Test, changelog and fixes to pass2allow

ChangeLog

@@ -32,11 +32,14 @@ ver. 0.9.3 (2015/XX/XXX) - wanna-be-released
      currently not banned or persistent)
 
 - New Features:
+   * RETURN iptables target is now a variable: <returntype>
+   * New type of operation: pass2allow, use fail2ban for "knocking",
+     opening a closed port by swapping blocktype and returntype
    * New filters:
      - froxlor-auth  Thanks Joern Muehlencord
-   * New type of operation:
-     - pass2allow: use fail2ban for "knocking", opening a closed port
-       (apache-pass filter, allow-iptables-multiport action)
+     - apache-pass - filter Apache access log for successfull authentication
+   * New jails:
+     - pass2allow-ftp - allows FTP traffic after successful HTTP authentication
 
 - Enhancements:
    * action.d/cloudflare.conf - improved documentation on how to allow

config/jail.conf

@@ -768,17 +768,14 @@ enabled  = false
 logpath  = /var/lib/portsentry/portsentry.history
 maxretry = 1
 
-[pass2allow]
-# allow FTP traffic after successful HTTP auth
-enabled    = false
+[pass2allow-ftp]
+# this pass2allow example allows FTP traffic after successful HTTP authentication
 filter     = apache-pass
-banaction  = iptables-multiport
 blocktype  = RETURN
 returntype = DROP
 # access log of the website with HTTP auth
-logpath    = /var/log/apache2/access.log
+logpath    = %(apache_access_log)s
 port       = ftp,ftp-data,ftps,ftps-data
-protocol   = tcp
 bantime    = 3600
 maxretry   = 1
 findtime   = 1

fail2ban/tests/files/logs/apache-pass

@@ -0,0 +1,2 @@
+# failJSON: { "time": "2013-06-27T11:55:44", "match": true , "host": "192.0.2.12" }
+192.0.2.12 - user1 [27/Jun/2013:11:55:44] "GET /knocking/ HTTP/1.1" 200 266 "http://domain.net/hello-world/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:40.0) Gecko/20100101 Firefox/40.0"