In Fedora 18, I've started seeing log messages that look like this in /var/log/messages: /var/log/messages-20130106.gz:Jan 5 08:27:01 jik2 \357\273\277fail2ban.filter : WARNING Determined IP using DNS Reverse Lookup: mail.epackage.com.tw = ['220.130.160.43'] I've written out "\357\273\277" for illustrative purposes, but in syslog it's the actual eight-bit characters shown by those octal escape codes. I think the actual problem is lower in the stack than fail2ban, but I suspect it's going to be very expensive and time-consuming to fix it lower down, and it's trivially easy to fix the problem within fail2ban: --- /usr/share/fail2ban/server/failregex.py 2013/01/25 16:09:03 1.1 +++ /usr/share/fail2ban/server/failregex.py 2013/01/25 16:09:20 @@ -130,4 +130,4 @@ s = self._matchCache.string r = self._matchCache.re raise RegexException("No 'host' found in '%s' using '%s'" % (s, r)) - return host + return str(host)
The fix for this that's in updates-testing right now works for me, and I just gave it positive karma. I'm confused, though, about why a comment wasn't added automatically here indicating that there was a fix in updates-testing. Also, judging from the changelog, the person who built the update that's in testing is not the person to whom this bug is assigned. Shouldn't the bug be updated to reflect who did the fix?
fail2ban-0.8.8-3.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/FEDORA-2013-2525/fail2ban-0.8.8-3.fc18
Forgot to link the bug.
fail2ban-0.8.8-3.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.