github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

implements new interpolation variable `%(fail2ban_confpath)s` (automatically substituted from config-reader path, default `/etc/fail2ban` or `/usr/local/etc/fail2ban` depending on distribution); `ignorecommands_dir` is unneeded anymore, thus removed from `paths-common.conf`; 

fixes gh-3005
pull/3216/head
sebres 2022-02-09 17:10:19 +01:00
parent 13520a0494
commit a2431158f6
3 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config/jail.conf
View File

@ -346,7 +346,7 @@ maxretry = 2
port = http,https port = http,https
logpath = %(apache_access_log)s logpath = %(apache_access_log)s
maxretry = 1 maxretry = 1
ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip> ignorecommand = %(fail2ban_confpath)s/filter.d/ignorecommands/apache-fakegooglebot <ip>
[apache-modsecurity] [apache-modsecurity]

3
config/paths-common.conf
View File

@ -91,6 +91,3 @@ mysql_log = %(syslog_daemon)s
mysql_backend = %(default_backend)s mysql_backend = %(default_backend)s
roundcube_errors_log = /var/log/roundcube/errors roundcube_errors_log = /var/log/roundcube/errors
# Directory with ignorecommand scripts
ignorecommands_dir = /etc/fail2ban/filter.d/ignorecommands

11
fail2ban/client/jailreader.py
View File

@ -121,9 +121,12 @@ class JailReader(ConfigReader):
def getOptions(self): def getOptions(self):
basedir = self.getBaseDir()
# Before interpolation (substitution) add static options always available as default: # Before interpolation (substitution) add static options always available as default:
self.merge_defaults({ self.merge_defaults({
"fail2ban_version": version "fail2ban_version": version,
"fail2ban_confpath": basedir
}) })
try: try:
@ -146,7 +149,7 @@ class JailReader(ConfigReader):
raise JailDefError("Invalid filter definition %r: %s" % (flt, e)) raise JailDefError("Invalid filter definition %r: %s" % (flt, e))
self.__filter = FilterReader( self.__filter = FilterReader(
filterName, self.__name, filterOpt, filterName, self.__name, filterOpt,
share_config=self.share_config, basedir=self.getBaseDir()) share_config=self.share_config, basedir=basedir)
ret = self.__filter.read() ret = self.__filter.read()
if not ret: if not ret:
raise JailDefError("Unable to read the filter %r" % filterName) raise JailDefError("Unable to read the filter %r" % filterName)
@ -186,13 +189,13 @@ class JailReader(ConfigReader):
"addaction", "addaction",
actOpt.pop("actname", os.path.splitext(actName)[0]), actOpt.pop("actname", os.path.splitext(actName)[0]),
os.path.join( os.path.join(
self.getBaseDir(), "action.d", actName), basedir, "action.d", actName),
json.dumps(actOpt), json.dumps(actOpt),
]) ])
else: else:
action = ActionReader( action = ActionReader(
actName, self.__name, actOpt, actName, self.__name, actOpt,
share_config=self.share_config, basedir=self.getBaseDir()) share_config=self.share_config, basedir=basedir)
ret = action.read() ret = action.read()
if ret: if ret:
action.getOptions(self.__opts) action.getOptions(self.__opts)