On Mon, 29 Jan 2018, peter.ch...@data61.csiro.au wrote: > ... > Alternatively, remove sshd-ddos.conf and sshd-aggressive.conf from the > package
they aren't shipped with 0.10 version of the package -- they are left from previous versions: $> wget http://ftp.us.debian.org/debian/pool/main/f/fail2ban/fail2ban_0.10.2-1_all.deb ... $> dpkg -c fail2ban_0.10.2-1_all.deb| grep sshd -rw-r--r-- root/root 5318 2018-01-18 08:49 ./etc/fail2ban/filter.d/sshd.conf -rw-r--r-- root/root 5323 2018-01-22 10:38 ./usr/lib/python3/dist-packages/fail2ban/tests/config/filter.d/zzz-sshd-obsolete-multiline.conf -rw-r--r-- root/root 23147 2018-01-18 08:49 ./usr/lib/python3/dist-packages/fail2ban/tests/files/logs/sshd -rw-r--r-- root/root 36 2018-01-18 08:49 ./usr/lib/python3/dist-packages/fail2ban/tests/files/logs/zzz-sshd-obsolete-multiline -rw-r--r-- root/root 362 2018-01-18 08:49 ./usr/lib/python3/dist-packages/fail2ban/tests/files/zzz-sshd-obsolete-multiline.log note that NEWS and changelog pointed out that there are changes to config etc: $> zcat /usr/share/doc/fail2ban/NEWS.Debian.gz | head -n 20 fail2ban (0.10.2-1) unstable; urgency=medium This version is a major development leap forward to provide IPv6 support, which also required extensions to the configuration system. That is why it is not unlikely that configuration left from the previous version(s) would either not work or would not work as intended. You are advised to accept new configuration and adjust it for your customizations (if any). -- Yaroslav Halchenko <deb...@onerussian.com> Sun, 21 Jan 2018 22:25:26 -0500 and changelog fail2ban (0.10.2-1) unstable; urgency=medium [ Yaroslav Halchenko ] * New major upstream release (thanks to Ervin Hegedüs for help updating packaging) - Major performance improvements, especially in tests battery execution, and shutdown (Closes: #878038) - Incremental increase of bantime (Closes: #498164) - IPv6 support (Closes: #881648, #470417) - Some filters refactored/deprecated, e.g. to take advantage of new filter option mode - sshd-aggressive and sshd-ddos absorbed into sshd filter (modes: normal, ddos, extra, or aggressive) - postfix-rbl and postfix-sasl absorbed into postfix (modes: more, normal, auth, rbl, ddos, extra, or aggressive) - New actions: abuseipd, nginx-block-map - New filters: phpmyadmin-syslog, zoneminder * A number of new patches added to address failing tests from https://github.com/fail2ban/fail2ban/pull/2025 * debian/control - Boosted policy to 4.1.3 - sqlite3 is now needed for some tests, thus added to build-depends and suggests * debian/README.Debian - Instructions on how to establish correct startup/shutdown sequence in systemd for shorewall (Closes: #847728). Thanks Ben Coleman for the final recipe [ Viktor Szépe ] * Install provided config for monit under /etc/monit/conf-available (instead of /etc/monit/monitrc.d, location changed after monit 1:5.15-2) -- Yaroslav Halchenko <deb...@onerussian.com> Mon, 22 Jan 2018 10:38:19 -0500 -- Yaroslav O. Halchenko Center for Open Neuroscience http://centerforopenneuroscience.org Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755 Phone: +1 (603) 646-9834 Fax: +1 (603) 646-1419 WWW: http://www.linkedin.com/in/yarik