|
|
@ -1,28 +1,53 @@
|
|
|
|
Summary: Ban IPs that make too many password failures
|
|
|
|
Summary: Daemon to ban hosts that cause multiple authentication errors
|
|
|
|
Name: fail2ban
|
|
|
|
Name: fail2ban
|
|
|
|
Version: 0.8.11
|
|
|
|
Version: 0.9
|
|
|
|
Release: 2%{?dist}
|
|
|
|
Release: 7%{?dist}
|
|
|
|
License: GPLv2+
|
|
|
|
License: GPLv2+
|
|
|
|
Group: System Environment/Daemons
|
|
|
|
|
|
|
|
URL: http://fail2ban.sourceforge.net/
|
|
|
|
URL: http://fail2ban.sourceforge.net/
|
|
|
|
Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz
|
|
|
|
Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz
|
|
|
|
Source1: fail2ban-logrotate
|
|
|
|
# Upstream patch to fix setting loglevel
|
|
|
|
Patch0: fail2ban-0.8.3-init.patch
|
|
|
|
# https://github.com/fail2ban/fail2ban/issues/657
|
|
|
|
Patch1: fail2ban-0.8.7.1-sshd.patch
|
|
|
|
Patch0: fail2ban-loglevel.patch
|
|
|
|
Patch6: fail2ban-log2syslog.patch
|
|
|
|
# Upstream patch to skip tests with no-network
|
|
|
|
Patch7: 0001-BF-apache-filters-using-error-log-weren-t-matched-wh.patch
|
|
|
|
# https://github.com/fail2ban/fail2ban/issues/110
|
|
|
|
Patch8: fail2ban-0.8.11-singlejail.patch
|
|
|
|
Patch1: fail2ban-tests-nonet.patch
|
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
|
|
|
|
# Upstream patch to skip syslog tests without /dev/log
|
|
|
|
BuildRequires: python-devel >= 2.3
|
|
|
|
# https://github.com/fail2ban/fail2ban/issues/110
|
|
|
|
|
|
|
|
Patch2: fail2ban-tests-syslog.patch
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
BuildRequires: python2-devel
|
|
|
|
# For testcases
|
|
|
|
# For testcases
|
|
|
|
BuildRequires: python-inotify
|
|
|
|
BuildRequires: python-inotify
|
|
|
|
BuildArch: noarch
|
|
|
|
BuildArch: noarch
|
|
|
|
Requires: ed
|
|
|
|
%if 0%{?fedora} >= 19 || 0%{?rhel} >= 7
|
|
|
|
Requires: iptables
|
|
|
|
|
|
|
|
Requires: gamin-python
|
|
|
|
|
|
|
|
Requires: python-inotify
|
|
|
|
|
|
|
|
%if 0%{?fedora} >= 19
|
|
|
|
|
|
|
|
BuildRequires: systemd
|
|
|
|
BuildRequires: systemd
|
|
|
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
# Default components
|
|
|
|
|
|
|
|
Requires: %{name}-firewalld = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: %{name}-sendmail = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: %{name}-server = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: %{name}-systemd = %{version}-%{release}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%description
|
|
|
|
|
|
|
|
Fail2Ban scans log files and bans IP addresses that makes too many password
|
|
|
|
|
|
|
|
failures. It updates firewall rules to reject the IP address. These rules can
|
|
|
|
|
|
|
|
be defined by the user. Fail2Ban can read multiple log files such as sshd or
|
|
|
|
|
|
|
|
Apache web server ones.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Fail2Ban is able to reduce the rate of incorrect authentications attempts
|
|
|
|
|
|
|
|
however it cannot eliminate the risk that weak authentication presents.
