Your message dated Wed, 01 Aug 2012 01:47:10 +0000
with message-id <[email protected]>
and subject line Bug#604843: fixed in fail2ban 0.8.7-1
has caused the Debian Bug report #604843,
regarding fail2ban: Please add package 'ferm' to LSB Should-Start/Stop header
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
604843: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=604843
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: fail2ban
Version: 0.8.4-3
Severity: wishlist
Hello, fail2ban has a long list of firewall software in the LSB headers of it's
init script, it would be useful to have the package 'ferm' (an iptables
firewall setup package) added to the Should-Start/Stop
My /etc/insserv/overrides/fail2ban file looks like:
### BEGIN INIT INFO
# Provides: fail2ban
# Required-Start: $local_fs $remote_fs
# Required-Stop: $local_fs $remote_fs
# Should-Start: $time $network $syslog iptables firehol shorewall ipmasq
arno-iptables-firewall ferm
# Should-Stop: $network $syslog iptables firehol shorewall ipmasq
arno-iptables-firewall ferm
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start/stop fail2ban
# Description: Start/stop fail2ban, a daemon scanning the log files and
# banning potential attackers.
### END INIT INFO
It would be great if all these packages could define a symbolic name for
iptables/ip6tables firewall setup (e.g. Provides: iptables-firewall).
For example I see postfix declaring Provides like:
# Provides: postfix mail-transport-agent
and other init scripts, like nslcd declaring:
# X-Start-Before: $mail-transport-agent mail-transport-agent exim4 sendmail
nullmailer masqmail citadel cron atd autofs am-utils apache2
…well that looks a little redundant, wonder if this actually works (and what is
X-Start-Before?).
Thanks!
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-xen-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages fail2ban depends on:
ii lsb-base 3.2-23.1 Linux Standard Base 3.2 init scrip
ii python 2.6.6-3+squeeze1 interactive high-level object-orie
ii python-central 0.6.16+nmu1 register and build utility for Pyt
Versions of packages fail2ban recommends:
ii iptables 1.4.8-3 administration tools for packet fi
ii whois 5.0.8 an intelligent whois client
Versions of packages fail2ban suggests:
ii heirloom-mailx [mailx] 12.4-2 feature-rich BSD mail(1)
pn python-gamin <none> (no description available)
-- Configuration Files:
/etc/logrotate.d/fail2ban changed [not included]
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: fail2ban
Source-Version: 0.8.7-1
We believe that the bug you reported is fixed in the latest version of
fail2ban, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Yaroslav Halchenko <[email protected]> (supplier of updated fail2ban
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 31 Jul 2012 16:51:40 -0400
Source: fail2ban
Binary: fail2ban
Architecture: source all
Version: 0.8.7-1
Distribution: experimental
Urgency: low
Maintainer: Yaroslav Halchenko <[email protected]>
Changed-By: Yaroslav Halchenko <[email protected]>
Description:
fail2ban - ban hosts that cause multiple authentication errors
Closes: 333557 481265 514239 598109 604843 616803 648020 653074 657286 669063
672228 676146
Changes:
fail2ban (0.8.7-1) experimental; urgency=low
.
* New upstream release:
- inotify backend is supported (and the default if pyinotify is present).
It should bring number of wakeups to minimum (Closes: #481265)
- usedns jail.conf parameter to disable reverse DNS mapping to
avoid of DoS (see #588431, #514239 for related discussions)
- enforces non-unicode logging (Closes: #657286)
- new jail "recidive" to ban repeated offenders (Closes: #333557)
- catch failed ssh logins due to being listed in DenyUsers (Closes:
#669063)
- document in config/*.conf on how to inline comments (Closes: #676146)
- match possibly present "pam_unix(sshd:auth):" portion for sshd
(Closes: #648020)
- wu-ftpd: added failregex for use against syslog. Switch to monitor syslog
(instead of auth.log) by default (Closes: #514239)
- anchor chain name in actioncheck's for iptables actions (Closes: #672228)
* debian/jail.conf:
- adopted few jails from "upstreams" jail.conf: asterisk, recidive,
lighttpd, php-url-open
- provide instructions in jail.conf on how to comment (Closes: #676146)
Thanks Stefano Forli for a report
* debian/fail2ban.init:
- Should-(start|stop): iptables-persistent (Closes: #598109),
ferm (Closes: #604843)
- 'status' exits with code 3 if fail2ban is not running (Closes: #653074)
Thanks Glenn Aaldering for the patch
* debian/source:
- switch to 3.0 (quilt) format
* debian/control,rules:
- switch to use dh_python2 (Closes: #616803)
- boost policy compliance to 3.9.3
- recommend python-pyinotify and only suggest python-gamin
Checksums-Sha1:
e2111e7d537d36f9980e23175e62e8d21c7ff6be 1190 fail2ban_0.8.7-1.dsc
44cd6e29dc54e300e2581104f99d87763c7d7e42 122505 fail2ban_0.8.7.orig.tar.gz
1addea3b04a2b7b850431a83775fdf9f6da033d8 29327 fail2ban_0.8.7-1.debian.tar.gz
b4e6988395db1f13fb4b22b47173dc69979aee13 110388 fail2ban_0.8.7-1_all.deb
Checksums-Sha256:
ea8788f1fe931d8da7c2d67f08f127da8895ff21648a1cab80082e8ffe7dde53 1190
fail2ban_0.8.7-1.dsc
7549ea38ffa3755a41145cc3ecc1149e025465b4db3c3ceed9e59b30903d35e6 122505
fail2ban_0.8.7.orig.tar.gz
c488798420314b2a37ea20d7d431484f638135f14f6133e334a6230c99739229 29327
fail2ban_0.8.7-1.debian.tar.gz
70524db89972550bcd24b4c2d61286017628fc30e49fc1029fc66b430fcd24aa 110388
fail2ban_0.8.7-1_all.deb
Files:
333dd1321b92151a05f7792c2067bbf2 1190 net optional fail2ban_0.8.7-1.dsc
ab7ad37439ca9e4d92d97325b10d85ff 122505 net optional fail2ban_0.8.7.orig.tar.gz
ae2f2d569e1274d5f30e9a3c72861c0b 29327 net optional
fail2ban_0.8.7-1.debian.tar.gz
cf95cf7bba199160298d948cf30c4ee5 110388 net optional fail2ban_0.8.7-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlAYhjwACgkQjRFFY3XAJMg15QCePMCq9AFHgkgVo34DTAoJt96W
CsUAoNTK8OE+mgS9hvAWiKdhARAMQhnt
=VEf6
-----END PGP SIGNATURE-----
--- End Message ---
