[contribteam] [Bug 9719] NFR: avoid excluding ValidFrom httpd-admin entries

[bugzilla-daemon]

==================================================================
  Please DO NOT REPLY to this mail or send email to the developers
  about this bug. Please follow-up to Bugzilla using this link:
    https://bugs.contribs.org/show_bug.cgi?id=9719

  Have you checked the Frequently Asked Questions (FAQ)?
    http://wiki.contribs.org/SME_Server:Documentation:FAQ

  Please also take the time to read the following useful guide:
    http://www.chiark.greenend.org.uk/~sgtatham/bugs.html
==================================================================

            Bug ID: 9719
           Summary: NFR: avoid excluding ValidFrom httpd-admin entries
    Classification: Contribs
           Product: SME Contribs
           Version: 9.0
          Hardware: ---
                OS: ---
            Status: CONFIRMED
          Severity: normal
          Priority: P3
         Component: smeserver-fail2ban
          Assignee: dan...@firewall-services.com
          Reporter: te...@pialasse.com
        QA Contact: contribteam@lists.contribs.org

Created attachment 5669
  --> https://bugs.contribs.org/attachment.cgi?id=5669&action=edit
etc/e-smith/templates/etc/fail2ban/jail.conf.patch

currently fail2ban exclude systematically the IP whitelisted by the property
ValidFrom used to allow access to the server manager from outside of the local
network.

more and more people use 0.0.0.0/0.0.0.0 to allow access to all the internet to
the server-manager. We can argue on the validity to do so, but this will not
change the bahvior of suer wanting to be able to access freely to their
manager, mostly if their server is hosted. 
The global result is that fail2ban is just ignoring everything ! 


here is a proposed patch that works in two different ways to change the current
situation :
- filters out 0.0.0.0/0
- add a property to ignore all the entries of ValidFrom


I think this is a good start as it will avoid to ignore the whole internet, and
allow admin to exclude the ValidFrom if he understand his entry are a little
too liberals but need them this way while F2B still doing its job.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
_______________________________________________
Mail for each SME Contribs bug report
To unsubscribe, e-mail contribteam-unsubscr...@lists.contribs.org
Searchable archive at https://lists.contribs.org/mailman/public/contribteam/