFILE
+ sys.exit(1)
+try:
+ search(HOSTRESTFILE,host)
+except:
+ print "Problem parsing file "+HOSTRESTFILE
+ sys.exit(1)
+try:
+ search(HOSTROOTFILE,host)
+except:
+ print "Problem parsing file "+HOSTROOTFILE
+ sys.exit(1)
+try:
+ search(HOSTVALIDFILE,host)
+except:
+ print "Problem parsing file "+HOSTVALIDFILE
+ sys.exit(1)
+try:
+ search(HOSTSDENY,host)
+except:
+ print "Problem parsing file "+HOSTSDENY
+ sys.exit(1)
+
+print "Done!"
+print "Please restart denyhosts"
+
diff --git a/denyhosts.README b/denyhosts.README
new file mode 100644
index 0000000..c8b3092
--- /dev/null
+++ b/denyhosts.README
@@ -0,0 +1,14 @@
+dh_reenable script (thanks to Marco Bertorello)
+===============================================
+
+openSUSE version of denyhosts come with a script, stored in
+
+/usr/sbin/dh_reenable
+
+that aim to be a support for sysadmin thats has to easly re-enable
+some hosts that are blocked by denyhosts.
+
+/usr/sbin/dh_reenable --help
+
+give a short guide for usage.
+
diff --git a/denyhosts.init b/denyhosts.init
new file mode 100644
index 0000000..0e8c011
--- /dev/null
+++ b/denyhosts.init
@@ -0,0 +1,106 @@
+#! /bin/sh
+#
+# This library is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or (at
+# your option) any later version.
+#
+# This library is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307,
+# USA.
+#
+# /etc/init.d/denyhosts
+# and its symbolic link
+# /usr/sbin/rcdenyhosts
+#
+# LSB compatible service control script; see http://www.linuxbase.org/spec/
+#
+### BEGIN INIT INFO
+# Provides: denyhosts
+# Required-Start: $syslog $local_fs $network $remote_fs
+# Should-Start: sshd
+# Required-Stop: $syslog $local_fs $network $remote_fs
+# Should-Stop: sshd
+# Default-Start: 3 5
+# Default-Stop: 0 1 2 6
+# Short-Description: denyhosts daemon to block ssh attempts
+# Description: DenyHosts is a python program that automatically blocks ssh
+# attacks by adding entries to /etc/hosts.deny.
+### END INIT INFO
+
+
+# Check for missing binaries
+DAEMON=/usr/sbin/denyhosts
+test -x $DAEMON || { echo "$DAEMON not installed";
+ if [ "$1" = "stop" ]; then exit 0;
+ else exit 5; fi; }
+
+CONFIG=/etc/denyhosts.conf
+test -r $CONFIG || { echo "$CONFIG not existing";
+ if [ "$1" = "stop" ]; then exit 0;
+ else exit 6; fi; }
+
+FLAGS="--daemon --purge --config=$CONFIG"
+PIDFILE=/var/run/denyhosts.pid
+
+. /etc/rc.status
+
+rc_reset
+
+case "$1" in
+ start)
+ echo -n "Starting DenyHosts "
+ /sbin/startproc -p $PIDFILE $DAEMON $FLAGS
+ rc_status -v
+ ;;
+ stop)
+ echo -n "Shutting down DenyHosts "
+ /sbin/killproc -p $PIDFILE -TERM $DAEMON
+ rc_status -v
+ ;;
+ try-restart|condrestart)
+ if test "$1" = "condrestart"; then
+ echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}"
+ fi
+ $0 status
+ if test $? = 0; then
+ $0 restart
+ else
+ rc_reset # Not running is not a failure.
+ fi
+ rc_status
+ ;;
+ restart)
+ $0 stop
+ $0 start
+ rc_status
+ ;;
+ force-reload)
+ echo -n "Reload service DenyHosts "
+ /sbin/killproc -HUP $DAEMON
+ rc_status -v
+ $0 try-restart
+ rc_status
+ ;;
+ reload)
+ echo -n "Reload service DenyHosts "
+ /sbin/killproc -HUP $DAEMON
+ rc_status -v
+ ;;
+ status)
+ echo -n "Checking for service DenyHosts "
+ /sbin/checkproc $DAEMON
+ rc_status -v
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}"
+ exit 1
+ ;;
+esac
+rc_exit
diff --git a/denyhosts.spec b/denyhosts.spec
new file mode 100644
index 0000000..55565ec
--- /dev/null
+++ b/denyhosts.spec
@@ -0,0 +1,246 @@
+#
+# spec file for package denyhosts
+#
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
+#
+%define release 12
+%define _unitdir /usr/lib/systemd/system/
+%global with_systemd 1
+
+Name: denyhosts
+Version: 3.1
+Release: %{release}%{?dist}
+Summary: Utility to help system administrators thwart brute-force ssh hackers
+License: GPL-2.0-only
+Group: Productivity/Networking/Security
+Url: https://github.com/denyhosts/denyhosts
+Source: %{name}-%{version}.tar.gz
+Source2: denyhosts.init
+Source3: logrotate.denyhosts
+Source4: denyhosts-dh_reenable
+Source5: denyhosts.README
+BuildRequires: perl
+BuildRequires: python-devel
+BuildRequires: python-ipaddr
+Requires: python-ipaddr
+Requires: logrotate
+Requires: python
+Requires: rsyslog
+BuildRequires: python-rpm-macros
+#BuildRequires: systemd-rpm-macros
+BuildRequires: systemd
+%{?systemd_requires}
+BuildArch: noarch
+BuildRoot: %{_tmppath}/%{name}-%{version}-build
+
+
+%description
+DenyHosts is a python program that automatically blocks ssh attacks by adding
+entries to %{_sysconfdir}/hosts.deny. DenyHosts will also inform Linux
+administrators about offending hosts, attacked users and suspicious logins.
