From 2c576c64f8192cad469bd839321c03bcc1f8113a Mon Sep 17 00:00:00 2001
From: Pablo Rodriguez Fernandez <pablorf.dev@outlook.com>
Date: Tue, 20 Oct 2015 10:37:07 +0200
Subject: [PATCH] Change domain filter regex

Change domain filter regex since there are other Google crawlers.
See "Google crawlers"
<https://support.google.com/webmasters/answer/1061943?hl=en>
---
 ChangeLog                                           | 3 +++
 config/filter.d/ignorecommands/apache-fakegooglebot | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 2f5a158b..9449f2cd 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -21,6 +21,7 @@ ver. 0.9.4 (2015/XX/XXX) - wanna-be-released
    * Treat failed and killed execution of commands identically (only
      different log messages), which addresses different behavior on different
      exit codes of dash and bash (gh-1155)
+   * Fix jail.conf.5 man's section (gh-1226)
 
 - New Features:
 
@@ -34,6 +35,8 @@ ver. 0.9.4 (2015/XX/XXX) - wanna-be-released
      (Thanks M. Maraun)
    * Added check against atacker's Googlebot PTR fake records
      (Thanks Pablo Rodriguez Fernandez)
+   * Enhance filter against atacker's Googlebot PTR fake records
+     (gh-1226)
 
 ver. 0.9.3 (2015/08/01) - lets-all-stay-friends
 ----------
diff --git a/config/filter.d/ignorecommands/apache-fakegooglebot b/config/filter.d/ignorecommands/apache-fakegooglebot
index 9e0f0d83..19fb5107 100755
--- a/config/filter.d/ignorecommands/apache-fakegooglebot
+++ b/config/filter.d/ignorecommands/apache-fakegooglebot
@@ -26,7 +26,7 @@ def is_googlebot(ip):
     from fail2ban.server.filter import DNSUtils
 
     host = DNSUtils.ipToName(ip)
-    if not host or not re.match('crawl-.*\.googlebot\.com$', host):
+    if not host or not re.match('.*\.google(bot)?\.com$', host):
        sys.exit(1)
     host_ips = DNSUtils.dnsToIp(host)
     sys.exit(0 if ip in host_ips else 1)