diff --git a/CHANGELOG b/CHANGELOG index 6e091b2..64ef3fd 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -42,7 +42,7 @@ [Change] consolidated TMP_DROP and TMP_ALLOW chains into REFRESH_TEMP [Change] updated copyright dates in all output and file headers [Change] removed use of *_URL_PROT variables, URL's should now be fully qualified URI's (e.g: http://domain.com/path/file) -[Fix] expirebans() would only time delay remove bans that contained comments +[Fix] expirebans() would only remove bans that contained comments [Fix] allow rules in the format advanced trust syntax, when otherwise not defining a protocol, were only applying to TCP traffic [Fix] trust rules refresh cronjob modified to remove MAILTO & SHELL variables which were causing crond 'bad minute' errors on some systems diff --git a/CHANGELOG.RELEASE b/CHANGELOG.RELEASE index 3489608..26a5b56 100644 --- a/CHANGELOG.RELEASE +++ b/CHANGELOG.RELEASE @@ -42,6 +42,7 @@ [Change] consolidated TMP_DROP and TMP_ALLOW chains into REFRESH_TEMP [Change] updated copyright dates in all output and file headers [Change] removed use of *_URL_PROT variables, URL's should now be fully qualified URI's (e.g: http://domain.com/path/file) +[Fix] expirebans() would only remove bans that contained comments [Fix] allow rules in the format advanced trust syntax, when otherwise not defining a protocol, were only applying to TCP traffic [Fix] trust rules refresh cronjob modified to remove MAILTO & SHELL variables which were causing crond 'bad minute' errors on some systems diff --git a/files/internals/functions.apf b/files/internals/functions.apf index 9a1c10b..fcb94fa 100644 --- a/files/internals/functions.apf +++ b/files/internals/functions.apf @@ -1040,6 +1040,8 @@ if [ "$SET_EXPIRE" -ge "60" ]; then time_diff=$[$check_time-$ban_time] if [ "$time_diff" -ge "$expire_time" ]; then eout "{trust} removed expired ban for $ip (${time_diff}s/${expire_time}s)" + sdel=`echo $ip | sed 's%/%\\\/%'` + sed -i "/$sdel/d" /etc/apf/deny_hosts.rules /etc/apf/apf -u "$ip" >> /dev/null 2>&1 fi done