+
+%prep
+%setup -q
+
+%build
+export CFLAGS="%{optflags}"
+python setup.py build
+
+%install
+python setup.py install \
+ --root=%{buildroot} \
+ --prefix=%{_prefix} \
+ --install-scripts=%{_sbindir}
+
+#remove bytecode (wrong mtime)
+find %{buildroot}%{python_sitelib} -name "*.pyc" -delete
+
+# create work directory
+mkdir -p %{buildroot}%{_localstatedir}/lib/denyhosts
+# install denyhosts-reenable script
+install -D -m755 %{SOURCE4} %{buildroot}%{_sbindir}/dh_reenable
+# file containing blocked IP addresses - track it for the user
+# ('rpm -qf /etc/blacklist' should give a hint)
+touch %{buildroot}%{_sysconfdir}/blacklist
+
+# configuration file
+sed -i "s|^#SECURE_LOG = /var/log/messages|SECURE_LOG = /var/log/messages|g; \
+ s|^SECURE_LOG = /var/log/auth.log|#SECURE_LOG = /var/log/auth.log|g; \
+ s|^IPTABLES = /sbin/iptables|IPTABLES = /usr/sbin/iptables|g;" \
+ %{buildroot}%{_sysconfdir}/denyhosts.conf
+
+# daemon-control-dist
+sed -i "s|/usr/bin/env python|%{_bindir}/python|g" %{buildroot}%{_sbindir}/daemon-control-dist
+
+# init script / systemd service
+%if %{with_systemd}
+install -D -m644 denyhosts.service %{buildroot}%{_unitdir}/denyhosts.service
+ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rcdenyhosts
+%else
+install -D -m755 %{SOURCE2} %{buildroot}%{_sysconfdir}/init.d/denyhosts
+ln -s %{_sysconfdir}/init.d/denyhosts %{buildroot}%{_sbindir}/rcdenyhosts
+%endif
+
+# logfile handling
+install -D -m644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/denyhosts
+mkdir -p %{buildroot}%{_localstatedir}/log
+touch %{buildroot}%{_localstatedir}/log/denyhosts
+
+# move the main app
+mv %{buildroot}%{_sbindir}/denyhosts.py %{buildroot}%{_sbindir}/denyhosts
+sed -i "s|/usr/bin/denyhosts.py|/usr/sbin/denyhosts|g" %{buildroot}%{_unitdir}/denyhosts.service
+
+# fix wrong env-path
+pushd %{buildroot} >/dev/null
+for i in `find -name "*.py"`; do
+ sed -i "s@\!.*/bin/env.*@\!%{_bindir}/python@g" $i
+done
+popd >/dev/null
+
+# handle plugins
+mkdir -p %{buildroot}%{_datadir}/%{name}
+install -m0755 plugins/*{.sh,py} %{buildroot}%{_datadir}/%{name}
+
+# move some files to the documentation directory
+install -D -m644 %{SOURCE5} %{buildroot}%{_defaultdocdir}/%{name}/README.SUSE
+install -m0644 plugins/README.contrib %{buildroot}%{_defaultdocdir}/%{name}/
+install -m0644 *.txt %{buildroot}%{_defaultdocdir}/%{name}/
+install -m0644 *.md %{buildroot}%{_defaultdocdir}/%{name}/
+install -m0644 *.conf %{buildroot}%{_defaultdocdir}/%{name}/
+
+#% if %{with_systemd}
+#% pre
+#% service_add_pre %{name}.service
+#% endif
+
+#% post
+#% if %{with_systemd}
+#% service_add_post %{name}.service
+#% else
+#% {fillup_and_insserv -f denyhosts}
+#% endif
+
+#% preun
+#% if %{with_systemd}
+#% service_del_preun %{name}.service
+#% else
+#% stop_on_removal denyhosts
+#% endif
+
+#% postun
+#% if %{with_systemd}
+#% service_del_postun %{name}.service
+#% else
+#% insserv_cleanup
+#% endif
+
+
+%files
+%doc %{_defaultdocdir}/%{name}
+%if 0%{?suse_version} > 1315
+%license LICENSE.txt
+%endif
+%{_sbindir}/daemon-control-dist
+%{_sbindir}/denyhosts
+%{_sbindir}/rcdenyhosts
+%{_sbindir}/dh_reenable
+%{python_sitelib}/DenyHosts*
+%{_mandir}/man8/denyhosts.8.gz
+%dir %{_localstatedir}/lib/denyhosts
+%{_datadir}/%{name}
+%ghost %{_localstatedir}/log/denyhosts
+%ghost %config(noreplace) %{_sysconfdir}/blacklist
+%config(noreplace) %{_sysconfdir}/logrotate.d/denyhosts
+%config(noreplace) %{_sysconfdir}/denyhosts.conf
+%if %{with_systemd}
+%{_unitdir}/denyhosts.service
+%else
+%attr(755,root,root) %{_sysconfdir}/init.d/denyhosts
+%endif
+
+%changelog
+* Thu Oct 09 2025 BogusDateBot
+- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,
+ by assuming the date is correct and changing the weekday.
