I originally posted this on the epel-devel-list, but was referred by the EPEL maintainer of fail2ban to bring the discussion upstream to Fedora in hopes of convincing the Fedora maintainer of fail2ban to make these changes. The following was my original message:
I bring this to the list being that the issue isn't necessarily a bug, rather a concern about implementation. Per the documentation [http://www.fail2ban.org/wiki/index.php/MANUAL_0_8] fail2ban is _capable_ of supporting shorewall (among other things) and even states that "the following software is optional but recommended" with reference to shorewall. However, fail2ban does not _require_ shorewall to function.
That said, having a 'Requires: shorewall' in the fail2ban spec seems unnecessary and in my opinion improper. Breaking the package out into a sub package doesn't seem necessary either... being that the only file(s) I see that could be split off would be:
]# rpm -ql fail2ban | grep shorewall
Regardless, for the sake of those that have no interest in shorewall (and in particular those that want to avoid having to support shorewall) I'd like to suggest that fail2ban-shorewall be broken off in a sub-package or simply drop the Requires: shorewall completely so that the dependency of shorewall is only enacted when desired (or not at all).
Thank you for your time.