Merge pull request #464 from grooverdan/increase-jail-name-length

ENH: Actions to have f2b- as prefix instead of fail2ban- as per #462

ChangeLog

@@ -58,6 +58,8 @@ configuration before relying on it.
    * Filter for stunnel
 
 - Enhancements
+   * Jail names increased to 26 characters and iptables prefix reduced
+     from fail2ban- to f2b- as suggested by buanzo in gh-462.
    * Multiline filter for sendmail-spam. Close gh-418
    * Multiline regex for Disconnecting: Too many authentication failures for
      root [preauth]\nConnection closed by 6X.XXX.XXX.XXX [preauth]

config/action.d/firewallcmd-new.conf

@@ -8,19 +8,19 @@ before = iptables-blocktype.conf
 
 [Definition]
 
-actionstart = firewall-cmd --direct --add-chain ipv4 filter fail2ban-<name>
+actionstart = firewall-cmd --direct --add-chain ipv4 filter f2b-<name>
-              firewall-cmd --direct --add-rule ipv4 filter fail2ban-<name> 1000 -j RETURN
+              firewall-cmd --direct --add-rule ipv4 filter f2b-<name> 1000 -j RETURN
-              firewall-cmd --direct --add-rule ipv4 filter <chain> 0 -m state --state NEW -p <protocol> --dport <port> -j fail2ban-<name>
+              firewall-cmd --direct --add-rule ipv4 filter <chain> 0 -m state --state NEW -p <protocol> --dport <port> -j f2b-<name>
 
-actionstop = firewall-cmd --direct --remove-rule ipv4 filter <chain> 0 -m state --state NEW -p <protocol> --dport <port> -j fail2ban-<name>
+actionstop = firewall-cmd --direct --remove-rule ipv4 filter <chain> 0 -m state --state NEW -p <protocol> --dport <port> -j f2b-<name>
-             firewall-cmd --direct --remove-rules ipv4 filter fail2ban-<name>
+             firewall-cmd --direct --remove-rules ipv4 filter f2b-<name>
-             firewall-cmd --direct --remove-chain ipv4 filter fail2ban-<name>
+             firewall-cmd --direct --remove-chain ipv4 filter f2b-<name>
 
-actioncheck = firewall-cmd --direct --get-chains ipv4 filter | grep -q '^fail2ban-<name>$'
+actioncheck = firewall-cmd --direct --get-chains ipv4 filter | grep -q 'f2b-<name>$'
 
-actionban = firewall-cmd --direct --add-rule ipv4 filter fail2ban-<name> 0 -s <ip> -j <blocktype>
+actionban = firewall-cmd --direct --add-rule ipv4 filter f2b-<name> 0 -s <ip> -j <blocktype>
 
-actionunban = firewall-cmd --direct --remove-rule ipv4 filter fail2ban-<name> 0 -s <ip> -j <blocktype>
+actionunban = firewall-cmd --direct --remove-rule ipv4 filter f2b-<name> 0 -s <ip> -j <blocktype>
 
 [Init]
 

config/action.d/iptables-allports.conf

@@ -17,23 +17,23 @@ before = iptables-blocktype.conf
 # Notes.:  command executed once at the start of Fail2Ban.
 # Values:  CMD
 #
-actionstart = iptables -N fail2ban-<name>
+actionstart = iptables -N f2b-<name>
-              iptables -A fail2ban-<name> -j RETURN
+              iptables -A f2b-<name> -j RETURN
-              iptables -I <chain> -p <protocol> -j fail2ban-<name>
+              iptables -I <chain> -p <protocol> -j f2b-<name>
 
 # Option:  actionstop
 # Notes.:  command executed once at the end of Fail2Ban
 # Values:  CMD
 #
-actionstop = iptables -D <chain> -p <protocol> -j fail2ban-<name>
+actionstop = iptables -D <chain> -p <protocol> -j f2b-<name>
-             iptables -F fail2ban-<name>
+             iptables -F f2b-<name>
-             iptables -X fail2ban-<name>
+             iptables -X f2b-<name>
 
 # Option:  actioncheck
 # Notes.:  command executed once before each actionban command
 # Values:  CMD
 #
-actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
+actioncheck = iptables -n -L <chain> | grep -q 'f2b-<name>[ \t]'
 
