fail2ban-block-ip-range icon indicating copy to clipboard operation
fail2ban-block-ip-range copied to clipboard

Published 20 hours ago verified publisher icon WKnak

Release 1.2.0

Open WKnak opened this issue 1 year ago • 4 comments

1.2.0 - Big merge from Dev to Main, including:

  • Compatibility with Python3.5 (mostly interpolated print(f) adjustments)
  • Created a preferences/config file settings under /etc/fail2ban/ folder
  • Some of the preferences in the arguments can now be persisted in the preferences
  • Created a new preference for the CIDR maximum range (valid from /18 to /30)
  • Compatibility with Fail2Ban old versions like 0.11.1 (there is a different way of getting banned status)
  • Code refactored into classes and helpers

WKnak avatar Jun 28 '24 18:06 WKnak

Tests:

  • Ubuntu 16.04.7, Python 3.5.2, fail2ban 0.9.3 (works fine, but this f2b client don't implements a way of getting ban status, a warning is thrown and works)
  • Ubuntu 20.04.6, Python 3.8.10, fail2ban 0.11.1 (OK)
  • Ubuntu 20.04.6, Python 3.8.10, fail2ban 1.1.0.1 (OK)

WKnak avatar Jun 28 '24 18:06 WKnak

@WKnak : will review this weekend

pbiering avatar Jun 28 '24 20:06 pbiering

@WKnak : introduction of a mandatory hardcoded config file is unexpected, especially that it tries to write by default:

Error was detected while saving /etc/fail2ban/fail2ban-block-ip-range.conf: [Errno 2] No such file or directory: '/etc/fail2ban/fail2ban-block-ip-range.conf'
Error was detected while reading /etc/fail2ban/fail2ban-block-ip-range.conf: [Errno 2] No such file or directory: '/etc/fail2ban/fail2ban-block-ip-range.conf'. Hard coded values will be applied

(this should be btw. not an error, only a notice, but only if specified)

BW: I would not change default behavior

  • make use of config file optional by option, e.g. "-c|--config CONFIGFILE"
  • add an explicit option to write settings to a config file taken from the provided command line options, e.g. "--write-config", only working in conjunction with explicit CONFIGFILE given - automatic save can be very unexpected
  • suggestion: on write CONFIG test also whether directory is writable at all before trying
  • side works for new release
    • extend online help for COUNTLIMIT, FILE, MAXAGE (and for the 2 new options suggested above)
    • update version in the contrib SPEC file

Adding the config file feature btw. I would consider updating the version to 2.x

pbiering avatar Jun 29 '24 05:06 pbiering

Still need to make the changes here, didn't find the time. 😐

WKnak avatar Jul 10 '24 01:07 WKnak