From 95fee0cc33077b9d7771d1a2f997091adb2cfafd Mon Sep 17 00:00:00 2001 From: Ilia Ross Date: Mon, 4 May 2026 17:42:40 +0200 Subject: [PATCH 1/5] Add nice header generation for saved nftables rules --- nftables/nftables-lib.pl | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/nftables/nftables-lib.pl b/nftables/nftables-lib.pl index 92ac64b5a..472d11e17 100644 --- a/nftables/nftables-lib.pl +++ b/nftables/nftables-lib.pl @@ -2024,13 +2024,20 @@ foreach my $r (@{$table->{'rules'}}) { return; } +# nftables_save_header() +# Returns the generated-file header for saved rules +sub nftables_save_header +{ +return "# This file was auto-generated by the module.\n". + "# Manual changes may be overwritten.\n\n"; +} # dump_nftables_save(@tables) # Returns a string representation of the firewall rules sub dump_nftables_save { my (@tables) = @_; -my $rv; +my $rv = nftables_save_header(); foreach my $t (@tables) { if ($t->{'family'}) { $rv .= "table $t->{'family'} $t->{'name'} {\n"; From 7e01b3eb44f1d756a156ddc382d684fd4a45ee48 Mon Sep 17 00:00:00 2001 From: Ilia Ross Date: Tue, 5 May 2026 09:41:45 +0200 Subject: [PATCH 2/5] Fix to set XDG runtime and D-Bus env in xterm shells https://github.com/webmin/webmin/issues/2679 --- xterm/rc/.bashrc | 14 ++++++++++++++ xterm/rc/.zshrc | 14 ++++++++++++++ 2 files changed, 28 insertions(+) diff --git a/xterm/rc/.bashrc b/xterm/rc/.bashrc index 3cbb131ac..4b63e43fd 100644 --- a/xterm/rc/.bashrc +++ b/xterm/rc/.bashrc @@ -53,3 +53,17 @@ if [ -d ~/.bashrc.d ]; then done fi unset rc + +# set XDG_RUNTIME_DIR and DBUS_SESSION_BUS_ADDRESS if not set +if [ -z "$XDG_RUNTIME_DIR" ]; then + uid=$(id -u) + xdg_runtime_dir="/run/user/$uid" + + if [ -d "$xdg_runtime_dir" ] && [ -O "$xdg_runtime_dir" ] && \ + [ -S "$xdg_runtime_dir/bus" ]; then + export XDG_RUNTIME_DIR="$xdg_runtime_dir" + export DBUS_SESSION_BUS_ADDRESS="unix:path=$XDG_RUNTIME_DIR/bus" + fi + + unset uid xdg_runtime_dir +fi diff --git a/xterm/rc/.zshrc b/xterm/rc/.zshrc index 50f8b01d7..2d95deae4 100644 --- a/xterm/rc/.zshrc +++ b/xterm/rc/.zshrc @@ -22,3 +22,17 @@ fi if [ -f ~/.zshrc ]; then . ~/.zshrc fi + +# set XDG_RUNTIME_DIR and DBUS_SESSION_BUS_ADDRESS if not set +if [ -z "$XDG_RUNTIME_DIR" ]; then + uid=$(id -u) + xdg_runtime_dir="/run/user/$uid" + + if [ -d "$xdg_runtime_dir" ] && [ -O "$xdg_runtime_dir" ] && \ + [ -S "$xdg_runtime_dir/bus" ]; then + export XDG_RUNTIME_DIR="$xdg_runtime_dir" + export DBUS_SESSION_BUS_ADDRESS="unix:path=$XDG_RUNTIME_DIR/bus" + fi + + unset uid xdg_runtime_dir +fi From bdad9fd17354b2830d3d4a5786863335316f5db2 Mon Sep 17 00:00:00 2001 From: Ilia Ross Date: Tue, 5 May 2026 23:49:21 +0200 Subject: [PATCH 3/5] Update changelog [no-build] --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1ba613e84..4ea4544bd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,6 +23,7 @@ * Fix to allow toggling process priority and I/O controls on or off * Fix issue where disabled email notifications were still being processed * Update Authentic theme to the latest version with various improvements and fixes: + - Upgrade stats history graphs from laggy SVG to a blazing-fast canvas renderer - Add option to control corner roundness for the menu, content area and right-side slider - Change the content area to use rounded corners and a margin by default - Fix message of the day display in login page correctly [webmin#2555](https://github.com/webmin/webmin/issues/2685) From f0b7f10b649285a7dbda7cbc86b560a83466a9b5 Mon Sep 17 00:00:00 2001 From: Ilia Ross Date: Wed, 6 May 2026 19:59:57 +0200 Subject: [PATCH 4/5] Fix Fail2Ban default jail options