* New upstream release (included most of the debian-provided patches -- new

filters and actions) * Refreshed and made verbatim homepage in description
2007-02-09 03:22:15 +00:00 · 2007-02-09 03:22:15 +00:00 · ee3f91176c
parent a4c15ea883
commit ee3f91176c
10 changed files with 52 additions and 351 deletions
--- a/debian/changelog
+++ b/debian/changelog
@ -1,9 +1,10 @@
-fail2ban (0.7.6-4) UNRELEASED; urgency=low
+fail2ban (0.7.7-1) unstable; urgency=low

-  * NOT RELEASED YET
-  * Made homepage in description verbatim
+  * New upstream release (included most of the debian-provided patches -- new
+    filters and actions)
+  * Refreshed and made verbatim homepage in description

- -- Yaroslav Halchenko <debian@onerussian.com>  Wed,  7 Feb 2007 10:24:56 -0500
+ -- Yaroslav Halchenko <debian@onerussian.com>  Thu,  8 Feb 2007 22:20:49 -0500

 fail2ban (0.7.6-3) unstable; urgency=low

--- a/debian/control
+++ b/debian/control
@ -25,5 +25,5 @@ Description: bans IPs that cause multiple authentication errors
 fail2ban can be adopted to be used with a variety of files and
 firewalls.
 .
-  Homepage: http://www.sourceforge.net/projects/fail2ban
+  Homepage: http://www.fail2ban.org

--- a/debian/patches/00_iptables-mports.dpatch
+++ b/debian/patches/00_iptables-mports.dpatch
@ -1,80 +0,0 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 00_iptables_mports.dpatch by Yaroslav Halchenko <debian@onerussian.com>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: No description.
-
-@DPATCH@
-diff -urNad fail2ban-0.7.6~/config/action.d/iptables-multiport.conf fail2ban-0.7.6/config/action.d/iptables-multiport.conf
--- fail2ban-0.7.6~/config/action.d/iptables-multiport.conf	1969-12-31 19:00:00.000000000 -0500
-+++ fail2ban-0.7.6/config/action.d/iptables-multiport.conf	2007-01-19 10:40:54.000000000 -0500
-@@ -0,0 +1,69 @@
-+# Fail2Ban configuration file
-+#
-+# Author: Cyril Jaquier
-+# Modified by Yaroslav Halchenko for multiport banning
-+# $Revision: 520 $
-+#
-+
-+[Definition]
-+
-+# Option:  actionstart
-+# Notes.:  command executed once at the start of Fail2Ban.
-+# Values:  CMD
-+#
-+actionstart = iptables -N fail2ban-<name>
-+              iptables -A fail2ban-<name> -j RETURN
-+              iptables -I INPUT -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
-+
-+# Option:  actionend
-+# Notes.:  command executed once at the end of Fail2Ban
-+# Values:  CMD
-+#
-+actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
-+             iptables -F fail2ban-<name>
-+             iptables -X fail2ban-<name>
-+
-+# Option:  actioncheck
-+# Notes.:  command executed once before each actionban command
-+# Values:  CMD
-+#
-+actioncheck = iptables -n -L INPUT | grep -q fail2ban-<name>
-+
-+# Option:  actionban
-+# Notes.:  command executed when banning an IP. Take care that the
-+#          command is executed with Fail2Ban user rights.
-+# Tags:    <ip>  IP address
-+#          <failures>  number of failures
-+#          <time>  unix timestamp of the ban time
-+# Values:  CMD
-+#
-+actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
-+
-+# Option:  actionunban
-+# Notes.:  command executed when unbanning an IP. Take care that the
-+#          command is executed with Fail2Ban user rights.
-+# Tags:    <ip>  IP address
-+#          <failures>  number of failures
