Update to 0.9.0 from master

i9ce
Orion Poplawski 11 years ago
commit f5af99f729

3
.gitignore vendored

@ -4,3 +4,6 @@ fail2ban-0.8.4.tar.bz2
/fail2ban_0.8.8.orig.tar.gz /fail2ban_0.8.8.orig.tar.gz
/fail2ban-0.8.10.tar.gz /fail2ban-0.8.10.tar.gz
/fail2ban-0.8.11.tar.gz /fail2ban-0.8.11.tar.gz
/fail2ban-0.9-d529151.tar.xz
/fail2ban-0.9-1f1a561.tar.xz
/fail2ban-0.9.tar.gz

@ -1,12 +0,0 @@
diff -up fail2ban-0.8.11/config/action.d/firewall-cmd-direct-new.conf.singlejail fail2ban-0.8.11/config/action.d/firewall-cmd-direct-new.conf
--- fail2ban-0.8.11/config/action.d/firewall-cmd-direct-new.conf.singlejail 2013-12-03 16:17:48.282238194 +0100
+++ fail2ban-0.8.11/config/action.d/firewall-cmd-direct-new.conf 2013-12-03 16:17:57.421402502 +0100
@@ -20,7 +20,7 @@ actionstop = firewall-cmd --direct --rem
firewall-cmd --direct --remove-rules ipv4 filter fail2ban-<name>
firewall-cmd --direct --remove-chain ipv4 filter fail2ban-<name>
-actioncheck = firewall-cmd --direct --get-chains ipv4 filter | grep -q 'fail2ban-<name>[ \t]'
+actioncheck = firewall-cmd --direct --get-chains ipv4 filter | grep -Eq 'fail2ban-<name>$|fail2ban-<name> '
actionban = firewall-cmd --direct --add-rule ipv4 filter fail2ban-<name> 0 -s <ip> -j <blocktype>

@ -1,11 +0,0 @@
diff -up fail2ban-0.8.11/files/redhat-initd.init fail2ban-0.8.11/files/redhat-initd
--- fail2ban-0.8.11/files/redhat-initd.init 2013-11-25 18:07:00.191938851 +0100
+++ fail2ban-0.8.11/files/redhat-initd 2013-11-25 18:07:49.576801893 +0100
@@ -1,6 +1,6 @@
#!/bin/bash
#
-# chkconfig: 345 92 08
+# chkconfig: - 92 08
# processname: fail2ban-server
# config: /etc/fail2ban/fail2ban.conf
# pidfile: /var/run/fail2ban/fail2ban.pid

@ -1,18 +0,0 @@
diff -up fail2ban-0.8.11/config/jail.conf.sshd fail2ban-0.8.11/config/jail.conf
--- fail2ban-0.8.11/config/jail.conf.sshd 2013-11-25 18:08:08.034123038 +0100
+++ fail2ban-0.8.11/config/jail.conf 2013-11-25 18:16:28.107917373 +0100
@@ -71,11 +71,11 @@ usedns = warn
[ssh-iptables]
-enabled = false
+enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
- sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com, sendername="Fail2Ban"]
-logpath = /var/log/sshd.log
+ sendmail-whois[name=SSH, dest=root, sender=fail2ban@example.com, sendername="Fail2Ban"]
+logpath = /var/log/secure
maxretry = 5
[proftpd-iptables]

