rpms/fail2ban
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add journalmatch entries for sendmail (bug #1329919)

Browse source
This commit is contained in:
Orion Poplawski 2016-10-03 16:37:16 -06:00
commit 7dfd4e4924
2 changed files with 43 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

34
fail2ban-sendmail.patch Normal file
View file

@ -0,0 +1,34 @@
commit 6a5f8ddf63658f3645a88988641c06d5a9625c00
Author: Orion Poplawski <orion@cora.nwra.com>
Date: Mon Oct 3 16:26:11 2016 -0600
Add sendmail journalmatch options
diff --git a/config/filter.d/sendmail-auth.conf b/config/filter.d/sendmail-auth.conf
index 138fbb8..7886e60 100644
--- a/config/filter.d/sendmail-auth.conf
+++ b/config/filter.d/sendmail-auth.conf
@@ -13,6 +13,10 @@ failregex = ^%(__prefix_line)s\w{14}: (\S+ )?\[<HOST>\]( \(may be forged\))?: po
ignoreregex =
+[Init]
+
+journalmatch = _SYSTEMD_UNIT=sendmail.service
+
# DEV Notes:
#
# Author: Daniel Black
diff --git a/config/filter.d/sendmail-reject.conf b/config/filter.d/sendmail-reject.conf
index 93b8343..219d910 100644
--- a/config/filter.d/sendmail-reject.conf
+++ b/config/filter.d/sendmail-reject.conf
@@ -33,6 +33,8 @@ ignoreregex =
[Init]
+journalmatch = _SYSTEMD_UNIT=sendmail.service
+
# "maxlines" is number of log lines to buffer for multi-line regex searches
maxlines = 10

10
fail2ban.spec
View file

@ -1,7 +1,7 @@
Summary: Daemon to ban hosts that cause multiple authentication errors
Name: fail2ban
Version: 0.9.5
Release: 2%{?dist}
Release: 3%{?dist}
License: GPLv2+
URL: http://fail2ban.sourceforge.net/
Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz
@ -15,6 +15,10 @@ Patch1: https://github.com/fail2ban/fail2ban/commit/c49fe12f701807a8d89bfe57c9f7
# Give up being PartOf iptables for now
# https://bugzilla.redhat.com/show_bug.cgi?id=1379141
Patch2: fail2ban-partof.patch
# Add journalmatch entries for sendmail
# https://bugzilla.redhat.com/show_bug.cgi?id=1329919
# https://github.com/fail2ban/fail2ban/pull/1566
Patch3: fail2ban-sendmail.patch
BuildRequires: python3-devel
# For 2to3
@ -154,6 +158,7 @@ by default.
%patch0 -p1 -b .test
%patch1 -p1
%patch2 -p1 -b .partof
%patch3 -p1 -b .sendmail
# Use Fedora paths
sed -i -e 's/^before = paths-.*/before = paths-fedora.conf/' config/jail.conf
2to3 --write --nobackups .
@ -283,6 +288,9 @@ fi
%changelog
* Mon Oct 3 2016 Orion Poplawski <orion@cora.nwra.com> - 0.9.5-3
- Add journalmatch entries for sendmail (bug #1329919)
* Mon Oct 3 2016 Orion Poplawski <orion@cora.nwra.com> - 0.9.5-2
- Give up being PartOf iptables to allow firewalld restarts to work
(bug #1379141)