From 4b1ffbe52e792cfaa30691c8b3ecae09afa45c1e Mon Sep 17 00:00:00 2001 From: limuthu123 <168603554+limuthu123@users.noreply.github.com> Date: Mon, 1 Jun 2026 09:34:53 +0530 Subject: [PATCH] revert: robustness and platform changes as per maintainer feedback --- ChangeLog | 2 -- config/action.d/ufw.conf | 4 ++-- fail2ban/client/configparserinc.py | 4 ++-- fail2ban/helpers.py | 2 +- fail2ban/server/failregex.py | 2 +- fail2ban/server/filter.py | 2 +- fail2ban/server/filtersystemd.py | 2 +- fail2ban/server/ipdns.py | 4 ++-- fail2ban/server/server.py | 2 +- fail2ban/setup.py | 2 -- 10 files changed, 11 insertions(+), 15 deletions(-) diff --git a/ChangeLog b/ChangeLog index 159a6252..1e30b2e6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -19,8 +19,6 @@ ver. 1.1.1-dev-1 (20??/??/??) - development nightly edition ### Fixes * Potential SQL injection in database.py using parameterized queries -* setup.py crash on Windows due to symlink privilege requirements -* Bare except blocks replaced with Exception to improve signal handling * fixes `systemd` bug with missing journal descriptor after rotation by reopening of journal if it is recognized as not alive (gh-3929) * improve threaded clean-up of all filters, new thread functions `afterStop` (to force clean-up after stop) and `done`, invoking `afterStop` once * ensure journal-reader is always closed (additional prevention against leaks and "too many open files"), thereby avoid sporadic segfault diff --git a/config/action.d/ufw.conf b/config/action.d/ufw.conf index e77b7df9..060093a0 100644 --- a/config/action.d/ufw.conf +++ b/config/action.d/ufw.conf @@ -39,8 +39,8 @@ kill-mode = # intern conditional parameter used to provide killing mode after ban: _kill_ = -_kill_ss = if [ "" != "1" ]; then ss -K dst "[]" || [ $? -eq 1 ]; fi -_kill_conntrack = if [ "" != "1" ]; then conntrack -D -s "" || [ $? -eq 1 ]; fi +_kill_ss = ss -K dst "[]" +_kill_conntrack = conntrack -D -s "" # Option: kill # Notes.: can be used to specify custom killing feature, by default depending on option kill-mode diff --git a/fail2ban/client/configparserinc.py b/fail2ban/client/configparserinc.py index 67ea9b28..11b9a461 100644 --- a/fail2ban/client/configparserinc.py +++ b/fail2ban/client/configparserinc.py @@ -202,11 +202,11 @@ after = 1.conf rplcmnt = 1 try: # set it in map-vars (consider different python versions): defaults[sopt] = v - except Exception: + except: # try to set in first default map (corresponding vars): try: defaults._maps[0][sopt] = v - except Exception: # pragma: no cover + except: # pragma: no cover # no way to update vars chain map - overwrite defaults: self._defaults[sopt] = v return rplcmnt diff --git a/fail2ban/helpers.py b/fail2ban/helpers.py index b3eb8ad2..00aca138 100644 --- a/fail2ban/helpers.py +++ b/fail2ban/helpers.py @@ -36,7 +36,7 @@ import importlib try: import ctypes _libcap = ctypes.CDLL('libcap.so.2') -except Exception: +except: _libcap = None diff --git a/fail2ban/server/failregex.py b/fail2ban/server/failregex.py index e016a1e4..85636f36 100644 --- a/fail2ban/server/failregex.py +++ b/fail2ban/server/failregex.py @@ -94,7 +94,7 @@ R_MAP = { try: re.search("^re(?i:val)$", "reVAL") R_GLOB2LOCFLAGS = ( re.compile(r"(?