@ -1,75 +0,0 @@
commit d561a4c2bbc336db70d5923cf630813bc51dc3ee
Author: Yaroslav Halchenko <debian@onerussian.com>
Date: Mon Jan 28 09:54:08 2013 -0500
BF: do not rely on scripts being under /usr -- might differ eg on Fedora -- rely on import of common.version (Closes gh-112)
This is also not ideal, since if there happens to be some systemwide common.version -- we are doomed
but otherwise, we cannot keep extending comparison check to /bin, /sbin whatelse
diff --git a/fail2ban-client b/fail2ban-client
index 1d8eb15..13d018e 100755
--- a/fail2ban-client
+++ b/fail2ban-client
@@ -27,12 +27,13 @@ import getopt, time, shlex, socket
# Inserts our own modules path first in the list
# fix for bug #343821
-if os.path.abspath(__file__).startswith('/usr/'):
- # makes sense to use system-wide library iff -client is also under /usr/
+try:
+ from common.version import version
+except ImportError, e:
sys.path.insert(1, "/usr/share/fail2ban")
+ from common.version import version
-# Now we can import our modules
-from common.version import version
+# Now we can import the rest of modules
from common.protocol import printFormatted
from client.csocket import CSocket
from client.configurator import Configurator
diff --git a/fail2ban-regex b/fail2ban-regex
index a42ed96..f9bc72c 100755
--- a/fail2ban-regex
+++ b/fail2ban-regex
@@ -26,13 +26,14 @@ import getopt, sys, time, logging, os
# Inserts our own modules path first in the list
# fix for bug #343821
-if os.path.abspath(__file__).startswith('/usr/'):
- # makes sense to use system-wide library iff -regex is also under /usr/
- sys.path.insert(1, "/usr/share/fail2ban")
+try:
+ from common.version import version
+except ImportError, e:
+ sys.path.insert(1, "/usr/share/fail2ban")
+ from common.version import version
from client.configparserinc import SafeConfigParserWithIncludes
from ConfigParser import NoOptionError, NoSectionError, MissingSectionHeaderError
-from common.version import version
from server.filter import Filter
from server.failregex import RegexException
diff --git a/fail2ban-server b/fail2ban-server
index bd86e6c..0f3410c 100755
--- a/fail2ban-server
+++ b/fail2ban-server
@@ -26,11 +26,12 @@ import getopt, sys, logging, os
# Inserts our own modules path first in the list
# fix for bug #343821
-if os.path.abspath(__file__).startswith('/usr/'):
- # makes sense to use system-wide library iff -server is also under /usr/
+try:
+ from common.version import version
+except ImportError, e:
sys.path.insert(1, "/usr/share/fail2ban")
+ from common.version import version
-from common.version import version
from server.server import Server
# Gets the instance of the logger.

@ -1,12 +0,0 @@
diff -up fail2ban-0.8.11/config/fail2ban.conf.log2syslog fail2ban-0.8.11/config/fail2ban.conf
--- fail2ban-0.8.11/config/fail2ban.conf.log2syslog 2013-11-25 18:23:28.627391472 +0100
+++ fail2ban-0.8.11/config/fail2ban.conf 2013-11-25 18:24:57.633978793 +0100
@@ -30,7 +30,7 @@ loglevel = 3
# (e.g. /etc/logrotate.d/fail2ban on Debian systems)
# Values: [ STDOUT | STDERR | SYSLOG | FILE ] Default: STDERR
#
-logtarget = /var/log/fail2ban.log
+logtarget = SYSLOG
# Option: socket
# Notes.: Set the socket file. This is used to communicate with the daemon. Do

@ -0,0 +1,21 @@
commit 1470e3c01d49841335e11ed7ca7898516d1b8be8
Author: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Wed Mar 19 19:09:07 2014 +0000
BF: fail2ban.conf reader expected "int" type for `loglevel`
Closes #657
diff --git a/fail2ban/client/fail2banreader.py b/fail2ban/client/fail2banreader.py
index f17ff92..251c698 100644
--- a/fail2ban/client/fail2banreader.py
+++ b/fail2ban/client/fail2banreader.py
@@ -45,7 +45,7 @@ class Fail2banReader(ConfigReader):
return ConfigReader.getOptions(self, "Definition", opts)
def getOptions(self):
- opts = [["int", "loglevel", "INFO" ],
+ opts = [["string", "loglevel", "INFO" ],
["string", "logtarget", "STDERR"],
["string", "dbfile", "/var/lib/fail2ban/fail2ban.sqlite3"],
["int", "dbpurgeage", 86400]]