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
@@ -41,7 +41,7 @@ actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype>
+actionban = iptables -I f2b-<name> 1 -s <ip> -j <blocktype>
 
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
@@ -49,7 +49,7 @@ actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype>
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionunban = iptables -D fail2ban-<name> -s <ip> -j <blocktype>
+actionunban = iptables -D f2b-<name> -s <ip> -j <blocktype>
 
 [Init]
 

config/action.d/iptables-ipset-proto4.conf

@@ -27,16 +27,16 @@ before = iptables-blocktype.conf
 # Notes.:  command executed once at the start of Fail2Ban.
 # Values:  CMD
 #
-actionstart = ipset --create fail2ban-<name> iphash
+actionstart = ipset --create f2b-<name> iphash
-              iptables -I INPUT -p <protocol> -m multiport --dports <port> -m set --match-set fail2ban-<name> src -j <blocktype>
+              iptables -I INPUT -p <protocol> -m multiport --dports <port> -m set --match-set f2b-<name> src -j <blocktype>
 
 # Option:  actionstop
 # Notes.:  command executed once at the end of Fail2Ban
 # Values:  CMD
 #
-actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -m set --match-set fail2ban-<name> src -j <blocktype>
+actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -m set --match-set f2b-<name> src -j <blocktype>
-             ipset --flush fail2ban-<name>
+             ipset --flush f2b-<name>
-             ipset --destroy fail2ban-<name>
+             ipset --destroy f2b-<name>
 
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
@@ -44,7 +44,7 @@ actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -m set
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionban = ipset --test fail2ban-<name> <ip> ||  ipset --add fail2ban-<name> <ip>
+actionban = ipset --test f2b-<name> <ip> ||  ipset --add f2b-<name> <ip>
 
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
@@ -52,7 +52,7 @@ actionban = ipset --test fail2ban-<name> <ip> ||  ipset --add fail2ban-<name> <i
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionunban = ipset --test fail2ban-<name> <ip> && ipset --del fail2ban-<name> <ip>
+actionunban = ipset --test f2b-<name> <ip> && ipset --del f2b-<name> <ip>
 
 [Init]
 

config/action.d/iptables-ipset-proto6-allports.conf

@@ -24,16 +24,16 @@ before = iptables-blocktype.conf
 # Notes.:  command executed once at the start of Fail2Ban.
 # Values:  CMD
 #
-actionstart = ipset create fail2ban-<name> hash:ip timeout <bantime>
+actionstart = ipset create f2b-<name> hash:ip timeout <bantime>
-              iptables -I INPUT -m set --match-set fail2ban-<name> src -j <blocktype>
+              iptables -I INPUT -m set --match-set f2b-<name> src -j <blocktype>
 
 # Option:  actionstop
 # Notes.:  command executed once at the end of Fail2Ban
 # Values:  CMD
 #
-actionstop = iptables -D INPUT -m set --match-set fail2ban-<name> src -j <blocktype>
+actionstop = iptables -D INPUT -m set --match-set f2b-<name> src -j <blocktype>
-             ipset flush fail2ban-<name>
+             ipset flush f2b-<name>
-             ipset destroy fail2ban-<name>
+             ipset destroy f2b-<name>
 
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
@@ -41,7 +41,7 @@ actionstop = iptables -D INPUT -m set --match-set fail2ban-<name> src -j <blockt
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionban = ipset add fail2ban-<name> <ip> timeout <bantime> -exist
+actionban = ipset add f2b-<name> <ip> timeout <bantime> -exist
 
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
@@ -49,7 +49,7 @@ actionban = ipset add fail2ban-<name> <ip> timeout <bantime> -exist
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionunban = ipset del fail2ban-<name> <ip> -exist
+actionunban = ipset del f2b-<name> <ip> -exist
 
 [Init]
 

config/action.d/iptables-ipset-proto6.conf

@@ -24,16 +24,16 @@ before = iptables-blocktype.conf
 # Notes.:  command executed once at the start of Fail2Ban.
 # Values:  CMD
 #
-actionstart = ipset create fail2ban-<name> hash:ip timeout <bantime>
+actionstart = ipset create f2b-<name> hash:ip timeout <bantime>
-              iptables -I INPUT -p <protocol> -m multiport --dports <port> -m set --match-set fail2ban-<name> src -j <blocktype>
+              iptables -I INPUT -p <protocol> -m multiport --dports <port> -m set --match-set f2b-<name> src -j <blocktype>
 
