mirror of https://github.com/fail2ban/fail2ban
Remove a bunch of patches (merged upstream)
Sylvestre Ledru
parent
fc88fb6e47
commit
276fb8b2ab
|
|
@ -11,6 +11,7 @@ fail2ban (1.0.1-1~exp1) experimental; urgency=medium
|
|||
[ Sylvestre Ledru ]
|
||||
* New upstream release
|
||||
* Fix debian/watch
|
||||
* Remove a bunch of patches (merged upstream)
|
||||
|
||||
-- Sylvestre Ledru <sylvestre@debian.org> Wed, 28 Sep 2022 07:16:20 -1000
|
||||
|
||||
|
|
|
|||
|
|
@ -1,64 +0,0 @@
|
|||
From 5ac303df8a171f748330d4c645ccbf1c2c7f3497 Mon Sep 17 00:00:00 2001
|
||||
From: sebres <info@sebres.de>
|
||||
Date: Sun, 19 Sep 2021 18:49:18 +0200
|
||||
Subject: [PATCH] fix gh-3098: build fails with error in fail2ban setup
|
||||
command: use_2to3 is invalid (setuptools 58+)
|
||||
|
||||
---
|
||||
setup.py | 16 +---------------
|
||||
1 file changed, 1 insertion(+), 15 deletions(-)
|
||||
|
||||
Index: fail2ban/setup.py
|
||||
===================================================================
|
||||
--- fail2ban.orig/setup.py
|
||||
+++ fail2ban/setup.py
|
||||
@@ -56,7 +56,7 @@ import warnings
|
||||
from glob import glob
|
||||
|
||||
from fail2ban.setup import updatePyExec
|
||||
-
|
||||
+from fail2ban.version import version
|
||||
|
||||
source_dir = os.path.realpath(os.path.dirname(
|
||||
# __file__ seems to be overwritten sometimes on some python versions (e.g. bug of 2.6 by running under cProfile, etc.):
|
||||
@@ -120,22 +120,12 @@ class install_scripts_f2b(install_script
|
||||
# Wrapper to specify fail2ban own options:
|
||||
class install_command_f2b(install):
|
||||
user_options = install.user_options + [
|
||||
- ('disable-2to3', None, 'Specify to deactivate 2to3, e.g. if the install runs from fail2ban test-cases.'),
|
||||
('without-tests', None, 'without tests files installation'),
|
||||
]
|
||||
def initialize_options(self):
|
||||
- self.disable_2to3 = None
|
||||
self.without_tests = not with_tests
|
||||
install.initialize_options(self)
|
||||
def finalize_options(self):
|
||||
- global _2to3
|
||||
- ## in the test cases 2to3 should be already done (fail2ban-2to3):
|
||||
- if self.disable_2to3:
|
||||
- _2to3 = False
|
||||
- if _2to3:
|
||||
- cmdclass = self.distribution.cmdclass
|
||||
- cmdclass['build_py'] = build_py_2to3
|
||||
- cmdclass['build_scripts'] = build_scripts_2to3
|
||||
if self.without_tests:
|
||||
self.distribution.scripts.remove('bin/fail2ban-testcases')
|
||||
|
||||
@@ -186,7 +176,6 @@ commands.'''
|
||||
if setuptools:
|
||||
setup_extra = {
|
||||
'test_suite': "fail2ban.tests.utils.gatherTests",
|
||||
- 'use_2to3': True,
|
||||
}
|
||||
else:
|
||||
setup_extra = {}
|
||||
@@ -210,9 +199,6 @@ if platform_system in ('linux', 'solaris
|
||||
('/usr/share/doc/fail2ban', doc_files)
|
||||
)
|
||||
|
||||
-# Get version number, avoiding importing fail2ban.