@ -1,9 +0,0 @@
/var/log/fail2ban.log {
missingok
notifempty
size 30k
create 0600 root root
postrotate
/usr/bin/fail2ban-client set logtarget SYSLOG 2> /dev/null || true
endscript
}

@ -0,0 +1,20 @@
commit 175c5934620adb600fe4435732a3887855320669
Author: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Wed Mar 19 19:30:48 2014 +0000
TST: Skip badips.py test is no network option set
diff --git a/fail2ban/tests/utils.py b/fail2ban/tests/utils.py
index 456a829..85c1d92 100644
--- a/fail2ban/tests/utils.py
+++ b/fail2ban/tests/utils.py
@@ -209,6 +209,9 @@ def gatherTests(regexps=None, no_network=False):
for file_ in os.listdir(
os.path.abspath(os.path.dirname(action_d.__file__))):
if file_.startswith("test_") and file_.endswith(".py"):
+ if no_network and file_ in ['test_badips.py']: #pragma: no cover
+ # Test required network
+ continue
tests.addTest(testloader.loadTestsFromName(
"%s.%s" % (action_d.__name__, os.path.splitext(file_)[0])))

@ -0,0 +1,23 @@
commit 75325da09091f3ae800a2efbcde1a016617e5f1a
Author: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Wed Mar 19 19:21:23 2014 +0000
TST: Skip SYSLOG log target test if '/dev/log' not present
diff --git a/fail2ban/tests/servertestcase.py b/fail2ban/tests/servertestcase.py
index 231aecd..c4163db 100644
--- a/fail2ban/tests/servertestcase.py
+++ b/fail2ban/tests/servertestcase.py
@@ -678,6 +678,12 @@ class TransmitterLogging(TransmitterBase):
self.setGetTest("logtarget", "STDOUT")
self.setGetTest("logtarget", "STDERR")
+
+ def testLogTargetSYSLOG(self):
+ if not os.path.exists("/dev/log") and sys.version_info >= (2, 7):
+ raise unittest.SkipTest("'/dev/log' not present")
+ elif not os.path.exists("/dev/log"):
+ return
self.setGetTest("logtarget", "SYSLOG")
def testLogLevel(self):

@ -1,18 +0,0 @@
commit f8983872ad4297ddb3017f4818edd08892dd2129
Author: Yaroslav Halchenko <debian@onerussian.com>
Date: Fri Feb 1 16:07:00 2013 -0500
BF: return str(host) to avoid spurious characters in the logs (Close gh-113)
thanks to opoplawski@github
diff --git a/server/failregex.py b/server/failregex.py
index 8ce9597..b194d47 100644
--- a/server/failregex.py
+++ b/server/failregex.py
@@ -130,4 +130,4 @@ class FailRegex(Regex):
s = self._matchCache.string
r = self._matchCache.re
raise RegexException("No 'host' found in '%s' using '%s'" % (s, r))
- return host
+ return str(host)

