[Pkg-logwatch-general] r57 - in trunk: debian patches
Willi Mann
willi-guest at alioth.debian.org
Tue Nov 28 21:20:33 CET 2006
Author: willi-guest
Date: 2006-11-28 21:20:32 +0100 (Tue, 28 Nov 2006)
New Revision: 57
Added:
trunk/patches/11-fail2ban.diff
Modified:
trunk/debian/changelog
Log:
7.3.1-4:
fail2ban patch
Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog 2006-10-15 12:26:41 UTC (rev 56)
+++ trunk/debian/changelog 2006-11-28 20:20:32 UTC (rev 57)
@@ -1,5 +1,12 @@
-logwatch (7.3.1-3~1) unstable; urgency=medium
+logwatch (7.3.1-4) unstable; urgency=low
+ * fail2ban updated, (for new fail2ban upstream and the log filename was wrong)
+ thanks Yaroslav Halchenko (closes: #399864)
+
+ -- Willi Mann <willi at wm1.at> Tue, 28 Nov 2006 20:53:42 +0100
+
+logwatch (7.3.1-3) unstable; urgency=medium
+
* Fixes concerning postfix reported by Andreas Beckmann (thanks):
- missing postfix logs (closes: #390741)
- ignore some logs in secure, concerning postfix related authentication
@@ -386,4 +393,3 @@
to the logfile(s). That's most likely the problem.
-- Willi Mann <willi at wm1.at> Wed, 12 Nov 2003 20:14:15 +0100
-
Added: trunk/patches/11-fail2ban.diff
===================================================================
--- trunk/patches/11-fail2ban.diff 2006-10-15 12:26:41 UTC (rev 56)
+++ trunk/patches/11-fail2ban.diff 2006-11-28 20:20:32 UTC (rev 57)
@@ -0,0 +1,46 @@
+diff -Naur logwatch-7.3.1.orig/conf/logfiles/fail2ban.conf logwatch-7.3.1/conf/logfiles/fail2ban.conf
+--- logwatch-7.3.1.orig/conf/logfiles/fail2ban.conf 2006-05-30 15:04:26.000000000 -0400
++++ logwatch-7.3.1/conf/logfiles/fail2ban.conf 2006-11-21 12:58:35.000000000 -0500
+@@ -20,6 +20,6 @@
+ Title = fail2ban-messages
+
+ # Which logfile group...
+-LogFile = fail2ban
++LogFile = fail2ban.log
+
+
+diff -Naur logwatch-7.3.1.orig/scripts/services/fail2ban logwatch-7.3.1/scripts/services/fail2ban
+--- logwatch-7.3.1.orig/scripts/services/fail2ban 2006-05-30 15:04:26.000000000 -0400
++++ logwatch-7.3.1/scripts/services/fail2ban 2006-11-22 09:46:49.000000000 -0500
+@@ -36,7 +36,9 @@
+ }
+ chomp($ThisLine);
+ if ( ($ThisLine =~ /..,... DEBUG: /) or
++ ($ThisLine =~ /..,... \S*\s*: DEBUG /) or # syntax of 0.7.? fail2ban
+ ($ThisLine =~ /..,... INFO: (Fail2Ban v.* is running|Exiting|Enabled sections:)/) or
++ ($ThisLine =~ /..,... \S+\s*: INFO\s+(Set |Socket|Exiting|Gamin|Created|Added|Using)/) or # syntax of 0.7.? fail2ban
+ ($ThisLine =~ /..,... WARNING: Verbose level is /) or
+ ($ThisLine =~ /..,... WARNING: Restoring firewall rules/)
+ )
+@@ -44,7 +46,7 @@
+ if ( $Debug >= 6 ) {
+ print STDERR "DEBUG($DebugCounter): line ignored\n";
+ }
+- } elsif ( my ($Service,$Action,$Host) = ($ThisLine =~ m/WARNING:\s(.*):\s(Ban|Unban)[^\.]* (\S+)/)) {
++ } elsif ( my ($Service,$Action,$Host) = ($ThisLine =~ m/WARNING:?\s\[?(.*?)[]:]?\s(Ban|Unban)[^\.]* (\S+)/)) {
+ if ( $Debug >= 6 ) {
+ print STDERR "DEBUG($DebugCounter): Found $Action for $Service from $Host\n";
+ }
+@@ -59,9 +61,10 @@
+ $ServicesBans{$Service}{$Host}{'AlreadyInTheList'}++;
+ } elsif ( my ($Service,$Host) = ($ThisLine =~ m/ WARNING:\s(.*):\sReBan (\S+)/)) {
+ $ServicesBans{$Service}{$Host}{'ReBan'}++;
+- } elsif ($ThisLine =~ /..,... ERROR: (Execution of command )?\'iptables/) {
++ } elsif ($ThisLine =~ / ERROR:?\s*(Execution of command )?\'?iptables/) {
+ push @IptablesErrors, "$ThisLine\n";
+- } elsif ($ThisLine =~ /..,... WARNING: \#\S+ reinitialization of firewalls/) {
++ } elsif (($ThisLine =~ /..,... WARNING: \#\S+ reinitialization of firewalls/) or
++ ($ThisLine =~ / ERROR\s*Invariant check failed. Trying to restore a sane environment/)) {
+ $ReInitializations++;
+ } elsif ($ThisLine =~ /..,... WARNING: is not a valid IP address/) {
+ # just ignore - this will be fixed within fail2ban and is harmless warning
More information about the Pkg-logwatch-general
mailing list