[Fix] expirebans() would only remove bans that contained comments

CHANGELOG

@@ -42,7 +42,7 @@
 [Change] consolidated TMP_DROP and TMP_ALLOW chains into REFRESH_TEMP
 [Change] updated copyright dates in all output and file headers
 [Change] removed use of *_URL_PROT variables, URL's should now be fully qualified URI's (e.g: http://domain.com/path/file)
-[Fix] expirebans() would only time delay remove bans that contained comments
+[Fix] expirebans() would only remove bans that contained comments
 [Fix] allow rules in the format advanced trust syntax, when otherwise not defining a protocol, were only applying to TCP traffic
 [Fix] trust rules refresh cronjob modified to remove MAILTO & SHELL variables which were causing crond
       'bad minute' errors on some systems

CHANGELOG.RELEASE

@@ -42,6 +42,7 @@
 [Change] consolidated TMP_DROP and TMP_ALLOW chains into REFRESH_TEMP
 [Change] updated copyright dates in all output and file headers
 [Change] removed use of *_URL_PROT variables, URL's should now be fully qualified URI's (e.g: http://domain.com/path/file)
+[Fix] expirebans() would only remove bans that contained comments
 [Fix] allow rules in the format advanced trust syntax, when otherwise not defining a protocol, were only applying to TCP traffic
 [Fix] trust rules refresh cronjob modified to remove MAILTO & SHELL variables which were causing crond
       'bad minute' errors on some systems

files/internals/functions.apf

@@ -1040,6 +1040,8 @@ if [ "$SET_EXPIRE" -ge "60" ]; then
                 time_diff=$[$check_time-$ban_time]
                 if [ "$time_diff" -ge "$expire_time" ]; then
                         eout "{trust} removed expired ban for $ip (${time_diff}s/${expire_time}s)"
+                        sdel=`echo $ip | sed 's%/%\\\/%'`
+                        sed -i "/$sdel/d" /etc/apf/deny_hosts.rules
                         /etc/apf/apf -u "$ip" >> /dev/null 2>&1
                 fi
          done