- update to 0.8.13:

+ Fixes: - action firewallcmd-ipset had non-working actioncheck. Removed. redhat bug #1046816. - filter pureftpd - added _daemon which got removed. Added + New Features: - filter nagios - detects unauthorized access to the nrpe daemon (Ivo Truxa) - filter sendmail-{auth,reject} (jserrachinha and cepheid666 and fab23). + Enhancements: - filter asterisk now supports syslog format - filter pureftpd - added all translations of "Authentication failed for user" - filter dovecot - lip= was optional and extended TLS errors can occur. Thanks Noel Butler. - removed fix-for-upstream-firewallcmd-ipset.conf.patch : fixed upstream - split out nagios-plugins-fail2ban package OBS-URL: https://build.opensuse.org/package/show/security/fail2ban?expand=0&rev=46
2014-06-25 15:39:26 +00:00 · 2014-06-25 15:39:26 +00:00 · 3030fbe27f
commit 3030fbe27f
parent 833b3f3a02
5 changed files with 52 additions and 31 deletions
--- a/fail2ban-0.8.12.tar.bz2
+++ b/fail2ban-0.8.12.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:2cdd7cbbf8b770715ce0068aec9dd8857388cd4d690fd5211907d7f2f3bdcde4
-size 169644
--- a/fail2ban-0.8.13.tar.bz2
+++ b/fail2ban-0.8.13.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f709a6a180553bbb20b7c27d686703d930d50ea99aeed47e70df427b6de494d3
+size 188068
--- a/fail2ban.changes
+++ b/fail2ban.changes
@ -1,3 +1,26 @@
+-------------------------------------------------------------------
+Wed Jun 25 15:13:37 UTC 2014 - lars@linux-schulserver.de
+
+- update to 0.8.13:
+  + Fixes:
+  - action firewallcmd-ipset had non-working actioncheck. Removed.
+    redhat bug #1046816.
+  - filter pureftpd - added _daemon which got removed. Added
+
+  + New Features:
+  - filter nagios - detects unauthorized access to the nrpe daemon (Ivo Truxa)
+  - filter sendmail-{auth,reject} (jserrachinha and cepheid666 and fab23).
+
+  + Enhancements:
+  - filter asterisk now supports syslog format
+  - filter pureftpd - added all translations of "Authentication failed for
+    user"
+  - filter dovecot - lip= was optional and extended TLS errors can occur.
+    Thanks Noel Butler.
+- removed fix-for-upstream-firewallcmd-ipset.conf.patch : fixed 
+  upstream
+- split out nagios-plugins-fail2ban package
+
 -------------------------------------------------------------------
 Tue Feb 18 00:03:12 UTC 2014 - jengelh@inai.de

--- a/fail2ban.spec
+++ b/fail2ban.spec
@ -17,7 +17,7 @@


 Name:           fail2ban
-Version:        0.8.12
+Version:        0.8.13
 Release:        0
 Url:            http://www.fail2ban.org/
 Summary:        Bans IP addresses that make too many authentication failures
@ -36,8 +36,6 @@ Source4:        %{name}.service
 Source5:        %{name}.tmpfiles
 Source6:        sfw-fail2ban.conf
 Source7:        f2b-restart.conf
-# PATCH-FIX-UPSTREAM fix-for-upstream-firewallcmd-ipset.conf.patch rh#1046816
-Patch0:         fix-for-upstream-firewallcmd-ipset.conf.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildArch:      noarch
 %if 0%{?suse_version} >= 1230
@ -65,7 +63,7 @@ These rules can be defined by the user. Fail2Ban can read multiple log
 files such as sshd or Apache web server ones.

 %package -n SuSEfirewall2-fail2ban
-Summary:        systemd files for integrating fail2ban into SuSEfirewall2
+Summary:        Files for integrating fail2ban into SuSEfirewall2 via systemd
 Group:          Productivity/Networking/Security
 BuildArch:      noarch
 Requires:       SuSEfirewall2
@ -76,9 +74,24 @@ This package ships systemd files which will cause fail2ban to be ordered
 in relation to SuSEfirewall2 such that the two can be run concurrently
 within reason, i.e. SFW will always run first because it does a table flush.

+%package -n nagios-plugins-fail2ban
+Summary:        Check fail2ban server and how many IPs are currently banned
+Group:          System/Monitoring
+%define         nagios_plugindir %{_prefix}/lib/nagios/plugins
+
+%description -n nagios-plugins-fail2ban
+This plugin checks if the fail2ban server is running and how many IPs are
+currently banned.  You can use this plugin to monitor all the jails or just a
+specific jail.
+
+How to use
+----------
+Just have to run the following command:
+  $ ./check_fail2ban --help
+
+
 %prep
 %setup
-%patch0 -p1
 # correct doc-path
 sed -i -e 's|/usr/share/doc/fail2ban|%{_docdir}/%{name}|' setup.py

@ -120,6 +133,7 @@ install -Dm0644 "%_sourcedir/sfw-fail2ban.conf" \
 install -Dm0644 "%_sourcedir/f2b-restart.conf" \
 	"%buildroot/%_unitdir/fail2ban.service.d/SuSEfirewall2.conf"
 %endif
+install -Dm755 files/nagios/check_fail2ban %{buildroot}/%{nagios_plugindir}/check_fail2ban

 %pre
 %if 0%{?suse_version} >= 1230
@ -186,4 +200,11 @@ systemd-tmpfiles --create /usr/lib/tmpfiles.d/%{name}.conf
 %_unitdir/fail2ban.service.d
 %endif

+%files -n nagios-plugins-fail2ban
+%defattr(-,root,root)
+%doc files/nagios/README COPYING
+%dir %{_prefix}/lib/nagios
+%dir %{nagios_plugindir}
+%{nagios_plugindir}/check_fail2ban
+
 %changelog
--- a/fix-for-upstream-firewallcmd-ipset.conf.patch
+++ b/fix-for-upstream-firewallcmd-ipset.conf.patch
@ -1,23 +0,0 @@
-diff -ur fail2ban-0.8.12.orig/config/action.d/firewallcmd-ipset.conf fail2ban-0.8.12/config/action.d/firewallcmd-ipset.conf
--- fail2ban-0.8.12.orig/config/action.d/firewallcmd-ipset.conf	2014-01-16 09:20:14.000000000 +0100
-+++ fail2ban-0.8.12/config/action.d/firewallcmd-ipset.conf	2014-01-23 22:43:53.115263616 +0100
-@@ -25,8 +25,6 @@
-              ipset flush fail2ban-<name>
-              ipset destroy fail2ban-<name>
- 
-actioncheck = firewall-cmd --direct --get-chains ipv4 filter | grep -q '^fail2ban-<name>$'
-
- actionban = ipset add fail2ban-<name> <ip> timeout <bantime> -exist
- 
- actionunban = ipset del fail2ban-<name> <ip> -exist
-diff -ur fail2ban-0.8.12.orig/THANKS fail2ban-0.8.12/THANKS
--- fail2ban-0.8.12.orig/THANKS	2014-01-21 21:59:49.000000000 +0100
-+++ fail2ban-0.8.12/THANKS	2014-01-23 22:43:53.115263616 +0100
-@@ -30,6 +30,7 @@
- Daniel B.
- Daniel Black
- David Nutter
-+Derek Atkins
- Eric Gerbier
- Enrico Labedzki
- ftoppi