From owner-freebsd-ports@freebsd.org Fri Jun 22 20:43:30 2018 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D16361026BF0; Fri, 22 Jun 2018 20:43:30 +0000 (UTC) (envelope-from trashcan@ellael.org) Received: from mx2.enfer-du-nord.net (mx2.enfer-du-nord.net [IPv6:2001:41d0:401:2100::5:8a0e]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5AABD80E88; Fri, 22 Jun 2018 20:43:30 +0000 (UTC) (envelope-from trashcan@ellael.org) Received: from [IPv6:2003:e9:7f1b:7801:54b7:5afc:c9f5:e023] (p200300E97F1B780154B75AFCC9F5E023.dip0.t-ipconnect.de [IPv6:2003:e9:7f1b:7801:54b7:5afc:c9f5:e023]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx2.enfer-du-nord.net (Postfix) with ESMTPSA id 41C9Wd4McDz4rV; Fri, 22 Jun 2018 22:43:25 +0200 (CEST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.100.0 at mail.enfer-du-nord.net Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 11.4 \(3445.8.2\)) Subject: Re: py-fail2ban turned silent after syslogd rollout (r335059, stable/11) From: Michael Grimm In-Reply-To: Date: Fri, 22 Jun 2018 22:43:24 +0200 Cc: "ed@FreeBSD.org" , theis@gmx.at, Gleb Smirnoff , FreeBSD-STABLE Mailing List , Mailing List FreeBSD Ports Content-Transfer-Encoding: quoted-printable Message-Id: <636B4CDC-CAF6-4AF8-B025-00C3CC9D826C@ellael.org> References: <590A1B87-464D-455C-A03D-9908EB7AF286@ellael.org> <20180622155922.GA61217@plan-b.pwste.edu.pl> <697FFEFE-6AFB-45CE-ADCD-4DB10286E68B@ellael.org> <851C065F-0E02-425C-B4AF-8FCE0E405F8E@ellael.org> <1A5B44D8-28B0-49C9-B88D-EE6EBEE8788D@ellael.org> To: Ed Schouten X-Mailer: Apple Mail (2.3445.8.2) X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,RDNS_NONE autolearn=no autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on mail.kaan-bock.lan X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Jun 2018 20:43:31 -0000 On 22. Jun 2018, at 22:28, Ed Schouten wrote: > 2018-06-22 22:06 GMT+02:00 Michael Grimm : >> After applying your patch: >> Jun 22 21:22:01 HOSTNAME [31033]: NOTICE = [JAILNAME] Unban x.x.x.x >>=20 >> Watch: 'fail2ban.actions' -the service- is missing. >=20 > That's likely due to the fact that it now interprets the first word in > the message as the remote hostname, which gets discarded. >=20 > Attached is a somewhat refined patch that only tries to parse the > hostname in remote messages if they are preceded by a timestamp. If > the timestamp is missing, it assumes the entire payload is the > message. Can you give this one a try? Thanks! Great, you fixed it again in very short time, and I really do appreciate = this! Now with patch v2: Jun 22 22:39:59 HOSTNAME fail2ban.actions = [72605]: NOTICE [JAILNAME] Restore Ban x.x.x.x Thank you very, very much, Michael