diff --git a/debian/patches/0001-BF-RF-test-for-being-a-root-to-check-if-actually-can.patch b/debian/patches/0001-BF-RF-test-for-being-a-root-to-check-if-actually-can.patch
index cc46b2f6..dabba9e5 100644
--- a/debian/patches/0001-BF-RF-test-for-being-a-root-to-check-if-actually-can.patch
+++ b/debian/patches/0001-BF-RF-test-for-being-a-root-to-check-if-actually-can.patch
@@ -8,27 +8,3 @@ Subject: [PATCH] BF: RF test for "being a root" to check if actually can read
  fail2ban/tests/filtertestcase.py | 10 +++++++++-
  1 file changed, 9 insertions(+), 1 deletion(-)
 
-diff --git a/fail2ban/tests/filtertestcase.py b/fail2ban/tests/filtertestcase.py
-index b707beb5..40cf51f9 100644
---- a/fail2ban/tests/filtertestcase.py
-+++ b/fail2ban/tests/filtertestcase.py
-@@ -675,7 +675,15 @@ class LogFileMonitor(LogCaptureTestCase):
- 		os.chmod(self.name, 0)
- 		self.filter.getFailures(self.name)
- 		failure_was_logged = self._is_logged('Unable to open %s' % self.name)
--		is_root = getpass.getuser() == 'root'
-+		# verify that we cannot access the file. Checking by name of user is not
-+		# sufficient since could be a fakeroot or some other super-user
-+		try:
-+			with open(self.name) as f:
-+				f.read()
-+			is_root = True
-+		except IOError:
-+			is_root = False
-+
- 		# If ran as root, those restrictive permissions would not
- 		# forbid log to be read.
- 		self.assertTrue(failure_was_logged != is_root)
--- 
-2.15.1
-
diff --git a/debian/patches/0001-BF-use-tests.utils.CONFIG_DIR-instead-of-hardcoded-c.patch b/debian/patches/0001-BF-use-tests.utils.CONFIG_DIR-instead-of-hardcoded-c.patch
index 3523eea8..6c6589c9 100644
--- a/debian/patches/0001-BF-use-tests.utils.CONFIG_DIR-instead-of-hardcoded-c.patch
+++ b/debian/patches/0001-BF-use-tests.utils.CONFIG_DIR-instead-of-hardcoded-c.patch
@@ -10,25 +10,3 @@ and thus cannot test in a build directory which is out of source
  fail2ban/tests/fail2banclienttestcase.py | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
-diff --git a/fail2ban/tests/fail2banclienttestcase.py b/fail2ban/tests/fail2banclienttestcase.py
-index 1e2d1b33..65653a8e 100644
---- a/fail2ban/tests/fail2banclienttestcase.py
-+++ b/fail2ban/tests/fail2banclienttestcase.py
-@@ -44,13 +44,13 @@ from ..server import server
- from ..server.mytime import MyTime
- from ..server.utils import Utils
- from .utils import LogCaptureTestCase, logSys as DefLogSys, with_tmpdir, shutil, logging
-+from .utils import CONFIG_DIR as STOCK_CONF_DIR
- 
- from ..helpers import getLogger
- 
- # Gets the instance of the logger.
- logSys = getLogger(__name__)
- 
--STOCK_CONF_DIR = "config"
- STOCK = exists(pjoin(STOCK_CONF_DIR, 'fail2ban.conf'))
- 
- CLIENT = "fail2ban-client"
--- 
-2.15.1
-
diff --git a/debian/patches/0002-ENH-verify-that-use_stock_cfg-was-not-provided-while.patch b/debian/patches/0002-ENH-verify-that-use_stock_cfg-was-not-provided-while.patch
index a4cb5e11..6afce19a 100644
--- a/debian/patches/0002-ENH-verify-that-use_stock_cfg-was-not-provided-while.patch
+++ b/debian/patches/0002-ENH-verify-that-use_stock_cfg-was-not-provided-while.patch
@@ -10,19 +10,16 @@ so decided to make it more explicit
  fail2ban/tests/fail2banclienttestcase.py | 2 ++
  1 file changed, 2 insertions(+)
 
