Oops. Now attached.
--
.''`. martin f. krafft [EMAIL PROTECTED]
: :' : proud Debian developer, author, administrator, and user
`. `'` http://people.debian.org/~madduck - http://debiansystem.info
`- Debian - when you have better things to do than fixing systems
# Fail2Ban configuration
I believe that you mixed up interpolations (done but pythons config module) and
substitutions done by fail2ban
actionstart = iptables -N fail2ban-name
iptables -I fwchain -m state --state NEW -p protocol --dport
port -j fail2ban-name
post_start_commands
I don't think
also sprach Yaroslav Halchenko [EMAIL PROTECTED] [2006.11.15.1512 +0100]:
I believe that you mixed up interpolations (done but pythons config module)
and
substitutions done by fail2ban
actionstart = iptables -N fail2ban-name
iptables -I fwchain -m state --state NEW -p
it is hard to see whole picture since you are just sending changing
snippets of configuration - send the whole entirety...
I bet that the reason for current issue is that
you defined actionstart in [Definition] config/action.d/iptables.conf
whenever you defined in post_start_commands in [Init]
also sprach Yaroslav Halchenko [EMAIL PROTECTED] [2006.11.15.1655 +0100]:
it is hard to see whole picture since you are just sending changing
snippets of configuration - send the whole entirety...
I did. And it's not changing. Again, without comments:
== /etc/fail2ban/jail.local ==
[DEFAULT]
also sprach Yaroslav Halchenko [EMAIL PROTECTED] [2006.11.15.1854 +0100]:
Please find my fix to your configuration attached...
We're going in circles... almost. If you now look at the original
configuration I submitted, it's almost exactly the same as the one
you have given me, except that you
Dear Martin,
ok - I see now more clearly but the reason is the same: confusion
between interpolated values and substituted by fail2ban (which is a
limited set of names). so whenever you provide parameters for action
like
iptables[bla=zzz]
bla has to be handled as fail2ban config parameter (the
also sprach martin f krafft [EMAIL PROTECTED] [2006.11.15.1917 +0100]:
So what is the Init section for? I wish I could just define
defaults in the action file and still have them be overrideable from
the jail configuration.
If we figure out a better way to set the defaults, you're of course
Thanks, both of you, for your time and patience!
also sprach Cyril Jaquier [EMAIL PROTECTED] [2006.11.15.2302 +0100]:
Any option my_option in the section [Init] can then be replaced by a
tag my_option in the section [Definition] of the action. The tag
my_option will then be replaced by the
9 matches
Mail list logo
