From d004a2c79b76b7dcfb2092bab3dc53840fddf558 Mon Sep 17 00:00:00 2001 From: sebres Date: Sat, 11 Jan 2020 11:01:00 +0100 Subject: [PATCH] release 0.11.1 -- This is the Way --- ChangeLog | 45 +++++++++++++++++++++------------------- fail2ban/version.py | 2 +- man/fail2ban-client.1 | 4 ++-- man/fail2ban-python.1 | 2 +- man/fail2ban-regex.1 | 12 +++++++++-- man/fail2ban-server.1 | 4 ++-- man/fail2ban-testcases.1 | 2 +- 7 files changed, 41 insertions(+), 30 deletions(-) diff --git a/ChangeLog b/ChangeLog index 2a89d28e..cc0c6608 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,33 +6,36 @@ Fail2Ban: Changelog =================== -Incompatibility list (compared to v.0.9): +ver. 0.11.1 (2020/01/11) - this-is-the-way ----------- -* Filter (or `failregex`) internal capture-groups: +### Compatibility: +* to v.0.10: + - 0.11 is totally compatible to 0.10 (configuration- and API-related stuff), but the database + got some new tables and fields (auto-converted during the first start), so once updated to 0.11, you + have to remove the database /var/lib/fail2ban/fail2ban.sqlite3 (or its different to 0.10 schema) + if you would need to downgrade to 0.10 for some reason. +* to v.0.9: + - Filter (or `failregex`) internal capture-groups: - - If you've your own `failregex` or custom filters using conditional match `(?P=host)`, you should - rewrite the regex like in example below resp. using `(?:(?P=ip4)|(?P=ip6)` instead of `(?P=host)` - (or `(?:(?P=ip4)|(?P=ip6)|(?P=dns))` corresponding your `usedns` and `raw` settings). + * If you've your own `failregex` or custom filters using conditional match `(?P=host)`, you should + rewrite the regex like in example below resp. using `(?:(?P=ip4)|(?P=ip6)` instead of `(?P=host)` + (or `(?:(?P=ip4)|(?P=ip6)|(?P=dns))` corresponding your `usedns` and `raw` settings). - Of course you can always define your own capture-group (like below `_cond_ip_`) to do this. - ``` - testln="1500000000 failure from 192.0.2.1: bad host 192.0.2.1" - fail2ban-regex "$testln" "^\s*failure from (?P<_cond_ip_>): bad host (?P=_cond_ip_)$" - ``` - - New internal groups (currently reserved for internal usage): - `ip4`, `ip6`, `dns`, `fid`, `fport`, additionally `user` and another captures in lower case if - mapping from tag `` used in failregex (e. g. `user` by ``). + Of course you can always define your own capture-group (like below `_cond_ip_`) to do this. + ``` + testln="1500000000 failure from 192.0.2.1: bad host 192.0.2.1" + fail2ban-regex "$testln" "^\s*failure from (?P<_cond_ip_>): bad host (?P=_cond_ip_)$" + ``` + * New internal groups (currently reserved for internal usage): + `ip4`, `ip6`, `dns`, `fid`, `fport`, additionally `user` and another captures in lower case if + mapping from tag `` used in failregex (e. g. `user` by ``). -* v.0.10 uses more precise date template handling, that can be theoretically incompatible to some - user configurations resp. `datepattern`. + - v.0.10 and 0.11 use more precise date template handling, that can be theoretically incompatible to some + user configurations resp. `datepattern`. -* Since v0.10 fail2ban supports the matching of IPv6 addresses, but not all ban actions are - IPv6-capable now. - - -ver. 0.11.0-dev-0 (20??/??/??) - development nightly edition ------------ + - Since v0.10 fail2ban supports the matching of IPv6 addresses, but not all ban actions are + IPv6-capable now. ### Fixes * purge database will be executed now (within observer). diff --git a/fail2ban/version.py b/fail2ban/version.py index 59861c60..e5efbe77 100644 --- a/fail2ban/version.py +++ b/fail2ban/version.py @@ -24,7 +24,7 @@ __author__ = "Cyril Jaquier, Yaroslav Halchenko, Steven Hiscocks, Daniel Black" __copyright__ = "Copyright (c) 2004 Cyril Jaquier, 2005-2016 Yaroslav Halchenko, 2013-2014 Steven Hiscocks, Daniel Black" __license__ = "GPL-v2+" -version = "0.11.0.dev3" +version = "0.11.1" def normVersion(): """ Returns fail2ban version in normalized machine-readable format""" diff --git a/man/fail2ban-client.1 b/man/fail2ban-client.1 index 89a1cb51..745c080a 100644 --- a/man/fail2ban-client.1 +++ b/man/fail2ban-client.1 @@ -1,12 +1,12 @@ .