diff --git a/ChangeLog b/ChangeLog index 20a37d4a..b3c1f4f5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -69,6 +69,10 @@ ver. 0.10.5-dev-1 (20??/??/??) - development edition * `filter.d/sshd.conf`: - captures `Disconnecting ...: Change of username or service not allowed` (gh-2239, gh-2279) - captures `Disconnected from ... [preauth]` (`extra`/`aggressive` mode and preauth phase only, gh-2239, gh-2279) +* `filter.d/mysqld-auth.conf`: + - MYSQL 8.0.13 compatibility (log-error-verbosity = 3), log-format contains few additional words + enclosed in brackets after "[Note]" (gh-2314) +* `files/fail2ban.service.in`: fixed systemd-unit template - missing nftables dependency (gh-2313) ### New Features * new failregex-flag tag `` for failregex, signaled that the access to service was gained diff --git a/config/filter.d/mysqld-auth.conf b/config/filter.d/mysqld-auth.conf index 31bd2056..940298cc 100644 --- a/config/filter.d/mysqld-auth.conf +++ b/config/filter.d/mysqld-auth.conf @@ -17,7 +17,7 @@ before = common.conf _daemon = mysqld -failregex = ^%(__prefix_line)s(?:\d+ |\d{6} \s?\d{1,2}:\d{2}:\d{2} )?\[\w+\] Access denied for user '[^']+'@'' (to database '[^']*'|\(using password: (YES|NO)\))*\s*$ +failregex = ^%(__prefix_line)s(?:\d+ |\d{6} \s?\d{1,2}:\d{2}:\d{2} )?\[\w+\] (?:\[[^\]]+\] )*Access denied for user '[^']+'@'' (to database '[^']*'|\(using password: (YES|NO)\))*\s*$ ignoreregex = diff --git a/fail2ban/server/utils.py b/fail2ban/server/utils.py index 198d5d4c..73a376e0 100644 --- a/fail2ban/server/utils.py +++ b/fail2ban/server/utils.py @@ -111,7 +111,7 @@ class Utils(): if len(cache) >= self.maxCount: if OrderedDict is not dict: # first (older): cache.popitem(False) - else: + else: # pragma: 3.x no cover cache.popitem() cache[k] = (v, t + self.maxTime) diff --git a/fail2ban/tests/files/logs/mysqld-auth b/fail2ban/tests/files/logs/mysqld-auth index ebb8c0c4..3f4c2436 100644 --- a/fail2ban/tests/files/logs/mysqld-auth +++ b/fail2ban/tests/files/logs/mysqld-auth @@ -25,3 +25,6 @@ Sep 16 21:30:32 catinthehat mysqld: 130916 21:30:32 [Warning] Access denied for # failJSON: { "time": "2016-02-24T15:26:18", "match": false , "host": "localhost", "desc": "A hypothetical example of injection having full log line first (for paranoid yoh)" } 2016-02-24T15:26:18.237955 6 [Note] Access denied for user 'root'@'localhost' (using password: YES) condition lead to a hypothetical failure + +# failJSON: { "time": "2019-01-03T09:50:04", "match": true , "host": "192.0.2.1", "desc": "mysql 8.0.13 logging with details, (log-error-verbosity = 3, gh-2314)" } +2019-01-03T08:50:04.634875Z 113 [Note] [MY-010926] [Server] Access denied for user 'root'@'192.0.2.1' (using password: NO) diff --git a/files/fail2ban.service.in b/files/fail2ban.service.in index 24dcb51e..f00a3a23 100644 --- a/files/fail2ban.service.in +++ b/files/fail2ban.service.in @@ -1,8 +1,8 @@ [Unit] Description=Fail2Ban Service Documentation=man:fail2ban(1) -After=network.target iptables.service firewalld.service ip6tables.service ipset.service -PartOf=iptables.service firewalld.service ip6tables.service ipset.service +After=network.target iptables.service firewalld.service ip6tables.service ipset.service nftables.service +PartOf=iptables.service firewalld.service ip6tables.service ipset.service nftables.service [Service] Type=simple