From 73a8175bb00ed2f456448f6edcfbf78ab7f0630e Mon Sep 17 00:00:00 2001
From: sebres <serg.brester@sebres.de>
Date: Tue, 4 Aug 2020 13:22:02 +0200
Subject: [PATCH] resolves names conflict (command action timeout and ipset
 timeout); closes gh-2790

---
 config/action.d/firewallcmd-ipset.conf             | 14 +++++++-------
 .../action.d/iptables-ipset-proto6-allports.conf   | 14 +++++++-------
 config/action.d/iptables-ipset-proto6.conf         | 14 +++++++-------
 config/action.d/shorewall-ipset-proto6.conf        | 14 +++++++-------
 4 files changed, 28 insertions(+), 28 deletions(-)

diff --git a/config/action.d/firewallcmd-ipset.conf b/config/action.d/firewallcmd-ipset.conf
index 9dd9fbb2..42513933 100644
--- a/config/action.d/firewallcmd-ipset.conf
+++ b/config/action.d/firewallcmd-ipset.conf
@@ -18,7 +18,7 @@ before = firewallcmd-common.conf
 
 [Definition]
 
-actionstart = ipset create <ipmset> hash:ip timeout <default-timeout> <familyopt>
+actionstart = ipset create <ipmset> hash:ip timeout <default-ipsettime> <familyopt>
               firewall-cmd --direct --add-rule <family> filter <chain> 0 <actiontype> -m set --match-set <ipmset> src -j <blocktype>
 
 actionflush = ipset flush <ipmset>
@@ -27,7 +27,7 @@ actionstop = firewall-cmd --direct --remove-rule <family> filter <chain> 0 <acti
              <actionflush>
              ipset destroy <ipmset>
 
-actionban = ipset add <ipmset> <ip> timeout <timeout> -exist
+actionban = ipset add <ipmset> <ip> timeout <ipsettime> -exist
 
 actionunban = ipset del <ipmset> <ip> -exist
 
@@ -40,18 +40,18 @@ actionunban = ipset del <ipmset> <ip> -exist
 #
 chain = INPUT_direct
 
-# Option: default-timeout
+# Option: default-ipsettime
 # Notes:  specifies default timeout in seconds (handled default ipset timeout only)
 # Values:  [ NUM ]  Default: 0 (no timeout, managed by fail2ban by unban)
-default-timeout = 0
+default-ipsettime = 0
 
-# Option: timeout
+# Option: ipsettime
 # Notes:  specifies ticket timeout (handled ipset timeout only)
 # Values:  [ NUM ]  Default: 0 (managed by fail2ban by unban)
-timeout = 0
+ipsettime = 0
 
 # expresion to caclulate timeout from bantime, example:
-# banaction = %(known/banaction)s[timeout='<timeout-bantime>']
+# banaction = %(known/banaction)s[ipsettime='<timeout-bantime>']
 timeout-bantime = $([ "<bantime>" -le 2147483 ] && echo "<bantime>" || echo 0)
 
 # Option: actiontype
diff --git a/config/action.d/iptables-ipset-proto6-allports.conf b/config/action.d/iptables-ipset-proto6-allports.conf
index 4f200db0..addb2b95 100644
--- a/config/action.d/iptables-ipset-proto6-allports.conf
+++ b/config/action.d/iptables-ipset-proto6-allports.conf
@@ -26,7 +26,7 @@ before = iptables-common.conf
 # Notes.:  command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false).
 # Values:  CMD
 #
-actionstart = ipset create <ipmset> hash:ip timeout <default-timeout> <familyopt>
+actionstart = ipset create <ipmset> hash:ip timeout <default-ipsettime> <familyopt>
               <iptables> -I <chain> -m set --match-set <ipmset> src -j <blocktype>
 
 # Option:  actionflush
@@ -49,7 +49,7 @@ actionstop = <iptables> -D <chain> -m set --match-set <ipmset> src -j <blocktype
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionban = ipset add <ipmset> <ip> timeout <timeout> -exist
+actionban = ipset add <ipmset> <ip> timeout <ipsettime> -exist
 
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
@@ -61,18 +61,18 @@ actionunban = ipset del <ipmset> <ip> -exist
 
 [Init]
 
-# Option: default-timeout
+# Option: default-ipsettime
 # Notes:  specifies default timeout in seconds (handled default ipset timeout only)
 # Values:  [ NUM ]  Default: 0 (no timeout, managed by fail2ban by unban)
-default-timeout = 0
+default-ipsettime = 0
 
-# Option: timeout
+# Option: ipsettime
 # Notes:  specifies ticket timeout (handled ipset timeout only)
 # Values:  [ NUM ]  Default: 0 (managed by fail2ban by unban)
-timeout = 0
+ipsettime = 0
 
