mirror of https://github.com/fail2ban/fail2ban
* Removed obsolete patches left from 0.6
* Adjusted wsftpd patch to use <HOST> tag to be in line with the other filter definitionsdebian-releases/etch debian/0.7.5-1
parent
1755dc2b0a
commit
ae58ed091a
|
@ -4,6 +4,9 @@ fail2ban (0.7.5-1) unstable; urgency=low
|
|||
+ Socket parameter not work with other path (Closes: #400162)
|
||||
+ fail2ban does not start with /etc/init.d/fail2ban start but
|
||||
with fail2ban-client start (Closes: #400278)
|
||||
* Removed obsolete patches left from 0.6
|
||||
* Adjusted wsftpd patch to use <HOST> tag to be in line with the other
|
||||
filter definitions
|
||||
|
||||
-- Yaroslav Halchenko <debian@onerussian.com> Thu, 7 Dec 2006 20:19:09 -0500
|
||||
|
||||
|
|
|
@ -1,128 +0,0 @@
|
|||
#! /bin/sh /usr/share/dpatch/dpatch-run
|
||||
## 00_locale_config.dpatch by <debian@onerussian.com>
|
||||
##
|
||||
## All lines beginning with `## DP:' are a description of the patch.
|
||||
## DP: Set up LC_TIME per configuration option, not by resetting LC_ALL to
|
||||
## DP: default locale as it was done before. So this patch effectively changes
|
||||
## DP: bug into a feature
|
||||
|
||||
@DPATCH@
|
||||
|
||||
diff -x '*~' -Naur fail2ban-0.6.1.pre/config/fail2ban.conf.hostsdeny fail2ban-0.6.1.post/config/fail2ban.conf.hostsdeny
|
||||
--- fail2ban-0.6.1.pre/config/fail2ban.conf.hostsdeny 2006-03-27 12:56:38.000000000 -0500
|
||||
+++ fail2ban-0.6.1.post/config/fail2ban.conf.hostsdeny 2006-07-03 22:20:21.000000000 -0400
|
||||
@@ -11,6 +11,15 @@
|
||||
#
|
||||
background = false
|
||||
|
||||
+# Option: locale
|
||||
+# Notes.: global (cannot be redefined per section) locale to use for
|
||||
+# timestamp pattern matching by changing LC_TIME for
|
||||
+# fail2ban process. Empty entry sets locale to default one
|
||||
+# (usually specified by LC_ALL environment variable).
|
||||
+# Values: LOCALE Default:
|
||||
+#
|
||||
+locale =
|
||||
+
|
||||
# Option: logtargets
|
||||
# Notes.: log targets. Space separated list of logging targets.
|
||||
# Values: STDERR SYSLOG file Default: /var/log/fail2ban.log
|
||||
diff -x '*~' -Naur fail2ban-0.6.1.pre/config/fail2ban.conf.iptables fail2ban-0.6.1.post/config/fail2ban.conf.iptables
|
||||
--- fail2ban-0.6.1.pre/config/fail2ban.conf.iptables 2006-03-27 12:56:38.000000000 -0500
|
||||
+++ fail2ban-0.6.1.post/config/fail2ban.conf.iptables 2006-07-03 22:17:30.000000000 -0400
|
||||
@@ -28,6 +28,15 @@
|
||||
#
|
||||
debug = false
|
||||
|
||||
+# Option: locale
|
||||
+# Notes.: global (cannot be redefined per section) locale to use for
|
||||
+# timestamp pattern matching by changing LC_TIME for
|
||||
+# fail2ban process. Empty entry sets locale to default one
|
||||
+# (usually specified by LC_ALL environment variable).
|
||||
+# Values: LOCALE Default:
|
||||
+#
|
||||
+locale =
|
||||
+
|
||||
# Option: logtargets
|
||||
# Notes.: log targets. Space separated list of logging targets.
|
||||
# Values: STDERR SYSLOG file Default: /var/log/fail2ban.log
|
||||
diff -x '*~' -Naur fail2ban-0.6.1.pre/config/fail2ban.conf.shorewall fail2ban-0.6.1.post/config/fail2ban.conf.shorewall
|
||||
--- fail2ban-0.6.1.pre/config/fail2ban.conf.shorewall 2006-03-27 12:56:38.000000000 -0500
|
||||
+++ fail2ban-0.6.1.post/config/fail2ban.conf.shorewall 2006-07-03 22:20:01.000000000 -0400
|
||||
@@ -11,6 +11,15 @@
|
||||
#
|
||||
background = false
|
||||
|
||||
+# Option: locale
|
||||
+# Notes.: global (cannot be redefined per section) locale to use for
|
||||
+# timestamp pattern matching by changing LC_TIME for
|
||||
+# fail2ban process. Empty entry sets locale to default one
|
||||
+# (usually specified by LC_ALL environment variable).
