Small bug in fail2ban-script

Brought to you by: bjorn1, jpyeron, kirkbauer, mtremaine, opoplawski

Small bug in fail2ban-script

Forum: Open Discussion

Creator: Thomas Wilhelmi

Created: 2020-11-29

Updated: 2024-04-19

Thomas Wilhelmi - 2020-11-29

Hi,

I don't know if this is already known but it seems to be present also in the newest version. These lines (starting at line 207):

~~~
if (keys(%NoticeList) && $Detail>7) {
print "\nNotices:\n";
foreach my $line (sort {$a cmp $b} keys %OtherList) {
print " $line: $OtherList{$line} Time(s)\n";
}
}
~~~

should be:

if (keys(%NoticeList) && $Detail>7) {
print "\nNotices:\n";
foreach my $line (sort {$a cmp $b} keys %NoticeList) {
print " $line: $NoticeList{$line} Time(s)\n";
}
}

Best regards

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Bjorn - 2021-04-22

Thanks for reporting this; it had fallen off my radar. Fixed in repository.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Alexandre Vroublevski - 2024-04-19
  
  Hi,
  
  after upgrading logwatch from v7.4.3 -> v7.7 I noticed, that the fail2ban report was missing host names, resolved from their ip-addresses.
  
  And I found, for example, in sshd service script the call of DoLookup() (from line 33):
  
  my $IllegalUsersThreshold = $ENV{'illegal_users_threshold'} || 0; DoLookup( $ENV{'sshd_ip_lookup'} ); my $DebugCounter = 0;
  
  Then, I added the line to the fail2ban service script:
  was (from line 47):
  
  my %ServicesIgnored = (); #Init String Containers
  
  became:
  
  my %ServicesIgnored = (); DoLookup (1); #Init String Containers
  
  And voila - the host names appeared in the report.
  I've checked, there are no changes in the scripts of version 7.10.
  
  Best regards
  
  fail2ban resolved hostnames.jpg
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.