https://bugs.contribs.org/show_bug.cgi?id=10857
--- Comment #5 from Stefan Schulz <[email protected]> ---
(In reply to Jean-Philippe Pialasse from comment #3)
> I just saw a wrong match on a test:
>
> | mirror 190.195.232.176 - - [07/Jan/2020:01:12:11 -0500] "GET
> /releases/9/smeaddons/i386/repodata/repomd.xml HTTP/1.1" 200 2986 "-"
> "urlgrabber/3.9.1 yum/3.2.29"
>
>
> you do not want to block yum ;)
> at least in my case or bye bye update for SME...
>
> but I seem not to have the same regex as you : I got mine from
>
> https://raw.githubusercontent.com/Sitetheory/fail2ban/
> 44338b97d62dac890dfc25fedfbedce0fdbf348b/config/filter.d/apache-badbots.conf
> (generated in 2018)
> which seems different from current
> https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-
> blocker/master/_generator_lists/bad-user-agents.list
>
>
> from comment
> https://github.com/fail2ban/fail2ban/pull/2259#issuecomment-430876212
>
> the \b in your regex might be a solution to avoid wrong catch
> plus the
> ignoreregex = .*(\/search\?q=).*
>
>
>
> x03 tries seemed to be misconfiguration when your server answer with http
> and client was asking https.
Did you run the test with your regex? In the badbots is no "yum" neither
"urlgrabber" listed. If you did the test with the regex I use, what would the
ignoreregex for yum be?
With the regex I use:
[root@saturn ~]# yum clean all
Geladene Plugins: fastestmirror, post-transaction-actions, smeserver
Cleaning repos: base smeaddons smeextras smeos smeupdates updates
Räume alles auf
Cleaning up list of fastest mirrors
[root@saturn ~]# yum update
Geladene Plugins: fastestmirror, post-transaction-actions, smeserver
Einrichten des Aktualisierungsprozess
Determining fastest mirrors
* base: mirror2.hs-esslingen.de
* smeaddons: ftp.nluug.nl
* smeextras: ftp.nluug.nl
* smeos: ftp.nluug.nl
* smeupdates: ftp.nluug.nl
* updates: mirror.checkdomain.de
base | 3.7 kB 00:00
base/primary_db | 4.7 MB 00:02
smeaddons | 2.9 kB 00:00
smeaddons/primary_db | 14 kB 00:00
smeextras | 2.9 kB 00:00
smeextras/primary_db | 110 kB 00:00
smeos | 3.1 kB 00:00
smeos/primary_db | 1.1 MB 00:00
smeupdates | 2.9 kB 00:00
smeupdates/primary_db | 579 kB 00:00
updates | 3.4 kB 00:00
updates/primary_db | 8.0 MB 00:04
Keine Pakete für die Aktualisierung markiert
Nothing shows up in access_log nor in /fail2ban/daemon.log.
This server is not hosting any public stuff. No webpages, no shops. It's only
for emails, (open)vpn and ipsec. As far as I can see, all local (sub)nets are
whitelisted per default. I assume the ignoreregex you mentioned is ment for a
server where access from public is wanted.
--
You are receiving this mail because:
You are the QA Contact for the bug.
_______________________________________________
Mail for each SME Contribs bug report
To unsubscribe, e-mail [email protected]
Searchable archive at https://lists.contribs.org/mailman/public/contribteam/