|
|
|
|
|
|
|
|
Configure services to use only two factor or public/private authentication
|
|
|
|
|
|
|
|
mechanisms if you really want to protect services.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This is a meta-package that will install the default configuration. Other
|
|
|
|
|
|
|
|
sub-packages are available to install support for other actions and
|
|
|
|
|
|
|
|
configurations.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%package server
|
|
|
|
|
|
|
|
Summary: Core server component for Fail2Ban
|
|
|
|
|
|
|
|
%if 0%{?fedora} >= 19 || 0%{?rhel} >= 7
|
|
|
|
|
|
|
|
Requires: systemd-python
|
|
|
|
Requires(post): systemd
|
|
|
|
Requires(post): systemd
|
|
|
|
Requires(preun): systemd
|
|
|
|
Requires(preun): systemd
|
|
|
|
Requires(postun): systemd
|
|
|
|
Requires(postun): systemd
|
|
|
@ -32,64 +57,159 @@ Requires(post): /sbin/chkconfig
|
|
|
|
Requires(preun): /sbin/chkconfig
|
|
|
|
Requires(preun): /sbin/chkconfig
|
|
|
|
Requires(preun): /sbin/service
|
|
|
|
Requires(preun): /sbin/service
|
|
|
|
%endif
|
|
|
|
%endif
|
|
|
|
|
|
|
|
Requires: ipset
|
|
|
|
|
|
|
|
Requires: iptables
|
|
|
|
|
|
|
|
|
|
|
|
%description
|
|
|
|
%description server
|
|
|
|
Fail2ban scans log files like /var/log/pwdfail or
|
|
|
|
This package contains the core server components for Fail2Ban with minimal
|
|
|
|
/var/log/apache/error_log and bans IP that makes too many password
|
|
|
|
dependencies. You can install this directly if you want to have a small
|
|
|
|
failures. It updates firewall rules to reject the IP address.
|
|
|
|
installation and know what you are doing.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%package all
|
|
|
|
|
|
|
|
Summary: Install all Fail2Ban packages and dependencies
|
|
|
|
|
|
|
|
Requires: %{name}-firewalld = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: %{name}-hostsdeny = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: %{name}-mail = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: %{name}-sendmail = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: %{name}-server = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: %{name}-shorewall = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: %{name}-systemd = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: gamin-python
|
|
|
|
|
|
|
|
Requires: perl
|
|
|
|
|
|
|
|
Requires: python-inotify
|
|
|
|
|
|
|
|
Requires: /usr/bin/whois
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%description all
|
|
|
|
|
|
|
|
This package installs all of the Fail2Ban packages and dependencies.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%package firewalld
|
|
|
|
|
|
|
|
Summary: Firewalld support for Fail2Ban
|
|
|
|
|
|
|
|
Requires: %{name}-server = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: firewalld
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%description firewalld
|
|
|
|
|
|
|
|
This package enables support for manipulating firewalld rules. This is the
|
|
|
|
|
|
|
|
default firewall service in Fedora.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%package hostsdeny
|
|
|
|
|
|
|
|
Summary: Hostsdeny (tcp_wrappers) support for Fail2Ban
|
|
|
|
|
|
|
|
Requires: %{name}-server = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: ed
|
|
|
|
|
|
|
|
Requires: tcp_wrappers
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%description hostsdeny
|
|
|
|
|
|
|
|
This package enables support for manipulating tcp_wrapper's /etc/hosts.deny
|
|
|
|
|
|
|
|
files.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%package mail
|
|
|
|
|
|
|
|
Summary: Mail actions for Fail2Ban
|
|
|
|
|
|
|
|
Requires: %{name}-server = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: mailx
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%description mail
|
|
|
|
|
|
|
|
This package installs Fail2Ban's mail actions. These are an alternative
|
|
|
|
|
|
|
|
to the default sendmail actions.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%package sendmail
|
|
|
|
|
|
|
|
Summary: Sendmail actions for Fail2Ban
|
|
|
|
|
|
|
|
Requires: %{name}-server = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: /usr/sbin/sendmail
|
|
|
|
|
|
|
|
|
|
|
|
To use the hostsdeny and shorewall actions you must install tcp_wrappers
|
|
|
|
%description sendmail
|
|
|
|
and shorewall respectively.
