Merge pull request #2298 from chtheis/0.11 (rebased to 0.10)

ChangeLog

@@ -37,6 +37,8 @@ ver. 0.10.5-dev-1 (20??/??/??) - development edition
 ### Fixes
 * fixed read of included config-files (`.local` overwrites options of `.conf` for config-files 
   included with before/after)
+* `action.d/helpers-common.conf`: rewritten grep arguments, now options `-wF` used to match only
+  whole words and fixed string (not as pattern), gh-2298
 * `filter.d/sshd.conf`:
   - captures `Disconnecting ...: Change of username or service not allowed` (gh-2239, gh-2279)
   - captures `Disconnected from ... [preauth]` (`extra`/`aggressive` mode and preauth phase only, gh-2239, gh-2279)

config/action.d/helpers-common.conf

@@ -4,8 +4,9 @@
 #   _grep_logs_args = 'test'
 #   (printf %%b "Log-excerpt contains 'test':\n"; %(_grep_logs)s; printf %%b "Log-excerpt contains 'test':\n") | mail ...
 #
-_grep_logs = logpath="<logpath>"; grep <grepopts> -E %(_grep_logs_args)s $logpath | <greplimit>
-_grep_logs_args = "(^|[^0-9a-fA-F:])$(echo '<ip>' | sed 's/\./\\./g')([^0-9a-fA-F:]|$)"
+_grep_logs = logpath="<logpath>"; grep <grepopts> %(_grep_logs_args)s $logpath | <greplimit>
+# options `-wF` used to match only whole words and fixed string (not as pattern)
+_grep_logs_args = -wF "<ip>"
 
 # Used for actions, that should not by executed if ticket was restored:
 _bypass_if_restored = if [ '<restored>' = '1' ]; then exit 0; fi;