@ -1,28 +1,53 @@
Summary: Ban IPs that make too many password failures Summary: Daemon to ban hosts that cause multiple authentication errors
Name: fail2ban Name: fail2ban
Version: 0.8.11 Version: 0.9
Release: 2%{?dist} Release: 7%{?dist}
License: GPLv2+ License: GPLv2+
Group: System Environment/Daemons
URL: http://fail2ban.sourceforge.net/ URL: http://fail2ban.sourceforge.net/
Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz
Source1: fail2ban-logrotate # Upstream patch to fix setting loglevel
Patch0: fail2ban-0.8.3-init.patch # https://github.com/fail2ban/fail2ban/issues/657
Patch1: fail2ban-0.8.7.1-sshd.patch Patch0: fail2ban-loglevel.patch
Patch6: fail2ban-log2syslog.patch # Upstream patch to skip tests with no-network
Patch7: 0001-BF-apache-filters-using-error-log-weren-t-matched-wh.patch # https://github.com/fail2ban/fail2ban/issues/110
Patch8: fail2ban-0.8.11-singlejail.patch Patch1: fail2ban-tests-nonet.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root # Upstream patch to skip syslog tests without /dev/log
BuildRequires: python-devel >= 2.3 # https://github.com/fail2ban/fail2ban/issues/110
Patch2: fail2ban-tests-syslog.patch
BuildRequires: python2-devel
# For testcases # For testcases
BuildRequires: python-inotify BuildRequires: python-inotify
BuildArch: noarch BuildArch: noarch
Requires: ed %if 0%{?fedora} >= 19 || 0%{?rhel} >= 7
Requires: iptables
Requires: gamin-python
Requires: python-inotify
%if 0%{?fedora} >= 19
BuildRequires: systemd BuildRequires: systemd
%endif
# Default components
Requires: %{name}-firewalld = %{version}-%{release}
Requires: %{name}-sendmail = %{version}-%{release}
Requires: %{name}-server = %{version}-%{release}
Requires: %{name}-systemd = %{version}-%{release}
%description
Fail2Ban scans log files and bans IP addresses that makes too many password
failures. It updates firewall rules to reject the IP address. These rules can
be defined by the user. Fail2Ban can read multiple log files such as sshd or
Apache web server ones.
Fail2Ban is able to reduce the rate of incorrect authentications attempts
however it cannot eliminate the risk that weak authentication presents.
Configure services to use only two factor or public/private authentication
mechanisms if you really want to protect services.
This is a meta-package that will install the default configuration. Other
sub-packages are available to install support for other actions and
configurations.
%package server
Summary: Core server component for Fail2Ban
%if 0%{?fedora} >= 19 || 0%{?rhel} >= 7
Requires: systemd-python
Requires(post): systemd Requires(post): systemd
Requires(preun): systemd Requires(preun): systemd
Requires(postun): systemd Requires(postun): systemd
@ -32,64 +57,159 @@ Requires(post): /sbin/chkconfig
Requires(preun): /sbin/chkconfig Requires(preun): /sbin/chkconfig
Requires(preun): /sbin/service Requires(preun): /sbin/service
%endif %endif
Requires: ipset
Requires: iptables
%description %description server
Fail2ban scans log files like /var/log/pwdfail or This package contains the core server components for Fail2Ban with minimal
/var/log/apache/error_log and bans IP that makes too many password dependencies. You can install this directly if you want to have a small
failures. It updates firewall rules to reject the IP address. installation and know what you are doing.
%package all
Summary: Install all Fail2Ban packages and dependencies
Requires: %{name}-firewalld = %{version}-%{release}
Requires: %{name}-hostsdeny = %{version}-%{release}
Requires: %{name}-mail = %{version}-%{release}
Requires: %{name}-sendmail = %{version}-%{release}
