[Pkg-logwatch-general] r57 - in trunk: debian patches

Willi Mann willi-guest at alioth.debian.org
Tue Nov 28 21:20:33 CET 2006


Author: willi-guest
Date: 2006-11-28 21:20:32 +0100 (Tue, 28 Nov 2006)
New Revision: 57

Added:
   trunk/patches/11-fail2ban.diff
Modified:
   trunk/debian/changelog
Log:
7.3.1-4:
fail2ban patch


Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog	2006-10-15 12:26:41 UTC (rev 56)
+++ trunk/debian/changelog	2006-11-28 20:20:32 UTC (rev 57)
@@ -1,5 +1,12 @@
-logwatch (7.3.1-3~1) unstable; urgency=medium
+logwatch (7.3.1-4) unstable; urgency=low
 
+  * fail2ban updated, (for new fail2ban upstream and the log filename was wrong)
+    thanks Yaroslav Halchenko (closes: #399864)
+
+ -- Willi Mann <willi at wm1.at>  Tue, 28 Nov 2006 20:53:42 +0100
+
+logwatch (7.3.1-3) unstable; urgency=medium
+
   * Fixes concerning postfix reported by Andreas Beckmann (thanks):
     - missing postfix logs (closes: #390741)
     - ignore some logs in secure, concerning postfix related authentication
@@ -386,4 +393,3 @@
     to the logfile(s). That's most likely the problem.
 
  -- Willi Mann <willi at wm1.at>  Wed, 12 Nov 2003 20:14:15 +0100
-

Added: trunk/patches/11-fail2ban.diff
===================================================================
--- trunk/patches/11-fail2ban.diff	2006-10-15 12:26:41 UTC (rev 56)
+++ trunk/patches/11-fail2ban.diff	2006-11-28 20:20:32 UTC (rev 57)
@@ -0,0 +1,46 @@
+diff -Naur logwatch-7.3.1.orig/conf/logfiles/fail2ban.conf logwatch-7.3.1/conf/logfiles/fail2ban.conf
+--- logwatch-7.3.1.orig/conf/logfiles/fail2ban.conf	2006-05-30 15:04:26.000000000 -0400
++++ logwatch-7.3.1/conf/logfiles/fail2ban.conf	2006-11-21 12:58:35.000000000 -0500
+@@ -20,6 +20,6 @@
+ Title = fail2ban-messages
+ 
+ # Which logfile group...
+-LogFile = fail2ban
++LogFile = fail2ban.log
+ 
+ 
+diff -Naur logwatch-7.3.1.orig/scripts/services/fail2ban logwatch-7.3.1/scripts/services/fail2ban
+--- logwatch-7.3.1.orig/scripts/services/fail2ban	2006-05-30 15:04:26.000000000 -0400
++++ logwatch-7.3.1/scripts/services/fail2ban	2006-11-22 09:46:49.000000000 -0500
+@@ -36,7 +36,9 @@
+     }
+     chomp($ThisLine);
+     if ( ($ThisLine =~ /..,... DEBUG: /) or
++	 ($ThisLine =~ /..,... \S*\s*: DEBUG /) or # syntax of 0.7.? fail2ban
+ 	 ($ThisLine =~ /..,... INFO: (Fail2Ban v.* is running|Exiting|Enabled sections:)/) or
++	 ($ThisLine =~ /..,... \S+\s*: INFO\s+(Set |Socket|Exiting|Gamin|Created|Added|Using)/) or # syntax of 0.7.? fail2ban
+ 	 ($ThisLine =~ /..,... WARNING: Verbose level is /) or
+ 	 ($ThisLine =~ /..,... WARNING: Restoring firewall rules/)
+ 	 )
+@@ -44,7 +46,7 @@
+ 	if ( $Debug >= 6 ) {
+ 	    print STDERR "DEBUG($DebugCounter): line ignored\n";
+ 	}
+-    } elsif ( my ($Service,$Action,$Host) = ($ThisLine =~ m/WARNING:\s(.*):\s(Ban|Unban)[^\.]* (\S+)/)) {
++    } elsif ( my ($Service,$Action,$Host) = ($ThisLine =~ m/WARNING:?\s\[?(.*?)[]:]?\s(Ban|Unban)[^\.]* (\S+)/)) {
+ 	if ( $Debug >= 6 ) {
+ 	    print STDERR "DEBUG($DebugCounter): Found $Action for $Service from $Host\n";
+ 	}
+@@ -59,9 +61,10 @@
+ 	$ServicesBans{$Service}{$Host}{'AlreadyInTheList'}++;
+     } elsif ( my ($Service,$Host) = ($ThisLine =~ m/ WARNING:\s(.*):\sReBan (\S+)/)) {
+ 	$ServicesBans{$Service}{$Host}{'ReBan'}++;
+-    } elsif ($ThisLine =~ /..,... ERROR: (Execution of command )?\'iptables/) {
++    } elsif ($ThisLine =~ / ERROR:?\s*(Execution of command )?\'?iptables/) {
+ 	push @IptablesErrors, "$ThisLine\n";
+-    } elsif ($ThisLine =~ /..,... WARNING: \#\S+ reinitialization of firewalls/) {
++    } elsif (($ThisLine =~ /..,... WARNING: \#\S+ reinitialization of firewalls/) or
++	     ($ThisLine =~ / ERROR\s*Invariant check failed. Trying to restore a sane environment/)) {
+ 	$ReInitializations++;
+     } elsif ($ThisLine =~ /..,... WARNING:  is not a valid IP address/) {
+ 	# just ignore - this will be fixed within fail2ban and is harmless warning




More information about the Pkg-logwatch-general mailing list