-+#          <time>  unix timestamp of the ban time
-+# Values:  CMD
-+#
-+actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
-+
-+[Init]
-+
-+# Defaut name of the chain
-+#
-+name = default
-+
-+# Option:  port
-+# Notes.:  specifies port to monitor
-+# Values:  [ NUM | STRING ]  Default:
-+#
-+port = ssh
-+
-+# Option:  protocol
-+# Notes.:  internally used by config reader for interpolations.
-+# Values:  [ tcp | udp | icmp | all ] Default: tcp
-+#
-+protocol = tcp
-+
--- a/debian/patches/00_iptables_NEW.dpatch
+++ b/debian/patches/00_iptables_NEW.dpatch
@ -1,82 +0,0 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 00_iptables_NEW.dpatch by Yaroslav Halchenko <debian@onerussian.com>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: No description.
-
-@DPATCH@
-diff -urNad fail2ban-0.7.6~/config/action.d/iptables-new.conf fail2ban-0.7.6/config/action.d/iptables-new.conf
--- fail2ban-0.7.6~/config/action.d/iptables-new.conf	1969-12-31 19:00:00.000000000 -0500
-+++ fail2ban-0.7.6/config/action.d/iptables-new.conf	2007-01-19 10:40:28.000000000 -0500
-@@ -0,0 +1,71 @@
-+# Fail2Ban configuration file
-+#
-+# Author: Cyril Jaquier
-+# Copied from iptables.conf and modified by Yaroslav Halchenko 
-+#  to fullfill the needs of bugreporter dbts#350746.
-+#
-+# $Revision: 520 $
-+#
-+
-+[Definition]
-+
-+# Option:  actionstart
-+# Notes.:  command executed once at the start of Fail2Ban.
-+# Values:  CMD
-+#
-+actionstart = iptables -N fail2ban-<name>
-+              iptables -A fail2ban-<name> -j RETURN
-+              iptables -I INPUT -m state --state NEW -p <protocol> --dport <port> -j fail2ban-<name>
-+
-+# Option:  actionend
-+# Notes.:  command executed once at the end of Fail2Ban
-+# Values:  CMD
-+#
-+actionstop = iptables -D INPUT -m state --state NEW -p <protocol> --dport <port> -j fail2ban-<name>
-+             iptables -F fail2ban-<name>
-+             iptables -X fail2ban-<name>
-+
-+# Option:  actioncheck
-+# Notes.:  command executed once before each actionban command
-+# Values:  CMD
-+#
-+actioncheck = iptables -n -L INPUT | grep -q fail2ban-<name>
-+
-+# Option:  actionban
-+# Notes.:  command executed when banning an IP. Take care that the
-+#          command is executed with Fail2Ban user rights.
-+# Tags:    <ip>  IP address
-+#          <failures>  number of failures
-+#          <time>  unix timestamp of the ban time
-+# Values:  CMD
-+#
-+actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
-+
-+# Option:  actionunban
-+# Notes.:  command executed when unbanning an IP. Take care that the
-+#          command is executed with Fail2Ban user rights.
-+# Tags:    <ip>  IP address
-+#          <failures>  number of failures
-+#          <time>  unix timestamp of the ban time
-+# Values:  CMD
-+#
-+actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
-+
-+[Init]
-+
-+# Defaut name of the chain
-+#
-+name = default
-+
-+# Option:  port
-+# Notes.:  specifies port to monitor
-+# Values:  [ NUM | STRING ]  Default:
-+#
-+port = ssh
-+
-+# Option:  protocol
-+# Notes.:  internally used by config reader for interpolations.
-+# Values:  [ tcp | udp | icmp | all ] Default: tcp
-+#
-+protocol = tcp
-+
--- a/debian/patches/00_mail-whois-lines.dpatch
+++ b/debian/patches/00_mail-whois-lines.dpatch
@ -6,82 +6,56 @@
 ## DP: abuser IP over the log files

