Re: [PR PATCH] [Closed]: fail2ban: add filter for sshd with socklog

[github-actions[bot] <github-actions[bot]@users.noreply.github.com>]

[-- Attachment #1: Type: text/plain, Size: 1678 bytes --]

There's a closed pull request on the void-packages repository

fail2ban: add filter for sshd with socklog
https://github.com/void-linux/void-packages/pull/44977

Description:
The sshd filter distributed with fail2ban does not work properly with socklog out of the box.

Ideally, socklog would have comprehensive support upstream, but the configuration to make it work with *just* sshd is very straighforward and the fail2ban package should be able to protect sshd out of the box with void's preferred syslog implementation.

This change doesn't override any of fail2ban's default configuration. It adds a new filter defined in `sshd-socklock.conf` which inherits from the default `sshd.conf` and overrides only what is needed to make it work.

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes
- I tested the changes in this PR: **YES**

<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->

<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
  - aarch64-musl
  - armv7l
  - armv6l-musl
-->