From 4bbea5b41b1ff9a00b567796315bc22adb699ed9 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Mon, 30 Oct 2006 03:32:29 +0000
Subject: [PATCH] * Corrected init.d script to properly perform restart due to
 server delay to   react to client command to stop. Handling of status was
 adjusted as well * Added apache-noscript to jail.conf * Default action does
 not send emails to be inline with previous (0.6.x)   behavior

---
 debian/changelog     | 15 +++++++++
 debian/fail2ban.init | 74 +++++++++++++++++++++++++++++++-------------
 debian/jail.conf     | 15 +++++++--
 3 files changed, 81 insertions(+), 23 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 471038b2..e74dd5d2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,18 @@
+fail2ban (0.7.4~pre20061023.2-3) experimental; urgency=low
+
+  * Corrected init.d script to properly perform restart due to server delay to
+    react to client command to stop. Handling of status was adjusted as well
+
+ -- Yaroslav Halchenko <debian@onerussian.com>  Sun, 29 Oct 2006 22:29:27 -0500
+
+fail2ban (0.7.4~pre20061023.2-2) experimental; urgency=low
+
+  * Added apache-noscript to jail.conf
+  * Default action does not send emails to be inline with previous (0.6.x)
+    behavior
+
+ -- Yaroslav Halchenko <debian@onerussian.com>  Thu, 26 Oct 2006 13:27:20 -0400
+
 fail2ban (0.7.4~pre20061023.2-1) experimental; urgency=low
 
   * Fresh upstream: fixed a bug with not handling error producing
diff --git a/debian/fail2ban.init b/debian/fail2ban.init
index 0fd9070a..593c2cdd 100644
--- a/debian/fail2ban.init
+++ b/debian/fail2ban.init
@@ -59,14 +59,48 @@ do_start()
 	#	0 if daemon has been started
 	#	1 if daemon was already running
 	#	2 if daemon could not be started
-	start-stop-daemon --start --quiet --user root --exec $DAEMON --test -- \
-		$DAEMON_ARGS start > /dev/null \
-		|| return 1
+	do_status && return 1
 	start-stop-daemon --start --quiet --chuid root --exec $DAEMON -- \
 		$DAEMON_ARGS start > /dev/null\
 		|| return 2
 }
 
+#
+# Shortcut function for abnormal init script interruption
+#
+report_bug()
+{
+	echo $*
+	echo "Please submit a bug report to Debian BTS (reportbug fail2ban)"
+	exit 1
+}
+
+#
+# Function that checks the status of fail2ban and returns
+# corresponding code
+#
+do_status()
+{
+	$DAEMON status > /dev/null
+	case $? in
+		0) return 0
+			;;
+		255)
+			if [ -S $SOCKFILE ]; then
+				if [ -r $SOCKFILE ]; then
+					return 1
+				else
+					return 4
+				fi
+			else
+				return 3
+			fi
+			;;
+		*)
+			report_bug "Unknown return code from fail2ban."
+	esac
+}
+
 #
 # Function that stops the daemon/service
 #
@@ -109,6 +143,16 @@ case "$1" in
 		do_stop
 		case "$?" in
 			0|1)
+                # now we need actually to wait a bit since it might take time
+   		        # for server to react on client's stop request
+				count=1
+				while do_status && [ $count -lt 10 ]; do
+					sleep 1
+					count=$(($count+1))
+				done
+
+				[ $count -lt 10 ] || log_end_msg 1 # failed to stop
+
 				do_start
 				log_end_msg_wrapper $? 1
 				;;
@@ -120,25 +164,13 @@ case "$1" in
 		;;
 	status)
 		log_daemon_msg "Status of $DESC"
-		$DAEMON status > /dev/null
+		do_status
 		case $? in
-			0)  log_success_msg " $NAME is running"
-				exit 0
-				;;
-			255)
-				if [ -S $SOCKFILE ]; then
-					if [ -r $SOCKFILE ]; then
-						log_failure_msg " $NAME is not running but $SOCKFILE exists"
-						exit 1
-					else
-						log_failure_msg " $SOCKFILE not readable, status of $NAME unknown"
-						exit 4
-					fi
-				else
-					log_warning_msg " $NAME is not running"
-					exit 3
-				fi
-				;;
+			0)  log_success_msg " $NAME is running" ;;
+			1)  log_failure_msg " $NAME is not running but $SOCKFILE exists" ;;
+			3)  log_warning_msg " $NAME is not running" ;;
+			4)  log_failure_msg " $SOCKFILE not readable, status of $NAME unknown";;
+			*)  report_bug "Unknown status code"
 		esac
 		;;
 	*)
diff --git a/debian/jail.conf b/debian/jail.conf
index 6099b895..b56046c1 100644
--- a/debian/jail.conf
+++ b/debian/jail.conf
@@ -26,10 +26,13 @@ maxretry = 3
 # jail.{conf,local} configuration files.
 destemail = root@localhost
 
+# Default action to take: ban only
+action = iptables[name=%(__name__)s, port=%(port)s]
+
 # Default action to take: ban & send an e-mail with whois report
 # to the destemail
-action = iptables[name=%(__name__)s, port=%(port)s]
-		 mail-whois[name=%(__name__)s, dest=%(destemail)s]
+#action = iptables[name=%(__name__)s, port=%(port)s]
+# 	  mail-whois[name=%(__name__)s, dest=%(destemail)s]
 
 #
 # Next jails corresponds to the standard configuration in Fail2ban 0.6.
@@ -62,6 +65,14 @@ logpath = /var/log/apache*/*access.log
 maxretry = 6
 
 
+[apache-noscript]
+
+enabled = false
+port    = http
+filter  = apache-noscript
+logpath = /var/log/apache*/*error.log
+maxretry = 6
+
 #
 # FTP servers
 #