@DPATCH@
-diff -urNad fail2ban-0.7.5~/config/action.d/mail-whois-lines.conf fail2ban-0.7.5/config/action.d/mail-whois-lines.conf
--- fail2ban-0.7.5~/config/action.d/mail-whois-lines.conf	1969-12-31 19:00:00.000000000 -0500
-+++ fail2ban-0.7.5/config/action.d/mail-whois-lines.conf	2006-12-10 18:27:46.000000000 -0500
-@@ -0,0 +1,75 @@
-+# Fail2Ban configuration file
-+#
-+# Author: Cyril Jaquier
-+# Modified-By: Yaroslav Halchenko to include grepping on IP over log files
+diff -urNad fail2ban-0.7.7~/config/action.d/mail-whois-lines.conf fail2ban-0.7.7/config/action.d/mail-whois-lines.conf
+--- fail2ban-0.7.7~/config/action.d/mail-whois-lines.conf	2007-01-08 16:40:40.000000000 -0500
+++ fail2ban-0.7.7/config/action.d/mail-whois-lines.conf	2007-02-08 22:07:12.000000000 -0500
+@@ -2,12 +2,12 @@
+ #
+ # Author: Cyril Jaquier
+ # Modified-By: Yaroslav Halchenko to include grepping on IP over log files
+-# $Revision: 520 $
 +# $Revision: 254 $
-+#
-+
-+[Definition]
-+
+ #
+ 
+ [Definition]
+ 
+-# Option:  fwstart
 +# Option:  actionstart
-+# Notes.:  command executed once at the start of Fail2Ban.
-+# Values:  CMD
-+#
-+actionstart = echo -en "Hi,\n
-+              The jail <name> has been started successfuly.\n
-+              Regards,\n
-+              Fail2Ban"|mail -s "[Fail2Ban] <name>: started" <dest>
-+
+ # Notes.:  command executed once at the start of Fail2Ban.
+ # Values:  CMD
+ #
+@@ -16,7 +16,7 @@
+               Regards,\n
+               Fail2Ban"|mail -s "[Fail2Ban] <name>: started" <dest>
+ 
+-# Option:  fwend
 +# Option:  actionstop
-+# Notes.:  command executed once at the end of Fail2Ban
-+# Values:  CMD
-+#
-+actionstop = echo -en "Hi,\n
-+             The jail <name> has been stopped.\n
-+             Regards,\n
-+             Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped" <dest>
-+
+ # Notes.:  command executed once at the end of Fail2Ban
+ # Values:  CMD
+ #
+@@ -25,13 +25,13 @@
+              Regards,\n
+              Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped" <dest>
+ 
+-# Option:  fwcheck
+-# Notes.:  command executed once before each fwban command
 +# Option:  actioncheck
 +# Notes.:  command executed once before each actionban command
-+# Values:  CMD
-+#
-+actioncheck = 
-+
+ # Values:  CMD
+ #
+ actioncheck = 
+ 
+-# Option:  fwban
 +# Option:  actionban
-+# Notes.:  command executed when banning an IP. Take care that the
-+#          command is executed with Fail2Ban user rights.
-+# Tags:    <ip>  IP address
-+#          <failures>  number of failures
-+#          <failtime>  unix timestamp of the last failure
-+#          <bantime>  unix timestamp of the ban time
-+# Values:  CMD
-+#
-+actionban = echo -en "Hi,\n
-+            The IP <ip> has just been banned by Fail2Ban after
-+            <failures> attempts against <name>.\n\n
-+            Here are more information about <ip>:\n
-+            `whois <ip>`\n\n
-+            Lines containing IP:<ip> in <logpath>\n
-+            `grep '\<<ip>\>' <logpath>`\n\n
-+            Regards,\n
-+            Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip>" <dest>
-+
+ # Notes.:  command executed when banning an IP. Take care that the
+ #          command is executed with Fail2Ban user rights.
+ # Tags:    <ip>  IP address
+@@ -50,7 +50,7 @@
+             Regards,\n
+             Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip>" <dest>
+ 
+-# Option:  fwunban
 +# Option:  actionunban
-+# Notes.:  command executed when unbanning an IP. Take care that the
-+#          command is executed with Fail2Ban user rights.
-+# Tags:    <ip>  IP address
-+#          <bantime>  unix timestamp of the ban time
-+#          <unbantime>  unix timestamp of the unban time
-+# Values:  CMD
-+#
-+actionunban = 
-+
-+[Init]
-+
-+# Defaut name of the chain
-+#
-+name = default
-+
-+# Destinataire of the mail
-+#
-+dest = root
-+
-+# Path to the log files which contain relevant lines for the abuser IP
-+#
-+logpath = /dev/null
+ # Notes.:  command executed when unbanning an IP. Take care that the
+ #          command is executed with Fail2Ban user rights.
+ # Tags:    <ip>  IP address
--- a/debian/patches/00list
+++ b/debian/patches/00list
@ -1,7 +1,2 @@
-X00_rigid_usrbinpython
-00_iptables-mports
-00_iptables_NEW
 00_mail-whois-lines
 10_dbts_manpages
-10_wuftpd_section
-10_vsftpd_regex
--- a/debian/patches/01_apache2_other.dpatch
