Bug#1004466: fail2ban: courier-auth failregex does not match FAILED LOGIN
Package: fail2ban
Version: 0.11.2-2
Severity: normal
Tags: patch
Dear Maintainer,
* What led up to the situation?
fail2ban didn't find/ban failed logins in the configured courier-auth jail.
* What exactly did you do (or not do) that was effective (or ineffective)?
Failed courier-imapd logins are logged in /var/log/mail.log as:
Jan 27 09:00:00 servername imapd: LOGIN FAILED, user=xxx,
ip=[:::xxx.xxx.xxx.xxx], port=[x]
The current courier-auth failregex fails to match this because there is a port
mentioned after the ip section.
An update to the failregex is needed to reflect this.
failregex = ^%(__prefix_line)sLOGIN FAILED, (?:user|method)=.*, ip=\[\]$
failregex = ^%(__prefix_line)sLOGIN FAILED, (?:user|method)=.*,
ip=\[\].*$
* What was the outcome of this action?
Fail2ban matches failed courier-imapd(-ssl) logins again as expected.
Not sure if this applies to Debian systems only.
Best regards,
Daan Willems
-- System Information:
Debian Release: 11.2
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable'), (100, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.0-8-amd64 (SMP w/4 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages fail2ban depends on:
ii lsb-base 11.1.0
ii python3 3.9.2-3
Versions of packages fail2ban recommends:
ii iptables 1.8.7-1
ii nftables 0.9.8-3.1
ii python3-pyinotify 0.9.6-1.3
ii python3-systemd234-3+b4
ii whois 5.5.10
Versions of packages fail2ban suggests:
ii bsd-mailx [mailx]8.1.2-0.20180807cvs-2
pn monit
ii rsyslog [system-log-daemon] 8.2102.0-2
pn sqlite3
-- Configuration Files:
/etc/fail2ban/filter.d/courier-auth.conf changed:
[INCLUDES]
before = common.conf
[Definition]
_daemon = (?:courier)?(?:imapd?|pop3d?)(?:login)?(?:-ssl)?
failregex = ^%(__prefix_line)sLOGIN FAILED, (?:user|method)=.*, ip=\[\].*$
ignoreregex =
datepattern = {^LN-BEG}
-- no debconf information
Bug#593266: fix for this issue
Btw, the fix for this problem is easy; just comment the extention reference in /etc/php5/conf.d/mhash.ini -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#593266: mhash.so
Fyi; I experience the exact same thing since last week's upgrade of the php packages (to 5.3.2-2). '/usr/lib/php5/20090626+lfs/mhash.so' is simply missing. From what I read from a quick Google scan is that this lib is indeed depricated in newer php version, but still linked to from within php. Correct where wrong. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#563711: proftpd-basic: proftpd failes ftptest.net
Package: proftpd-basic Version: 1.3.2c-1 Severity: important Proftpd fails the ftptest.net test, the problem is described (and solved) here: http://bugs.proftpd.org/show_bug.cgi?id=3342 -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.32.2 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages proftpd-basic depends on: ii adduser 3.112 add and remove users and groups ii debconf 1.5.28 Debian configuration management sy ii debianutils 3.2.2 Miscellaneous utilities specific t ii libacl1 2.2.49-1 Access control list shared library ii libattr1 1:2.4.44-1 Extended attribute shared library ii libc6 2.10.2-2 GNU C Library: Shared libraries ii libcap2 1:2.17-2 support for getting/setting POSIX. ii libncurses5 5.7+20090803-2 shared libraries for terminal hand ii libpam-runtime1.1.0-4Runtime support for the PAM librar ii libpam0g 1.1.0-4Pluggable Authentication Modules l ii libssl0.9.8 0.9.8k-7 SSL shared libraries ii libwrap0 7.6.q-18 Wietse Venema's TCP wrappers libra ii netbase 4.40 Basic TCP/IP networking system ii openbsd-inetd [inet-super 0.20080125-4 The OpenBSD Internet Superserver ii sed 4.2.1-6The GNU sed stream editor ii ucf 3.0025 Update Configuration File: preserv proftpd-basic recommends no packages. Versions of packages proftpd-basic suggests: ii openssl 0.9.8k-7 Secure Socket Layer (SSL) binary a ii proftpd-doc 1.3.2c-1 Versatile, virtual-hosting FTP dae pn proftpd-mod-ldap none (no description available) ii proftpd-mod-mysql 1.3.2c-1 Versatile, virtual-hosting FTP dae pn proftpd-mod-odbc none (no description available) pn proftpd-mod-pgsql none (no description available) pn proftpd-mod-sqlitenone (no description available) -- debconf information: * shared/proftpd/inetd_or_standalone: standalone -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#563711: proftpd-basic: proftpd fails ftptest.net - ECONNABORTED
Actually, I came across this issue while I was investating something similar as described here: http://forum.filezilla-project.org/viewtopic.php?f=2t=13999 Browsing folders on a FTP behind a NAT (active/passive doesn't seem to matter) setup gives mixed results. Sometimes MLSD works, sometimes it doesn't (ECONNABORTED) using Filezilla 3.3.X or plain ftp command line from shell/windows cmd. This is not an issue connecting to the same FTP from the LAN (i.e. behind the NAT setup). Response: 220 ftp Command:USER Response: 331 Password required for Command:PASS Response: 230 User logged in Command:OPTS UTF8 ON Response: 200 UTF8 set to on Status: Connected Status: Retrieving directory listing... Command:CWD / Response: 250 CWD command successful Command:PWD Response: 257 / is the current directory Command:CWD tmp Response: 250 CWD command successful Command:PWD Response: 257 /tmp is the current directory Command:TYPE I Response: 200 Type set to I Command:PORT 10,0,1,6,201,56 Response: 200 PORT command successful Command:MLSD Response: 150 Opening ASCII mode data connection for MLSD Response: 226 Transfer complete Status: Directory listing successful Status: Retrieving directory listing... Command:CDUP Response: 250 CDUP command successful Command:PWD Response: 257 / is the current directory Status: Directory listing successful Status: Retrieving directory listing... Command:CWD log Response: 250 CWD command successful Command:PWD Response: 257 /log is the current directory Command:PORT 10,0,1,6,201,57 Response: 200 PORT command successful Command:MLSD Error: Disconnected from server: ECONNABORTED - Connection aborted Error: Failed to retrieve directory listing -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#527161: sasl2-bin tools segfault after upgrading to 2.1.22.dfsg1-23+b1
