stable

fail2ban-0.9.6-2.fc25

FEDORA-2017-bb1e01ca29 created by orion 8 years ago for Fedora 25

Fix fail2ban-regex with journal broken in 0.9.6-1.


Update to 0.9.6:

  • Misleading add resp. enable of (already available) jail in database, that induced a subsequent error: last position of log file will be never retrieved (gh-795)
  • Fixed a distribution related bug within testReadStockJailConfForceEnabled (e.g. test-cases faults on Fedora, see gh-1353)
  • Fixed pythonic filters and test scripts (running via wrong python version, uses "fail2ban-python" now);
  • Fixed test case "testSetupInstallRoot" for not default python version (also using direct call, out of virtualenv);
  • Fixed ambiguous wrong recognized date pattern resp. its optional parts (see gh-1512);
  • FIPS compliant, use sha1 instead of md5 if it not allowed (see gh-1540)
  • Monit config: scripting is not supported in path (gh-1556)
  • filter.d/apache-modsecurity.conf
    • Fixed for newer version (one space, gh-1626), optimized: non-greedy catch-all replaced for safer match, unneeded catch-all anchoring removed, non-capturing
  • filter.d/asterisk.conf
    • Fixed to match different asterisk log prefix (source file: method:)
  • filter.d/dovecot.conf
    • Fixed failregex ignores failures through some not relevant info (gh-1623)
  • filter.d/ignorecommands/apache-fakegooglebot
    • Fixed error within apache-fakegooglebot, that will be called with wrong python version (gh-1506)
  • filter.d/assp.conf
    • Extended failregex and test cases to handle ASSP V1 and V2 (gh-1494)
  • filter.d/postfix-sasl.conf
    • Allow for having no trailing space after 'failed:' (gh-1497)
  • filter.d/vsftpd.conf
    • Optional reason part in message after FAIL LOGIN (gh-1543)
  • filter.d/sendmail-reject.conf
    • removed mandatory double space (if dns-host available, gh-1579)
  • filter.d/sshd.conf

    • recognized "Failed publickey for" (gh-1477);
    • optimized failregex to match all of "Failed any-method for ... from <HOST>" (gh-1479)
    • eliminated possible complex injections (on user-name resp. auth-info, see gh-1479)
    • optional port part after host (see gh-1533, gh-1581)
  • New Actions:

    • action.d/npf.conf for NPF, the latest packet filter for NetBSD
  • New Filters:

    • filter.d/mongodb-auth.conf for MongoDB (document-oriented NoSQL database engine) (gh-1586, gh-1606 and gh-1607)
  • DateTemplate regexp extended with the word-end boundary, additionally to word-start boundary

  • Introduces new command "fail2ban-python", as automatically created symlink to python executable, where fail2ban currently installed (resp. its modules are located):
    • allows to use the same version, fail2ban currently running, e.g. in external scripts just via replace python with fail2ban-python: diff -#!/usr/bin/env python +#!/usr/bin/env fail2ban-python
    • always the same pickle protocol
    • the same (and also guaranteed available) fail2ban modules
    • simplified stand-alone install, resp. stand-alone installation possibility via setup (like gh-1487) is getting closer
  • Several test cases rewritten using new methods assertIn, assertNotIn
  • New forward compatibility method assertRaisesRegexp (normally python >= 2.7). Methods assertIn, assertNotIn, assertRaisesRegexp, assertLogged, assertNotLogged are test covered now
  • Jail configuration extended with new syntax to pass options to the backend (see gh-1408), examples:
    • backend = systemd[journalpath=/run/log/journal/machine-1]
    • backend = systemd[journalfiles="/run/log/journal/machine-1/system.journal, /run/log/journal/machine-1/user.journal"]
    • backend = systemd[journalflags=2]

Fix sendmail-auth filter (bug #1329919)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2017-bb1e01ca29

This update has been submitted for testing by orion.

8 years ago

This update has obsoleted fail2ban-0.9.6-1.fc25, and has inherited its bugs and notes.

8 years ago
User Icon dsrebnick commented & provided feedback 8 years ago

Still breaks fail2ban-regex

fail2ban-regex "systemd-journal" /etc/fail2ban/filter.d/sshd.conf

Running tests

Use failregex filter file : sshd, basedir: /etc/fail2ban Use maxlines : 10 Use journal match : _SYSTEMD_UNIT=sshd.service + _COMM=sshd

Traceback (most recent call last): File "/usr/bin/fail2ban-regex", line 34, in <module> exec_command_line() File "/usr/lib/python3.5/site-packages/fail2ban/client/fail2banregex.py", line 599, in exec_command_line if not fail2banRegex.start(opts, args): File "/usr/lib/python3.5/site-packages/fail2ban/client/fail2banregex.py", line 538, in start self.process(test_lines) File "/usr/lib/python3.5/site-packages/fail2ban/client/fail2banregex.py", line 370, in process for line_no, line in enumerate(test_lines): File "/usr/lib/python3.5/site-packages/fail2ban/client/fail2banregex.py", line 93, in journal_lines_gen yield FilterSystemd.formatJournalEntry(entry) TypeError: formatJournalEntry() missing 1 required positional argument: 'logentry'

This update has been pushed to testing.

8 years ago
User Icon dsrebnick commented & provided feedback 8 years ago
karma

Please disregard above comment, apparently I was still on 0.9.6-1. Re ran fail2ban-regex test for sendmail-auth.conf and sshd.conf with success..

BZ#1329919 sendmail-auth.conf filter never matchs on failregex condition
User Icon filiperosset commented & provided feedback 8 years ago
karma

no regressions noted

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

8 years ago

This update has been submitted for stable by orion.

8 years ago

This update has been pushed to stable.

8 years ago

Please login to add feedback.

Metadata
Type
bugfix
Karma
2
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
8 years ago
in testing
8 years ago
in stable
8 years ago
BZ#1329919 sendmail-auth.conf filter never matchs on failregex condition
0
1

Automated Test Results