rpm/fail2ban
SHA256
1
0
Fork 0
forked from pool/fail2ban
Code Pull Requests Activity

Accepting request 807912 from home:polslinux:branches:security

Browse Source 
- Update to 0.11.1:
  * Increment ban time (+ observer) functionality introduced.
  * Database functionality extended with bad ips.
  * New tags (usable in actions):
    - `<bancount>` - ban count of this offender if known as bad
      (started by 1 for unknown)
    - `<bantime>` - current ban-time of the ticket
      (prolongation can be retarded up to 10 sec.)
  * Introduced new action command `actionprolong` to prolong ban-time
    (e. g. set new timeout if expected);
  * algorithm of restore current bans after restart changed:
    update the restored ban-time (and therefore 
    end of ban) of the ticket with ban-time of jail (as maximum),
    for all tickets with ban-time greater (or persistent)
  * added new setup-option `--without-tests` to skip building
    and installing of tests files (gh-2287).
  * added new command `fail2ban-client get <JAIL> banip ?sep-char|--with-time?`
    to get the banned ip addresses (gh-1916).
  * purge database will be executed now (within observer).
   restoring currently banned ip after service restart fixed
    (now < timeofban + bantime), ignore old log failures (already banned)
  * upgrade database: update new created table `bips` with entries
    from table `bans` (allows restore current bans after
    upgrade from version <= 0.10)

OBS-URL: https://build.opensuse.org/request/show/807912
OBS-URL: https://build.opensuse.org/package/show/security/fail2ban?expand=0&rev=100
This commit is contained in:
Johannes Weberhofer 2020-05-21 17:06:35 +00:00 committed by Git OBS Bridge
parent d7376219ea
commit 0b091513f7
7 changed files with 52 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
fail2ban-0.10.4.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d6ca1bbc7e7944f7acb2ba7c1065953cd9837680bc4d175f30ed155c6a372449
size 493064

11
fail2ban-0.10.4.tar.gz.asc
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEhzhVnib2cd+eLG2eaDvxvr0KiCwFAlu15V0ACgkQaDvxvr0K
iCwh/gf+ITCZism2CR8z/G1tFNxIsvlGMvNKUEflbdoap+WzFQSiwSbY1YzAg5+j
ZfcCsVPF/1Rob6TomVTQPM39lKNwD135KfsqwG/YoAKHc+2fYQVLKycIgfxyvf2C
Z4UQQ8Ko++oBc2Iun8Gh9x3F1RNcH1hrhtDr1WxtpY9JJzy7QlEWuXbn3q/bHT6T
NQgxsZ74F7b3KCZcduGy17h5c0hWarSAZ1f8W7YWRNJuC7Bw4r1esQQIt0+IYn/d
f9islqxN01Baq6gWNYllqq4kkQCT/KxfzVsAO1RfHt0mIGcpaCkprgwUDyUhjdvP
3Cv2NtggXIOjVNLXOi0seDXhneFtAA==
=2jk9
-----END PGP SIGNATURE-----

3
fail2ban-0.11.1.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:71d2a52b66bb0f87ac3812246bdd3819ec561913cd44afd39130a342f043aa6d
size 538660

11
fail2ban-0.11.1.tar.gz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEhzhVnib2cd+eLG2eaDvxvr0KiCwFAl4Z0VwACgkQaDvxvr0K
iCwvyQf/WMmE8sJLQYA/mfKkVIRA/2GAsvq44hQD+/DghIU/My5RKfWtjSZO+/II
Tg31w63CQ619PLtf/IKLa2CpckKs5v1IIB6nunjU4Q/jKjruA6kOALAgwMlA0Ymf
HnaFIW4AheXk+DGErLOPwPHWtk2skZI9hAjzuqYc6Ig4Z30dSqmBgxb7UmVRxjba
J8n5DWA2W4VAAb9gBiL6RsBVBPRNPZhiw1Y+ejUWzqD3mqnc0tgJnVfpb5GvG+Xc
4kUEiZb822Phw/vwyBycAhYthNAcVEWI5BIoEFbkYmCe7z7TWsQGLpuJNIT2heSC
mzGOdU0MCwxNCy9/RGSAdctlAi+cFg==
=6cDo
-----END PGP SIGNATURE-----

