committing changes in /etc made by "-bash"

Package changes:

fail2ban/action.d/iptables-xt_recent-echo.conf

@@ -7,10 +7,14 @@
 
 [INCLUDES]
 
-before = iptables-common.conf
+before = iptables.conf
 
 [Definition]
 
+_ipt_chain_rule = -m recent --update --seconds 3600 --name <iptname> -j <blocktype>
+_ipt_for_proto-iter =
+_ipt_for_proto-done =
+
 # Option:  actionstart
 # Notes.:  command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false).
 # Values:  CMD
@@ -33,7 +37,9 @@ before = iptables-common.conf
 #    own rules. The 3600 second timeout is independent and acts as a
 #    safeguard in case the fail2ban process dies unexpectedly. The
 #    shorter of the two timeouts actually matters.
-actionstart = if [ `id -u` -eq 0 ];then <iptables> -I <chain> -m recent --update --seconds 3600 --name <iptname> -j <blocktype>;fi
+actionstart = if [ `id -u` -eq 0 ];then
+              { %(_ipt_check_rule)s >/dev/null 2>&1; } || { <iptables> -I <chain> %(_ipt_chain_rule)s; }
+              fi
 
 # Option:  actionflush
 #
@@ -46,13 +52,15 @@ actionflush =
 # Values:  CMD
 #
 actionstop = echo / > /proc/net/xt_recent/<iptname>
-             if [ `id -u` -eq 0 ];then <iptables> -D <chain> -m recent --update --seconds 3600 --name <iptname> -j <blocktype>;fi
+             if [ `id -u` -eq 0 ];then
+             <iptables> -D <chain> %(_ipt_chain_rule)s;
+             fi
 
 # Option:  actioncheck
-# Notes.:  command executed once before each actionban command
+# Notes.:  command executed as invariant check (error by ban)
 # Values:  CMD
 #
-actioncheck = test -e /proc/net/xt_recent/<iptname>
+actioncheck = { <iptables> -C <chain> %(_ipt_chain_rule)s; } && test -e /proc/net/xt_recent/<iptname>
 
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
@@ -72,7 +80,7 @@ actionunban = echo -<ip> > /proc/net/xt_recent/<iptname>
 
 [Init]
 
-iptname              = f2b-<name>
+iptname = f2b-<name>
 
 [Init?family=inet6]