diff --git a/ChangeLog b/ChangeLog index de3de7f1..6f83bdea 100644 --- a/ChangeLog +++ b/ChangeLog @@ -133,6 +133,12 @@ ver. 0.9.2 (2015/04/29) - better-quick-now-than-later * Absorbed DNSUtils.cidr into addr2bin in filter.py, added unittests * Added syslogsocket configuration to fail2ban.conf * Note in the jail.conf for the recidive jail to increase dbpurgeage (gh-964) + * Character detection heuristics for whois output via optional setting in mail-whois*.conf. Thanks Thomas Mayer + When set by user, + - detects character set of whois output (which is undefined by RFC 3912) via heuristics of the file command + - converts whois data to UTF-8 character set with iconv + - sends the whois output in UTF-8 character set to mail program + - avoids that heirloom mailx creates binary attachment for input with unknown character set ver. 0.9.1 (2014/10/29) - better, faster, stronger diff --git a/THANKS b/THANKS index 5ae86a3c..7bf723c5 100644 --- a/THANKS +++ b/THANKS @@ -109,6 +109,7 @@ Stefan Tatschner Stephen Gildea Steven Hiscocks TESTOVIK +Thomas Mayer Tom Pike Tomas Pihl Tony Lawrence diff --git a/config/action.d/mail-whois-common.conf b/config/action.d/mail-whois-common.conf new file mode 100644 index 00000000..b0d27afc --- /dev/null +++ b/config/action.d/mail-whois-common.conf @@ -0,0 +1,28 @@ +# Fail2Ban configuration file +# +# Common settings for mail actions +# +# Users can override the defaults in mail-whois-common.local + +[INCLUDES] + +# Load customizations if any available +after = mail-whois-common.local + +[DEFAULT] +#original character set of whois output will be sent to mail program +_whois = whois || echo "missing whois program" + +# use heuristics to convert charset of whois output to a target +# character set before sending it to a mail program +# make sure you have 'file' and 'iconv' commands installed when opting for that +_whois_target_charset = UTF-8 +_whois_convert_charset = whois | + { WHOIS_OUTPUT=$(cat) ; WHOIS_CHARSET=$(printf %%b "$WHOIS_OUTPUT" | file -b --mime-encoding -) ; printf %%b "$WHOIS_OUTPUT" | iconv -f $WHOIS_CHARSET -t %(_whois_target_charset)s//TRANSLIT - ; } + +# choose between _whois and _whois_convert_charset in mail-whois-common.local +# or other *.local which include mail-whois-common.conf. +_whois_command = %(_whois)s +#_whois_command = %(_whois_convert_charset)s + +[Init] diff --git a/config/action.d/mail-whois-lines.conf b/config/action.d/mail-whois-lines.conf index 5f760ac8..35abeea1 100644 --- a/config/action.d/mail-whois-lines.conf +++ b/config/action.d/mail-whois-lines.conf @@ -4,6 +4,10 @@ # Modified-By: Yaroslav Halchenko to include grepping on IP over log files # +[INCLUDES] + +before = mail-whois-common.conf + [Definition] # Option: actionstart @@ -40,7 +44,7 @@ actionban = printf %%b "Hi,\n The IP has just been banned by Fail2Ban after attempts against .\n\n Here is more information about :\n - `whois || echo missing whois program`\n\n + `%(_whois_command)s`\n\n Lines containing IP: in \n `grep -E '(^|[^0-9])([^0-9]|$)' `\n\n Regards,\n diff --git a/config/action.d/mail-whois.conf b/config/action.d/mail-whois.conf index e4c8450e..fe81f499 100644 --- a/config/action.d/mail-whois.conf +++ b/config/action.d/mail-whois.conf @@ -4,6 +4,10 @@ # # +[INCLUDES] + +before = mail-whois-common.conf + [Definition] # Option: actionstart @@ -40,7 +44,7 @@ actionban = printf %%b "Hi,\n The IP has just been banned by Fail2Ban after attempts against .\n\n Here is more information about :\n - `whois || echo missing whois program`\n + `%(_whois_command)s`\n Regards,\n Fail2Ban"|mail -s "[Fail2Ban] : banned from `uname -n`"