On Wed, Oct 12, 2005 at 11:24:53AM -0400, Yaroslav Halchenko wrote:
> Hi
>
> I've hacked a fix for the problem of "missing chain". Could you please
> try the most recent version (not yet in Debian mainstream) available
> from
>
> http://itanix.rutgers.edu/rumba/dists/unstable/perspect/binary-all/net/
>
> While upgrading you might need to update your config file with a fresh
> one shipped with the package (as the WARNING might state)
>
> I would greatly appreciate your feedback.
I'm running mostly testing, and did a regular upgrade to 0.5.4-5 and
then got your recent (-5.14) deb and installed it.
My style is to keep my old config file and then merge in the changes
and restart after the main install is done.
1. The most substantive thing I notice is that the ignoreip
configuration setting does not seem to be used--that is, I see no sign
of it in my iptables -nvL rules. I have that option set, though it's
set to the same value as the default (I set it before the current
default was in effect.)
2. You have a number of multi-line options without the \ character in
the config file. E.g., fwend. Do the later lines actually get used?
A related question: do the multiple lines of, e.g., fwcheck, all get
used appropriately?
3. The [EMAIL PROTECTED] should solve the mail problems, but it is
potentially very confusing for someone who redirects their mail. As I
mentioned earlier, there must be a standard way to solve the problem,
though I don't know what it is. One could generate a domain name with
shell magic trying /etc/mailname, hostname --fqdn (hmm, the latter
gives localhost for me--but I'm not configured properly), and
localhost as a last resort.
4. The latest Debian changelog entry includes
" Implemented automatic restart of fail2ban main function in
case if check of fwban or fwban command failed"
Should both of those fwban's be there? It would be more idiomatic to
delete the "if" after "in case."
5. For you reference,
fail2ban (0.5.4-3) unstable; urgency=low
* Resolved the mistery
The word is "mystery."
6. Since I didn't update the configuration file, after the initial
install I got
"Starting fail2ban: 2005-10-18 12:11:45,656 WARNING: No 'reinittime' defined in
'DEFAULT'
2005-10-18 12:11:45,663 WARNING: No 'maxreinits' defined in 'DEFAULT'
fail2ban.
"
It wasn't entirely clear to me whether fail2ban was running in this
case, though I think it was (since it's only a warning). To clarify
this, you might add "defaulting to maxreinits = -1" or whatever the
default behavior is. As I mentioned, I subsequently edited the
configuration file and restarted the demon.
Thanks.
Ross Boylan
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
