On Monday, 17 October 2022 at 14:34, Richard Shaw wrote: > This actually has to do with iptables vs nftables but I need to be able to > deal with it here. > > iptables wants the port ranges specified using a ":" as a separator but > nftables wants "-"... > > The problem is in the default jail.conf which is: > > # Ports to be banned > # Usually should be overridden in a particular jail > port = 0:65535 > > My current thought is to create two sub-packages: > fail2ban-iptables > fail2ban-nftables > > I was thinking of using %post to do sed substitution for both packages (if > it's already correct it would end up being a no-op). > > Installing nftables by default since all current releases of Fedora use it > by default. > > Thoughts? Sounds good to me as a temporary solution. Have you discussed the move to nftables with upstream? Regards, Dominik (who has migration to nft still on his TODO list) -- Fedora https://getfedora.org | RPM Fusion http://rpmfusion.org There should be a science of discontent. People need hard times and oppression to develop psychic muscles. -- from "Collected Sayings of Muad'Dib" by the Princess Irulan _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
