github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

* Removed obsolete patches left from 0.6 

* Adjusted wsftpd patch to use <HOST> tag to be in line with the other
  filter definitions
debian-releases/etch debian/0.7.5-1
Yaroslav Halchenko 2006-12-08 02:28:07 +00:00
parent 1755dc2b0a
commit ae58ed091a
4 changed files with 4 additions and 224 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
debian/changelog vendored
View File

@ -4,6 +4,9 @@ fail2ban (0.7.5-1) unstable; urgency=low
+ Socket parameter not work with other path (Closes: #400162) + Socket parameter not work with other path (Closes: #400162)
+ fail2ban does not start with /etc/init.d/fail2ban start but + fail2ban does not start with /etc/init.d/fail2ban start but
with fail2ban-client start (Closes: #400278) with fail2ban-client start (Closes: #400278)
* Removed obsolete patches left from 0.6
* Adjusted wsftpd patch to use <HOST> tag to be in line with the other
filter definitions
-- Yaroslav Halchenko <debian@onerussian.com> Thu, 7 Dec 2006 20:19:09 -0500 -- Yaroslav Halchenko <debian@onerussian.com> Thu, 7 Dec 2006 20:19:09 -0500

128
debian/patches/00_locale_config vendored
View File

@ -1,128 +0,0 @@
#! /bin/sh /usr/share/dpatch/dpatch-run
## 00_locale_config.dpatch by <debian@onerussian.com>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Set up LC_TIME per configuration option, not by resetting LC_ALL to
## DP: default locale as it was done before. So this patch effectively changes
## DP: bug into a feature
@DPATCH@
diff -x '*~' -Naur fail2ban-0.6.1.pre/config/fail2ban.conf.hostsdeny fail2ban-0.6.1.post/config/fail2ban.conf.hostsdeny
--- fail2ban-0.6.1.pre/config/fail2ban.conf.hostsdeny 2006-03-27 12:56:38.000000000 -0500
+++ fail2ban-0.6.1.post/config/fail2ban.conf.hostsdeny 2006-07-03 22:20:21.000000000 -0400
@@ -11,6 +11,15 @@
#
background = false
+# Option: locale
+# Notes.: global (cannot be redefined per section) locale to use for
+# timestamp pattern matching by changing LC_TIME for
+# fail2ban process. Empty entry sets locale to default one
+# (usually specified by LC_ALL environment variable).
+# Values: LOCALE Default:
+#
+locale =
+
# Option: logtargets
# Notes.: log targets. Space separated list of logging targets.
# Values: STDERR SYSLOG file Default: /var/log/fail2ban.log
diff -x '*~' -Naur fail2ban-0.6.1.pre/config/fail2ban.conf.iptables fail2ban-0.6.1.post/config/fail2ban.conf.iptables
--- fail2ban-0.6.1.pre/config/fail2ban.conf.iptables 2006-03-27 12:56:38.000000000 -0500
+++ fail2ban-0.6.1.post/config/fail2ban.conf.iptables 2006-07-03 22:17:30.000000000 -0400
@@ -28,6 +28,15 @@
#
debug = false
+# Option: locale
+# Notes.: global (cannot be redefined per section) locale to use for
+# timestamp pattern matching by changing LC_TIME for
+# fail2ban process. Empty entry sets locale to default one
+# (usually specified by LC_ALL environment variable).
+# Values: LOCALE Default:
+#
+locale =
+
# Option: logtargets
# Notes.: log targets. Space separated list of logging targets.
# Values: STDERR SYSLOG file Default: /var/log/fail2ban.log
diff -x '*~' -Naur fail2ban-0.6.1.pre/config/fail2ban.conf.shorewall fail2ban-0.6.1.post/config/fail2ban.conf.shorewall
--- fail2ban-0.6.1.pre/config/fail2ban.conf.shorewall 2006-03-27 12:56:38.000000000 -0500
+++ fail2ban-0.6.1.post/config/fail2ban.conf.shorewall 2006-07-03 22:20:01.000000000 -0400
@@ -11,6 +11,15 @@
#
background = false
+# Option: locale
+# Notes.: global (cannot be redefined per section) locale to use for
+# timestamp pattern matching by changing LC_TIME for
+# fail2ban process. Empty entry sets locale to default one
+# (usually specified by LC_ALL environment variable).
+# Values: LOCALE Default:
+#
+locale =
+
# Option: logtargets
# Notes.: log targets. Space separated list of logging targets.
# Values: STDERR SYSLOG file Default: /var/log/fail2ban.log
diff -x '*~' -Naur fail2ban-0.6.1.pre/fail2ban fail2ban-0.6.1.post/fail2ban
--- fail2ban-0.6.1.pre/fail2ban 2006-03-19 00:20:44.000000000 -0500
+++ fail2ban-0.6.1.post/fail2ban 2006-07-03 22:38:11.000000000 -0400
@@ -26,14 +26,7 @@
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL"
-import sys, traceback, logging, locale
-
-# Set the locale with the user's default setting
-try:
- locale.setlocale(locale.LC_ALL, '')
-except Exception:
- print "Unable to set locale to " + `locale.getdefaultlocale()`
- sys.exit(-1)
+import sys, traceback, logging
# Inserts our own modules path first in the list
# fix for bug #343821
diff -x '*~' -Naur fail2ban-0.6.1.pre/fail2ban.py fail2ban-0.6.1.post/fail2ban.py
--- fail2ban-0.6.1.pre/fail2ban.py 2006-03-19 00:20:44.000000000 -0500
+++ fail2ban-0.6.1.post/fail2ban.py 2006-07-03 23:02:03.000000000 -0400
@@ -25,7 +25,8 @@
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL"
-import time, sys, getopt, os, string, signal, logging, logging.handlers, copy
+import time, sys, getopt, os, string, signal, logging, logging.handlers, \
+ copy, locale
from ConfigParser import *
from version import version
@@ -240,6 +241,7 @@
["bool", "debug", False],
["int", "verbose", conf["verbose"]],
["str", "pidlock", "/var/run/fail2ban.pid"],
+ ["str", "locale", ""],
["int", "maxfailures", 5],
["int", "bantime", 600],
["int", "findtime", 600],
@@ -262,10 +264,18 @@
# have to be overridden
for t, label, v in optionValues:
confReader.setValue("DEFAULT", label, `conf[label]`)
-
+
# PID lock
pidLock.setPath(conf["pidlock"])
-
+
+ # Set the LC_TIME with the user's default setting
+ try:
+ logSys.info("Setting LC_TIME locale option to '%s'"%conf["locale"])
+ locale.setlocale(locale.LC_TIME, conf["locale"])
+ except Exception:
+ logSys.error("Unable to set locale to '%s'"%conf["locale"])
+ sys.exit(-1)
+
# Now we can kill properly a running instance if needed
if conf["kill"]:
pid = pidLock.exists()

