Bug#892472: please refer to nftables

Fri, 09 Mar 2018 04:06:38 -0800 

Package: fail2ban
Version: 0.10.2-1
Severity: wishlist
Tags: patch

Dear maintainer,

thanks for your hard work with this package, it's really appreciated.

I noticed that the upstream fail2ban packages has support for nftables, the
replacement of iptables, which is in Debian since several years already.

Please, consider the attached patch.

>From 4c8c10434ae73c76aeee481b183d15dbe032f945 Mon Sep 17 00:00:00 2001
From: Arturo Borrero Gonzalez <art...@debian.org>
Date: Fri, 9 Mar 2018 13:00:03 +0100
Subject: [PATCH] d/control: add nftables references

The nftables framework replaces iptables. The fail2ban software already
includes support for nftables, so reflect that in the packaging.

Also, no need to `Recommends: iptables`, since is installed by default in every
Debian system. Instead, do `Recommends: nftables`.

Signed-off-by: Arturo Borrero Gonzalez <art...@debian.org>
---
 debian/control | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/debian/control b/debian/control
index 77b32cb3..dd0b9ff7 100644
--- a/debian/control
+++ b/debian/control
@@ -17,7 +17,7 @@ Standards-Version: 4.1.3
 Package: fail2ban
 Architecture: all
 Depends: ${python3:Depends}, ${misc:Depends}, lsb-base (>=2.0-7)
-Recommends: python, iptables, whois, python3-pyinotify, python3-systemd
+Recommends: python, nftables, whois, python3-pyinotify, python3-systemd
 Suggests: mailx, system-log-daemon, monit, sqlite3
 Description: ban hosts that cause multiple authentication errors
  Fail2ban monitors log files (e.g. /var/log/auth.log,
@@ -34,8 +34,8 @@ Description: ban hosts that cause multiple authentication 
errors
  to be used with a variety of files and firewalls.  Following recommends
  are listed:
  .
-  - iptables -- default installation uses iptables for banning. You most
-    probably need it
+  - iptables/nftables -- default installation uses iptables for banning.
+    nftables is also suported. You most probably need it
   - whois -- used by a number of *mail-whois* actions to send notification
     emails with whois information about attacker hosts. Unless you will use
     those you don't need whois
-- 
2.16.1

Reply via email to