Fail2ban + Shorewall Question
Jonathan Underwood
jonathan.underwood at gmail.com
Fri Jul 10 22:02:33 UTC 2009
2009/7/10 BJ Dierkes <wdierkes at 5dollarwhitebox.org>:
> Hello all,
> I originally posted this on the epel-devel-list, but was referred by the
> EPEL maintainer of fail2ban to bring the discussion upstream to Fedora in
> hopes of convincing the Fedora maintainer of fail2ban to make these changes.
> The following was my original message:
> ---
> I bring this to the list being that the issue isn't necessarily a bug,
> rather a concern about implementation. Per the documentation
> [http://www.fail2ban.org/wiki/index.php/MANUAL_0_8] fail2ban is _capable_ of
> supporting shorewall (among other things) and even states that "the
> following software is optional but recommended" with reference to shorewall.
> However, fail2ban does not _require_ shorewall to function.
>
> That said, having a 'Requires: shorewall' in the fail2ban spec seems
> unnecessary and in my opinion improper. Breaking the package out into a sub
> package doesn't seem necessary either... being that the only file(s) I see
> that could be split off would be:
https://bugzilla.redhat.com/show_bug.cgi?id=244275
>
> ]# rpm -ql fail2ban | grep shorewall
> /etc/fail2ban/action.d/shorewall.conf
>
>
> Regardless, for the sake of those that have no interest in shorewall (and in
> particular those that want to avoid having to support shorewall) I'd like to
> suggest that fail2ban-shorewall be broken off in a sub-package or simply
> drop the Requires: shorewall completely so that the dependency of shorewall
> is only enacted when desired (or not at all).
>
> Thoughts?
>
> Thank you for your time.
>
> ---
> derks
> --
> fedora-devel-list mailing list
> fedora-devel-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-devel-list
>
More information about the fedora-devel-list
mailing list