1 |
hwoarang 10/11/05 15:05:51 |
2 |
|
3 |
Modified: fail2ban-logrotate |
4 |
Added: fail2ban-0.8.4-sshd-breakin.patch |
5 |
fail2ban-0.8.4-hashlib.patch |
6 |
Log: |
7 |
Bugfix revision. Fixes bug 260337,283629,301139,315073,343955. Thanks to Robert Trace <bugzilla-gentoo@×××××××××.org>, Harley Peters <harley@×××××××××××××.com> for the patches. |
8 |
|
9 |
(Portage version: 2.2.0_alpha3_p8/cvs/Linux x86_64) |
10 |
|
11 |
Revision Changes Path |
12 |
1.3 net-analyzer/fail2ban/files/fail2ban-logrotate |
13 |
|
14 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/fail2ban/files/fail2ban-logrotate?rev=1.3&view=markup |
15 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/fail2ban/files/fail2ban-logrotate?rev=1.3&content-type=text/plain |
16 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/fail2ban/files/fail2ban-logrotate?r1=1.2&r2=1.3 |
17 |
|
18 |
Index: fail2ban-logrotate |
19 |
=================================================================== |
20 |
RCS file: /var/cvsroot/gentoo-x86/net-analyzer/fail2ban/files/fail2ban-logrotate,v |
21 |
retrieving revision 1.2 |
22 |
retrieving revision 1.3 |
23 |
diff -u -r1.2 -r1.3 |
24 |
--- fail2ban-logrotate 27 Feb 2008 20:34:38 -0000 1.2 |
25 |
+++ fail2ban-logrotate 5 Nov 2010 15:05:51 -0000 1.3 |
26 |
@@ -4,6 +4,6 @@ |
27 |
missingok |
28 |
compress |
29 |
postrotate |
30 |
- /usr/bin/fail2ban-client reload 1>/dev/null || true |
31 |
+ /usr/bin/fail2ban-client set logtarget /var/log/fail2ban.log 1>/dev/null || true |
32 |
endscript |
33 |
} |
34 |
|
35 |
|
36 |
|
37 |
1.1 net-analyzer/fail2ban/files/fail2ban-0.8.4-sshd-breakin.patch |
38 |
|
39 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/fail2ban/files/fail2ban-0.8.4-sshd-breakin.patch?rev=1.1&view=markup |
40 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/fail2ban/files/fail2ban-0.8.4-sshd-breakin.patch?rev=1.1&content-type=text/plain |
41 |
|
42 |
Index: fail2ban-0.8.4-sshd-breakin.patch |
43 |
=================================================================== |
44 |
Index: fail2ban-0.8.4/config/filter.d/sshd.conf |
45 |
=================================================================== |
46 |
--- fail2ban-0.8.4.orig/config/filter.d/sshd.conf |
47 |
+++ fail2ban-0.8.4/config/filter.d/sshd.conf |
48 |
@@ -31,8 +31,8 @@ failregex = ^%(__prefix_line)s(?:error: |
49 |
^%(__prefix_line)sUser \S+ from <HOST> not allowed because not listed in AllowUsers$ |
50 |
^%(__prefix_line)sauthentication failure; logname=\S* uid=\S* euid=\S* tty=\S* ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$ |
51 |
^%(__prefix_line)srefused connect from \S+ \(<HOST>\)\s*$ |
52 |
- ^%(__prefix_line)sAddress <HOST> .* POSSIBLE BREAK-IN ATTEMPT!*\s*$ |
53 |
- ^%(__prefix_line)sUser \S+ from <HOST> not allowed because none of user's groups are listed in AllowGroups$ |
54 |
+ ^%(__prefix_line)sreverse mapping checking getaddrinfo for .* \[<HOST>\] .* POSSIBLE BREAK-IN ATTEMPT\!\s* |
55 |
+ ^%(__prefix_line)sUser \S+ from <HOST> not allowed because none of user's groups are listed in AllowGroups$ |
56 |
|
57 |
# Option: ignoreregex |
58 |
# Notes.: regex to ignore. If this regex matches, the line is ignored. |
59 |
|
60 |
|
61 |
|
62 |
1.1 net-analyzer/fail2ban/files/fail2ban-0.8.4-hashlib.patch |
63 |
|
64 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/fail2ban/files/fail2ban-0.8.4-hashlib.patch?rev=1.1&view=markup |
65 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/fail2ban/files/fail2ban-0.8.4-hashlib.patch?rev=1.1&content-type=text/plain |
66 |
|
67 |
Index: fail2ban-0.8.4-hashlib.patch |
68 |
=================================================================== |
69 |
Index: fail2ban-0.8.4/server/filter.py |
70 |
=================================================================== |
71 |
--- fail2ban-0.8.4.orig/server/filter.py |
72 |
+++ fail2ban-0.8.4/server/filter.py |
73 |
@@ -439,7 +439,7 @@ class FileFilter(Filter): |
74 |
# In order to detect log rotation, the hash (MD5) of the first line of the file |
75 |
# is computed and compared to the previous hash of this line. |
76 |
|
77 |
-import md5 |
78 |
+import hashlib |
79 |
|
80 |
class FileContainer: |
81 |
|
82 |
@@ -454,7 +454,7 @@ class FileContainer: |
83 |
try: |
84 |
firstLine = handler.readline() |
85 |
# Computes the MD5 of the first line. |
86 |
- self.__hash = md5.new(firstLine).digest() |
87 |
+ self.__hash = hashlib.md5(firstLine).digest() |
88 |
# Start at the beginning of file if tail mode is off. |
89 |
if tail: |
90 |
handler.seek(0, 2) |
91 |
@@ -471,7 +471,7 @@ class FileContainer: |
92 |
self.__handler = open(self.__filename) |
93 |
firstLine = self.__handler.readline() |
94 |
# Computes the MD5 of the first line. |
95 |
- myHash = md5.new(firstLine).digest() |
96 |
+ myHash = hashlib.md5(firstLine).digest() |
97 |
stats = os.fstat(self.__handler.fileno()) |
98 |
# Compare hash and inode |
99 |
if self.__hash != myHash or self.__ino != stats.st_ino: |