 # expresion to caclulate timeout from bantime, example:
-# banaction = %(known/banaction)s[timeout='<timeout-bantime>']
+# banaction = %(known/banaction)s[ipsettime='<timeout-bantime>']
 timeout-bantime = $([ "<bantime>" -le 2147483 ] && echo "<bantime>" || echo 0)
 
 ipmset = f2b-<name>
diff --git a/config/action.d/iptables-ipset-proto6.conf b/config/action.d/iptables-ipset-proto6.conf
index 8956ec6a..7677564f 100644
--- a/config/action.d/iptables-ipset-proto6.conf
+++ b/config/action.d/iptables-ipset-proto6.conf
@@ -26,7 +26,7 @@ before = iptables-common.conf
 # Notes.:  command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false).
 # Values:  CMD
 #
-actionstart = ipset create <ipmset> hash:ip timeout <default-timeout> <familyopt>
+actionstart = ipset create <ipmset> hash:ip timeout <default-ipsettime> <familyopt>
               <iptables> -I <chain> -p <protocol> -m multiport --dports <port> -m set --match-set <ipmset> src -j <blocktype>
 
 # Option:  actionflush
@@ -49,7 +49,7 @@ actionstop = <iptables> -D <chain> -p <protocol> -m multiport --dports <port> -m
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionban = ipset add <ipmset> <ip> timeout <timeout> -exist
+actionban = ipset add <ipmset> <ip> timeout <ipsettime> -exist
 
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
@@ -61,18 +61,18 @@ actionunban = ipset del <ipmset> <ip> -exist
 
 [Init]
 
-# Option: default-timeout
+# Option: default-ipsettime
 # Notes:  specifies default timeout in seconds (handled default ipset timeout only)
 # Values:  [ NUM ]  Default: 0 (no timeout, managed by fail2ban by unban)
-default-timeout = 0
+default-ipsettime = 0
 
-# Option: timeout
+# Option: ipsettime
 # Notes:  specifies ticket timeout (handled ipset timeout only)
 # Values:  [ NUM ]  Default: 0 (managed by fail2ban by unban)
-timeout = 0
+ipsettime = 0
 
 # expresion to caclulate timeout from bantime, example:
-# banaction = %(known/banaction)s[timeout='<timeout-bantime>']
+# banaction = %(known/banaction)s[ipsettime='<timeout-bantime>']
 timeout-bantime = $([ "<bantime>" -le 2147483 ] && echo "<bantime>" || echo 0)
 
 ipmset = f2b-<name>
diff --git a/config/action.d/shorewall-ipset-proto6.conf b/config/action.d/shorewall-ipset-proto6.conf
index cbcc5524..75eef218 100644
--- a/config/action.d/shorewall-ipset-proto6.conf
+++ b/config/action.d/shorewall-ipset-proto6.conf
@@ -51,7 +51,7 @@
 # Values:  CMD
 #
 actionstart = if ! ipset -quiet -name list f2b-<name> >/dev/null;
-              then ipset -quiet -exist create f2b-<name> hash:ip timeout <default-timeout>;
+              then ipset -quiet -exist create f2b-<name> hash:ip timeout <default-ipsettime>;
               fi
 
 # Option:  actionstop
@@ -66,7 +66,7 @@ actionstop = ipset flush f2b-<name>
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionban = ipset add f2b-<name> <ip> timeout <timeout> -exist
+actionban = ipset add f2b-<name> <ip> timeout <ipsettime> -exist
 
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
@@ -76,16 +76,16 @@ actionban = ipset add f2b-<name> <ip> timeout <timeout> -exist
 #
 actionunban = ipset del f2b-<name> <ip> -exist
 
-# Option: default-timeout
+# Option: default-ipsettime
 # Notes:  specifies default timeout in seconds (handled default ipset timeout only)
 # Values:  [ NUM ]  Default: 0 (no timeout, managed by fail2ban by unban)
-default-timeout = 0
+default-ipsettime = 0
 
-# Option: timeout
+# Option: ipsettime
 # Notes:  specifies ticket timeout (handled ipset timeout only)
 # Values:  [ NUM ]  Default: 0 (managed by fail2ban by unban)
-timeout = 0
+ipsettime = 0
 
 # expresion to caclulate timeout from bantime, example:
-# banaction = %(known/banaction)s[timeout='<timeout-bantime>']
+# banaction = %(known/banaction)s[ipsettime='<timeout-bantime>']
 timeout-bantime = $([ "<bantime>" -le 2147483 ] && echo "<bantime>" || echo 0)