Skip to content

Commit 887fca8

Browse files
MHSanaeiMHSanaei
committed
fix(fail2ban): escape % in 3x-ipl action date format (#4218)
Fail2ban parses % as variable interpolation in action.d configs, so the unescaped %Y/%m/%d %H:%M:%S in the date command crashed fail2ban on startup. Double the %s in the heredoc so the rendered action file contains %% and fail2ban collapses it back to a literal % when invoking the shell command.
1 parent 6efc4b0 commit 887fca8

2 files changed

Lines changed: 4 additions & 4 deletions

File tree

DockerEntrypoint.sh

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -43,10 +43,10 @@ actionstop = <iptables> -D <chain> -p <protocol> -j f2b-<name>
4343
actioncheck = <iptables> -n -L <chain> | grep -q 'f2b-<name>[ \t]'
4444
4545
actionban = <iptables> -I f2b-<name> 1 -s <ip> -j <blocktype>
46-
echo "\$(date +"%Y/%m/%d %H:%M:%S") BAN [Email] = <F-USER> [IP] = <ip> banned for <bantime> seconds." >> $LOG_FOLDER/3xipl-banned.log
46+
echo "\$(date +"%%Y/%%m/%%d %%H:%%M:%%S") BAN [Email] = <F-USER> [IP] = <ip> banned for <bantime> seconds." >> $LOG_FOLDER/3xipl-banned.log
4747
4848
actionunban = <iptables> -D f2b-<name> -s <ip> -j <blocktype>
49-
echo "\$(date +"%Y/%m/%d %H:%M:%S") UNBAN [Email] = <F-USER> [IP] = <ip> unbanned." >> $LOG_FOLDER/3xipl-banned.log
49+
echo "\$(date +"%%Y/%%m/%%d %%H:%%M:%%S") UNBAN [Email] = <F-USER> [IP] = <ip> unbanned." >> $LOG_FOLDER/3xipl-banned.log
5050
5151
[Init]
5252
name = default

x-ui.sh

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2109,10 +2109,10 @@ actionstop = <iptables> -D <chain> -p <protocol> -j f2b-<name>
21092109
actioncheck = <iptables> -n -L <chain> | grep -q 'f2b-<name>[ \t]'
21102110
21112111
actionban = <iptables> -I f2b-<name> 1 -s <ip> -j <blocktype>
2112-
echo "\$(date +"%Y/%m/%d %H:%M:%S") BAN [Email] = <F-USER> [IP] = <ip> banned for <bantime> seconds." >> ${iplimit_banned_log_path}
2112+
echo "\$(date +"%%Y/%%m/%%d %%H:%%M:%%S") BAN [Email] = <F-USER> [IP] = <ip> banned for <bantime> seconds." >> ${iplimit_banned_log_path}
21132113
21142114
actionunban = <iptables> -D f2b-<name> -s <ip> -j <blocktype>
2115-
echo "\$(date +"%Y/%m/%d %H:%M:%S") UNBAN [Email] = <F-USER> [IP] = <ip> unbanned." >> ${iplimit_banned_log_path}
2115+
echo "\$(date +"%%Y/%%m/%%d %%H:%%M:%%S") UNBAN [Email] = <F-USER> [IP] = <ip> unbanned." >> ${iplimit_banned_log_path}
21162116
21172117
[Init]
21182118
name = default

0 commit comments

Comments
 (0)