- Update to current 0.9 git branch

- Rebase init patch, drop jail.d and notmp patch applied upstream

.gitignore

@@ -4,3 +4,4 @@ fail2ban-0.8.4.tar.bz2
 /fail2ban_0.8.8.orig.tar.gz
 /fail2ban-0.8.10.tar.gz
 /fail2ban-0.9-d529151.tar.xz
+/fail2ban-0.9-1f1a561.tar.xz

fail2ban-0.8.3-init.patch

@@ -1,20 +0,0 @@
---- fail2ban-0.8.3/files/redhat-initd.init	2008-03-10 23:36:22.000000000 +0100
-+++ fail2ban-0.8.3/files/redhat-initd	2008-08-24 20:46:01.000000000 +0200
-@@ -1,6 +1,6 @@
- #!/bin/bash
- #
--# chkconfig: 345 92 08
-+# chkconfig: - 92 08
- # description: Fail2ban daemon
- #              http://fail2ban.sourceforge.net/wiki/index.php/Main_Page
- # process name: fail2ban-server
-@@ -27,8 +27,7 @@
-     echo -n $"Starting fail2ban: "
-     getpid
-     if [ -z "$pid" ]; then
--	rm -rf /var/run/fail2ban/fail2ban.sock # in case of unclean shutdown
--        $FAIL2BAN start > /dev/null
-+        $FAIL2BAN -x start > /dev/null
-         RETVAL=$?
-     fi
-     if [ $RETVAL -eq 0 ]; then

fail2ban-init.patch

@@ -0,0 +1,11 @@
+diff -up fail2ban-0.9-1f1a561/files/redhat-initd.init fail2ban-0.9-1f1a561/files/redhat-initd
+--- fail2ban-0.9-1f1a561/files/redhat-initd.init	2013-09-24 16:57:09.515712728 -0600
++++ fail2ban-0.9-1f1a561/files/redhat-initd	2013-09-24 16:57:52.435590284 -0600
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ #
+-# chkconfig: 345 92 08
++# chkconfig: - 92 08
+ # processname: fail2ban-server
+ # config: /etc/fail2ban/fail2ban.conf
+ # pidfile: /var/run/fail2ban/fail2ban.pid

fail2ban-jail.d.patch

@@ -1,14 +0,0 @@
-diff --git a/setup.py b/setup.py
-index b61ecce..27ad17b 100755
---- a/setup.py
-+++ b/setup.py
-@@ -66,6 +66,9 @@ setup(
- 						('/etc/fail2ban/action.d',
- 							glob("config/action.d/*.conf")
- 						),
-+						('/etc/fail2ban/jail.d',
-+                            ''
-+						),
- 						('/var/run/fail2ban',
- 							''
- 						),

fail2ban-logfiles.patch

@@ -1,6 +1,6 @@
-diff -up fail2ban-0.9-d529151/config/jail.conf.logfiles fail2ban-0.9-d529151/config/jail.conf
+diff -up fail2ban-0.9-1f1a561/config/jail.conf.logfiles fail2ban-0.9-1f1a561/config/jail.conf
---- fail2ban-0.9-d529151/config/jail.conf.logfiles	2013-07-28 03:43:54.000000000 -0600
+--- fail2ban-0.9-1f1a561/config/jail.conf.logfiles	2013-09-08 05:02:35.000000000 -0600
-+++ fail2ban-0.9-d529151/config/jail.conf	2013-08-08 21:23:41.785950007 -0600
++++ fail2ban-0.9-1f1a561/config/jail.conf	2013-09-24 17:01:40.264930006 -0600
 @@ -152,20 +152,18 @@ action = %(action_)s
  [sshd]
  
@@ -40,7 +40,7 @@ diff -up fail2ban-0.9-d529151/config/jail.conf.logfiles fail2ban-0.9-d529151/con
  maxretry  = 2
  
  # .. custom jails
-@@ -201,7 +199,7 @@ filter      = sshd
+@@ -194,7 +192,7 @@ filter      = sshd
  action      = hostsdeny[daemon_list=sshd]
                sendmail-whois[name=SSH, dest=you@example.com]
  ignoreregex = for myuser from
@@ -49,7 +49,7 @@ diff -up fail2ban-0.9-d529151/config/jail.conf.logfiles fail2ban-0.9-d529151/con
  
  # Here we use blackhole routes for not requiring any additional kernel support
  # to store large volumes of banned IPs
-@@ -210,7 +208,7 @@ logpath     = /var/log/sshd.log
+@@ -203,7 +201,7 @@ logpath     = /var/log/sshd.log
  
  filter = sshd
  action = route
@@ -58,7 +58,7 @@ diff -up fail2ban-0.9-d529151/config/jail.conf.logfiles fail2ban-0.9-d529151/con
  
