Bug 1321460 - asterisk regex needs to be more liberal
Summary: asterisk regex needs to be more liberal
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: fail2ban
Version: epel7
Hardware: All
OS: Linux
unspecified
high
Target Milestone: ---
Assignee: Orion Poplawski
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-03-27 13:35 UTC by Brian J. Murrell
Modified: 2016-10-21 15:51 UTC (History)
3 users (show)

Fixed In Version: fail2ban-0.9.5-3.el7
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-10-21 15:51:20 UTC
Type: Bug


Attachments (Terms of Use)

Description Brian J. Murrell 2016-03-27 13:35:28 UTC
Description of problem:
Call from '[^']*' \(<HOST>:\d+\) to extension '\d+' rejected because extension not found in context 'default'\.$ only matches a context of default.  It needs to match any context.

Version-Release number of selected component (if applicable):
fail2ban-0.9.3-1.el7.noarch

How reproducible:
100%

Steps to Reproduce:
1. Create an Asterisk installation where you have incoming calls coming into a context other than "default"
2. Make an unauthorized call into that context
3.

Actual results:
fail2ban fails to match the unauthorized call.

Expected results:
fail2ban should recognize the unauthorized call and act accordingly.

Additional info:

The regex ought to be:
Call from '[^']*' \(<HOST>:\d+\) to extension '\d+' rejected because extension not found in context '.+'\.$

Comment 1 Orion Poplawski 2016-03-27 16:03:28 UTC
Can you test with https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8c048b38b and see if there are any changes there?

If not, a better place to file an issue is upstream: https://github.com/fail2ban/fail2ban/issues

Comment 2 Brian J. Murrell 2016-03-27 18:56:03 UTC
Looks like this is indeed fixed upstream in 0.9.4.  I will grab the koji build at http://koji.fedoraproject.org/koji/buildinfo?buildID=743504 and try it out.

Comment 3 Brian J. Murrell 2016-03-27 19:09:09 UTC
Yeah, 0.9.4 has a much better RE for that.

You can close this now.  I would but I don't know if you have another ticket you want to make it duplicate of or not.

Comment 4 Fedora Update System 2016-03-27 21:37:11 UTC
fail2ban-0.9.4-2.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-e8c048b38b

Comment 5 Orion Poplawski 2016-03-27 21:39:32 UTC
There are some other issues with 0.9.4 so we may not push it to stable until those are addressed, but marking this as fixed there.

Comment 6 Brian J. Murrell 2016-03-28 11:10:36 UTC
Hrm.  I've already installed it.  What kind of issues are there?

Comment 7 Orion Poplawski 2016-03-28 15:01:22 UTC
Fairly minor, but see https://bugzilla.redhat.com/show_bug.cgi?id=1266512#c17

Comment 8 Fedora Update System 2016-10-04 13:19:13 UTC
fail2ban-0.9.5-3.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-73eab6c7c7

Comment 9 Fedora Update System 2016-10-21 15:51:20 UTC
fail2ban-0.9.5-3.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.