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.4. -.TH FAIL2BAN-CLIENT "1" "January 2019" "fail2ban-client v0.11.0.dev3" "User Commands" +.TH FAIL2BAN-CLIENT "1" "January 2020" "fail2ban-client v0.11.1" "User Commands" .SH NAME fail2ban-client \- configure and control the server .SH SYNOPSIS .B fail2ban-client [\fI\,OPTIONS\/\fR] \fI\,\/\fR .SH DESCRIPTION -Fail2Ban v0.11.0.dev3 reads log file that contains password failure report +Fail2Ban v0.11.1 reads log file that contains password failure report and bans the corresponding IP addresses using firewall rules. .SH OPTIONS .TP diff --git a/man/fail2ban-python.1 b/man/fail2ban-python.1 index f38097c5..2c9746ee 100644 --- a/man/fail2ban-python.1 +++ b/man/fail2ban-python.1 @@ -1,5 +1,5 @@ .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.4. -.TH FAIL2BAN-PYTHON "1" "January 2020" "fail2ban-python 0.10.5" "User Commands" +.TH FAIL2BAN-PYTHON "1" "January 2020" "fail2ban-python 0.11.1" "User Commands" .SH NAME fail2ban-python \- a helper for Fail2Ban to assure that the same Python is used .SH DESCRIPTION diff --git a/man/fail2ban-regex.1 b/man/fail2ban-regex.1 index 7bdc96b7..a703130c 100644 --- a/man/fail2ban-regex.1 +++ b/man/fail2ban-regex.1 @@ -1,5 +1,5 @@ .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.4. -.TH FAIL2BAN-REGEX "1" "October 2018" "fail2ban-regex 0.11.0.dev3" "User Commands" +.TH FAIL2BAN-REGEX "1" "January 2020" "fail2ban-regex 0.11.1" "User Commands" .SH NAME fail2ban-regex \- test Fail2ban "failregex" option .SH SYNOPSIS @@ -87,6 +87,13 @@ Verbose date patterns/regex in output \fB\-D\fR, \fB\-\-debuggex\fR Produce debuggex.com urls for debugging there .TP +\fB\-\-no\-check\-all\fR +Disable check for all regex's +.TP +\fB\-o\fR OUT, \fB\-\-out\fR=\fI\,OUT\/\fR +Set token to print failure information only (row, id, +ip, msg, host, ip4, ip6, dns, matches, ...) +.TP \fB\-\-print\-no\-missed\fR Do not print any missed lines .TP @@ -110,7 +117,7 @@ Either to make the tracebacks full, not compressed (as by default) .SH AUTHOR Written by Cyril Jaquier . -Many contributions by Yaroslav O. Halchenko and Steven Hiscocks. +Many contributions by Yaroslav O. Halchenko, Steven Hiscocks, Sergey G. Brester (sebres). .SH "REPORTING BUGS" Report bugs to https://github.com/fail2ban/fail2ban/issues .SH COPYRIGHT @@ -122,3 +129,4 @@ Licensed under the GNU General Public License v2 (GPL). .br fail2ban-client(1) fail2ban-server(1) +jail.conf(5) diff --git a/man/fail2ban-server.1 b/man/fail2ban-server.1 index cf14b2d2..418b46dd 100644 --- a/man/fail2ban-server.1 +++ b/man/fail2ban-server.1 @@ -1,12 +1,12 @@ .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.4. -.TH FAIL2BAN-SERVER "1" "October 2018" "fail2ban-server v0.11.0.dev3" "User Commands" +.TH FAIL2BAN-SERVER "1" "January 2020" "fail2ban-server v0.11.1" "User Commands" .SH NAME fail2ban-server \- start the server .SH SYNOPSIS .B fail2ban-server [\fI\,OPTIONS\/\fR] .SH DESCRIPTION -Fail2Ban v0.11.0.dev3 reads log file that contains password failure report +Fail2Ban v0.11.1 reads log file that contains password failure report and bans the corresponding IP addresses using firewall rules. .SH OPTIONS .TP diff --git a/man/fail2ban-testcases.1 b/man/fail2ban-testcases.1 index 1ba4a761..6c32cb9e 100644 --- a/man/fail2ban-testcases.1 +++ b/man/fail2ban-testcases.1 @@ -1,5 +1,5 @@ .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.4. -.TH FAIL2BAN-TESTCASES "1" "October 2018" "fail2ban-testcases 0.11.0.dev3" "User Commands" +.TH FAIL2BAN-TESTCASES "1" "January 2020" "fail2ban-testcases 0.11.1" "User Commands" .SH NAME fail2ban-testcases \- run Fail2Ban unit-tests .SH SYNOPSIS