 # Option:  actionstop
 # Notes.:  command executed once at the end of Fail2Ban
 # Values:  CMD
 #
-actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -m set --match-set fail2ban-<name> src -j <blocktype>
+actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -m set --match-set f2b-<name> src -j <blocktype>
-             ipset flush fail2ban-<name>
+             ipset flush f2b-<name>
-             ipset destroy fail2ban-<name>
+             ipset destroy f2b-<name>
 
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
@@ -41,7 +41,7 @@ actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -m set
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionban = ipset add fail2ban-<name> <ip> timeout <bantime> -exist
+actionban = ipset add f2b-<name> <ip> timeout <bantime> -exist
 
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
@@ -49,7 +49,7 @@ actionban = ipset add fail2ban-<name> <ip> timeout <bantime> -exist
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionunban = ipset del fail2ban-<name> <ip> -exist
+actionunban = ipset del f2b-<name> <ip> -exist
 
 [Init]
 

config/action.d/iptables-multiport-log.conf

@@ -3,9 +3,9 @@
 # Author: Guido Bozzetto
 # Modified: Cyril Jaquier
 #
-# make "fail2ban-<name>" chain to match drop IP
+# make "f2b-<name>" chain to match drop IP
-# make "fail2ban-<name>-log" chain to log and drop
+# make "f2b-<name>-log" chain to log and drop
-# insert a jump to fail2ban-<name> from -I <chain> if proto/port match
+# insert a jump to f2b-<name> from -I <chain> if proto/port match
 #
 #
 
@@ -19,28 +19,28 @@ before = iptables-blocktype.conf
 # Notes.:  command executed once at the start of Fail2Ban.
 # Values:  CMD
 #
-actionstart = iptables -N fail2ban-<name>
+actionstart = iptables -N f2b-<name>
-              iptables -A fail2ban-<name> -j RETURN
+              iptables -A f2b-<name> -j RETURN
-              iptables -I <chain> 1 -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+              iptables -I <chain> 1 -p <protocol> -m multiport --dports <port> -j f2b-<name>
-              iptables -N fail2ban-<name>-log
+              iptables -N f2b-<name>-log
-              iptables -I fail2ban-<name>-log -j LOG --log-prefix "$(expr fail2ban-<name> : '\(.\{1,23\}\)'):DROP " --log-level warning -m limit --limit 6/m --limit-burst 2
+              iptables -I f2b-<name>-log -j LOG --log-prefix "$(expr f2b-<name> : '\(.\{1,23\}\)'):DROP " --log-level warning -m limit --limit 6/m --limit-burst 2
-              iptables -A fail2ban-<name>-log -j <blocktype>
+              iptables -A f2b-<name>-log -j <blocktype>
 
 # Option:  actionstop
 # Notes.:  command executed once at the end of Fail2Ban
 # Values:  CMD
 #
-actionstop = iptables -D <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+actionstop = iptables -D <chain> -p <protocol> -m multiport --dports <port> -j f2b-<name>
-             iptables -F fail2ban-<name>
+             iptables -F f2b-<name>
-             iptables -F fail2ban-<name>-log
+             iptables -F f2b-<name>-log
-             iptables -X fail2ban-<name>
+             iptables -X f2b-<name>
-             iptables -X fail2ban-<name>-log
+             iptables -X f2b-<name>-log
 
 # Option:  actioncheck
 # Notes.:  command executed once before each actionban command
 # Values:  CMD
 #
-actioncheck = iptables -n -L fail2ban-<name>-log >/dev/null
+actioncheck = iptables -n -L f2b-<name>-log >/dev/null
 
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
@@ -48,7 +48,7 @@ actioncheck = iptables -n -L fail2ban-<name>-log >/dev/null
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionban = iptables -I fail2ban-<name> 1 -s <ip> -j fail2ban-<name>-log
+actionban = iptables -I f2b-<name> 1 -s <ip> -j f2b-<name>-log
 
