Your message dated Fri, 08 Dec 2006 02:47:02 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#398739: fixed in fail2ban 0.7.5-1 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: fail2ban Version: 0.7.4-3 Severity: normal I use the attached action configuration file as replacement for the standard iptables action because I need to insert the fail2ban rules into another chain, not INPUT. I also need to execute additional commands after actionstart and before actionend, and I want to be able to control fwchain and the two command sets from the jail.local sections. So my jail.local file is (line breaks for readability): [DEFAULT] action = iptables[name=%(__name__)s, port=%(port)s, fwchain=%(fwchain)s, post_start_commands=%(post_start_commands)s, pre_end_commands=%(pre_end_commands)s] [ssh] fwchain = ssh-tarpit post_start_commands = iptables -I <fwchain> -j ssh-whitelist pre_end_commands = iptables -D <fwchain> -j ssh-whitelist For the services that I do not list (and which are not enabled), I expect the [DEFAULTS] defined in the action configuration to be used. This does not appear to be the case though: lapse:~# /etc/init.d/fail2ban start Starting authentication failure monitor: fail2banTraceback (most recent call last): File "/usr/bin/fail2ban-client", line 338, in ? if client.start(sys.argv): File "/usr/bin/fail2ban-client", line 316, in start return self.__processCommand(args) File "/usr/bin/fail2ban-client", line 185, in __processCommand self.__readConfig() File "/usr/bin/fail2ban-client", line 321, in __readConfig self.__configurator.getAllOptions() File "/usr/share/fail2ban/client/configurator.py", line 63, in getAllOptions self.__jails.getOptions() File "/usr/share/fail2ban/client/jailsreader.py", line 50, in getOptions ret = jail.getOptions() File "/usr/share/fail2ban/client/jailreader.py", line 68, in getOptions self.__opts = ConfigReader.getOptions(self, self.__name, opts) File "/usr/share/fail2ban/client/configreader.py", line 81, in getOptions v = self.get(sec, option[1]) File "/usr/lib/python2.4/ConfigParser.py", line 525, in get return self._interpolate(section, option, value, d) File "/usr/lib/python2.4/ConfigParser.py", line 593, in _interpolate self._interpolate_some(option, L, rawval, section, vars, 1) File "/usr/lib/python2.4/ConfigParser.py", line 624, in _interpolate_some raise InterpolationMissingOptionError( ConfigParser.InterpolationMissingOptionError: Bad value substitution: section: [apache-noscript] option : action key : fwchain rawval : , post_start_commands=%(post_start_commands)s, pre_end_commands=%(pre_end_commands)s] . -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (750, 'unstable'), (500, 'testing'), (250, 'stable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/dash Kernel: Linux 2.6.18-2-686 Locale: LANG=en_GB, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Versions of packages fail2ban depends on: ii iptables 1.3.6.0debian1-3 administration tools for packet fi ii lsb-base 3.1-19 Linux Standard Base 3.1 init scrip ii python 2.4.4-1 An interactive high-level object-o ii python-central 0.5.10 register and build utility for Pyt ii python2.4 2.4.4-1 An interactive high-level object-o fail2ban recommends no packages. -- no debconf information -- .''`. martin f. krafft <[EMAIL PROTECTED]> : :' : proud Debian developer, author, administrator, and user `. `'` http://people.debian.org/~madduck - http://debiansystem.info `- Debian - when you have better things to do than fixing systems
signature.asc
Description: Digital signature (GPG/PGP)
--- End Message ---
--- Begin Message ---Source: fail2ban Source-Version: 0.7.5-1 We believe that the bug you reported is fixed in the latest version of fail2ban, which is due to be installed in the Debian FTP archive: fail2ban_0.7.5-1.diff.gz to pool/main/f/fail2ban/fail2ban_0.7.5-1.diff.gz fail2ban_0.7.5-1.dsc to pool/main/f/fail2ban/fail2ban_0.7.5-1.dsc fail2ban_0.7.5-1_all.deb to pool/main/f/fail2ban/fail2ban_0.7.5-1_all.deb fail2ban_0.7.5.orig.tar.gz to pool/main/f/fail2ban/fail2ban_0.7.5.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Yaroslav Halchenko <[EMAIL PROTECTED]> (supplier of updated fail2ban package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Thu, 7 Dec 2006 20:19:09 -0500 Source: fail2ban Binary: fail2ban Architecture: source all Version: 0.7.5-1 Distribution: unstable Urgency: low Maintainer: Yaroslav Halchenko <[EMAIL PROTECTED]> Changed-By: Yaroslav Halchenko <[EMAIL PROTECTED]> Description: fail2ban - bans IPs that cause multiple authentication errors Closes: 377711 396668 398739 400162 400278 Changes: fail2ban (0.7.5-1) unstable; urgency=low . * New upstream release which fixes next issues + Socket parameter not work with other path (Closes: #400162) + fail2ban does not start with /etc/init.d/fail2ban start but with fail2ban-client start (Closes: #400278) * Removed obsolete patches left from 0.6 * Adjusted wsftpd patch to use <HOST> tag to be in line with the other filter definitions . fail2ban (0.7.4-5) unstable; urgency=low . * Added Suggests on mailx and relevant comments in README.Debian about invoking mail actions (closes: #396668) * Removed obsolete entries in TODO and README * README.Debian describes the use of interpolations vs parameters passed from jail.{conf,local} into an action definitions (closes: #398739) * Initial version of postfix filter has been present in 0.7 (closes: #377711) * Removed Uploaded field from control since I am a DD now. Big thanks to Barak Pearlmutter for being the sponsor of my packages for few years. . fail2ban (0.7.4-4) unstable; urgency=low . * Added debian/backports to contain patches necessary for backporting. It gets used by pbuilder-ssh to create package for backports.org Files: 830e0a95a998e1f3d79634170f3d7721 694 net optional fail2ban_0.7.5-1.dsc 36e65b8effcfd4f4a437d214613eb916 46075 net optional fail2ban_0.7.5.orig.tar.gz e3d511f14f636ca4c439066f4b82eace 17985 net optional fail2ban_0.7.5-1.diff.gz 8fb2a0cb89d68a68490a4a68c3a298df 62216 net optional fail2ban_0.7.5-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFeM+CjRFFY3XAJMgRArrRAJ9OEEXgsZUompVroALKWAGdcS78twCfYr95 QjfEXTz4KmyiXsp5H+0tWIk= =PpJh -----END PGP SIGNATURE-----
--- End Message ---
