On Mon, 29 Jan 2018, peter.ch...@data61.csiro.au wrote:
> ...
> Alternatively, remove sshd-ddos.conf and sshd-aggressive.conf from the
> package
they aren't shipped with 0.10 version of the package -- they are left
from previous versions:
$> wget
http://ftp.us.debian.org/debian/pool/main/f/fail2ban/fail2ban_0.10.2-1_all.deb
...
$> dpkg -c fail2ban_0.10.2-1_all.deb| grep sshd
-rw-r--r-- root/root 5318 2018-01-18 08:49
./etc/fail2ban/filter.d/sshd.conf
-rw-r--r-- root/root 5323 2018-01-22 10:38
./usr/lib/python3/dist-packages/fail2ban/tests/config/filter.d/zzz-sshd-obsolete-multiline.conf
-rw-r--r-- root/root 23147 2018-01-18 08:49
./usr/lib/python3/dist-packages/fail2ban/tests/files/logs/sshd
-rw-r--r-- root/root 36 2018-01-18 08:49
./usr/lib/python3/dist-packages/fail2ban/tests/files/logs/zzz-sshd-obsolete-multiline
-rw-r--r-- root/root 362 2018-01-18 08:49
./usr/lib/python3/dist-packages/fail2ban/tests/files/zzz-sshd-obsolete-multiline.log
note that NEWS and changelog pointed out that there are changes to
config etc:
$> zcat /usr/share/doc/fail2ban/NEWS.Debian.gz | head -n 20
fail2ban (0.10.2-1) unstable; urgency=medium
This version is a major development leap forward to provide
IPv6 support, which also required extensions to the configuration
system. That is why it is not unlikely that configuration left from
the
previous version(s) would either not work or would not work as
intended.
You are advised to accept new configuration and adjust it for your
customizations (if any).
-- Yaroslav Halchenko <deb...@onerussian.com> Sun, 21 Jan 2018
22:25:26 -0500
and changelog
fail2ban (0.10.2-1) unstable; urgency=medium
[ Yaroslav Halchenko ]
* New major upstream release (thanks to Ervin Hegedüs for help
updating
packaging)
- Major performance improvements, especially in tests battery
execution, and shutdown (Closes: #878038)
- Incremental increase of bantime (Closes: #498164)
- IPv6 support (Closes: #881648, #470417)
- Some filters refactored/deprecated, e.g. to take advantage of
new
filter option mode
- sshd-aggressive and sshd-ddos absorbed into sshd filter
(modes: normal, ddos, extra, or aggressive)
- postfix-rbl and postfix-sasl absorbed into postfix
(modes: more, normal, auth, rbl, ddos, extra, or
aggressive)
- New actions: abuseipd, nginx-block-map
- New filters: phpmyadmin-syslog, zoneminder
* A number of new patches added to address failing tests from
https://github.com/fail2ban/fail2ban/pull/2025
* debian/control
- Boosted policy to 4.1.3
- sqlite3 is now needed for some tests, thus added to
build-depends
and suggests
* debian/README.Debian
- Instructions on how to establish correct startup/shutdown
sequence
in systemd for shorewall (Closes: #847728). Thanks Ben
Coleman for the
final recipe
[ Viktor Szépe ]
* Install provided config for monit under /etc/monit/conf-available
(instead of /etc/monit/monitrc.d, location changed after monit
1:5.15-2)
-- Yaroslav Halchenko <deb...@onerussian.com> Mon, 22 Jan 2018
10:38:19 -0500
--
Yaroslav O. Halchenko
Center for Open Neuroscience http://centerforopenneuroscience.org
Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755
Phone: +1 (603) 646-9834 Fax: +1 (603) 646-1419
WWW: http://www.linkedin.com/in/yarik
