diff --git a/DEVELOP b/DEVELOP index 592dfcb4..f1426561 100644 --- a/DEVELOP +++ b/DEVELOP @@ -1,4 +1,4 @@ - __ _ _ ___ _ +.. __ _ _ ___ _ / _|__ _(_) |_ ) |__ __ _ _ _ | _/ _` | | |/ /| '_ \/ _` | ' \ |_| \__,_|_|_/___|_.__/\__,_|_||_| @@ -25,6 +25,7 @@ Pull Requests ============= When submitting pull requests on GitHub we ask you to: + * Clearly describe the problem you're solving; * Don't introduce regressions that will make it hard for systems administrators to update; @@ -52,32 +53,32 @@ for more details. Install the package python-coverage to visualise your test coverage. Run the following (note: on Debian-based systems, the script is called -`python-coverage`): +`python-coverage`):: -coverage run bin/fail2ban-testcases -coverage html + coverage run bin/fail2ban-testcases + coverage html Then look at htmlcov/index.html and see how much coverage your test cases exert over the code base. Full coverage is a good thing however it may not be complete. Try to ensure tests cover as many independent paths through the code. -Manual Execution. To run in a development environment do: +Manual Execution. To run in a development environment do:: -./fail2ban-client -c config/ -s /tmp/f2b.sock -i start + ./fail2ban-client -c config/ -s /tmp/f2b.sock -i start -some quick commands: +some quick commands:: -status -add test pyinotify -status test -set test addaction iptables -set test actionban iptables echo >> /tmp/ban -set test actionunban iptables echo >> /tmp/unban -get test actionban iptables -get test actionunban iptables -set test banip 192.168.2.2 -status test + status + add test pyinotify + status test + set test addaction iptables + set test actionban iptables echo >> /tmp/ban + set test actionunban iptables echo >> /tmp/unban + get test actionban iptables + get test actionunban iptables + set test banip 192.168.2.2 + status test @@ -130,10 +131,10 @@ Git Use the following tags in your commit messages: -'BF:' for bug fixes -'DOC:' for documentation fixes -'ENH:' for enhancements -'TST:' for commits concerning tests only (thus not touching the main code-base) +* 'BF:' for bug fixes +* 'DOC:' for documentation fixes +* 'ENH:' for enhancements +* 'TST:' for commits concerning tests only (thus not touching the main code-base) Multiple tags could be joined with +, e.g. "BF+TST:". diff --git a/FILTERS b/FILTERS index fd441e58..10113dfc 100644 --- a/FILTERS +++ b/FILTERS @@ -1,4 +1,4 @@ - __ _ _ ___ _ +.. __ _ _ ___ _ / _|__ _(_) |_ ) |__ __ _ _ _ | _/ _` | | |/ /| '_ \/ _` | ' \ |_| \__,_|_|_/___|_.__/\__,_|_||_| @@ -7,10 +7,8 @@ Developing Filters ================================================================================ -Filters -======= - Filters are tricky. They need to: + * work with a variety of the versions of the software that generates the logs; * work with the range of logging configuration options available in the software; @@ -31,10 +29,11 @@ what you have done, what is the hurdle, and we'll attempt to help (PR will be automagically updated with future commits you would push to complete it). -Filter test cases ------------------ +Filter Test Cases +================= -Purpose: +Purpose +------- Start by finding the log messages that the application generates related to some form of authentication failure. If you are adding to an existing filter @@ -49,7 +48,8 @@ and exim-spam at log messages related to spam. Even if it is a new filter you may consider separating the log messages into different filters based on purpose. -Cause: +Cause +----- Are some of the log lines a result of the same action? For example, is a PAM failure log message, followed by an application specific failure message the @@ -65,7 +65,8 @@ the log message be occurring due to the first step towards the application asking for authentication? Could the log messages occur often? If some of these are true make a note of this in the jail.conf example that you provide. -Samples: +Samples +------- It is important to include log file samples so any future change in the regular expression will still work with the log lines you have identified. @@ -93,21 +94,22 @@ If the mechanism to create the log message isn't obvious provide a configuration and/or sample scripts testcases/files/config/{filtername} and reference these in the comments above the log line. -FailJSON metadata: +FailJSON metadata +----------------- A failJSON metadata is a comment immediately above the log message. It will -look like: +look like:: -# failJSON: { "time": "2013-06-10T10:10:59", "match": true , "host": "93.184.216.119" } + # failJSON: { "time": "2013-06-10T10:10:59", "match": true , "host": "93.184.216.119" } Time should match the time of the log message. It is in a specific format of Year-Month-Day'T'Hour:minute:Second. If your log message does not include a year, like the example below, the year should be listed as 2005, if before Sun Aug 14 10am UTC, and 2004 if afterwards. Here is an example failJSON -line preceding