|
|
|
|
This package installs Fail2Ban's sendmail actions. This is the default
|
|
|
|
|
|
|
|
mail actions for Fail2Ban.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%package shorewall
|
|
|
|
|
|
|
|
Summary: Shorewall support for Fail2Ban
|
|
|
|
|
|
|
|
Requires: %{name}-server = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: shorewall
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%description shorewall
|
|
|
|
|
|
|
|
This package enables support for manipulating shoreall rules.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%package systemd
|
|
|
|
|
|
|
|
Summary: Systemd journal configuration for Fail2Ban
|
|
|
|
|
|
|
|
Requires: %{name}-server = %{version}-%{release}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%description systemd
|
|
|
|
|
|
|
|
This package configures Fail2Ban to use the systemd journal for its log input
|
|
|
|
|
|
|
|
by default.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%prep
|
|
|
|
%prep
|
|
|
|
%setup -q
|
|
|
|
%setup -q
|
|
|
|
%patch0 -p1 -b .init
|
|
|
|
%patch0 -p1 -b .loglevel
|
|
|
|
%patch1 -p1 -b .sshd
|
|
|
|
%patch1 -p1 -b .tests-nonet
|
|
|
|
%patch6 -p1 -b .log2syslog
|
|
|
|
%patch2 -p1 -b .tests-syslog
|
|
|
|
%patch7 -p1 -b .apache-authfix
|
|
|
|
# Use Fedora paths
|
|
|
|
%patch8 -p1 -b .singlejail
|
|
|
|
sed -i -e 's/^before = paths-.*/before = paths-fedora.conf/' config/jail.conf
|
|
|
|
|
|
|
|
# Start after firewalld (https://bugzilla.redhat.com/show_bug.cgi?id=1067147)
|
|
|
|
|
|
|
|
sed -i -e '/^After=/s/$/ firewalld.service/' files/fail2ban.service
|
|
|
|
|
|
|
|
|
|
|
|
%build
|
|
|
|
%build
|
|
|
|
python setup.py build
|
|
|
|
python setup.py build
|
|
|
|
|
|
|
|
|
|
|
|
%install
|
|
|
|
%install
|
|
|
|
rm -rf %{buildroot}
|
|
|
|
|
|
|
|
python setup.py install -O1 --root %{buildroot}
|
|
|
|
python setup.py install -O1 --root %{buildroot}
|
|
|
|
%if 0%{?fedora} >= 19
|
|
|
|
%if 0%{?fedora} >= 19 || 0%{?rhel} >= 7
|
|
|
|
mkdir -p %{buildroot}%{_unitdir}
|
|
|
|
mkdir -p %{buildroot}%{_unitdir}
|
|
|
|
cp -p files/fail2ban.service %{buildroot}%{_unitdir}/
|
|
|
|
cp -p files/fail2ban.service %{buildroot}%{_unitdir}/
|
|
|
|
%else
|
|
|
|
%else
|
|
|
|
mkdir -p %{buildroot}%{_initddir}
|
|
|
|
mkdir -p %{buildroot}%{_initddir}
|
|
|
|
install -p -m 755 files/redhat-initd %{buildroot}%{_initddir}/fail2ban
|
|
|
|
install -p -m 755 files/redhat-initd %{buildroot}%{_initddir}/fail2ban
|
|
|
|
%endif
|
|
|
|
%endif
|
|
|
|
mkdir -p %{buildroot}%{_mandir}/man1
|
|
|
|
mkdir -p %{buildroot}%{_mandir}/man{1,5}
|
|
|
|
install -p -m 644 man/fail2ban*.1 %{buildroot}%{_mandir}/man1
|
|
|
|
install -p -m 644 man/*.1 %{buildroot}%{_mandir}/man1
|
|
|
|
|
|
|
|
install -p -m 644 man/*.5 %{buildroot}%{_mandir}/man5
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
|
|
|
|
install -p -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/logrotate.d/fail2ban
|
|
|
|
install -p -m 644 files/fail2ban-logrotate %{buildroot}%{_sysconfdir}/logrotate.d/fail2ban
|
|
|
|
install -d -m 0755 %{buildroot}%{_localstatedir}/run/fail2ban/
|
|
|
|
install -d -m 0755 %{buildroot}%{_localstatedir}/run/fail2ban/
|
|
|
|
install -d -m 0755 %{buildroot}%{_localstatedir}/lib/fail2ban/
|
|
|
|
install -d -m 0755 %{buildroot}%{_localstatedir}/lib/fail2ban/
