From nick@muffin.acquirer.com  Wed May 25 13:54:37 2011
Return-Path: <nick@muffin.acquirer.com>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id F3BE0106564A
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 25 May 2011 13:54:36 +0000 (UTC)
	(envelope-from nick@muffin.acquirer.com)
Received: from muffin.acquirer.com (unknown [IPv6:2001:1bb8:2004:150::2])
	by mx1.freebsd.org (Postfix) with ESMTP id 6D8488FC0C
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 25 May 2011 13:54:36 +0000 (UTC)
Received: from muffin.acquirer.com (localhost [127.0.0.1])
	by muffin.acquirer.com (8.14.3/8.14.3) with ESMTP id p4PDsWih022362;
	Wed, 25 May 2011 14:54:32 +0100 (IST)
	(envelope-from nick@muffin.acquirer.com)
Received: (from nick@localhost)
	by muffin.acquirer.com (8.14.3/8.13.8/Submit) id p4PDsWOD056923;
	Wed, 25 May 2011 14:54:32 +0100 (IST)
	(envelope-from nick)
Message-Id: <201105251354.p4PDsWOD056923@muffin.acquirer.com>
Date: Wed, 25 May 2011 14:54:32 +0100 (IST)
From: Nick Hilliard <nick@foobar.org>
Reply-To: Nick Hilliard <nick@foobar.org>
To: FreeBSD-gnats-submit@freebsd.org
Subject: bugfix and feature addition for security/py-fail2ban
X-Send-Pr-Version: 3.113
X-GNATS-Notify: tony@pc-tony.com

>Number:         157318
>Category:       ports
>Synopsis:       bugfix and feature addition for security/py-fail2ban
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    wxs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Wed May 25 14:00:20 UTC 2011
>Closed-Date:    Sat Jun 11 02:08:51 UTC 2011
>Last-Modified:  Sat Jun 11 02:10:07 UTC 2011
>Originator:     Nick Hilliard
>Release:        FreeBSD 7.2-RELEASE i386
>Organization:
Network Ability Ltd
>Environment:
System: FreeBSD 7.2-RELEASE

>Description:

1. fail2ban does not include an action.d configuration file for openbsd pf. 
This patch adds support for this.

2. fail2ban fails to scan syslogd entries when the "-v" or "-vv" syslogd
command-line parameter is used.  I've attached a patch to common.conf to fix
this problem (see https://sourceforge.net/tracker/?func=detail&aid=3307502&group_id=121032&atid=689044).

>How-To-Repeat:
>Fix:

diff -bNur py-fail2ban.orig/files/patch-common.conf py-fail2ban/files/patch-common.conf
--- py-fail2ban.orig/files/patch-common.conf	1970-01-01 01:00:00.000000000 +0100
+++ py-fail2ban/files/patch-common.conf	2011-05-25 14:37:49.000000000 +0100
@@ -0,0 +1,17 @@
+--- config/filter.d/common.conf.orig	2011-05-25 14:25:33.000000000 +0100
++++ config/filter.d/common.conf	2011-05-25 14:25:42.000000000 +0100
+@@ -32,10 +32,13 @@
+ # EXAMPLES: sshd[31607], pop(pam_unix)[4920]
+ __daemon_combs_re = (?:%(__pid_re)s?:\s+%(__daemon_re)s|%(__daemon_re)s%(__pid_re)s?:)
+ 
++# Logging facility and priority for BSD "-v" verbose mode
++__bsd_verbose_mode = (?:\s*\<\S+\.\S+\>\s*)
++
+ #
+ # Common line prefixes (beginnings) which could be used in filters
+ #
+ #       [hostname] [vserver tag] daemon_id spaces
+ # this can be optional (for instance if we match named native log files)
+-__prefix_line = \s*(?:\S+ )?(?:@vserver_\S+ )?%(__daemon_combs_re)s?\s*
++__prefix_line = \s*%(__bsd_verbose_mode)s(?:\S+ )?(?:@vserver_\S+ )?%(__daemon_combs_re)s?\s*
+ 
diff -bNur py-fail2ban.orig/files/patch-pf.conf py-fail2ban/files/patch-pf.conf
--- py-fail2ban.orig/files/patch-pf.conf	1970-01-01 01:00:00.000000000 +0100
+++ py-fail2ban/files/patch-pf.conf	2011-05-25 14:41:26.000000000 +0100
@@ -0,0 +1,59 @@
+--- /dev/null   2010-01-12 16:33:00.000000000 -0500
++++ ./config/action.d/pf.conf     2010-01-12 16:26:51.000000000 -0500
+@@ -0,0 +1,56 @@
++# Fail2Ban configuration file
++#
++# OpenBSD pf ban/unban
++#
++# Author: Nick Hilliard <nick@foobar.org>
++#
++#
++
++[Definition]
++
++# Option:  actionstart
++# Notes.:  command executed once at the start of Fail2Ban.
++# Values:  CMD
++#
++# we don't enable PF automatically, as it will be enabled elsewhere
++actionstart = 
++
++
++# Option:  actionstop
++# Notes.:  command executed once at the end of Fail2Ban
++# Values:  CMD
++#
++# we don't disable PF automatically either
++actionstop = 
++
++
++# Option:  actioncheck
++# Notes.:  command executed once before each actionban command
++# Values:  CMD
++#
++actioncheck = 
++
++
++# Option:  actionban
++# Notes.:  command executed when banning an IP. Take care that the
++#          command is executed with Fail2Ban user rights.
++# Tags:    <ip>  IP address
++#          <failures>  number of failures
++#          <time>  unix timestamp of the ban time
++# Values:  CMD
++#
++actionban = /sbin/pfctl -t fail2ban -T add <ip>/32
++
++
++# Option:  actionunban
++# Notes.:  command executed when unbanning an IP. Take care that the
++#          command is executed with Fail2Ban user rights.
++# Tags:    <ip>  IP address
++#          <failures>  number of failures
++#          <time>  unix timestamp of the ban time
++# Values:  CMD
++#
++# note -r option used to remove matching rule
++actionunban = /sbin/pfctl -t fail2ban -T delete <ip>/32
++
++[Init]
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: edwin 
State-Changed-When: Wed May 25 14:00:32 UTC 2011 
State-Changed-Why:  
Awaiting maintainers feedback (via the GNATS Auto Assign Tool) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=157318 

From: Edwin Groothuis <edwin@FreeBSD.org>
To: tony@pc-tony.com
Cc: bug-followup@FreeBSD.org
Subject: Re: ports/157318: bugfix and feature addition for security/py-fail2ban
Date: Wed, 25 May 2011 14:00:29 UT

 Maintainer of security/py-fail2ban,
 
 Please note that PR ports/157318 has just been submitted.
 
 If it contains a patch for an upgrade, an enhancement or a bug fix
 you agree on, reply to this email stating that you approve the patch
 and a committer will take care of it.
 
 The full text of the PR can be found at:
     http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/157318
 
 -- 
 Edwin Groothuis via the GNATS Auto Assign Tool
 edwin@FreeBSD.org
Responsible-Changed-From-To: freebsd-ports-bugs->wxs 
Responsible-Changed-By: wxs 
Responsible-Changed-When: Sun May 29 22:16:15 UTC 2011 
Responsible-Changed-Why:  
I'll take it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=157318 
State-Changed-From-To: feedback->closed 
State-Changed-By: wxs 
State-Changed-When: Sat Jun 11 02:08:48 UTC 2011 
State-Changed-Why:  
Committed. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=157318 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/157318: commit references a PR
Date: Sat, 11 Jun 2011 02:08:48 +0000 (UTC)

 wxs         2011-06-11 02:08:40 UTC
 
   FreeBSD ports repository
 
   Modified files:
     security/py-fail2ban Makefile pkg-plist 
   Added files:
     security/py-fail2ban/files patch-common.conf patch-pf.conf 
   Log:
   - Include configuration file for pf.
   - Add patch for supporting syslogd -v or -vv.
   
   PR:             ports/157318
   Submitted by:   Nick Hilliard <nick@foobar.org>
   Approved by:    maintainer timeout
   
   Revision  Changes    Path
   1.10      +1 -0      ports/security/py-fail2ban/Makefile
   1.1       +17 -0     ports/security/py-fail2ban/files/patch-common.conf (new)
   1.1       +59 -0     ports/security/py-fail2ban/files/patch-pf.conf (new)
   1.5       +1 -0      ports/security/py-fail2ban/pkg-plist
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