Requires: %{name}-server = %{version}-%{release}
Requires: %{name}-shorewall = %{version}-%{release}
Requires: %{name}-systemd = %{version}-%{release}
Requires: gamin-python
Requires: perl
Requires: python-inotify
Requires: /usr/bin/whois
%description all
This package installs all of the Fail2Ban packages and dependencies.
%package firewalld
Summary: Firewalld support for Fail2Ban
Requires: %{name}-server = %{version}-%{release}
Requires: firewalld
%description firewalld
This package enables support for manipulating firewalld rules. This is the
default firewall service in Fedora.
%package hostsdeny
Summary: Hostsdeny (tcp_wrappers) support for Fail2Ban
Requires: %{name}-server = %{version}-%{release}
Requires: ed
Requires: tcp_wrappers
%description hostsdeny
This package enables support for manipulating tcp_wrapper's /etc/hosts.deny
files.
%package mail
Summary: Mail actions for Fail2Ban
Requires: %{name}-server = %{version}-%{release}
Requires: mailx
%description mail
This package installs Fail2Ban's mail actions. These are an alternative
to the default sendmail actions.
%package sendmail
Summary: Sendmail actions for Fail2Ban
Requires: %{name}-server = %{version}-%{release}
Requires: /usr/sbin/sendmail
To use the hostsdeny and shorewall actions you must install tcp_wrappers %description sendmail
and shorewall respectively. This package installs Fail2Ban's sendmail actions. This is the default
mail actions for Fail2Ban.
%package shorewall
Summary: Shorewall support for Fail2Ban
Requires: %{name}-server = %{version}-%{release}
Requires: shorewall
%description shorewall
This package enables support for manipulating shoreall rules.
%package systemd
Summary: Systemd journal configuration for Fail2Ban
Requires: %{name}-server = %{version}-%{release}
%description systemd
This package configures Fail2Ban to use the systemd journal for its log input
by default.
%prep %prep
%setup -q %setup -q
%patch0 -p1 -b .init %patch0 -p1 -b .loglevel
%patch1 -p1 -b .sshd %patch1 -p1 -b .tests-nonet
%patch6 -p1 -b .log2syslog %patch2 -p1 -b .tests-syslog
%patch7 -p1 -b .apache-authfix # Use Fedora paths
%patch8 -p1 -b .singlejail sed -i -e 's/^before = paths-.*/before = paths-fedora.conf/' config/jail.conf
# Start after firewalld (https://bugzilla.redhat.com/show_bug.cgi?id=1067147)
sed -i -e '/^After=/s/$/ firewalld.service/' files/fail2ban.service
%build %build
python setup.py build python setup.py build
%install %install
rm -rf %{buildroot}
python setup.py install -O1 --root %{buildroot} python setup.py install -O1 --root %{buildroot}
%if 0%{?fedora} >= 19 %if 0%{?fedora} >= 19 || 0%{?rhel} >= 7
mkdir -p %{buildroot}%{_unitdir} mkdir -p %{buildroot}%{_unitdir}
cp -p files/fail2ban.service %{buildroot}%{_unitdir}/ cp -p files/fail2ban.service %{buildroot}%{_unitdir}/
%else %else
mkdir -p %{buildroot}%{_initddir} mkdir -p %{buildroot}%{_initddir}
install -p -m 755 files/redhat-initd %{buildroot}%{_initddir}/fail2ban install -p -m 755 files/redhat-initd %{buildroot}%{_initddir}/fail2ban
%endif %endif
mkdir -p %{buildroot}%{_mandir}/man1 mkdir -p %{buildroot}%{_mandir}/man{1,5}
install -p -m 644 man/fail2ban*.1 %{buildroot}%{_mandir}/man1 install -p -m 644 man/*.1 %{buildroot}%{_mandir}/man1
install -p -m 644 man/*.5 %{buildroot}%{_mandir}/man5
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
install -p -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/logrotate.d/fail2ban install -p -m 644 files/fail2ban-logrotate %{buildroot}%{_sysconfdir}/logrotate.d/fail2ban
install -d -m 0755 %{buildroot}%{_localstatedir}/run/fail2ban/ install -d -m 0755 %{buildroot}%{_localstatedir}/run/fail2ban/