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/tmpfiles.d
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/tmpfiles.d
|
|
|
|
install -p -m 0644 files/fail2ban-tmpfiles.conf %{buildroot}%{_sysconfdir}/tmpfiles.d/fail2ban.conf
|
|
|
|
install -p -m 0644 files/fail2ban-tmpfiles.conf %{buildroot}%{_sysconfdir}/tmpfiles.d/fail2ban.conf
|
|
|
|
|
|
|
|
# Remove non-Linux actions
|
|
|
|
|
|
|
|
rm %{buildroot}%{_sysconfdir}/%{name}/action.d/*ipfw.conf
|
|
|
|
|
|
|
|
rm %{buildroot}%{_sysconfdir}/%{name}/action.d/{ipfilter,pf,ufw}.conf
|
|
|
|
|
|
|
|
rm %{buildroot}%{_sysconfdir}/%{name}/action.d/osx-*.conf
|
|
|
|
|
|
|
|
# firewalld configuration
|
|
|
|
|
|
|
|
cat > %{buildroot}%{_sysconfdir}/%{name}/jail.d/00-firewalld.conf <<EOF
|
|
|
|
|
|
|
|
# This file is part of the fail2ban-firewalld package to configure the use of
|
|
|
|
|
|
|
|
# the firewalld actions as the default actions. You can remove this package
|
|
|
|
|
|
|
|
# (along with the empty fail2ban meta-package) if you do not use firewalld
|
|
|
|
|
|
|
|
[DEFAULT]
|
|
|
|
|
|
|
|
banaction = firewallcmd-ipset
|
|
|
|
|
|
|
|
EOF
|
|
|
|
|
|
|
|
# systemd journal configuration
|
|
|
|
|
|
|
|
cat > %{buildroot}%{_sysconfdir}/%{name}/jail.d/00-systemd.conf <<EOF
|
|
|
|
|
|
|
|
# This file is part of the fail2ban-systemd package to configure the use of
|
|
|
|
|
|
|
|
# the systemd journal as the default backend. You can remove this package
|
|
|
|
|
|
|
|
# (along with the empty fail2ban meta-package) if you do not want to use the
|
|
|
|
|
|
|
|
# journal backend
|
|
|
|
|
|
|
|
[DEFAULT]
|
|
|
|
|
|
|
|
backend=systemd
|
|
|
|
|
|
|
|
EOF
|
|
|
|
# Remove installed doc, use doc macro instead
|
|
|
|
# Remove installed doc, use doc macro instead
|
|
|
|
rm -r %{buildroot}%{_docdir}/%{name}
|
|
|
|
rm -r %{buildroot}%{_docdir}/%{name}
|
|
|
|
|
|
|
|
|
|
|
|
# Testcases need network access
|
|
|
|
%check
|
|
|
|
#%check
|
|
|
|
./fail2ban-testcases-all --no-network
|
|
|
|
#./fail2ban-testcases
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%clean
|
|
|
|
|
|
|
|
rm -rf %{buildroot}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%post
|
|
|
|
%post server
|
|
|
|
%if 0%{?fedora} >= 19
|
|
|
|
%if 0%{?fedora} >= 19 || 0%{?rhel} >= 7
|
|
|
|
%systemd_post fail2ban.service
|
|
|
|
%systemd_post fail2ban.service
|
|
|
|
%else
|
|
|
|
%else
|
|
|
|
/sbin/chkconfig --add %{name}
|
|
|
|
/sbin/chkconfig --add %{name}
|
|
|
|
%endif
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
|
|
%preun
|
|
|
|
%preun server
|
|
|
|
%if 0%{?fedora} >= 19
|
|
|
|
%if 0%{?fedora} >= 19 || 0%{?rhel} >= 7
|
|
|
|
%systemd_preun fail2ban.service
|
|
|
|
%systemd_preun fail2ban.service
|
|
|
|
%else
|
|
|
|
%else
|
|
|
|
if [ $1 = 0 ]; then
|
|
|
|
if [ $1 = 0 ]; then
|
|
|
@ -98,54 +218,103 @@ if [ $1 = 0 ]; then
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
%endif
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
|
|
%if 0%{?fedora} >= 19
|
|
|
|
%if 0%{?fedora} >= 19 || 0%{?rhel} >= 7
|
|
|
|
%postun
|
|
|
|
%postun server
|
|
|
|
%systemd_postun_with_restart fail2ban.service
|
|
|
|
%systemd_postun_with_restart fail2ban.service
|
|
|
|
%endif
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
|
|
%files
|
