From owner-freebsd-ports-bugs@freebsd.org  Wed Jul  1 07:38:32 2015
Return-Path: <owner-freebsd-ports-bugs@freebsd.org>
Delivered-To: freebsd-ports-bugs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2E442991DBE
 for <freebsd-ports-bugs@mailman.ysv.freebsd.org>;
 Wed,  1 Jul 2015 07:38:32 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 1AF052987
 for <freebsd-ports-bugs@FreeBSD.org>; Wed,  1 Jul 2015 07:38:32 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from bugs.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id t617cVii088454
 for <freebsd-ports-bugs@FreeBSD.org>; Wed, 1 Jul 2015 07:38:31 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
From: bugzilla-noreply@freebsd.org
To: freebsd-ports-bugs@FreeBSD.org
Subject: [Bug 201108] security/py-fail2ban: ssh log entries are ignored
Date: Wed, 01 Jul 2015 07:38:32 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Ports & Packages
X-Bugzilla-Component: Individual Port(s)
X-Bugzilla-Version: Latest
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: oz42@oz42.eu
X-Bugzilla-Status: New
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: freebsd-ports-bugs@FreeBSD.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: maintainer-feedback?
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-201108-13-BKDAHW88io@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-201108-13@https.bugs.freebsd.org/bugzilla/>
References: <bug-201108-13@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ports-bugs>, 
 <mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs/>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
 <mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jul 2015 07:38:32 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201108

--- Comment #7 from oz42@oz42.eu ---
This is because with ipfw.conf, rules are added at the end which is pointless
because my last rules are

01400 reset log logamount 20 tcp from any to me in via vtnet0
01500 unreach port log logamount 20 udp from any to me in via vtnet0
01600 deny log logamount 20 ip from any to me in via vtnet0

I need to insert the fail2ban rules at the top, so my 1st line of the ruleset
is

00100 deny log logamount 20 ip from table(1) to me

and ipfw-oz.conf adds rules to table 1.

if we could insert rules ('iptables -I' in Linux speech) this would not be
necessary.

-- 
You are receiving this mail because:
You are the assignee for the bug.