  # Here we use a combination of Netfilter/Iptables and IPsets
  # for storing large volumes of banned IPs
-@@ -221,13 +219,13 @@ logpath = /var/log/sshd.log
+@@ -214,13 +212,13 @@ logpath = /var/log/sshd.log
  
  filter   = sshd
  action   = iptables-ipset-proto4[name=SSH, port=ssh, protocol=tcp]
@@ -74,25 +74,33 @@ diff -up fail2ban-0.9-d529151/config/jail.conf.logfiles fail2ban-0.9-d529151/con
  
  # This jail uses ipfw, the standard firewall on FreeBSD. The "ignoreip"
  # option is overridden in this jail. Moreover, the action "mail-whois" defines
-@@ -238,7 +236,7 @@ logpath  = /var/log/sshd.log
+@@ -231,7 +229,7 @@ logpath  = /var/log/sshd.log
  filter   = sshd
  action   = ipfw[localhost=192.168.0.1]
             sendmail-whois[name="SSH,IPFW", dest=you@example.com]
 -logpath  = /var/log/auth.log
 +logpath  = /var/log/secure
- ignoreip = 168.192.0.1
  
  # bsd-ipfw is ipfw used by BSD. It uses ipfw tables.
-@@ -250,7 +248,7 @@ ignoreip = 168.192.0.1
+ # table number must be unique.
- [ssh-bsd-ipfw]
+@@ -243,14 +241,14 @@ logpath  = /var/log/auth.log
+ 
  filter   = sshd
  action   = bsd-ipfw[port=ssh,table=1]
 -logpath  = /var/log/auth.log
 +logpath  = /var/log/secure
  
+ # PF is a BSD based firewall
+ [ssh-pf]
+ 
+ filter  = sshd
+ action  = pf
+-logpath = /var/log/sshd.log
++logpath = /var/log/secure
+ maxretry= 5
+ 
  #
- # HTTP servers
+@@ -260,7 +258,7 @@ maxretry= 5
-@@ -259,7 +257,7 @@ logpath  = /var/log/auth.log
  [apache-auth]
  
  port     = http,https
@@ -101,7 +109,7 @@ diff -up fail2ban-0.9-d529151/config/jail.conf.logfiles fail2ban-0.9-d529151/con
  
  # Ban hosts which agent identifies spammer robots crawling the web
  # for email addresses. The mail outputs are buffered.
-@@ -267,21 +265,20 @@ logpath  = /var/log/apache*/*error.log
+@@ -268,21 +266,20 @@ logpath  = /var/log/apache*/*error.log
  [apache-badbots]
  
  port     = http,https
@@ -126,16 +134,16 @@ diff -up fail2ban-0.9-d529151/config/jail.conf.logfiles fail2ban-0.9-d529151/con
  maxretry = 2
  
  # Ban attackers that try to use PHP's URL-fopen() functionality
-@@ -291,7 +288,7 @@ maxretry = 2
+@@ -292,7 +289,7 @@ maxretry = 2
  [php-url-fopen]
  
  port    = http,https
 -logpath = /var/www/*/logs/access_log
 +logpath = /var/log/httpd/*access_log
  
- # A simple PHP-fastcgi jail which works with lighttpd.
+ [suhosin]
- # If you run a lighttpd server, then you probably will
+ 
-@@ -330,7 +327,7 @@ logpath  = /var/log/sogo/sogo.log
+@@ -325,7 +322,7 @@ logpath  = /var/log/sogo/sogo.log
  
  filter	 = apache-auth
  action   = hostsdeny
@@ -143,7 +151,7 @@ diff -up fail2ban-0.9-d529151/config/jail.conf.logfiles fail2ban-0.9-d529151/con
 +logpath  = /var/log/httpd/*error_log
  maxretry = 6
  
- 
+ [3proxy]
 @@ -347,7 +344,7 @@ logpath  = /var/log/proftpd/proftpd.log
  [pure-ftpd]
  
@@ -162,7 +170,7 @@ diff -up fail2ban-0.9-d529151/config/jail.conf.logfiles fail2ban-0.9-d529151/con
  # if you want to rely on PAM failed login attempts
  # vsftpd's failregex should match both of those formats
  
-@@ -384,12 +381,12 @@ maxretry = 6
+@@ -390,12 +387,12 @@ logpath  = /root/path/to/assp/logs/maill
  [courier-smtp]
  
  port     = smtp,ssmtp,submission
@@ -177,7 +185,7 @@ diff -up fail2ban-0.9-d529151/config/jail.conf.logfiles fail2ban-0.9-d529151/con
  