|
|
|
%files
|
|
|
|
%defattr(-,root,root,-)
|
|
|
|
|
|
|
|
|
|
|
|
%files server
|
|
|
|
%doc README.md TODO ChangeLog COPYING doc/*.txt
|
|
|
|
%doc README.md TODO ChangeLog COPYING doc/*.txt
|
|
|
|
#doc config/fail2ban.conf*
|
|
|
|
|
|
|
|
%{_bindir}/fail2ban-server
|
|
|
|
%{_bindir}/fail2ban-server
|
|
|
|
%{_bindir}/fail2ban-client
|
|
|
|
%{_bindir}/fail2ban-client
|
|
|
|
%{_bindir}/fail2ban-regex
|
|
|
|
%{_bindir}/fail2ban-regex
|
|
|
|
%{_datadir}/fail2ban
|
|
|
|
%{_bindir}/fail2ban-testcases
|
|
|
|
%if 0%{?fedora} >= 19
|
|
|
|
%{python_sitelib}/*
|
|
|
|
|
|
|
|
%if 0%{?fedora} >= 19 || 0%{?rhel} >= 7
|
|
|
|
%{_unitdir}/fail2ban.service
|
|
|
|
%{_unitdir}/fail2ban.service
|
|
|
|
%else
|
|
|
|
%else
|
|
|
|
%{_initddir}/fail2ban
|
|
|
|
%{_initddir}/fail2ban
|
|
|
|
%endif
|
|
|
|
%endif
|
|
|
|
%{_mandir}/man1/fail2ban*.1*
|
|
|
|
%{_mandir}/man1/fail2ban*.1*
|
|
|
|
%dir %{_sysconfdir}/fail2ban
|
|
|
|
%{_mandir}/man5/*.5*
|
|
|
|
%dir %{_sysconfdir}/fail2ban/action.d
|
|
|
|
%config(noreplace) %{_sysconfdir}/fail2ban
|
|
|
|
%dir %{_sysconfdir}/fail2ban/filter.d
|
|
|
|
%exclude %{_sysconfdir}/fail2ban/action.d/complain.conf
|
|
|
|
%config(noreplace) %{_sysconfdir}/fail2ban/fail2ban.conf
|
|
|
|
%exclude %{_sysconfdir}/fail2ban/action.d/hostsdeny.conf
|
|
|
|
%config(noreplace) %{_sysconfdir}/fail2ban/jail.conf
|
|
|
|
%exclude %{_sysconfdir}/fail2ban/action.d/mail-*.conf
|
|
|
|
%config(noreplace) %{_sysconfdir}/fail2ban/action.d/*.conf
|
|
|
|
%exclude %{_sysconfdir}/fail2ban/action.d/sendmail-*.conf
|
|
|
|
%config(noreplace) %{_sysconfdir}/fail2ban/filter.d/*.conf
|
|
|
|
%exclude %{_sysconfdir}/fail2ban/action.d/shorewall.conf
|
|
|
|
|
|
|
|
%exclude %{_sysconfdir}/fail2ban/jail.d/*.conf
|
|
|
|
%config(noreplace) %{_sysconfdir}/logrotate.d/fail2ban
|
|
|
|
%config(noreplace) %{_sysconfdir}/logrotate.d/fail2ban
|
|
|
|
%dir %{_localstatedir}/run/fail2ban/
|
|
|
|
|
|
|
|
%config(noreplace) %{_sysconfdir}/tmpfiles.d/fail2ban.conf
|
|
|
|
%config(noreplace) %{_sysconfdir}/tmpfiles.d/fail2ban.conf
|
|
|
|
%dir %{_localstatedir}/lib/fail2ban/
|
|
|
|
%dir %{_localstatedir}/lib/fail2ban/
|
|
|
|
|
|
|
|
%dir %{_localstatedir}/run/fail2ban/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%files all
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%files firewalld
|
|
|
|
|
|
|
|
%config(noreplace) %{_sysconfdir}/fail2ban/jail.d/00-firewalld.conf
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%files hostsdeny
|
|
|
|
|
|
|
|
%config(noreplace) %{_sysconfdir}/fail2ban/action.d/hostsdeny.conf
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%files mail
|
|
|
|
|
|
|
|
%config(noreplace) %{_sysconfdir}/fail2ban/action.d/complain.conf
|
|
|
|
|
|
|
|
%config(noreplace) %{_sysconfdir}/fail2ban/action.d/mail-*.conf
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%files sendmail
|
|
|
|
|
|
|
|
%config(noreplace) %{_sysconfdir}/fail2ban/action.d/sendmail-*.conf
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%files shorewall
|
|
|
|
|
|
|
|
%config(noreplace) %{_sysconfdir}/fail2ban/action.d/shorewall.conf
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%files systemd
|
|
|
|
|
|
|
|
%config(noreplace) %{_sysconfdir}/fail2ban/jail.d/00-systemd.conf
