On Wed, 22 Mar 2017, Dominic Raferd wrote:
> > > On 21 March 2017 at 14:36, Igor <fail2ban-l...@komkon.org> wrote: > > > Sorry for the "bump", but I am still hoping that someone from > the core > developers team would be able to respond. > > On Fri, 10 Mar 2017, Igor wrote: > > > > > > > I was testing a recent patch by Cristoph (#1689): > > https://github.com/fail2ban/fail2ban/issues/1689 > > (Thank you, Christoph!) > > > > > > That patch contains a new variable "lowest_rule_num" whose > value is set > > in config/action.d/bsd-ipfw.conf > > > > I thought that setting its value in jail.local would override > its > > default value, but it turns out that fail2ban does not read > this > > value from jail.local (or from fail2ban.local), neither on > "reload" nor on > > a fresh startup. > > > > I am probably wrong, but I thought that one can set any > variable's value > > in jail.local (or fail2ban.local) and that will override their > default > > values. > > > > Is this a bug or by design? > > Is there a way that defines the "scope" of a configuration > variable > > (global vs. local) that would affect if the variable value can > be set by > > a user in jail.local or fail2ban.local ? > > > A variable set within a named jail (in jail.conf or jail.conf or wherever) > will only affect that named jail. If you want a variable that can be used in > any jail, set it in the [DEFAULT] section. For instance, see sebres' idea at > https://github.com/fail2ban/fail2ban/issues/1464, and he states 'all the > parameters described in man [for] jail.conf can be used in [their] > respective jails. Default section contains the standard settings [which] > apply for all jails at once'. > > Dominic, thank you for your response! While talking about "local" and "global" variables, I didn't mean the differentiation between a single jail and all jails. Rather, I meant variables that can be set only within a specific module (action in this case), and those that can be set in the "central" configuration files (jail.local or fail2ban.local). I have the variable set in jail.local in the [DFAULT] section, and it is totally ignored. fail2ban-client -d does not show that value set. Instead, it shows the value set in action.d/bsd-ipfw.conf (if it is set). So, I am trying to figure out what is needed for a variable defined and used in action.d/*.conf to make it possible to set its value in jail.local . Igor ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