https://forum.virtualmin.com/t/fail2ban-bug/137165 --- CHANGELOG.md | 1 + fail2ban/edit_jaildef.cgi | 12 ++++++------ fail2ban/save_jaildef.cgi | 7 ++++++- 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4ea4544bd..fbcf766e6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,7 @@ * Fix unsafe decoding of Outlook `winmail.dat` attachments * Fix Certbot standalone port conflicts * Fix to correctly preserve full quoted action parameters in the Fail2Ban jail editor [#2647](https://github.com/webmin/webmin/issues/2647) +* Fix Fail2Ban default jail options to preserve required timing defaults when saving * Fix ZFS to fall back to `df` when disk space cannot be computed from `zpool` * Fix to allow toggling process priority and I/O controls on or off * Fix issue where disabled email notifications were still being processed diff --git a/fail2ban/edit_jaildef.cgi b/fail2ban/edit_jaildef.cgi index 650562746..573a72703 100755 --- a/fail2ban/edit_jaildef.cgi +++ b/fail2ban/edit_jaildef.cgi @@ -22,23 +22,23 @@ print &ui_table_start($text{'jaildef_header'}, undef, 2); # Matches needed my $def_maxretry = 3; my $maxretry = &find_value("maxretry", $jail); +$maxretry = $def_maxretry if (!defined($maxretry) || $maxretry eq ""); print &ui_table_row($text{'jail_maxretry'}, - &ui_opt_textbox("maxretry", $maxretry, 6, - $text{'default'}." (".$def_maxretry.")")); + &ui_textbox("maxretry", $maxretry, 3)); # Time to scan over my $def_findtime = 600; my $findtime = &find_value("findtime", $jail); +$findtime = $def_findtime if (!defined($findtime) || $findtime eq ""); print &ui_table_row($text{'jail_findtime'}, - &ui_opt_textbox("findtime", $findtime, 6, - $text{'default'}." (".$def_findtime.")")); + &ui_textbox("findtime", $findtime, 5)); # Time to ban for my $def_bantime = 600; my $bantime = &find_value("bantime", $jail); +$bantime = $def_bantime if (!defined($bantime) || $bantime eq ""); print &ui_table_row($text{'jail_bantime'}, - &ui_opt_textbox("bantime", $bantime, 6, - $text{'default'}." (".$def_bantime.")")); + &ui_textbox("bantime", $bantime, 5)); # IPs to ignore my $def_ignoreip = "127.0.0.1"; diff --git a/fail2ban/save_jaildef.cgi b/fail2ban/save_jaildef.cgi index fd7ddec46..9a1795127 100755 --- a/fail2ban/save_jaildef.cgi +++ b/fail2ban/save_jaildef.cgi @@ -33,8 +33,13 @@ foreach my $ip (@ignoreips) { # Update the jail &lock_all_config_files(); +my %defaults = ( + 'maxretry' => 3, + 'findtime' => 600, + 'bantime' => 600, + ); foreach my $f ("maxretry", "findtime", "bantime") { - &save_directive($f, $in{$f."_def"} ? undef : $in{$f}, $jail); + &save_directive($f, $in{$f."_def"} ? $defaults{$f} : $in{$f}, $jail); } &save_directive("ignoreip", @ignoreips ? join(" ", @ignoreips) : undef, $jail); &save_directive("backend", $in{'backend'} || undef, $jail); From 5b5c3cc4b1021925978a85d325363f43fa828dd8 Mon Sep 17 00:00:00 2001 From: Ilia Ross Date: Wed, 6 May 2026 22:16:53 +0200 Subject: [PATCH 5/5] Fix sensor parsing on SoC hardware where the main chip includes the CPU https://forum.virtualmin.com/t/cpu-temp-id-missing-dashboard/123096/9?u=ilia --- proc/linux-lib.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proc/linux-lib.pl b/proc/linux-lib.pl index 2bba546fd..5ad98fc38 100755 --- a/proc/linux-lib.pl +++ b/proc/linux-lib.pl @@ -635,7 +635,7 @@ if (&has_command("sensors")) { next if ($cpu_aux && !$cpu_unnamed); # CPU types - ($cpu_broadcom) = $_ =~ /cpu_thermal-virtual-[\d]+/i if (!$cpu_broadcom); + ($cpu_broadcom) = $_ =~ /(cpu|soc)_thermal-virtual-[\d]+/i if (!$cpu_broadcom); ($cpu_amd) = $_ =~ /\w[\d]{2}temp-pci/i if (!$cpu_amd); # Full CPU output #1253