From fbd9cab08aec9e9cccf94f8b1440075a5bf42d21 Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Wed, 25 Jun 2014 17:28:19 +0200 Subject: [PATCH] Correctly handle single IP in IgnoreIP prop --- root/etc/e-smith/templates/etc/fail2ban/jail.conf/05IgnoreIP | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/05IgnoreIP b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/05IgnoreIP index 15519b6..876935b 100644 --- a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/05IgnoreIP +++ b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/05IgnoreIP @@ -25,7 +25,9 @@ unless (($fail2ban{FilterLocalNetworks} || 'disabled') eq 'enabled'){ # Add a local whitelist foreach (split /[,;]/, ($fail2ban{'IgnoreIP'} || '')){ - my ($ip,$bits) = Net::IPv4Addr::ipv4_parse("$_"); + my $addr = $_; + $addr .= '/32' unless ($addr =~ m/\/\d{1,2}$/); + my ($ip,$bits) = Net::IPv4Addr::ipv4_parse("$addr"); push @ip, "$ip/$bits"; }