|
||||
-# This is due to tests not functioning for python3 as 2to3 takes place later
|
||||
-exec(open(join("fail2ban", "version.py")).read())
|
||||
|
||||
setup(
|
||||
name = "fail2ban",
|
||||
|
|
@ -1,23 +0,0 @@
|
|||
diff --git a/config/filter.d/courier-auth.conf b/config/filter.d/courier-auth.conf
|
||||
index 1ac33736a..d5ba9c505 100644
|
||||
--- a/config/filter.d/courier-auth.conf
|
||||
+++ b/config/filter.d/courier-auth.conf
|
||||
@@ -11,7 +11,7 @@ before = common.conf
|
||||
|
||||
_daemon = (?:courier)?(?:imapd?|pop3d?)(?:login)?(?:-ssl)?
|
||||
|
||||
-failregex = ^%(__prefix_line)sLOGIN FAILED, (?:user|method)=.*, ip=\[<HOST>\]$
|
||||
+failregex = ^%(__prefix_line)sLOGIN FAILED, (?:(?!ip=)(?:user=<F-USER>[^,]*</F-USER>|\w+=[^,]*), )*ip=\[<HOST>\]
|
||||
|
||||
ignoreregex =
|
||||
|
||||
diff --git a/fail2ban/tests/files/logs/courier-auth b/fail2ban/tests/files/logs/courier-auth
|
||||
index 3505e1092..8a20a27fb 100644
|
||||
--- a/fail2ban/tests/files/logs/courier-auth
|
||||
+++ b/fail2ban/tests/files/logs/courier-auth
|
||||
@@ -8,3 +8,5 @@ Nov 13 08:11:53 server imapd-ssl: LOGIN FAILED, user=user@domain.tld, ip=[::ffff
|
||||
Apr 17 19:17:11 SERVER courierpop3login: LOGIN FAILED, user=USER@EXAMPLE.org, ip=[::ffff:1.2.3.4]
|
||||
# failJSON: { "time": "2005-04-17T19:17:12", "match": true , "host": "192.0.2.4" }
|
||||
Apr 17 19:17:12 server imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:192.0.2.4]
|
||||
+# failJSON: { "time": "2005-04-27T09:00:00", "match": true , "user": "tester", "host": "192.0.2.5" }
|
||||
+Apr 27 09:00:00 servername imapd: LOGIN FAILED, user=tester, ip=[::ffff:192.0.2.5], port=[255]
|
||||
|
|
@ -1,11 +0,0 @@
|
|||
Index: fail2ban/config/paths-debian.conf
|
||||
===================================================================
|
||||
--- fail2ban.orig/config/paths-debian.conf
|
||||
+++ fail2ban/config/paths-debian.conf
|
||||
@@ -26,3 +26,6 @@ exim_main_log = /var/log/exim4/mainlog
|
||||
# was in debian squeezy but not in wheezy
|
||||
# /etc/proftpd/proftpd.conf (SystemLog)
|
||||
proftpd_log = /var/log/proftpd/proftpd.log
|
||||
+
|
||||
+# Debian specific path
|
||||
+roundcube_errors_log = /var/log/roundcube/errors.log
|
||||
|
|
@ -1,9 +0,0 @@
|
|||
Index: fail2ban/files/fail2ban.service.in
|
||||
===================================================================
|
||||
--- fail2ban.orig/files/fail2ban.service.in
|
||||
+++ fail2ban/files/fail2ban.service.in
|
||||
@@ -20,3 +20,4 @@ Environment="PYTHONNOUSERSITE=yes"
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
+WantedBy=logrotate.service
|
||||
|
|
@ -1,13 +0,0 @@
|
|||
Index: fail2ban/man/fail2ban-client.1
|
||||
===================================================================
|
||||
--- fail2ban.orig/man/fail2ban-client.1
|
||||
+++ fail2ban/man/fail2ban-client.1
|
||||
@@ -415,7 +415,7 @@ gets the time a host is banned for
|
||||
<JAIL>
|
||||
.TP
|
||||
\fBget <JAIL> datepattern\fR
|
||||
-gets the patern used to match
|
||||
+gets the pattern used to match
|
||||
date/times for <JAIL>
|
||||
.TP
|
||||