+++ b/debian/patches/01_apache2_other.dpatch
@ -1,19 +0,0 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 01_apache2_other.dpatch by  <debian@onerussian.com>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: Tiny patch to mention apache2 possibility
-
-@DPATCH@
-
-diff -x '*~' -Naur fail2ban-0.6.1.pre/config/fail2ban.conf.iptables fail2ban-0.6.1.post/config/fail2ban.conf.iptables
--- fail2ban-0.6.1.pre/config/fail2ban.conf.iptables	2006-05-27 23:23:51.000000000 -0400
-+++ fail2ban-0.6.1.post/config/fail2ban.conf.iptables	2006-05-27 23:27:30.000000000 -0400
-@@ -270,6 +270,7 @@
- # Option:  logfile
- # Notes.:  logfile to monitor.
- # Values:  FILE
-+# Other.: /var/log/apache2/error.log
- #
- logfile = /var/log/apache/error.log
- 
--- a/debian/patches/10_vsftpd_regex.dpatch
+++ b/debian/patches/10_vsftpd_regex.dpatch
@ -1,18 +0,0 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 10_vsftpd_regex.dpatch by Yaroslav Halchenko <debian@onerussian.com>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: No description.
-
-@DPATCH@
-diff -urNad fail2ban-0.7.6~/config/filter.d/vsftpd.conf fail2ban-0.7.6/config/filter.d/vsftpd.conf
--- fail2ban-0.7.6~/config/filter.d/vsftpd.conf	2006-12-23 04:56:55.000000000 -0500
-+++ fail2ban-0.7.6/config/filter.d/vsftpd.conf	2007-01-04 12:42:01.000000000 -0500
-@@ -15,6 +15,7 @@
- # Values: TEXT
- #
- failregex = vsftpd: \(pam_unix\) authentication failure; .* rhost=<HOST>
-+            \[.+\] FAIL LOGIN: Client "<HOST>"$
- 
- # Option:  ignoreregex
- # Notes.:  regex to ignore. If this regex matches, the line is ignored.
--- a/debian/patches/10_wuftpd_section.dpatch
+++ b/debian/patches/10_wuftpd_section.dpatch
@ -1,25 +0,0 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 10_wuftpd_section.dpatch by  <debian@onerussian.com>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: No description.
-
-@DPATCH@
-diff -urNad fail2ban-0.7.3~/config/filter.d/wuftpd.conf fail2ban-0.7.3/config/filter.d/wuftpd.conf
--- fail2ban-0.7.3~/config/filter.d/wuftpd.conf	1969-12-31 19:00:00.000000000 -0500
-+++ fail2ban-0.7.3/config/filter.d/wuftpd.conf	2006-10-18 01:12:23.000000000 -0400
-@@ -0,0 +1,14 @@
-+# Fail2Ban configuration file for wuftpd
-+#
-+# Author: Yaroslav Halchenko
-+#
-+# $Revision:  $
-+#
-+
-+[Definition]
-+
-+# Option: failregex
-+# Notes.: regex to match the password failures messages in the logfile.
-+# Values: TEXT
-+#
-+failregex = wu-ftpd\[\d+\]:\s+\(pam_unix\)\s+authentication failure.* rhost=<HOST>
--- a/debian/patches/X00_rigid_usrbinpython.dpatch
+++ b/debian/patches/X00_rigid_usrbinpython.dpatch
@ -1,45 +0,0 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## rigid_python2.4.dpatch by  <debian@onerussian.com>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: Due to currently default python2.3 we need to hardcode use of python2.4 
-## DP: for now
-
-@DPATCH@
-
-diff -Naur fail2ban-0.7.1/fail2ban-client fail2ban-0.7.1.modified/fail2ban-client
--- fail2ban-0.7.1/fail2ban-client	2006-08-23 16:56:23.000000000 -0400
-+++ fail2ban-0.7.1.modified/fail2ban-client	2006-09-05 00:58:47.000000000 -0400
-@@ -1,4 +1,4 @@
-#!/usr/bin/env python
-+#!/usr/bin/python
- # This file is part of Fail2Ban.
- #
- # Fail2Ban is free software; you can redistribute it and/or modify
-diff -Naur fail2ban-0.7.1/fail2ban-server fail2ban-0.7.1.modified/fail2ban-server
--- fail2ban-0.7.1/fail2ban-server	2006-08-23 15:51:26.000000000 -0400
-+++ fail2ban-0.7.1.modified/fail2ban-server	2006-09-05 00:58:54.000000000 -0400
-@@ -1,4 +1,4 @@
-#!/usr/bin/env python
-+#!/usr/bin/python
- # This file is part of Fail2Ban.
- #
- # Fail2Ban is free software; you can redistribute it and/or modify
-diff -Naur fail2ban-0.7.1/fail2ban-testcases fail2ban-0.7.1.modified/fail2ban-testcases
--- fail2ban-0.7.1/fail2ban-testcases	2006-08-20 18:53:15.000000000 -0400
-+++ fail2ban-0.7.1.modified/fail2ban-testcases	2006-09-05 00:59:18.000000000 -0400
-@@ -1,4 +1,4 @@
-#!/usr/bin/env python
-+#!/usr/bin/python
- # This file is part of Fail2Ban.
- #
- # Fail2Ban is free software; you can redistribute it and/or modify
-diff -Naur fail2ban-0.7.1/setup.py fail2ban-0.7.1.modified/setup.py
--- fail2ban-0.7.1/setup.py	2006-08-22 18:09:25.000000000 -0400
-+++ fail2ban-0.7.1.modified/setup.py	2006-09-05 00:59:06.000000000 -0400
-@@ -1,4 +1,4 @@
-#!/usr/bin/env python
-+#!/usr/bin/python
- 
- # This file is part of Fail2Ban.
- #