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
|
%changelog
|
|
|
|
* Tue Dec 03 2013 Adam Tkac <vonsch@gmail.com> - 0.8.11-2
|
|
|
|
* Mon Jul 21 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-7
|
|
|
|
- include post-release patch for apache-auth filter
|
|
|
|
- Use systemd for EL7
|
|
|
|
- fix firewalld support (#979622, comment 18)
|
|
|
|
|
|
|
|
|
|
|
|
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9-6
|
|
|
|
* Mon Nov 25 2013 Adam Tkac <vonsch@gmail.com> - 0.8.11-1
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
|
|
|
- update to 0.8.11 (#1034355)
|
|
|
|
|
|
|
|
- drop part of the fail2ban-0.8.3-init.patch (merged)
|
|
|
|
* Thu Mar 20 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-5
|
|
|
|
- fail2ban-hostsdeny.patch has been merged
|
|
|
|
- Require mailx for /usr/bin/mail
|
|
|
|
- fail2ban-mailx.patch has been merged
|
|
|
|
|
|
|
|
- fail2ban-notmp.patch has been merged
|
|
|
|
* Thu Mar 20 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-4
|
|
|
|
|
|
|
|
- Need empty %%files to produce main and -all package
|
|
|
|
* Wed Aug 28 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.10-3
|
|
|
|
|
|
|
|
- Add upstream patch to fix mailx argument ordering (bug #998020)
|
|
|
|
* Wed Mar 19 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-3
|
|
|
|
|
|
|
|
- Split into sub-packages for different components
|
|
|
|
* Fri Aug 16 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.10-2
|
|
|
|
- Enable journal filter by default (bug #985567)
|
|
|
|
- Add upstream patch to fix hostsdeny permission issue
|
|
|
|
- Enable firewalld action by default (bug #1046816)
|
|
|
|
|
|
|
|
- Add upstream patch to fix setting loglevel in fail2ban.conf
|
|
|
|
|
|
|
|
- Add upstream patches to fix tests in mock, run tests
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Mar 18 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-2
|
|
|
|
|
|
|
|
- Use Fedora paths
|
|
|
|
|
|
|
|
- Start after firewalld (bug #1067147)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Mar 17 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-1
|
|
|
|
|
|
|
|
- Update to 0.9
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Sep 24 2013 Orion Poplawski <orion@cora.nwra.com> - 0.9-0.3.git1f1a561
|
|
|
|
|
|
|
|
- Update to current 0.9 git branch
|
|
|
|
|
|
|
|
- Rebase init patch, drop jail.d and notmp patch applied upstream
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Fri Aug 9 2013 Orion Poplawski <orion@cora.nwra.com> - 0.9-0.2.gitd529151
|
|
|
|
|
|
|
|
- Ship jail.conf(5) man page
|
|
|
|
|
|
|
|
- Ship empty /etc/fail2ban/jail.d directory
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Aug 8 2013 Orion Poplawski <orion@cora.nwra.com> - 0.9-0.1.gitd529151
|
|
|
|
|
|
|
|
- Update to 0.9 git branch
|
|
|
|
|
|
|
|
- Rebase patches
|
|
|
|
|
|
|
|
- Require systemd-python for journal support
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.10-2
|
|
|
|
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
|
|
|
|
|
|
|
|
|
|
|
* Wed Jun 12 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.10-1
|
|
|
|
* Wed Jun 12 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.10-1
|
|
|
|
- Update to 0.8.10 security release
|
|
|
|
- Update to 0.8.10 security release
|
|
|
|