http://bugzilla.opensuse.org/show_bug.cgi?id=1200686 http://bugzilla.opensuse.org/show_bug.cgi?id=1200686#c11 --- Comment #11 from Randall DuCharme <radio.ad5gb@gmail.com> --- Modded the python-systemd pkg to define PY_SSIZE_T_CLEAN before the Python.h include. Tracking this down now.... "<matches>"); curl -sSf "https://api.abuseipdb.com/api/v2/report" -H "Accept: application/json" -H "Key: d30bdf8832a7601498708fd2e6b9e419b0c0aa011517a76338dfd459522ea73aed76b90d1ca99919" --data-urlencode "comment=$lgm" --data-urlencode "ip=<ip>" --data "categories=18"'], ['actionunban', ''], ['norestored', True], ['abuseipdb_apikey', 'd30bdf8832a7601498708fd2e6b9e419b0c0aa011517a76338dfd459522ea73aed76b90d1ca99919'], ['abuseipdb_category', '18'], ['bantime', '604800'], ['name', 'apache-trafficserver'], ['actname', 'abuseipdb']]], ['add', 'named-refused-udp', 'pyinotify'], ['set', 'named-refused-udp', 'usedns', 'yes'], ['set', 'named-refused-udp', 'prefregex', '^(?:\\s\\S+ (?:(?:\\[\\d+\\])?:\\s+\\(?named(?:\\(\\S+\\))?\\)?:?|\\(?named(?:\\(\\S+\\))?\\)?:?(?:\\[\\d+\\])?:)\\s+)?(?: info:)?\\s*client(?: @\\S*)? <HOST>#\\S+(?: \\([\\S.]+\\))?: <F-CONTENT>.+</F-CONTENT>\\s(?:denied|\\(NOTAUTH\\))\\s*$'], ['multi-set', 'named-refused-udp', 'addfailregex', ['^(?:view (?:internal|external): )?query(?: \\(cache\\))?', '^zone transfer', "^bad zone transfer request: '\\S+/IN': non-authoritative zone", '<HOST>#\\S+( \\([\\S.]+\\))?\\: rate limit drop', "^.\\S+/IN': denied$"]], ['set', 'named-refused-udp', 'maxretry', 1], ['set', 'named-refused-udp', 'maxmatches', 1], ['set', 'named-refused-udp', 'findtime', '86400'], ['set', 'named-refused-udp', 'bantime', '604800'], ['set', 'named-refused-udp', 'ignorecommand', ''], ['set', 'named-refused-udp', 'ignoreself', True], ['set', 'named-refused-udp', 'addignoreip', '127.0.0.1/8', '::1', '216.158.226.8/29', '52.55.244.91/32', '18.205.72.90/32', '64.41.200.0/24', '64.39.109.20/32', '69.65.50.192/32', '184.105.182.142/32', '184.105.182.212/32', '184.105.182.213/32', '184.105.182.214/32', '184.105.182.222/32', '184.105.182.223/32', '184.105.182.224/32', '75.64.31.7/32'], ['set', 'named-refused-udp', 'logencoding', 'auto'], ['set', 'named-refused-udp', 'addlogpath', '/var/log/named/security.log', 'head'], ['set', 'named-refused-udp', 'addaction', 'nftables-multiport'], ['multi-set', 'named-refused-udp', 'action', 'nftables-multiport', [['actionstart', "nft add table inet f2b-table\nnft -- add chain inet f2b-table input \\{ type filter hook input priority -1 \\; \\}\nnft add set inet f2b-table <addr_set> \\{ type <addr_type>\\; \\}\nfor proto in $(echo 'udp' | sed 's/,/ /g'); do\nnft add rule inet f2b-table input $proto dport \\{ $(echo 'domain,953' | sed s/:/-/g) \\} <addr_family> saddr @<addr_set> drop\ndone"], ['actionstop', "{ nft -a list chain inet f2b-table input | grep -oP '@<addr_set>\\s+.