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
@@ -56,7 +56,7 @@ actionban = iptables -I fail2ban-<name> 1 -s <ip> -j fail2ban-<name>-log
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionunban = iptables -D fail2ban-<name> -s <ip> -j fail2ban-<name>-log
+actionunban = iptables -D f2b-<name> -s <ip> -j f2b-<name>-log
 
 [Init]
 

config/action.d/iptables-multiport.conf

@@ -14,23 +14,23 @@ before = iptables-blocktype.conf
 # Notes.:  command executed once at the start of Fail2Ban.
 # Values:  CMD
 #
-actionstart = iptables -N fail2ban-<name>
+actionstart = iptables -N f2b-<name>
-              iptables -A fail2ban-<name> -j RETURN
+              iptables -A f2b-<name> -j RETURN
-              iptables -I <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+              iptables -I <chain> -p <protocol> -m multiport --dports <port> -j f2b-<name>
 
 # Option:  actionstop
 # Notes.:  command executed once at the end of Fail2Ban
 # Values:  CMD
 #
-actionstop = iptables -D <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+actionstop = iptables -D <chain> -p <protocol> -m multiport --dports <port> -j f2b-<name>
-             iptables -F fail2ban-<name>
+             iptables -F f2b-<name>
-             iptables -X fail2ban-<name>
+             iptables -X f2b-<name>
 
 # Option:  actioncheck
 # Notes.:  command executed once before each actionban command
 # Values:  CMD
 #
-actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
+actioncheck = iptables -n -L <chain> | grep -q 'f2b-<name>[ \t]'
 
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
@@ -38,7 +38,7 @@ actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype>
+actionban = iptables -I f2b-<name> 1 -s <ip> -j <blocktype>
 
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
@@ -46,7 +46,7 @@ actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype>
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionunban = iptables -D fail2ban-<name> -s <ip> -j <blocktype>
+actionunban = iptables -D f2b-<name> -s <ip> -j <blocktype>
 
 [Init]
 

config/action.d/iptables-new.conf

@@ -17,23 +17,23 @@ before = iptables-blocktype.conf
 # Notes.:  command executed once at the start of Fail2Ban.
 # Values:  CMD
 #
-actionstart = iptables -N fail2ban-<name>
+actionstart = iptables -N f2b-<name>
-              iptables -A fail2ban-<name> -j RETURN
+              iptables -A f2b-<name> -j RETURN
-              iptables -I <chain> -m state --state NEW -p <protocol> --dport <port> -j fail2ban-<name>
+              iptables -I <chain> -m state --state NEW -p <protocol> --dport <port> -j f2b-<name>
 
 # Option:  actionstop
 # Notes.:  command executed once at the end of Fail2Ban
 # Values:  CMD
 #
-actionstop = iptables -D <chain> -m state --state NEW -p <protocol> --dport <port> -j fail2ban-<name>
+actionstop = iptables -D <chain> -m state --state NEW -p <protocol> --dport <port> -j f2b-<name>
-             iptables -F fail2ban-<name>
+             iptables -F f2b-<name>
-             iptables -X fail2ban-<name>
+             iptables -X f2b-<name>
 
 # Option:  actioncheck
 # Notes.:  command executed once before each actionban command
 # Values:  CMD
 #
-actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
+actioncheck = iptables -n -L <chain> | grep -q 'f2b-<name>[ \t]'
 
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
@@ -41,7 +41,7 @@ actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype>
+actionban = iptables -I f2b-<name> 1 -s <ip> -j <blocktype>
 
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
@@ -49,7 +49,7 @@ actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype>
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionunban = iptables -D fail2ban-<name> -s <ip> -j <blocktype>
+actionunban = iptables -D f2b-<name> -s <ip> -j <blocktype>
 