  # The hosts.deny path can be defined with the "file" argument if it is
  # not in /etc.
-@@ -410,7 +407,7 @@ bantime  = 300
+@@ -427,7 +424,7 @@ logpath = /var/log/exim/mainlog
  [courier-auth]
  
  port     = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s
@@ -186,7 +194,7 @@ diff -up fail2ban-0.9-d529151/config/jail.conf.logfiles fail2ban-0.9-d529151/con
  
  
  [sasl]
-@@ -419,12 +416,12 @@ port     = smtp,ssmtp,submission,imap2,i
+@@ -436,12 +433,12 @@ port     = smtp,ssmtp,submission,imap2,i
  # You might consider monitoring /var/log/mail.warn instead if you are
  # running postfix since it would provide the same log lines at the
  # "warn" level but overall at the smaller filesize.
@@ -199,14 +207,5 @@ diff -up fail2ban-0.9-d529151/config/jail.conf.logfiles fail2ban-0.9-d529151/con
 -logpath = /var/log/mail.log
 +logpath = /var/log/maillog
  
- #
+ [perdition]
- # DNS servers
-@@ -519,7 +516,7 @@ maxretry = 5
- enabled=false
- filter = sshd
- action = pf
--logpath  = /var/log/sshd.log
-+logpath  = /var/log/secure
- maxretry=5
  
- [3proxy]

fail2ban-notmp.patch

@@ -1,12 +0,0 @@
-diff -up fail2ban-0.9-d529151/fail2ban/client/fail2banreader.py.notmp fail2ban-0.9-d529151/fail2ban/client/fail2banreader.py
---- fail2ban-0.9-d529151/fail2ban/client/fail2banreader.py.notmp	2013-07-28 03:43:54.000000000 -0600
-+++ fail2ban-0.9-d529151/fail2ban/client/fail2banreader.py	2013-08-08 20:15:19.997686089 -0600
-@@ -39,7 +39,7 @@ class Fail2banReader(ConfigReader):
- 		ConfigReader.read(self, "fail2ban")
- 	
- 	def getEarlyOptions(self):
--		opts = [["string", "socket", "/tmp/fail2ban.sock"],
-+		opts = [["string", "socket", "/var/run/fail2ban/fail2ban.sock"],
- 				["string", "pidfile", "/var/run/fail2ban/fail2ban.pid"]]
- 		return ConfigReader.getOptions(self, "Definition", opts)
- 	

fail2ban.spec

@@ -1,20 +1,17 @@
 Summary: Ban IPs that make too many password failures
 Name: fail2ban
 Version: 0.9
-Release: 0.2.gitd529151%{?dist}
+Release: 0.3.git1f1a561%{?dist}
 License: GPLv2+
 Group: System Environment/Daemons
 URL: http://fail2ban.sourceforge.net/
 #Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz
-Source0: %{name}-%{version}-d529151.tar.xz
+Source0: %{name}-%{version}-1f1a561.tar.xz
 Source1: fail2ban-logrotate
-Patch0: fail2ban-0.8.3-init.patch
+Patch0: fail2ban-init.patch
 # Fix logfile paths in jail.conf
 Patch1: fail2ban-logfiles.patch
-# Install jail.d
-Patch2: fail2ban-jail.d.patch
 Patch6: fail2ban-log2syslog.patch
-Patch8: fail2ban-notmp.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 BuildRequires: python-devel >= 2.3
 # For testcases
@@ -47,12 +44,10 @@ and shorewall respectively.
 
 
 %prep
-%setup -q -n %{name}-%{version}-d529151
+%setup -q -n %{name}-%{version}-1f1a561
 %patch0 -p1 -b .init
 %patch1 -p1 -b .logfiles
-%patch2 -p1 -b .jail.d
 %patch6 -p1 -b .log2syslog
-%patch8 -p1 -b .notmp
 
 %build
 python setup.py build
@@ -138,6 +133,10 @@ fi
 %dir %{_localstatedir}/lib/fail2ban/
 
 %changelog
+* Tue Sep 24 2013 Orion Poplawski <orion@cora.nwra.com> - 0.9-0.3.git1f1a561
+- Update to current 0.9 git branch
+- Rebase init patch, drop jail.d and notmp patch applied upstream
+
 * Fri Aug 9 2013 Orion Poplawski <orion@cora.nwra.com> - 0.9-0.2.gitd529151
 - Ship jail.conf(5) man page
 - Ship empty /etc/fail2ban/jail.d directory

sources

@@ -1 +1 @@
-d51144c03988c9f63d91515b6ebc5d57  fail2ban-0.9-d529151.tar.xz
+6c8a581bc46712be597f3a949d036217  fail2ban-0.9-1f1a561.tar.xz