\fBget <JAIL> usedns\fR
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
Index: fail2ban/bin/fail2ban-testcases
|
||||
===================================================================
|
||||
--- fail2ban.orig/bin/fail2ban-testcases
|
||||
+++ fail2ban/bin/fail2ban-testcases
|
||||
@@ -1,4 +1,4 @@
|
||||
-#!/usr/bin/env python
|
||||
+#!/usr/bin/env python3
|
||||
# emacs: -*- mode: python; py-indent-offset: 4; indent-tabs-mode: t -*-
|
||||
# vi: set ft=python sts=4 ts=4 sw=4 noet :
|
||||
"""Script to run Fail2Ban tests battery
|
||||
|
|
@ -1,61 +0,0 @@
|
|||
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
|
||||
index 7a1d31df3d..262448c2da 100644
|
||||
--- a/.github/workflows/main.yml
|
||||
+++ b/.github/workflows/main.yml
|
||||
@@ -22,7 +22,7 @@ jobs:
|
||||
runs-on: ubuntu-20.04
|
||||
strategy:
|
||||
matrix:
|
||||
- python-version: [2.7, 3.5, 3.6, 3.7, 3.8, 3.9, pypy2, pypy3]
|
||||
+ python-version: [2.7, 3.5, 3.6, 3.7, 3.8, 3.9, '3.10.0-alpha.5', pypy2, pypy3]
|
||||
fail-fast: false
|
||||
# Steps represent a sequence of tasks that will be executed as part of the job
|
||||
steps:
|
||||
diff --git a/fail2ban/server/action.py b/fail2ban/server/action.py
|
||||
index 3bc48fe046..f0f1e6f59a 100644
|
||||
--- a/fail2ban/server/action.py
|
||||
+++ b/fail2ban/server/action.py
|
||||
@@ -30,7 +30,10 @@
|
||||
import threading
|
||||
import time
|
||||
from abc import ABCMeta
|
||||
-from collections import MutableMapping
|
||||
+try:
|
||||
+ from collections.abc import MutableMapping
|
||||
+except ImportError:
|
||||
+ from collections import MutableMapping
|
||||
|
||||
from .failregex import mapTag2Opt
|
||||
from .ipdns import DNSUtils
|
||||
diff --git a/fail2ban/server/actions.py b/fail2ban/server/actions.py
|
||||
index b7b95b445a..897d907c1a 100644
|
||||
--- a/fail2ban/server/actions.py
|
||||
+++ b/fail2ban/server/actions.py
|
||||
@@ -28,7 +28,10 @@
|
||||
import os
|
||||
import sys
|
||||
import time
|
||||
-from collections import Mapping
|
||||
+try:
|
||||
+ from collections.abc import Mapping
|
||||
+except ImportError:
|
||||
+ from collections import Mapping
|
||||
try:
|
||||
from collections import OrderedDict
|
||||
except ImportError:
|
||||
diff --git a/fail2ban/server/jails.py b/fail2ban/server/jails.py
|
||||
index 972a8c4bd2..27e12ddf65 100644
|
||||
--- a/fail2ban/server/jails.py
|
||||
+++ b/fail2ban/server/jails.py
|
||||
@@ -22,7 +22,10 @@
|
||||
__license__ = "GPL"
|
||||
|
||||
from threading import Lock
|
||||
-from collections import Mapping
|
||||
+try:
|
||||
+ from collections.abc import Mapping
|
||||
+except ImportError:
|
||||
+ from collections import Mapping
|
||||
|
||||
from ..exceptions import DuplicateJailException, UnknownJailException
|
||||
from .jail import Jail
|
||||
|
|
@ -1,59 +0,0 @@
|
|||
From f15ed356198728c18470794ce6d88fb786571dc4 Mon Sep 17 00:00:00 2001
|
||||
From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
|
||||
Date: Thu, 25 Feb 2021 20:13:18 +0100
|
||||
Subject: [PATCH 1/5] config/: Add support for filtering out detected port
|
||||
scans via scanlogd.