-diff --git a/fail2ban/tests/fail2banclienttestcase.py b/fail2ban/tests/fail2banclienttestcase.py
-index 65653a8e..94790b04 100644
---- a/fail2ban/tests/fail2banclienttestcase.py
-+++ b/fail2ban/tests/fail2banclienttestcase.py
-@@ -153,6 +153,8 @@ def _start_params(tmp, use_stock=False, use_stock_cfg=None,
+Index: fail2ban/fail2ban/tests/fail2banclienttestcase.py
+===================================================================
+--- fail2ban.orig/fail2ban/tests/fail2banclienttestcase.py
++++ fail2ban/fail2ban/tests/fail2banclienttestcase.py
+@@ -173,6 +173,8 @@ def _start_params(tmp, use_stock=False,
  			"""Filters list of 'files' to contain only directories (under dir)"""
  			return [f for f in files if isdir(pjoin(dir, f))]
  		shutil.copytree(STOCK_CONF_DIR, cfg, ignore=ig_dirs)
 +		assert use_stock_cfg is None, \
 +			"We are about to overload use_stock_cfg from the one provided %s" % repr(use_stock_cfg)
- 		use_stock_cfg = ('action.d', 'filter.d')
+ 		if use_stock_cfg is None: use_stock_cfg = ('action.d', 'filter.d')
  		# replace fail2ban params (database with memory):
  		r = re.compile(r'^dbfile\s*=')
--- 
-2.15.1
-
diff --git a/debian/patches/0003-BF-look-for-system.journal-also-under-system-state-l.patch b/debian/patches/0003-BF-look-for-system.journal-also-under-system-state-l.patch
index 3f72a414..2d4da3a2 100644
--- a/debian/patches/0003-BF-look-for-system.journal-also-under-system-state-l.patch
+++ b/debian/patches/0003-BF-look-for-system.journal-also-under-system-state-l.patch
@@ -9,38 +9,3 @@ as it happens on Debian systems
  fail2ban/tests/filtertestcase.py | 21 ++++++++++++++++-----
  1 file changed, 16 insertions(+), 5 deletions(-)
 
-diff --git a/fail2ban/tests/filtertestcase.py b/fail2ban/tests/filtertestcase.py
-index 1803974b..b707beb5 100644
---- a/fail2ban/tests/filtertestcase.py
-+++ b/fail2ban/tests/filtertestcase.py
-@@ -1173,11 +1173,22 @@ def get_monitor_failures_journal_testcase(Filter_): # pragma: systemd no cover
- 			super(MonitorJournalFailures, self).tearDown()
- 
- 		def _getRuntimeJournal(self):
--			# retrieve current system journal path
--			tmp = Utils.executeCmd('find "$(systemd-path system-runtime-logs)" -name system.journal', 
--				timeout=10, shell=True, output=True);
--			self.assertTrue(tmp)
--			return str(tmp[1].decode('utf-8')).split('\n')[0]
-+			"""Retrieve current system journal path
-+
-+			If none found, None will be returned
-+			"""
-+			# Depending on the system, it could be found under /run or /var/log (e.g. Debian)
-+			# which are pointed by different systemd-path variables.  We will
-+			# check one at at time until the first hit
-+			for systemd_var in 'system-runtime-logs', 'system-state-logs':
-+				tmp = Utils.executeCmd(
-+					'find "$(systemd-path %s)" -name system.journal' % systemd_var,
-+					timeout=10, shell=True, output=True
-+				)
-+				self.assertTrue(tmp)
-+				out = str(tmp[1].decode('utf-8')).split('\n')[0]
-+				if out:
-+					return out
- 
- 		def testJournalFilesArg(self):
- 			# retrieve current system journal path
--- 
-2.15.1
-
diff --git a/debian/patches/0004-BF-use-build_-_2to3-if-in-_2to3.patch b/debian/patches/0004-BF-use-build_-_2to3-if-in-_2to3.patch
index 8e0f6e04..faf4b115 100644
--- a/debian/patches/0004-BF-use-build_-_2to3-if-in-_2to3.patch
+++ b/debian/patches/0004-BF-use-build_-_2to3-if-in-_2to3.patch
@@ -12,23 +12,3 @@ changed files etc
  setup.py | 6 ++++--
  1 file changed, 4 insertions(+), 2 deletions(-)
 
-diff --git a/setup.py b/setup.py
-index 8da29268..850f748f 100755
---- a/setup.py
-+++ b/setup.py
-@@ -208,8 +208,10 @@ setup(
- 	license = "GPL",
- 	platforms = "Posix",
- 	cmdclass = {
--		'build_py': build_py, 'build_scripts': build_scripts, 
--		'install_scripts': install_scripts_f2b, 'install': install_command_f2b
-+		'build_py': build_py_2to3 if _2to3 else build_py,
-+		'build_scripts': build_scripts_2to3 if _2to3 else build_scripts,
-+		'install_scripts': install_scripts_f2b,
-+		'install': install_command_f2b
- 	},
- 	scripts = [
- 		'bin/fail2ban-client',
--- 
-2.15.1
-
diff --git a/debian/patches/deb_init_paths b/debian/patches/deb_init_paths
index f39df27c..181c061d 100644
--- a/debian/patches/deb_init_paths
+++ b/debian/patches/deb_init_paths
@@ -1,11 +1,13 @@
---- a/files/debian-initd
-+++ b/files/debian-initd
-@@ -28,7 +28,7 @@ NAME=fail2ban
+Index: fail2ban/files/debian-initd
+===================================================================
+--- fail2ban.orig/files/debian-initd
++++ fail2ban/files/debian-initd
+@@ -28,7 +28,7 @@ NAME="fail2ban"
  