install -d -m 0755 %{buildroot}%{_localstatedir}/lib/fail2ban/ install -d -m 0755 %{buildroot}%{_localstatedir}/lib/fail2ban/
mkdir -p %{buildroot}%{_sysconfdir}/tmpfiles.d mkdir -p %{buildroot}%{_sysconfdir}/tmpfiles.d
install -p -m 0644 files/fail2ban-tmpfiles.conf %{buildroot}%{_sysconfdir}/tmpfiles.d/fail2ban.conf install -p -m 0644 files/fail2ban-tmpfiles.conf %{buildroot}%{_sysconfdir}/tmpfiles.d/fail2ban.conf
# Remove non-Linux actions
rm %{buildroot}%{_sysconfdir}/%{name}/action.d/*ipfw.conf
rm %{buildroot}%{_sysconfdir}/%{name}/action.d/{ipfilter,pf,ufw}.conf
rm %{buildroot}%{_sysconfdir}/%{name}/action.d/osx-*.conf
# firewalld configuration
cat > %{buildroot}%{_sysconfdir}/%{name}/jail.d/00-firewalld.conf <<EOF
# This file is part of the fail2ban-firewalld package to configure the use of
# the firewalld actions as the default actions. You can remove this package
# (along with the empty fail2ban meta-package) if you do not use firewalld
[DEFAULT]
banaction = firewallcmd-ipset
EOF
# systemd journal configuration
cat > %{buildroot}%{_sysconfdir}/%{name}/jail.d/00-systemd.conf <<EOF
# This file is part of the fail2ban-systemd package to configure the use of
# the systemd journal as the default backend. You can remove this package
# (along with the empty fail2ban meta-package) if you do not want to use the
# journal backend
[DEFAULT]
backend=systemd
EOF
# Remove installed doc, use doc macro instead # Remove installed doc, use doc macro instead
rm -r %{buildroot}%{_docdir}/%{name} rm -r %{buildroot}%{_docdir}/%{name}
# Testcases need network access %check
#%check ./fail2ban-testcases-all --no-network
#./fail2ban-testcases
%clean
rm -rf %{buildroot}
%post %post server
%if 0%{?fedora} >= 19 %if 0%{?fedora} >= 19 || 0%{?rhel} >= 7
%systemd_post fail2ban.service %systemd_post fail2ban.service
%else %else
/sbin/chkconfig --add %{name} /sbin/chkconfig --add %{name}
%endif %endif
%preun %preun server
%if 0%{?fedora} >= 19 %if 0%{?fedora} >= 19 || 0%{?rhel} >= 7
%systemd_preun fail2ban.service %systemd_preun fail2ban.service
%else %else
if [ $1 = 0 ]; then if [ $1 = 0 ]; then
@ -98,54 +218,103 @@ if [ $1 = 0 ]; then
fi fi
%endif %endif
%if 0%{?fedora} >= 19 %if 0%{?fedora} >= 19 || 0%{?rhel} >= 7
%postun %postun server
%systemd_postun_with_restart fail2ban.service %systemd_postun_with_restart fail2ban.service
%endif %endif
%files %files
%defattr(-,root,root,-)
%files server
%doc README.md TODO ChangeLog COPYING doc/*.txt %doc README.md TODO ChangeLog COPYING doc/*.txt
#doc config/fail2ban.conf*
%{_bindir}/fail2ban-server %{_bindir}/fail2ban-server
%{_bindir}/fail2ban-client %{_bindir}/fail2ban-client
%{_bindir}/fail2ban-regex %{_bindir}/fail2ban-regex
%{_datadir}/fail2ban %{_bindir}/fail2ban-testcases
%if 0%{?fedora} >= 19 %{python_sitelib}/*
%if 0%{?fedora} >= 19 || 0%{?rhel} >= 7
%{_unitdir}/fail2ban.service %{_unitdir}/fail2ban.service
%else %else
%{_initddir}/fail2ban %{_initddir}/fail2ban
%endif %endif
%{_mandir}/man1/fail2ban*.1* %{_mandir}/man1/fail2ban*.1*
%dir %{_sysconfdir}/fail2ban %{_mandir}/man5/*.5*
%dir %{_sysconfdir}/fail2ban/action.d %config(noreplace) %{_sysconfdir}/fail2ban
%dir %{_sysconfdir}/fail2ban/filter.d %exclude %{_sysconfdir}/fail2ban/action.d/complain.conf
%config(noreplace) %{_sysconfdir}/fail2ban/fail2ban.conf %exclude %{_sysconfdir}/fail2ban/action.d/hostsdeny.conf
%config(noreplace) %{_sysconfdir}/fail2ban/jail.conf %exclude %{_sysconfdir}/fail2ban/action.d/mail-*.conf
%config(noreplace) %{_sysconfdir}/fail2ban/action.d/*.conf %exclude %{_sysconfdir}/fail2ban/action.d/sendmail-*.conf
%config(noreplace) %{_sysconfdir}/fail2ban/filter.d/*.conf %exclude %{_sysconfdir}/fail2ban/action.d/shorewall.conf