|
||||
+# Values: LOCALE Default:
|
||||
+#
|
||||
+locale =
|
||||
+
|
||||
# Option: logtargets
|
||||
# Notes.: log targets. Space separated list of logging targets.
|
||||
# Values: STDERR SYSLOG file Default: /var/log/fail2ban.log
|
||||
diff -x '*~' -Naur fail2ban-0.6.1.pre/fail2ban fail2ban-0.6.1.post/fail2ban
|
||||
--- fail2ban-0.6.1.pre/fail2ban 2006-03-19 00:20:44.000000000 -0500
|
||||
+++ fail2ban-0.6.1.post/fail2ban 2006-07-03 22:38:11.000000000 -0400
|
||||
@@ -26,14 +26,7 @@
|
||||
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
|
||||
__license__ = "GPL"
|
||||
|
||||
-import sys, traceback, logging, locale
|
||||
-
|
||||
-# Set the locale with the user's default setting
|
||||
-try:
|
||||
- locale.setlocale(locale.LC_ALL, '')
|
||||
-except Exception:
|
||||
- print "Unable to set locale to " + `locale.getdefaultlocale()`
|
||||
- sys.exit(-1)
|
||||
+import sys, traceback, logging
|
||||
|
||||
# Inserts our own modules path first in the list
|
||||
# fix for bug #343821
|
||||
diff -x '*~' -Naur fail2ban-0.6.1.pre/fail2ban.py fail2ban-0.6.1.post/fail2ban.py
|
||||
--- fail2ban-0.6.1.pre/fail2ban.py 2006-03-19 00:20:44.000000000 -0500
|
||||
+++ fail2ban-0.6.1.post/fail2ban.py 2006-07-03 23:02:03.000000000 -0400
|
||||
@@ -25,7 +25,8 @@
|
||||
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
|
||||
__license__ = "GPL"
|
||||
|
||||
-import time, sys, getopt, os, string, signal, logging, logging.handlers, copy
|
||||
+import time, sys, getopt, os, string, signal, logging, logging.handlers, \
|
||||
+ copy, locale
|
||||
from ConfigParser import *
|
||||
|
||||
from version import version
|
||||
@@ -240,6 +241,7 @@
|
||||
["bool", "debug", False],
|
||||
["int", "verbose", conf["verbose"]],
|
||||
["str", "pidlock", "/var/run/fail2ban.pid"],
|
||||
+ ["str", "locale", ""],
|
||||
["int", "maxfailures", 5],
|
||||
["int", "bantime", 600],
|
||||
["int", "findtime", 600],
|
||||
@@ -262,10 +264,18 @@
|
||||
# have to be overridden
|
||||
for t, label, v in optionValues:
|
||||
confReader.setValue("DEFAULT", label, `conf[label]`)
|
||||
-
|
||||
+
|
||||
# PID lock
|
||||
pidLock.setPath(conf["pidlock"])
|
||||
-
|
||||
+
|
||||
+ # Set the LC_TIME with the user's default setting
|
||||
+ try:
|
||||
+ logSys.info("Setting LC_TIME locale option to '%s'"%conf["locale"])
|
||||
+ locale.setlocale(locale.LC_TIME, conf["locale"])
|
||||
+ except Exception:
|
||||
+ logSys.error("Unable to set locale to '%s'"%conf["locale"])
|
||||
+ sys.exit(-1)
|
||||
+
|
||||
# Now we can kill properly a running instance if needed
|
||||
if conf["kill"]:
|
||||
pid = pidLock.exists()