 [Init]
 

config/action.d/iptables-xt_recent-echo.conf

@@ -23,29 +23,29 @@ before = iptables-blocktype.conf
 # iptables-persistent package).
 # 
 # Explanation of the rule below:
-#    Check if any packets coming from an IP on the fail2ban-<name>
+#    Check if any packets coming from an IP on the f2b-<name>
 #    list have been seen in the last 3600 seconds. If yes, update the
 #    timestamp for this IP and drop the packet. If not, let the packet
 #    through.
 #
-#    Fail2ban inserts blacklisted hosts into the fail2ban-<name> list
+#    Fail2ban inserts blacklisted hosts into the f2b-<name> list
 #    and removes them from the list after some time, according to its
 #    own rules. The 3600 second timeout is independent and acts as a
 #    safeguard in case the fail2ban process dies unexpectedly. The
 #    shorter of the two timeouts actually matters.
-actionstart = iptables -I INPUT -m recent --update --seconds 3600 --name fail2ban-<name> -j <blocktype>
+actionstart = iptables -I INPUT -m recent --update --seconds 3600 --name f2b-<name> -j <blocktype>
 
 # Option:  actionstop
 # Notes.:  command executed once at the end of Fail2Ban
 # Values:  CMD
 #
-actionstop = echo / > /proc/net/xt_recent/fail2ban-<name>
+actionstop = echo / > /proc/net/xt_recent/f2b-<name>
 
 # Option:  actioncheck
 # Notes.:  command executed once before each actionban command
 # Values:  CMD
 #
-actioncheck = test -e /proc/net/xt_recent/fail2ban-<name>
+actioncheck = test -e /proc/net/xt_recent/f2b-<name>
 
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
@@ -53,7 +53,7 @@ actioncheck = test -e /proc/net/xt_recent/fail2ban-<name>
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionban = echo +<ip> > /proc/net/xt_recent/fail2ban-<name>
+actionban = echo +<ip> > /proc/net/xt_recent/f2b-<name>
 
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
@@ -61,7 +61,7 @@ actionban = echo +<ip> > /proc/net/xt_recent/fail2ban-<name>
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionunban = echo -<ip> > /proc/net/xt_recent/fail2ban-<name>
+actionunban = echo -<ip> > /proc/net/xt_recent/f2b-<name>
 
 [Init]
 

config/action.d/iptables.conf

@@ -14,23 +14,23 @@ before = iptables-blocktype.conf
 # Notes.:  command executed once at the start of Fail2Ban.
 # Values:  CMD
 #
-actionstart = iptables -N fail2ban-<name>
+actionstart = iptables -N f2b-<name>
-              iptables -A fail2ban-<name> -j RETURN
+              iptables -A f2b-<name> -j RETURN
-              iptables -I <chain> -p <protocol> --dport <port> -j fail2ban-<name>
+              iptables -I <chain> -p <protocol> --dport <port> -j f2b-<name>
 
 # Option:  actionstop
 # Notes.:  command executed once at the end of Fail2Ban
 # Values:  CMD
 #
-actionstop = iptables -D <chain> -p <protocol> --dport <port> -j fail2ban-<name>
+actionstop = iptables -D <chain> -p <protocol> --dport <port> -j f2b-<name>
-             iptables -F fail2ban-<name>
+             iptables -F f2b-<name>
-             iptables -X fail2ban-<name>
+             iptables -X f2b-<name>
 
 # Option:  actioncheck
 # Notes.:  command executed once before each actionban command
 # Values:  CMD
 #
-actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
+actioncheck = iptables -n -L <chain> | grep -q 'f2b-<name>[ \t]'
 
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
@@ -38,7 +38,7 @@ actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype>
+actionban = iptables -I f2b-<name> 1 -s <ip> -j <blocktype>
 
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
@@ -46,7 +46,7 @@ actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype>
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionunban = iptables -D fail2ban-<name> -s <ip> -j <blocktype>
+actionunban = iptables -D f2b-<name> -s <ip> -j <blocktype>
 
 [Init]
 

fail2ban/server/jail.py

@@ -110,11 +110,10 @@ class Jail:
 		self.__filter = FilterSystemd(self)
 	
 	def setName(self, name):
-		# 20 based on iptable chain name limit of 30 less len('fail2ban-')
+		# 26 based on iptable chain name limit of 30 less len('f2b-')
-		if len(name) >= 20:
+		if len(name) >= 26:
-			logSys.warning("Jail name %r might be too long and some commands"
+			logSys.warning("Jail name %r might be too long and some commands "
-							" (e.g. iptables) might not function correctly."
+							"might not function correctly. Please shorten"
-							" Please shorten"
 							% name)
 		self.__name = name