%exclude %{_sysconfdir}/fail2ban/jail.d/*.conf
%config(noreplace) %{_sysconfdir}/logrotate.d/fail2ban %config(noreplace) %{_sysconfdir}/logrotate.d/fail2ban
%dir %{_localstatedir}/run/fail2ban/
%config(noreplace) %{_sysconfdir}/tmpfiles.d/fail2ban.conf %config(noreplace) %{_sysconfdir}/tmpfiles.d/fail2ban.conf
%dir %{_localstatedir}/lib/fail2ban/ %dir %{_localstatedir}/lib/fail2ban/
%dir %{_localstatedir}/run/fail2ban/
%files all
%files firewalld
%config(noreplace) %{_sysconfdir}/fail2ban/jail.d/00-firewalld.conf
%files hostsdeny
%config(noreplace) %{_sysconfdir}/fail2ban/action.d/hostsdeny.conf
%files mail
%config(noreplace) %{_sysconfdir}/fail2ban/action.d/complain.conf
%config(noreplace) %{_sysconfdir}/fail2ban/action.d/mail-*.conf
%files sendmail
%config(noreplace) %{_sysconfdir}/fail2ban/action.d/sendmail-*.conf
%files shorewall
%config(noreplace) %{_sysconfdir}/fail2ban/action.d/shorewall.conf
%files systemd
%config(noreplace) %{_sysconfdir}/fail2ban/jail.d/00-systemd.conf
%changelog %changelog
* Tue Dec 03 2013 Adam Tkac <vonsch@gmail.com> - 0.8.11-2 * Mon Jul 21 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-7
- include post-release patch for apache-auth filter - Use systemd for EL7
- fix firewalld support (#979622, comment 18)
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9-6
* Mon Nov 25 2013 Adam Tkac <vonsch@gmail.com> - 0.8.11-1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
- update to 0.8.11 (#1034355)
- drop part of the fail2ban-0.8.3-init.patch (merged) * Thu Mar 20 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-5
- fail2ban-hostsdeny.patch has been merged - Require mailx for /usr/bin/mail
- fail2ban-mailx.patch has been merged
- fail2ban-notmp.patch has been merged * Thu Mar 20 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-4
- Need empty %%files to produce main and -all package
* Wed Aug 28 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.10-3
- Add upstream patch to fix mailx argument ordering (bug #998020) * Wed Mar 19 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-3
- Split into sub-packages for different components
* Fri Aug 16 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.10-2 - Enable journal filter by default (bug #985567)
- Add upstream patch to fix hostsdeny permission issue - Enable firewalld action by default (bug #1046816)
- Add upstream patch to fix setting loglevel in fail2ban.conf
- Add upstream patches to fix tests in mock, run tests
* Tue Mar 18 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-2
- Use Fedora paths
- Start after firewalld (bug #1067147)
* Mon Mar 17 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-1
- Update to 0.9
* Tue Sep 24 2013 Orion Poplawski <orion@cora.nwra.com> - 0.9-0.3.git1f1a561
- Update to current 0.9 git branch
- Rebase init patch, drop jail.d and notmp patch applied upstream
* Fri Aug 9 2013 Orion Poplawski <orion@cora.nwra.com> - 0.9-0.2.gitd529151
- Ship jail.conf(5) man page
- Ship empty /etc/fail2ban/jail.d directory
* Thu Aug 8 2013 Orion Poplawski <orion@cora.nwra.com> - 0.9-0.1.gitd529151
- Update to 0.9 git branch
- Rebase patches
- Require systemd-python for journal support
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Jun 12 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.10-1 * Wed Jun 12 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.10-1
- Update to 0.8.10 security release - Update to 0.8.10 security release

@ -1 +1 @@
2182a21c7efd885f373ffc941d11914d fail2ban-0.8.11.tar.gz 02de1ff774f3c16d23450a3ad1c43137 fail2ban-0.9.tar.gz

Loading…
Cancel
Save