rpm/fail2ban
SHA256
1
0
Fork 0
forked from pool/fail2ban
Code Pull Requests Activity

Accepting request 175692 from home:weberho:branches:security

Browse Source 
* Upgrade to version 0.8.9

* Init-Script does no longer require $syslog to be started as file-base logging is the default. Synced with Debian script.

OBS-URL: https://build.opensuse.org/request/show/175692
OBS-URL: https://build.opensuse.org/package/show/security/fail2ban?expand=0&rev=29
This commit is contained in:
Johannes Weberhofer 2013-05-15 07:27:16 +00:00 committed by Git OBS Bridge
parent 3394de9dad
commit e9789d8f70
5 changed files with 126 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
fail2ban-0.8.9.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:a3f9e9e45a3f7ef3fd8bd221d04c696b606e762a3bc1232eca94322f71774343
size 159941

112
fail2ban.changes
View File

@ -1,3 +1,115 @@
-------------------------------------------------------------------
Tue May 14 10:06:35 UTC 2013 - jweberhofer@weberhofer.at
- Init-Script does no longer require $syslog to be started as file-base logging
is the default. Synced with Debian script.
- Upgrade to version 0.8.9
- Fixes: Yaroslav Halchenko
* [6f4dad46] python-2.4 is the minimal version.
* [1eb23cf8] do not rely on scripts being under /usr -- might differ e.g.
on Fedora. Closes gh-112. Thanks to Camusensei for the bug report.
* [bf4d4af1] Changes for atomic writes. Thanks to Steven Hiscocks for
insight. Closes gh-103.
* [ab044b75] delay check for the existence of config directory until read.
* [3b4084d4] fixing up for handling of TAI64N timestamps.
* [154aa38e] do not shutdown logging until all jails stop.
* [f2156604] pyinotify -- monitor IN_MOVED_TO events. Closes gh-184.
Thanks to Jon Foster for report and troubleshooting.
Orion Poplawski
* [e4aedfdc00] pyinotify - use bitwise op on masks and do not try tracking
newly created directories.
Nicolas Collignon
* [39667ff6] Avoid leaking file descriptors. Closes gh-167.
Sergey Brester
* [b6bb2f88 and d17b4153] invalid date recognition, irregular because of
sorting template list.
Steven Hiscocks
* [7a442f07] When changing log target with python2.{4,5} handle KeyError.
Closes gh-147, gh-148.
* [b6a68f51] Fix delaction on server side. Closes gh-124.
Daniel Black
* [f0610c01] Allow more that a one word command when changing and Action via
the fail2ban-client. Closes gh-134.
* [945ad3d9] Fix dates on email actions to work in different locals. Closes
gh-70. Thanks to iGeorgeX for the idea.
blotus
* [96eb8986] ' and " should also be escaped in action tags Closes gh-109
Christoph Theis, Nick Hilliard, Daniel Black
* [b3bd877d,cde71080] Make syslog -v and syslog -vv formats work on FreeBSD
- New features:
Yaroslav Halchenko
* [9ba27353] Add support for jail.d/{confilefile} and fail2ban.d/{configfile}
to provide additional flexibility to system adminstrators. Thanks to
beilber for the idea. Closes gh-114.
* [3ce53e87] Add exim filter.
Erwan Ben Souiden
* [d7d5228] add nagios integration documentation and script to ensure
fail2ban is running. Closes gh-166.
Artur Penttinen
* [29d0df5] Add mysqld filter. Closes gh-152.
ArndRaphael Brandes
* [bba3fd8] Add Sogo filter. Closes gh-117.
Michael Gebetsriother
* [f9b78ba] Add action route to block at routing level.
Teodor Micu & Yaroslav Halchenko
* [5f2d383] Add roundcube auth filter. Closes Debian bug #699442.
Daniel Black
* [be06b1b] Add action for iptables-ipsets. Closes gh-102.
Nick Munger, Ken Menzel, Daniel Black, Christoph Theis & Fabian Wenk
* [b6d0e8a] Add and enhance the bsd-ipfw action from
FreeBSD ports.
Soulard Morgan
* [f336d9f] Add filter for webmin. Closes gh-99.
Steven Hiscocks
* [..746c7d9] bash interactive shell completions for fail2ban-*'s
Nick Hilliard
* [0c5a9c5] Add pf action.
- Enhancements:
Enrico Labedzki
* [24a8d07] Added new date format for ASSP SMTP Proxy.
Steven Hiscocks
* [3d6791f] Ensure restart of Actions after a check fails occurs
consistently. Closes gh-172.
* [MANY] Improvements to test cases, travis, and code coverage (coveralls).
* [b36835f] Add get cinfo to fail2ban-client. Closes gh-124.
* [ce3ab34] Added ability to specify PID file.
Orion Poplawski
* [ddebcab] Enhance fail2ban.service definition dependencies and Pidfile.
Closes gh-142.
Yaroslav Halchenko
* [MANY] Lots of improvements to log messages, man pages and test cases.
* [91d5736] Postfix filter improvements - empty helo, from and rcpt to.
Closes gh-126. Bug report by Michael Heuberger.
* [40c5a2d] adding more of diagnostic messages into -client while starting
the daemon.
* [8e63d4c] Compare against None with 'is' instead of '=='.
* [6fef85f] Strip CR and LF while analyzing the log line
Daniel Black
* [3aeb1a9] Add jail.conf manual page. Closes gh-143.
* [MANY] man page edits.
* [7cd6dab] Added help command to fail2ban-client.
* [c8c7b0b,23bbc60] Better logging of log file read errors.
* [3665e6d] Added code coverage to development process.
* [41b9f7b,32d10e9,39750b8] More complete ssh filter rules to match openssh
source. Also include BSD changes.
* [1d9abd1] Action files can have tags in definition that refer to other
tags.
* [10886e7,cec5da2,adb991a] Change actions to response with ICMP port
unreachable rather than just a drop of the packet.
Pascal Borreli
* [a2b29b4] Fixed lots of typos in config files and documentation.
hamilton5
* [7ede1e8] Update dovecot filter config.
Romain Riviere
* [0ac8746] Enhance named-refused filter for views.
James Stout
* [..2143cdf] Solaris support enhancements:
- README.Solaris
- failregex'es tune ups (sshd.conf)
- hostsdeny: do not rely on support of '-i' in sed
-------------------------------------------------------------------
Thu Dec 6 15:32:02 UTC 2012 - jweberhofer@weberhofer.at

