[gentoo-commits] repo/gentoo:master commit in: net-analyzer/fail2ban/files/, net-analyzer/fail2ban/

Sat, 27 Sep 2025 21:15:26 -0700 

commit:     82f7c744835c48b3f49bb5409588011ab6c62563
Author:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
AuthorDate: Sat Sep 27 17:40:41 2025 +0000
Commit:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
CommitDate: Sun Sep 28 04:14:55 2025 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=82f7c744

net-analyzer/fail2ban: More general _pref in filter.d/postfix.conf

This considers commands like CONNECT as a valid _pref.

Reviewed-by: Sam James <sam <AT> gentoo.org>
Signed-off-by: Ulrich Müller <ulm <AT> gentoo.org>

 net-analyzer/fail2ban/fail2ban-1.1.0-r5.ebuild     |  1 +
 .../files/fail2ban-1.1.0-postfix-pref.patch        | 32 ++++++++++++++++++++++
 2 files changed, 33 insertions(+)

diff --git a/net-analyzer/fail2ban/fail2ban-1.1.0-r5.ebuild 
b/net-analyzer/fail2ban/fail2ban-1.1.0-r5.ebuild
index 05a953241bd5..b187290650fb 100644
--- a/net-analyzer/fail2ban/fail2ban-1.1.0-r5.ebuild
+++ b/net-analyzer/fail2ban/fail2ban-1.1.0-r5.ebuild
@@ -59,6 +59,7 @@ PATCHES=(
        "${FILESDIR}"/${PN}-1.1.0-openssh-9.8-fixups.patch
        "${FILESDIR}"/${PN}-1.1.0-openrc-nftables.patch
        "${FILESDIR}"/${PN}-1.1.0-systemd-order.patch
+       "${FILESDIR}"/${PN}-1.1.0-postfix-pref.patch
        "${FILESDIR}"/${PN}-1.1.0-postfix-ddos.patch
 )
 

diff --git a/net-analyzer/fail2ban/files/fail2ban-1.1.0-postfix-pref.patch 
b/net-analyzer/fail2ban/files/fail2ban-1.1.0-postfix-pref.patch
new file mode 100644
index 000000000000..72a21d6681a5
--- /dev/null
+++ b/net-analyzer/fail2ban/files/fail2ban-1.1.0-postfix-pref.patch
@@ -0,0 +1,32 @@
+https://github.com/fail2ban/fail2ban/issues/3800
+
+commit 93810fff75640ddfe4c248e670ed80b5d225bf10
+Author: Serg G. Brester <[email protected]>
+Date:   Fri Jul 26 19:25:09 2024 +0200
+
+    consider CONNECT and other rejected commands as a valid `_pref`;
+    closes gh-3800
+
+--- a/config/filter.d/postfix.conf
++++ b/config/filter.d/postfix.conf
+@@ -12,7 +12,7 @@
+ 
+ _daemon = postfix(-\w+)?/[^/\[:\s]+(?:/smtp[ds])?
+ _port = (?::\d+)?
+-_pref = [A-Z]{4}
++_pref = [A-Z]{4,}
+ 
+ prefregex = ^%(__prefix_line)s<mdpr-<mode>> <F-CONTENT>.+</F-CONTENT>$
+ 
+--- a/fail2ban/tests/files/logs/postfix
++++ b/fail2ban/tests/files/logs/postfix
+@@ -70,6 +70,9 @@
+ # failJSON: { "time": "2005-05-05T15:51:11", "match": true , "host": 
"216.245.194.173", "desc": "postfix postscreen / gh-1764" }
+ May  5 15:51:11 xxx postfix/postscreen[1148]: NOQUEUE: reject: RCPT from 
[216.245.194.173]:60591: 550 5.7.1 Service unavailable; client 
[216.245.194.173] blocked using rbl.example.com; from=<[email protected]>, 
to=<[email protected]>, proto=ESMTP, helo=<badguy.example.com>
+ 
++# failJSON: { "time": "2005-06-01T19:00:55", "match": true , "host": 
"192.0.2.114", "desc": "postfix client restriction / gh-3800" }
++Jun  1 19:00:55 mail postfix/smtpd[7749]: NOQUEUE: reject: CONNECT from 
unknown[192.0.2.114]: 450 4.7.25 Client host rejected: cannot find your 
hostname, [178.215.236.114]; proto=SMTP
++
+ # failJSON: { "time": "2005-06-03T06:25:43", "match": true , "host": 
"192.0.2.11", "desc": "too many errors / gh-2439" }
+ Jun  3 06:25:43 srv postfix/smtpd[29306]: too many errors after RCPT from 
example.com[192.0.2.11]
+

Reply via email to