Merge branch '0.10' into 0.11

2019-01-07 01:51:59 +01:00 · 2019-01-07 01:51:59 +01:00 · d88ce7181c
parent 53684af0e3 4108e04ab4
commit d88ce7181c
5 changed files with 11 additions and 4 deletions
--- a/4
+++ b/4
@ -69,6 +69,10 @@ ver. 0.10.5-dev-1 (20??/??/??) - development edition
 * `filter.d/sshd.conf`:
  - captures `Disconnecting ...: Change of username or service not allowed` (gh-2239, gh-2279)
  - captures `Disconnected from ... [preauth]` (`extra`/`aggressive` mode and preauth phase only, gh-2239, gh-2279)
+* `filter.d/mysqld-auth.conf`: 
+  - MYSQL 8.0.13 compatibility (log-error-verbosity = 3), log-format contains few additional words
+    enclosed in brackets after "[Note]" (gh-2314)
+* `files/fail2ban.service.in`: fixed systemd-unit template - missing nftables dependency (gh-2313)

 ### New Features
 * new failregex-flag tag `<F-MLFGAINED>` for failregex, signaled that the access to service was gained
--- a/config/filter.d/mysqld-auth.conf
+++ b/config/filter.d/mysqld-auth.conf
@ -17,7 +17,7 @@ before = common.conf

 _daemon = mysqld

-failregex = ^%(__prefix_line)s(?:\d+ |\d{6} \s?\d{1,2}:\d{2}:\d{2} )?\[\w+\] Access denied for user '[^']+'@'<HOST>' (to database '[^']*'|\(using password: (YES|NO)\))*\s*$
+failregex = ^%(__prefix_line)s(?:\d+ |\d{6} \s?\d{1,2}:\d{2}:\d{2} )?\[\w+\] (?:\[[^\]]+\] )*Access denied for user '[^']+'@'<HOST>' (to database '[^']*'|\(using password: (YES|NO)\))*\s*$

 ignoreregex = 

--- a/fail2ban/server/utils.py
+++ b/fail2ban/server/utils.py
@ -111,7 +111,7 @@ class Utils():
 						if len(cache) >= self.maxCount:
 							if OrderedDict is not dict: # first (older):
 								cache.popitem(False)
-							else:
+							else: # pragma: 3.x no cover
 								cache.popitem()
 			cache[k] = (v, t + self.maxTime)

--- a/fail2ban/tests/files/logs/mysqld-auth
+++ b/fail2ban/tests/files/logs/mysqld-auth
@ -25,3 +25,6 @@ Sep 16 21:30:32 catinthehat mysqld: 130916 21:30:32 [Warning] Access denied for

 # failJSON: { "time": "2016-02-24T15:26:18", "match": false , "host": "localhost", "desc": "A hypothetical example of injection having full log line first (for paranoid yoh)" }
 2016-02-24T15:26:18.237955 6 [Note] Access denied for user 'root'@'localhost' (using password: YES) condition lead to a hypothetical failure
+
+# failJSON: { "time": "2019-01-03T09:50:04", "match": true , "host": "192.0.2.1", "desc": "mysql 8.0.13 logging with details, (log-error-verbosity = 3, gh-2314)" }
+2019-01-03T08:50:04.634875Z 113 [Note] [MY-010926] [Server] Access denied for user 'root'@'192.0.2.1' (using password: NO)
--- a/files/fail2ban.service.in
+++ b/files/fail2ban.service.in
@ -1,8 +1,8 @@
 [Unit]
 Description=Fail2Ban Service
 Documentation=man:fail2ban(1)
-After=network.target iptables.service firewalld.service ip6tables.service ipset.service
-PartOf=iptables.service firewalld.service ip6tables.service ipset.service
+After=network.target iptables.service firewalld.service ip6tables.service ipset.service nftables.service
+PartOf=iptables.service firewalld.service ip6tables.service ipset.service nftables.service

 [Service]
 Type=simple