Package: sasl2-bin Version: 2.1.22.dfsg1-23+b1 Severity: grave Justification: renders package unusable tools from the sasl2-bin package are unusable due to segfaulting after upgrading to 2.1.22.dfsg1-23+b1 example: # sasldblistusers2 DB-get: method not permitted before handle's open method : Successful return: 0 # saslpasswd2 -c test : Successful return: 0 DB-fd: method not permitted before handle's open method Segmentation fault from postfix log when trying to do sasl authorisation: postfix/smtpd[26673]: connect from caladan.homelan.org[192.168.0.2] postfix/smtpd[26673]: warning: SASL authentication failure: error fetching from sasldb: Invalid argument postfix/master[25867]: warning: process /usr/lib/postfix/smtpd pid 26673 killed by signal 11 -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.28.7 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages sasl2-bin depends on: ii db4.6-util 4.6.21-13 Berkeley v4.6 Database Utilities ii debconf [debconf-2.0 1.5.26 Debian configuration management sy ii libc62.9-4 GNU C Library: Shared libraries ii libcomerr2 1.41.3-1common error description library ii libdb4.6 4.6.21-13 Berkeley v4.6 Database Libraries [ ii libgssapi-krb5-2 1.6.dfsg.4~beta1-13 MIT Kerberos runtime libraries - k ii libk5crypto3 1.6.dfsg.4~beta1-13 MIT Kerberos runtime libraries - C ii libkrb5-31.6.dfsg.4~beta1-13 MIT Kerberos runtime libraries ii libkrb5support0 1.6.dfsg.4~beta1-13 MIT Kerberos runtime libraries - S ii libldap-2.4-22.4.11-1OpenLDAP libraries ii libpam0g 1.0.1-9 Pluggable Authentication Modules l ii libsasl2-2 2.1.22.dfsg1-23+b1 Cyrus SASL - authentication abstra ii libssl0.9.8 0.9.8g-16 SSL shared libraries ii lsb-base 3.2-22 Linux Standard Base 3.2 init scrip sasl2-bin recommends no packages. sasl2-bin suggests no packages. -- debconf information: cyrus-sasl2/backup-sasldb2: /var/backups/sasldb2.bak cyrus-sasl2/purge-sasldb2: false cyrus-sasl2/upgrade-sasldb2-failed: cyrus-sasl2/upgrade-sasldb2-backup-failed: -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#395936: replacing IfDefine with IfModule solved the problem
Changing the IfDefine SSL/IfDefine statement around my SSL vhost configuration to IfModule mod_ssl.c/IfModule seems to have solved my problem. Notice; the IfDefine SSL statement did work with the previous version of apache2 in Debian testing. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#395936: Apache2 SSL service stopped working since upgrade to 2.2.3-2
Package: Apache2 Version: 2.2.3-2 Apache2 server has been running fine for years with SSL enabled. However since this I upgraded Apache2 I can't connect to the https:// service anymore, although the http:// service runs fine. Firefox complains: server has sent an incorrent or unexpected message. Error Code: -12263. Apache2 error.log shows: [client ip] Invalid method in request \x16\x03\x01 --- Debian testing/unstable, kernel 2.6.18 i686 GNU/Linux libc6 2.3.6.ds1-4 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#327524: fetchipac -S results in error
Package: ipac-ng Version: 1.31-1 When I invoke `fetchipac -S' from an ordinary shell prompt it prints: *** glibc detected *** free(): invalid pointer: 0x080715a8 *** Aborted Here is a transcript: # fetchipac -S *** glibc detected *** free(): invalid pointer: 0x080715a8 *** Aborted # I have absolutely no clue what's going on here, it used to work with the same config before. I also don't know when this issue first appearaed. I am using Debian GNU/Linux Sarge testing, kernel 2.6.13 vanilla and libc6 2.3.5-6 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#315167: hotway 0.8.4
Seems a new version of hotway (0.8.4) was released to fix this issue. This should close this bug. Regards, Daan
Bug#315167: Hotway Password Invalid Message
Package: hotway Version: 1:0.8.2-2 I've been running hotwayd succesfully for a while, however, recently it started failing to connect to the hotmail servers. This is the relevant output from fetchmail: - Authorization failure on [EMAIL PROTECTED]@127.0.0.1 fetchmail: Query status=3 (AUTHFAIL) - when I telnet to the hotwayd service on my system and try to login I get: - +OK POP3 hotwayd v0.8.2 - The POP3-HTTPMail Gateway. Server on arrakis active. USER [EMAIL PROTECTED] +OK Username validated, Password required PASS bar -ERR Remote server said password was invalid - The problem has been identified as follows: Hotwayd removed the @hotmail.com from the username sent to the hotmail-server. Disabling line 244 of hotwayd.c and recompiling seems to make it work again. Using debian GNU/Linux 3.1, kernel 2.6.11.5 and libc-2.3.2 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