|
||||
|
||||
---
|
||||
config/filter.d/scanlogd.conf | 17 +++++++++++++++++
|
||||
config/jail.conf | 3 +++
|
||||
2 files changed, 20 insertions(+)
|
||||
create mode 100644 config/filter.d/scanlogd.conf
|
||||
|
||||
Index: fail2ban/config/filter.d/scanlogd.conf
|
||||
===================================================================
|
||||
--- /dev/null
|
||||
+++ fail2ban/config/filter.d/scanlogd.conf
|
||||
@@ -0,0 +1,17 @@
|
||||
+# Fail2Ban filter for port scans detected by scanlogd
|
||||
+
|
||||
+[INCLUDES]
|
||||
+
|
||||
+# Read common prefixes. If any customizations available -- read them from
|
||||
+# common.local
|
||||
+before = common.conf
|
||||
+
|
||||
+[Definition]
|
||||
+
|
||||
+_daemon = scanlogd
|
||||
+
|
||||
+failregex = ^%(__prefix_line)s<ADDR>(?::<F-PORT/>)? to \S+ ports\b
|
||||
+
|
||||
+ignoreregex =
|
||||
+
|
||||
+# Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
|
||||
Index: fail2ban/config/jail.conf
|
||||
===================================================================
|
||||
--- fail2ban.orig/config/jail.conf
|
||||
+++ fail2ban/config/jail.conf
|
||||
@@ -962,3 +962,7 @@ logpath = %(apache_error_log)s
|
||||
# see `filter.d/traefik-auth.conf` for details and service example.
|
||||
port = http,https
|
||||
logpath = /var/log/traefik/access.log
|
||||
+
|
||||
+[scanlogd]
|
||||
+logpath = %(syslog_local0)s
|
||||
+banaction = %(banaction_allports)s
|
||||
Index: fail2ban/fail2ban/tests/files/logs/scanlogd
|
||||
===================================================================
|
||||
--- /dev/null
|
||||
+++ fail2ban/fail2ban/tests/files/logs/scanlogd
|
||||
@@ -0,0 +1,8 @@
|
||||
+# failJSON: { "time": "2005-03-05T21:44:43", "match": true , "host": "192.0.2.123" }
|
||||
+Mar 5 21:44:43 srv scanlogd: 192.0.2.123 to 192.0.2.1 ports 80, 81, 83, 88, 99, 443, 1080, 3128, ..., f????uxy, TOS 00, TTL 49 @20:44:43
|
||||
+# failJSON: { "time": "2005-03-05T21:44:44", "match": true , "host": "192.0.2.123" }
|
||||
+Mar 5 21:44:44 srv scanlogd: 192.0.2.123 to 192.0.2.1 ports 497, 515, 544, 543, 464, 513, ..., fSrpauxy, TOS 00 @09:04:25
|
||||
+# failJSON: { "time": "2005-03-05T21:44:45", "match": true , "host": "192.0.2.123" }
|
||||
+Mar 5 21:44:45 srv scanlogd: 192.0.2.123 to 192.0.2.1 ports 593, 548, 636, 646, 625, 631, ..., fSrpauxy, TOS 00, TTL 239 @17:34:00
|
||||
+# failJSON: { "time": "2005-03-05T21:44:46", "match": true , "host": "192.0.2.123" }
|
||||
+Mar 5 21:44:46 srv scanlogd: 192.0.2.123 to 192.0.2.1 ports 22, 26, 37, 80, 25, 79, ..., fSrpauxy, TOS 00 @22:38:37
|
||||
|
|
@ -6,11 +6,4 @@ deb_no_iptables_service
|
|||
python3-test-suite.diff
|
||||
no-python-user.diff
|
||||
roundcube.diff
|
||||
debian_roundcube.diff
|
||||
systemd-run.diff
|
||||
scanlogd.patch
|
||||
997601-use_2to3.diff
|
||||
python3.10.diff
|
||||
#fix-race.diff
|
||||
courier-auth.diff
|
||||
fix-typo.diff
|
||||
|
|
|
|||
Loading…
Reference in New Issue