8
fail2ban.init
View File

@ -2,10 +2,10 @@
#
### BEGIN INIT INFO
# Provides: fail2ban
# Required-Start: $syslog $remote_fs $local_fs
# Should-Start: $time $network iptables
# Required-Stop: $syslog $remote_fs $local_fs
# Should-Stop: $time $network iptables
# Required-Start: $remote_fs $local_fs
# Should-Start: $syslog $time $network iptables
# Required-Stop: $remote_fs $local_fs
# Should-Stop: $syslog $time $network iptables
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Pidfile: /var/run/fail2ban/fail2ban.pid

11
fail2ban.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package fail2ban
#
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -30,7 +30,7 @@ Requires: python-gamin
%endif
BuildRequires: python-devel
PreReq: %fillup_prereq
Version: 0.8.8
Version: 0.8.9
Release: 0
Url: http://www.fail2ban.org/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -38,7 +38,8 @@ BuildArch: noarch
Summary: Bans IP addresses that make too many authentication failures
License: GPL-2.0+
Group: Productivity/Networking/Security
Source0: https://github.com/downloads/fail2ban/fail2ban/%{name}_%{version}.orig.tar.gz
#URL https://codeload.github.com/fail2ban/fail2ban/tar.gz/0.8.9
Source0: %{name}-%{version}.tar.gz
Source1: %{name}.init
Source2: %{name}.sysconfig
@ -51,6 +52,8 @@ files such as sshd or Apache web server ones.
%prep
%setup
# correct doc-path
sed -i -e 's|/usr/share/doc/fail2ban|%{_docdir}/%{name}|' setup.py
%build
export CFLAGS="$RPM_OPT_FLAGS"
@ -97,6 +100,6 @@ install -m 644 %{SOURCE2} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.%{n
%dir %ghost /var/run/%{name}
/var/adm/fillup-templates/sysconfig.%{name}
%doc %{_mandir}/man1/*
%doc COPYING ChangeLog README TODO files/cacti
%doc COPYING ChangeLog DEVELOP README.md TODO files/cacti
%changelog

3
fail2ban_0.8.8.orig.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:9e2aa437c4ef08bf2453877b3fc175722f263a6175ee25274d46425d510b1291
size 124158