BF: complain action could match too many IP addresses

ChangeLog

@@ -20,6 +20,7 @@ ver. 0.8.12 (2013/12/XX) - things-can-only-get-better
   - smtps not a IANA standard and has been removed from Arch. Replaced with
     465. Thanks Stefan. Closes gh-447
   - mysqld-syslog-iptables rule was too long. Part of gh-447.
+  - complain action - ensure where not matching other IPs in log sample.
 
 - Enhancements:
   - long names on jails documented based on iptables limit of 30 less

config/action.d/complain.conf

@@ -58,7 +58,7 @@ actioncheck =
 actionban = ADDRESSES=`whois <ip> | perl -e 'while (<STDIN>) { next if /^changed|@(ripe|apnic)\.net/io; $m += (/abuse|trouble:|report|spam|security/io?3:0); if (/([a-z0-9_\-\.+]+@[a-z0-9\-]+(\.[[a-z0-9\-]+)+)/io) { while (s/([a-z0-9_\-\.+]+@[a-z0-9\-]+(\.[[a-z0-9\-]+)+)//io) { if ($m) { $a{lc($1)}=$m } else { $b{lc($1)}=$m } } $m=0 } else { $m && --$m } } if (%%a) {print join(",",keys(%%a))} else {print join(",",keys(%%b))}'`
 	    IP=<ip>
             if [ ! -z "$ADDRESSES" ]; then
-                (printf %%b "<message>\n"; date '+Note: Local timezone is %%z (%%Z)'; grep '<ip>' <logpath>) | <mailcmd> "Abuse from <ip>" <mailargs> $ADDRESSES
+                (printf %%b "<message>\n"; date '+Note: Local timezone is %%z (%%Z)'; grep '[^0-9]<ip>[^0-9]' <logpath>) | <mailcmd> "Abuse from <ip>" <mailargs> $ADDRESSES
             fi
 
 # Option:  actionunban