FS#42374 - [fail2ban] Recidive Jail does not work
Attached to Project:
Community Packages
Opened by Stefan Tatschner (rumpelsepp) - Tuesday, 14 October 2014, 09:40 GMT
Last edited by Bartłomiej Piotrowski (Barthalion) - Friday, 07 November 2014, 12:35 GMT
Opened by Stefan Tatschner (rumpelsepp) - Tuesday, 14 October 2014, 09:40 GMT
Last edited by Bartłomiej Piotrowski (Barthalion) - Friday, 07 November 2014, 12:35 GMT
|
Details
The recidive jail in fail2ban does not work because of a
wrong failregex [1]. This problem is fixed in the git
version [2]. Changing the wrong keyword WARNING to NOTICE
did the trick. I have attached a patch.
Example Log: 2014-10-14 11:07:39,107 fail2ban.server.filter[10651]: INFO [sshd] Found XXX.XXX.XXX.XXX 2014-10-14 11:14:11,931 fail2ban.server.filter[10651]: INFO [sshd] Found XXX.XXX.XXX.XXX 2014-10-14 11:14:13,648 fail2ban.server.filter[10651]: INFO [sshd] Found XXX.XXX.XXX.XXX 2014-10-14 11:14:15,972 fail2ban.server.filter[10651]: INFO [sshd] Found XXX.XXX.XXX.XXX 2014-10-14 11:14:23,401 fail2ban.server.filter[10651]: INFO [sshd] Found XXX.XXX.XXX.XXX 2014-10-14 11:14:26,097 fail2ban.server.filter[10651]: INFO [sshd] Found XXX.XXX.XXX.XXX 2014-10-14 11:14:26,660 fail2ban.server.actions[10651]: NOTICE [sshd] Ban XXX.XXX.XXX.XXX 2014-10-14 11:14:26,664 fail2ban.server.filter[10651]: INFO [recidive] Found XXX.XXX.XXX.XXX [1]: https://github.com/fail2ban/fail2ban/blob/c7f4c48090b8a209fd319a97470cbfbc4b6d73df/config/filter.d/recidive.conf#L30 [2]: https://github.com/fail2ban/fail2ban/blob/master/config/filter.d/recidive.conf#L30 
0001-Fixed-wrong-failregex-in...
(0.9 KiB)
|
This task depends upon
Closed by Bartłomiej Piotrowski (Barthalion)
Friday, 07 November 2014, 12:35 GMT
Reason for closing: Fixed
Additional comments about closing: failban 0.9.1-1
Friday, 07 November 2014, 12:35 GMT
Reason for closing: Fixed
Additional comments about closing: failban 0.9.1-1
Comment by Doug Newgard (Scimmia) -
Tuesday, 14 October 2014, 15:53 GMT
- Field changed: Status (Unconfirmed → Assigned)
- Task assigned to Bartłomiej Piotrowski (Barthalion)
Orphan, assigning to last packager.
Comment by
Stefan Tatschner (rumpelsepp) -
Wednesday, 29 October 2014, 14:30 GMT
This could be closed due to fail2ban 0.9.1.