16
fail2ban-opensuse-service.patch
View File

@ -1,21 +1,23 @@
diff -ur fail2ban-0.10.4-orig/files/fail2ban.service.in fail2ban-0.10.4/files/fail2ban.service.in --- a/files/fail2ban.service.in 2020-01-11 11:01:00.000000000 +0100
--- fail2ban-0.10.4-orig/files/fail2ban.service.in 2018-10-04 11:26:22.000000000 +0200 +++ b/files/fail2ban.service.in 2020-05-21 09:48:12.049645909 +0200
+++ fail2ban-0.10.4/files/fail2ban.service.in 2019-08-12 11:17:34.929129813 +0200 @@ -6,13 +6,14 @@
@@ -6,12 +6,13 @@
[Service] [Service]
Type=simple Type=simple
+EnvironmentFile=-/etc/sysconfig/fail2ban -ExecStartPre=/bin/mkdir -p /run/fail2ban
ExecStartPre=/bin/mkdir -p /var/run/fail2ban
-ExecStart=@BINDIR@/fail2ban-server -xf start -ExecStart=@BINDIR@/fail2ban-server -xf start
+EnvironmentFile=-/etc/sysconfig/fail2ban
+ExecStartPre=/bin/mkdir -p /var/run/fail2ban
+ExecStart=/usr/bin/fail2ban-server -xf $FAIL2BAN_OPTIONS start +ExecStart=/usr/bin/fail2ban-server -xf $FAIL2BAN_OPTIONS start
# if should be logged in systemd journal, use following line or set logtarget to sysout in fail2ban.local # if should be logged in systemd journal, use following line or set logtarget to sysout in fail2ban.local
-# ExecStart=@BINDIR@/fail2ban-server -xf --logtarget=sysout start -# ExecStart=@BINDIR@/fail2ban-server -xf --logtarget=sysout start
-ExecStop=@BINDIR@/fail2ban-client stop -ExecStop=@BINDIR@/fail2ban-client stop
-ExecReload=@BINDIR@/fail2ban-client reload -ExecReload=@BINDIR@/fail2ban-client reload
-PIDFile=/run/fail2ban/fail2ban.pid
+# ExecStart=/usr/bin/fail2ban-server -xf --logtarget=sysout start +# ExecStart=/usr/bin/fail2ban-server -xf --logtarget=sysout start
+ExecStop=/usr/bin/fail2ban-client stop +ExecStop=/usr/bin/fail2ban-client stop
+ExecReload=/usr/bin/fail2ban-client reload +ExecReload=/usr/bin/fail2ban-client reload
PIDFile=/var/run/fail2ban/fail2ban.pid +PIDFile=/var/run/fail2ban/fail2ban.pid
Restart=on-failure Restart=on-failure
RestartPreventExitStatus=0 255 RestartPreventExitStatus=0 255

28
fail2ban.changes
View File

@ -1,3 +1,31 @@
-------------------------------------------------------------------
Thu May 21 07:49:38 UTC 2020 - Paolo Stivanin <info@paolostivanin.com>
- Update to 0.11.1:
* Increment ban time (+ observer) functionality introduced.
* Database functionality extended with bad ips.
* New tags (usable in actions):
- `<bancount>` - ban count of this offender if known as bad
(started by 1 for unknown)
- `<bantime>` - current ban-time of the ticket
(prolongation can be retarded up to 10 sec.)
* Introduced new action command `actionprolong` to prolong ban-time
(e. g. set new timeout if expected);
* algorithm of restore current bans after restart changed:
update the restored ban-time (and therefore
end of ban) of the ticket with ban-time of jail (as maximum),
for all tickets with ban-time greater (or persistent)
* added new setup-option `--without-tests` to skip building
and installing of tests files (gh-2287).
* added new command `fail2ban-client get <JAIL> banip ?sep-char|--with-time?`
to get the banned ip addresses (gh-1916).
* purge database will be executed now (within observer).
restoring currently banned ip after service restart fixed
(now < timeofban + bantime), ignore old log failures (already banned)
* upgrade database: update new created table `bips` with entries
from table `bans` (allows restore current bans after
upgrade from version <= 0.10)
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Jan 9 14:06:14 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org> Thu Jan 9 14:06:14 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org>

2
fail2ban.spec
View File

@ -22,7 +22,7 @@
%define _fillupdir %{_localstatedir}/adm/fillup-templates %define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif %endif
Name: fail2ban Name: fail2ban
Version: 0.10.4 Version: 0.11.1
Release: 0 Release: 0
Summary: Bans IP addresses that make too many authentication failures Summary: Bans IP addresses that make too many authentication failures
License: GPL-2.0-or-later License: GPL-2.0-or-later