Permalink
Browse files

fixed Debian bugs 329722, 330311

  • Loading branch information...
yarikoptic committed Sep 27, 2005
1 parent 207b3f7 commit 802dbea0365b025706ef89b325068967c3c6d513
Showing with 35 additions and 11 deletions.
  1. +8 −6 config/fail2ban.conf.default
  2. +19 −3 debian/README.Debian
  3. +6 −1 debian/changelog
  4. +2 −1 fail2ban.py
@@ -109,27 +109,29 @@ port = 25
# Notes.: e-mail address of the sender.
# Values: MAIL Default: fail2ban
#
-from = fail2ban
+from = fail2ban@localhost
# Option: to
# Notes.: e-mail addresses of the receiver. Addresses are space
# separated.
# Values: MAIL Default: root
#
-to = root
+to = root@localhost
# Option: subject
# Notes.: subject of the e-mail.
-# Tags: <ip> IP address
+# Tags: <section> active section (eg ssh, apache, etc)
+# <ip> IP address
# <failures> number of failures
# <failtime> unix timestamp of the last failure
-# Values: TEXT Default: [Fail2Ban] Banned <ip>
+# Values: TEXT Default: [Fail2Ban:<section>] Banned <ip>
#
-subject = [Fail2Ban] Banned <ip>
+subject = [Fail2Ban:<section>] Banned <ip>
# Option: message
# Notes.: message of the e-mail.
-# Tags: <ip> IP address
+# Tags: <section> active section (eg ssh, apache, etc)
+# <ip> IP address
# <failures> number of failures
# <failtime> unix timestamp of the last failure
# <br> new line
View
@@ -10,18 +10,34 @@ Currently the main difference with upstream: python libraries are
placed under /usr/share/fail2ban insteadh of /usr/lib/fail2ban to
comply with policy regarding architecture independent resources.
+Default behavior:
+-----------------
+
Only handling of ssh files is enabled by default. If you want to use
fail2ban with apache, please enable apache section manually in
/etc/fail2ban.conf.
+Troubleshooting:
+---------------
+
+Broken chain:
+
Currently no checks if an iptables queue generated at the beginning
(fail2ban-http and fail2ban-ssh) exists. So if your firewall resets the iptable
rules -- it is your responsibility to restart fail2ban. Also you can
augment fwban and fwunban rules and include as first lines full
definitions of fwstart. That is nasty solution and probably it will get
resolved in the future.
-See TODO.Debian for more details, as well as the Debian Bug
-Tracking system.
+Mailing:
+
+As it was reported (bug #329722) you might need to provide a full
+e-mail address in fail2ban.conf option MAIL:from to make your mail
+server accept that email. I've added @localhost to both MAIL:from and
+MAIL:to in the default configuration shipped with Debian. It seems to
+work nicely now
+
+See TODO.Debian for more details, as well as the Debian Bug Tracking
+system.
- -- Yaroslav O. Halchenko <debian@onerussian.com>, Fri Sep 9 14:55:29 2005
+ -- Yaroslav O. Halchenko <debian@onerussian.com>, Tue Sep 27 11:36:41 2005
View
@@ -4,8 +4,13 @@ fail2ban (0.5.4-2) unstable; urgency=low
problems finding iptables in the cases when PATH was not exported outside
(cfengine, broken shell environment) (closes: #329304)
* Removed -b from start-stop-daemon because fail2ban detahes on its own
+ * Added @localhost to MAIL:from and MAIL:to in fail2ban.conf and placed
+ a note to README.Debian regarding necessity to specify full email
+ address in MAIL:from (closes: #329722)
+ * Added a keyword <section> in parsing of the subject and the body of an
+ email sent out by fail2ban (closes: #330311)
- -- Yaroslav Halchenko <debian@onerussian.com> Wed, 21 Sep 2005 08:09:06 -0400
+ -- Yaroslav Halchenko <debian@onerussian.com> Wed, 27 Sep 2005 08:09:06 -0400
fail2ban (0.5.4-1) unstable; urgency=low
View
@@ -429,7 +429,8 @@ def main():
if failTime < unixTime - findTime:
del element[3][attempt]
elif fails[attempt][0] >= element[1].getMaxRetry():
- aInfo = {"ip": attempt,
+ aInfo = {"section": element[0],
+ "ip": attempt,
"failures": element[3][attempt][0],
"failtime": failTime}
logSys.info(element[0] + ": " + aInfo["ip"] +

0 comments on commit 802dbea

Please sign in to comment.