mirror of https://github.com/fail2ban/fail2ban
Reverting chains to chain in order to preserve backward compatibilityu
backing to the option named "chain", using "iteredchain" a new variable to iterate over.pull/3909/head
parent
139151ec81
commit
37f72f88ef
|
@ -65,19 +65,19 @@ rule-jump = -j <_ipt_rule_target>
|
||||||
# Several capabilities used internally:
|
# Several capabilities used internally:
|
||||||
|
|
||||||
_ipt_for_proto-iter = for proto in $(echo '<protocol>' | sed 's/,/ /g'); do
|
_ipt_for_proto-iter = for proto in $(echo '<protocol>' | sed 's/,/ /g'); do
|
||||||
_ipt_for_chain-iter = for chain in $(echo '<chains>' | sed 's/,/ /g'); do
|
_ipt_for_chain-iter = for iteredchain in $(echo '<chain>' | sed 's/,/ /g'); do
|
||||||
_ipt_for_chain-done = done;
|
_ipt_for_chain-done = done;
|
||||||
_ipt_for_proto-done = done
|
_ipt_for_proto-done = done
|
||||||
|
|
||||||
_ipt_add_rules = <_ipt_for_proto-iter>
|
_ipt_add_rules = <_ipt_for_proto-iter>
|
||||||
<_ipt_for_chain-iter>
|
<_ipt_for_chain-iter>
|
||||||
{ %(_ipt_check_rule)s >/dev/null 2>&1; } || { <iptables> -I $chain %(_ipt_chain_rule)s; }
|
{ %(_ipt_check_rule)s >/dev/null 2>&1; } || { <iptables> -I $iteredchain %(_ipt_chain_rule)s; }
|
||||||
<_ipt_for_chain-done>
|
<_ipt_for_chain-done>
|
||||||
<_ipt_for_proto-done>
|
<_ipt_for_proto-done>
|
||||||
|
|
||||||
_ipt_del_rules = <_ipt_for_proto-iter>
|
_ipt_del_rules = <_ipt_for_proto-iter>
|
||||||
<_ipt_for_chain-iter>
|
<_ipt_for_chain-iter>
|
||||||
<iptables> -D $chain %(_ipt_chain_rule)s
|
<iptables> -D $iteredchain %(_ipt_chain_rule)s
|
||||||
<_ipt_for_chain-done>
|
<_ipt_for_chain-done>
|
||||||
<_ipt_for_proto-done>
|
<_ipt_for_proto-done>
|
||||||
|
|
||||||
|
@ -88,7 +88,7 @@ _ipt_check_rules = <_ipt_for_proto-iter>
|
||||||
<_ipt_for_proto-done>
|
<_ipt_for_proto-done>
|
||||||
|
|
||||||
_ipt_chain_rule = <pre-rule><ipt_<type>/_chain_rule>
|
_ipt_chain_rule = <pre-rule><ipt_<type>/_chain_rule>
|
||||||
_ipt_check_rule = <iptables> -C $chain %(_ipt_chain_rule)s
|
_ipt_check_rule = <iptables> -C $iteredchain %(_ipt_chain_rule)s
|
||||||
_ipt_rule_target = f2b-<name>
|
_ipt_rule_target = f2b-<name>
|
||||||
|
|
||||||
[ipt_oneport]
|
[ipt_oneport]
|
||||||
|
@ -106,12 +106,12 @@ _chain_rule = -p $proto <rule-jump>
|
||||||
|
|
||||||
[Init]
|
[Init]
|
||||||
|
|
||||||
# Option: chains
|
# Option: chain
|
||||||
# Notes specifies the iptables chains to which the Fail2Ban rules should be
|
# Notes specifies the iptables chains to which the Fail2Ban rules should be
|
||||||
# added. May be a sigle chain (eg. INPUT) or a comma separated list
|
# added. May be a sigle chain (eg. INPUT) or a comma separated list
|
||||||
# (eg. INPUT, FORWARD)
|
# (eg. INPUT, FORWARD)
|
||||||
# Values: STRING Default: INPUT
|
# Values: STRING Default: INPUT
|
||||||
chains = INPUT
|
chain = INPUT
|
||||||
|
|
||||||
# Default name of the chain
|
# Default name of the chain
|
||||||
#
|
#
|
||||||
|
|
Loading…
Reference in New Issue