95
debian/patches/00_verbosity.dpatch vendored
View File

@ -1,95 +0,0 @@
#! /bin/sh /usr/share/dpatch/dpatch-run
## 00_verbosity.dpatch by <debian@onerussian.com>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Verbosity can be set either from command line or from config file.
## DP: Logically the maximal verbosity from two of them should be chosen since
## DP: verbosity from cmdline can't simple increase config file verbosity
## DP: because config line might not be even read yet
@DPATCH@
diff -x '*~' -Naur fail2ban-0.6.1.pre/fail2ban.py fail2ban-0.6.1.post/fail2ban.py
--- fail2ban-0.6.1.pre/fail2ban.py 2006-03-19 00:20:44.000000000 -0500
+++ fail2ban-0.6.1.post/fail2ban.py 2006-07-03 23:39:20.000000000 -0400
@@ -161,9 +161,11 @@
"""
# enabledsections can be defined just from the command line
conf["enabledsections"] = []
+ # by default we are silent
+ cmdLineVerbose = 0
for opt in optList:
if opt[0] == "-v":
- conf["verbose"] = conf["verbose"] + 1
+ cmdLineVerbose += 1
if opt[0] == "-b":
conf["background"] = True
if opt[0] == "-d":
@@ -192,6 +194,30 @@
conf["enabledsections"] = map(lambda x: x.upper(),
re.split("[:, \t\n]", opt[1]))
+ # Let's choose the maximal verbosity from cmdLine and config
+ # files: it would better describe the intent of the user
+ conf["verbose"] = max(cmdLineVerbose, conf["verbose"])
+
+
+presetVerbosityLevel = 0
+def setVerbosityLevel(level):
+ """ Sets verbosity level if previousely set one is different
+ """
+ global presetVerbosityLevel
+ # Verbose level
+ if level != presetVerbosityLevel and level:
+ logSys.warn("Verbose level is %d"%level)
+ if level == 1:
+ logSys.setLevel(logging.INFO)
+ elif level > 1:
+ logSys.setLevel(logging.DEBUG)
+ if conf["verbose"] > 2:
+ formatterstring = ('%(levelname)s: [%(filename)s (%(lineno)d)] ' +
+ '%(message)s')
+ formatter = logging.Formatter("%(asctime)s " + formatterstring)
+ stdout.setFormatter(formatter)
+ presetVerbosityLevel = level
+
def main():
""" Fail2Ban main function
"""
@@ -220,12 +246,16 @@
# Pre-parsing of command line options for the -c option
for opt in optList:
+ if opt[0] == "-v":
+ conf["verbose"] = conf["verbose"] + 1
if opt[0] == "-c":
conf["conffile"] = opt[1]
if opt[0] in ["-h", "--help"]:
dispUsage()
if opt[0] in ["-V", "--version"]:
dispVersion()
+
+ setVerbosityLevel(conf['verbose'])
# Reads the config file and create a LogReader instance for
# each log file to check.
@@ -337,18 +367,7 @@
hdlr.setFormatter(tformatter)
logSys.addHandler(hdlr)
- # Verbose level
- if conf["verbose"]:
- logSys.warn("Verbose level is "+`conf["verbose"]`)
- if conf["verbose"] == 1:
- logSys.setLevel(logging.INFO)
- elif conf["verbose"] > 1:
- logSys.setLevel(logging.DEBUG)
- if conf["verbose"] > 2:
- formatterstring = ('%(levelname)s: [%(filename)s (%(lineno)d)] ' +
- '%(message)s')
- formatter = logging.Formatter("%(asctime)s " + formatterstring)
- stdout.setFormatter(formatter)
+ setVerbosityLevel(conf['verbose'])
# Debug mode. Should only be used by developers
if conf["debug"]:

2
debian/patches/10_wuftpd_section.dpatch vendored
View File

@ -22,4 +22,4 @@ diff -urNad fail2ban-0.7.3~/config/filter.d/wuftpd.conf fail2ban-0.7.3/config/fi
+# Notes.: regex to match the password failures messages in the logfile. +# Notes.: regex to match the password failures messages in the logfile.
+# Values: TEXT +# Values: TEXT
+# +#
+failregex = wu-ftpd\[\d+\]:\s+\(pam_unix\)\s+authentication failure.* rhost=(?P<host>\S*) +failregex = wu-ftpd\[\d+\]:\s+\(pam_unix\)\s+authentication failure.* rhost=<HOST>