+
+* Sun Mar 14 2021 Jean-Philippe Pialasse 3.1-11.sme
+- First release for SME10 [SME: 11459]
+ imported from opensuse, reworked spec file to build it on CentOS 7 / SME 10
+- remove systemd pre post scriptlet, do not have macros, and we use SME to register service
+
+* Sat Aug 11 2018 javier@opensuse.org
+- Update to 3.1
+ + Fixes a bug when moving between Python 2 and Python 3
+ environments
+ + A new check has been added to confirm IP addresses retrieved
+ from the security log are valid
+ + DenyHosts will now (optionally) check for break-in attacks
+ against IMAP services such as Dovecot.
+ + A new dependency has been added, the Python ipaddr library
+ is now a run-time requirement
+* Mon Jul 2 2018 javier@opensuse.org
+- Fix path to binary in service file
+* Mon Mar 12 2018 lars@linux-schulserver.de
+- update to 3.0
+ + Initial translation of code from Python 2 to Python 3. DenyHosts
+ can now be run as either a Python 2 or a Python 3 program. The new
+ code has been tested with Pyhton 2.7 and Python 3.4. If you require
+ an older version of Python, please continue to use DenyHosts 2.10
+ and let us know of your requirements.
+ + Added patch from Fedora to fix initial sync issue and insure info
+ logging stream is active. (Provided by Jason Tibbitts.)
+ + Added "import logging" to denyhosts.py to avoid errors when setting
+ up logging. (See above change.)
+ + Added option PF_TABLE_FILE to the configuration file. When this option
+ is enabled it causes DenyHosts to write blocked IP addresses to a text
+ file.
+ The default location is /etc/blacklist. This text file should correspond
+ to a PF firewall table.
+ + At start-up, try to create the file specified by HOSTS_DENY. That
+ way we avoid errors later if the file does not exists. Can be a
+ problem on operating systems where /etc/hosts.deny does not exist
+ in the default configuration.
+ + Added regex pattern to detect invalid user accounts. This blocks
+ connections from remote hosts who are attempting to login with
+ accounts not found on the local system. While these connections to
+ non-existent accounts are relatively harmless, they are usually used
+ as part of a brute force attack and filtering them before they
+ reach OpenSSH is a good idea.
+ + Finally, Jan-Pascal has created a sync server for DenyHosts which
+ will allow DenyHosts services to coordinate lists of banned IP addresses.
+ The new sync server is open source (GPLv3) and can be set up on
+ private servers, networks and VPS. We plan to set up our own sync
+ server in the near future. When a sync server is created it will
+ be announced at http://denyhost.sourceforge.net/news.php
+- require rsyslog to fix the not existing systemd journal support
+ (https://github.com/denyhosts/denyhosts/issues/14) - this resolves
+ boo#960856 until upstream implemented the feature
+- use provided systemd service on newer distributions
+- use upstream configuration file instead of own one
+- removed ALL patches
+* Wed Jan 5 2011 tejas.guruswamy@opensuse.org
+- Make package noarch on > 11.2
+- Run spec-cleaner
+* Thu Apr 15 2010 lars@linux-schulserver.de
+- fix dh_reenable as mentioned in bnc #596354
+ (thanks to Patrick Shanahan for the patch!)
+* Sun Dec 28 2008 lars@linux-schulserver.de
+- added some Debian patches
+- enhanced init script
+- adapted default denyhosts.conf (which is now located in /etc)
+- added README.SuSE
+- fix some rpmlint warnings
+* Wed Dec 20 2006 lars@linux-schulserver.de
+- initial package 2.6
+ Thanks to Craig Millar for the logrotate and initial init file.
diff --git a/logrotate.denyhosts b/logrotate.denyhosts
new file mode 100644
index 0000000..1694c3d
--- /dev/null
+++ b/logrotate.denyhosts
@@ -0,0 +1,15 @@
+/var/log/denyhosts {
+ compress
+ create 0640 root root
+ missingok
+ dateext
+ maxage 365
+ rotate 99
+ size=+2048k
+ notifempty
+ copytruncate
+ postrotate
+ /usr/sbin/rcdenyhosts restart > /dev/null
+ endscript
+}
+