On 03/19/2014 05:38 AM, Matthew Miller wrote:
On Tue, Mar 18, 2014 at 11:09:31PM -0600, Orion Poplawski wrote:
- Stick it in a fail2ban-firewalld sub-package that requires firewalld.
Downside is that people need to figure out that they really should
install this for default installs. Upside is it is easier to use
without firewalld (don't need to find and remove the
fedora-firewalld.conf file).
This gets my vote. An alternate approach would be to make fail2ban be a
virtual package that requires fail2ban-firewalld and a new fail2ban-server
subpackage which contains the actual thing.
Hmm, I like this alternative a lot. I'm probably taking this too far, but I'm
thinking of:
fail2ban-server - core components with minimal deps
fail2ban-firewalld - firewalld support/configuration - requires firewalld
fail2ban-hostsdeny - tcp_wrappers hosts.deny support - requires tcp_wrappers
fail2ban-mail - mail actions - requires /usr/bin/mail
fail2ban-sendmail - sendmail actions - requires /usr/sbin/sendmail
fail2ban-shorewall - shorewall support - requires shorewall
fail2ban-systemd - systemd journal configuration
fail2ban - default component - installs -firewalld,-sendmail,-systemd
fail2ban-all - installs everything - also requires /usr/bin/whois
Comments?
- Orion
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane orion@xxxxxxxx
Boulder, CO 80301 http://www.nwra.com
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