  # fail2ban-client is not a daemon itself but starts a daemon and
  # loads its with configuration
--DAEMON=/usr/local/bin/$NAME-client
-+DAEMON=/usr/bin/$NAME-client
- SCRIPTNAME=/etc/init.d/$NAME
+-DAEMON="/usr/local/bin/$NAME-client"
++DAEMON="/usr/bin/$NAME-client"
+ SCRIPTNAME="/etc/init.d/$NAME"
  
  # Ad-hoc way to parse out socket file name
diff --git a/debian/patches/deb_manpages_reportbug b/debian/patches/deb_manpages_reportbug
index f9a460e5..a5abc480 100644
--- a/debian/patches/deb_manpages_reportbug
+++ b/debian/patches/deb_manpages_reportbug
@@ -2,25 +2,29 @@ From: Yaroslav Halchenko <debian@onerussian.com>
 Date: Fri, 8 Feb 2008 00:40:57 -0500
 Subject: tune ups in upstream manpages to direct users to use reportbug
 
---- a/man/fail2ban-client.1
-+++ b/man/fail2ban-client.1
-@@ -437,7 +437,7 @@ the action <ACT> for <JAIL>
+Index: fail2ban/man/fail2ban-client.1
+===================================================================
+--- fail2ban.orig/man/fail2ban-client.1
++++ fail2ban/man/fail2ban-client.1
+@@ -470,7 +470,7 @@ the action <ACT> for <JAIL>
  .SH FILES
  \fI/etc/fail2ban/*\fR
  .SH "REPORTING BUGS"
 -Report bugs to https://github.com/fail2ban/fail2ban/issues
 +Report bugs via Debian bug tracking system \fIhttp://www.debian.org/Bugs/\fR .
- .SH COPYRIGHT
- Copyright \(co 2004\-2008 Cyril Jaquier, 2008\- Fail2Ban Contributors
- .br
---- a/man/fail2ban-server.1
-+++ b/man/fail2ban-server.1
+ .SH "SEE ALSO"
+ .br 
+ fail2ban-server(1)
+Index: fail2ban/man/fail2ban-server.1
+===================================================================
+--- fail2ban.orig/man/fail2ban-server.1
++++ fail2ban/man/fail2ban-server.1
 @@ -69,7 +69,7 @@ display this help message
  \fB\-V\fR, \fB\-\-version\fR
- print the version
+ print the version (\fB\-V\fR returns machine\-readable short format)
  .SH "REPORTING BUGS"
 -Report bugs to https://github.com/fail2ban/fail2ban/issues
 +Report bugs via Debian bug tracking system \fIhttp://www.debian.org/Bugs/\fR .
- .SH COPYRIGHT
- Copyright \(co 2004\-2008 Cyril Jaquier, 2008\- Fail2Ban Contributors
- .br
+ .SH "SEE ALSO"
+ .br 
+ fail2ban-client(1)
diff --git a/debian/patches/deb_no_iptables_service b/debian/patches/deb_no_iptables_service
index 253cf7cf..c892c630 100644
--- a/debian/patches/deb_no_iptables_service
+++ b/debian/patches/deb_no_iptables_service
@@ -15,13 +15,15 @@ Origin: Fedora, Debian
 Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871993
 Last-Update: 2018-04-04
 
---- a/files/fail2ban.service.in
-+++ b/files/fail2ban.service.in
+Index: fail2ban/files/fail2ban.service.in
+===================================================================
+--- fail2ban.orig/files/fail2ban.service.in
++++ fail2ban/files/fail2ban.service.in
 @@ -2,7 +2,7 @@
  Description=Fail2Ban Service
  Documentation=man:fail2ban(1)
- After=network.target iptables.service firewalld.service ip6tables.service ipset.service
--PartOf=iptables.service firewalld.service ip6tables.service ipset.service
+ After=network.target iptables.service firewalld.service ip6tables.service ipset.service nftables.service
+-PartOf=iptables.service firewalld.service ip6tables.service ipset.service nftables.service
 +PartOf=firewalld.service
  
  [Service]