|
|
@ -1,95 +0,0 @@
|
|||
#! /bin/sh /usr/share/dpatch/dpatch-run
|
||||
## 00_verbosity.dpatch by <debian@onerussian.com>
|
||||
##
|
||||
## All lines beginning with `## DP:' are a description of the patch.
|
||||
## DP: Verbosity can be set either from command line or from config file.
|
||||
## DP: Logically the maximal verbosity from two of them should be chosen since
|
||||
## DP: verbosity from cmdline can't simple increase config file verbosity
|
||||
## DP: because config line might not be even read yet
|
||||
|
||||
@DPATCH@
|
||||
|
||||
diff -x '*~' -Naur fail2ban-0.6.1.pre/fail2ban.py fail2ban-0.6.1.post/fail2ban.py
|
||||
--- fail2ban-0.6.1.pre/fail2ban.py 2006-03-19 00:20:44.000000000 -0500
|
||||
+++ fail2ban-0.6.1.post/fail2ban.py 2006-07-03 23:39:20.000000000 -0400
|
||||
@@ -161,9 +161,11 @@
|
||||
"""
|
||||
# enabledsections can be defined just from the command line
|
||||
conf["enabledsections"] = []
|
||||
+ # by default we are silent
|
||||
+ cmdLineVerbose = 0
|
||||
for opt in optList:
|
||||
if opt[0] == "-v":
|
||||
- conf["verbose"] = conf["verbose"] + 1
|
||||
+ cmdLineVerbose += 1
|
||||
if opt[0] == "-b":
|
||||
conf["background"] = True
|
||||
if opt[0] == "-d":
|
||||
@@ -192,6 +194,30 @@
|
||||
conf["enabledsections"] = map(lambda x: x.upper(),
|
||||
re.split("[:, \t\n]", opt[1]))
|
||||
|
||||
+ # Let's choose the maximal verbosity from cmdLine and config
|
||||
+ # files: it would better describe the intent of the user
|
||||
+ conf["verbose"] = max(cmdLineVerbose, conf["verbose"])
|
||||
+
|
||||
+
|
||||
+presetVerbosityLevel = 0
|
||||
+def setVerbosityLevel(level):
|
||||
+ """ Sets verbosity level if previousely set one is different
|
||||
+ """
|
||||
+ global presetVerbosityLevel
|
||||
+ # Verbose level
|
||||
+ if level != presetVerbosityLevel and level:
|
||||
+ logSys.warn("Verbose level is %d"%level)
|
||||
+ if level == 1:
|
||||
+ logSys.setLevel(logging.INFO)
|
||||
+ elif level > 1:
|
||||
+ logSys.setLevel(logging.DEBUG)
|
||||
+ if conf["verbose"] > 2:
|
||||
+ formatterstring = ('%(levelname)s: [%(filename)s (%(lineno)d)] ' +
|
||||
+ '%(message)s')
|
||||
+ formatter = logging.Formatter("%(asctime)s " + formatterstring)
|
||||
+ stdout.setFormatter(formatter)
|
||||
+ presetVerbosityLevel = level
|
||||
+
|
||||
def main():
|
||||
""" Fail2Ban main function
|
||||
"""
|
||||
@@ -220,12 +246,16 @@
|
||||
|
||||
# Pre-parsing of command line options for the -c option
|
||||
for opt in optList:
|
||||
+ if opt[0] == "-v":
|
||||
+ conf["verbose"] = conf["verbose"] + 1
|
||||
if opt[0] == "-c":
|
||||
conf["conffile"] = opt[1]
|
||||
if opt[0] in ["-h", "--help"]:
|
||||
dispUsage()
|
||||
if opt[0] in ["-V", "--version"]:
|
||||
dispVersion()
|
||||
+
|
||||
+ setVerbosityLevel(conf['verbose'])
|
||||
|
||||
# Reads the config file and create a LogReader instance for
|
||||
# each log file to check.
|
||||
@@ -337,18 +367,7 @@
|
||||
hdlr.setFormatter(tformatter)
|
||||
logSys.addHandler(hdlr)
|
||||
|
||||
- # Verbose level
|
||||
- if conf["verbose"]:
|
||||
- logSys.warn("Verbose level is "+`conf["verbose"]`)
|
||||
- if conf["verbose"] == 1:
|
||||
- logSys.setLevel(logging.INFO)
|
||||
- elif conf["verbose"] > 1:
|
||||
- logSys.setLevel(logging.DEBUG)
|
||||
- if conf["verbose"] > 2:
|
||||
- formatterstring = ('%(levelname)s: [%(filename)s (%(lineno)d)] ' +
|
||||
- '%(message)s')
|
||||
- formatter = logging.Formatter("%(asctime)s " + formatterstring)
|
||||
- stdout.setFormatter(formatter)
|
||||
+ setVerbosityLevel(conf['verbose'])
|
||||
|
||||
# Debug mode. Should only be used by developers
|
||||
if conf["debug"]:
|
|
@ -22,4 +22,4 @@ diff -urNad fail2ban-0.7.3~/config/filter.d/wuftpd.conf fail2ban-0.7.3/config/fi
|
|||
+# Notes.: regex to match the password failures messages in the logfile.
|
||||
+# Values: TEXT
|
||||
+#
|
||||
+failregex = wu-ftpd\[\d+\]:\s+\(pam_unix\)\s+authentication failure.* rhost=(?P<host>\S*)
|
||||
+failregex = wu-ftpd\[\d+\]:\s+\(pam_unix\)\s+authentication failure.* rhost=<HOST>
|
||||
|
|
Loading…
Reference in New Issue