*\\s+\\Khandle\\s+(\\d+)$'; } | while read -r hdl; do\nnft delete rule inet f2b-table input $hdl; done\nnft delete set inet f2b-table <addr_set>\n{ nft list table inet f2b-table | grep -qP '^\\s+set\\s+'; } || {\nnft delete table inet f2b-table\n}"], ['actionflush', "{ nft flush set inet f2b-table <addr_set> 2> /dev/null; } || {\n{ nft -a list chain inet f2b-table input | grep -oP '@<addr_set>\\s+.*\\s+\\Khandle\\s+(\\d+)$'; } | while read -r hdl; do\nnft delete rule inet f2b-table input $hdl; done\nnft delete set inet f2b-table <addr_set>\nnft add set inet f2b-table <addr_set> \\{ type <addr_type>\\; \\}\nfor proto in $(echo 'udp' | sed 's/,/ /g'); do\nnft add rule inet f2b-table input $proto dport \\{ $(echo 'domain,953' | sed s/:/-/g) \\} <addr_family> saddr @<addr_set> drop\ndone\n}"], ['actioncheck', "nft list chain inet f2b-table input | grep -q '@<addr_set>[ \\t]'"], ['actionban', 'nft add element inet f2b-table <addr_set> \\{ <ip> \\}'], ['actionunban', 'nft delete element inet f2b-table <addr_set> \\{ <ip> \\}'], ['name', 'named-refused-udp'], ['bantime', '604800'], ['port', 'domain,953'], ['protocol', 'udp'], ['chain', 'input'], ['actname', 'nftables-multiport'], ['table', 'f2b-table'], ['table_family', 'inet'], ['chain_type', 'filter'], ['chain_hook', 'input'], ['chain_priority', '-1'], ['addr_type', 'ipv4_addr'], ['blocktype', 'drop'], ['nftables', 'nft'], ['addr_set', 'addr-set-<name>'], ['addr_family', 'ip'], ['addr_family?family=inet6', 'ip6'], ['addr_type?family=inet6', 'ipv6_addr'], ['addr_set?family=inet6', 'addr6-set-<name>']]], ['set', 'named-refused-udp', 'addaction', 'abuseipdb'], ['multi-set', 'named-refused-udp', 'action', 'abuseipdb', [['actionstart', ''], ['actionstop', ''], ['actioncheck', ''], ['actionban', 'lgm=$(printf \'%.1000s\\n...\' "<matches>"); curl -sSf "https://api.abuseipdb.com/api/v2/report" -H "Accept: application/json" -H "Key: d30bdf8832a7601498708fd2e6b9e419b0c0aa011517a76338dfd459522ea73aed76b90d1ca99919" --data-urlencode "comment=$lgm" --data-urlencode "ip=<ip>" --data "categories=18"'], ['actionunban', ''], ['norestored', True], ['abuseipdb_apikey', 'd30bdf8832a7601498708fd2e6b9e419b0c0aa011517a76338dfd459522ea73aed76b90d1ca99919'], ['abuseipdb_category', '18'], ['bantime', '604800'], ['name', 'named-refused-udp'], ['actname', 'abuseipdb']]], ['start', 'sshd'], ['start', 'apache-auth'], ['start', 'apache-badbots'], ['start', 'apache-noscript'], ['start', 'apache-overflows'], ['start', 'apache-nohome'], ['start', 'apache-botsearch'], ['start', 'apache-fakegooglebot'], ['start', 'apache-modsecurity'], ['start', 'apache-shellshock'], ['start', 'php-url-fopen'], ['start', 'vsftpd'], ['start', 'postfix'], ['start', 'postfix-rbl'], ['start', 'dovecot'], ['start', 'postfix-sasl'], ['start', 'named-refused'], ['start', 'recidive'], ['start', 'gitlab'], ['start', 'apache-wootwoot'], ['start', 'apache-webmail-phish'], ['start', 'apache-404'], ['start', 'apache-shellshock-scan'], ['start', 'apache-trafficserver'], ['start', 'named-refused-udp']]] has failed. Received ValueError('Invalid match') -- You are receiving this mail because: You are on the CC list for the bug.