a sample log line: +line preceding a sample log line:: -# failJSON: { "time": "2005-03-24T15:25:51", "match": true , "host": "198.51.100.87" } -Mar 24 15:25:51 buffalo1 dropbear[4092]: bad password attempt for 'root' from 198.51.100.87:5543 + # failJSON: { "time": "2005-03-24T15:25:51", "match": true , "host": "198.51.100.87" } + Mar 24 15:25:51 buffalo1 dropbear[4092]: bad password attempt for 'root' from 198.51.100.87:5543 The "host" in failJSON should contain the IP or domain that should be blocked. @@ -116,27 +118,28 @@ attacks) and any log lines to be excluded (see "Cause" section above), set "match": false in the failJSON and describe the reason in the comment above. After developing regexes, the following command will test all failJSON metadata -against the log lines in all sample log files +against the log lines in all sample log files:: -./fail2ban-testcases testSampleRegex + ./fail2ban-testcases testSampleRegex Developing Filter Regular Expressions -------------------------------------- +===================================== -Date/Time: +Date/Time +--------- At the moment, Fail2Ban depends on log lines to have time stamps. That is why before starting to develop failregex, check if your log line format known to Fail2Ban. Copy the time component from the log line and append an IP address to -test with following command: +test with following command:: -./fail2ban-regex "2013-09-19 02:46:12 1.2.3.4" "" + ./fail2ban-regex "2013-09-19 02:46:12 1.2.3.4" "" -Output of such command should contain something like: +Output of such command should contain something like:: -Date template hits: -|- [# of hits] date format -| [1] Year-Month-Day Hour:Minute:Second + Date template hits: + |- [# of hits] date format + | [1] Year-Month-Day Hour:Minute:Second Ensure that the template description matches time/date elements in your log line time stamp. If there is no matched format then date template needs to be added @@ -144,29 +147,31 @@ to server/datedetector.py. Ensure that a new template is added in the order that more specific matches occur first and that there is no confusion between a Day and a Month. -Filter file: +Filter file +----------- The filter is specified in a config/filter.d/{filtername}.conf file. Filter file -can have sections INCLUDES (optional) and Definition as follows: +can have sections INCLUDES (optional) and Definition as follows:: -[INCLUDES] - -before = common.conf - -after = filtername.local - -[Definition] - -failregex = .... - -ignoreregex = .... + [INCLUDES] + + before = common.conf + + after = filtername.local + + [Definition] + + failregex = .... + + ignoreregex = .... This is also documented in the man page jail.conf (section 5). Other definitions can be added to make failregex's more readable and maintainable to be used through string Interpolations (see http://docs.python.org/2.7/library/configparser.html) -General rules: +General rules +------------- Use "before" if you need to include a common set of rules, like syslog or if there is a common set of regexes for multiple filters. @@ -178,33 +183,35 @@ Try to avoid using ignoreregex mainly for performance reasons. The case when you would use it is if in trying to avoid using it, you end up with an unreadable failregex. -Syslog: +Syslog +------ If your application logs to syslog you can take advantage of log line prefix -definitions present in common.conf. So as a base use: +definitions present in common.conf. So as a base use:: -[INCLUDES] - -before = common.conf - -[Definition] - -_daemon = app - -failregex = ^%(__prefix_line)s + [INCLUDES] + + before = common.conf + + [Definition] + + _daemon = app + + failregex = ^%(__prefix_line)s In this example common.conf defines __prefix_line which also contains the _daemon name (in syslog terms the service) you have just specified. _daemon can also be a regex. -For example, to capture following line _daemon should be set to "dovecot" +For example, to capture following line _daemon should be set to "dovecot":: -Dec 12 11:19:11 dunnart dovecot: pop3-login: Aborted login (tried to use disabled plaintext auth): rip=190.210.136.21, lip=113.212.99.193 + Dec 12 11:19:11 dunnart dovecot: pop3-login: Aborted login (tried to use disabled plaintext auth): rip=190.210.136.21, lip=113.212.99.193 -and then ^%(__prefix_line)s would match "Dec 12 11:19:11 dunnart dovecot: +and then ``^%(__prefix_line)s`` would match "Dec 12 11:19:11 dunnart dovecot: ". Note it matches the trailing space(s) as well. -Substitutions (AKA string interpolations): +Substitutions (AKA string interpolations) +----------------------------------------- We have used string interpolations in above examples. They are useful for making the regexes more readable, reuse generic patterns in multiple failregex @@ -213,7 +220,8 @@ to the user. General principle is that value of a _name variable replaces occurrences of %(_name)s within the same section or anywhere in the config file if defined in [DEFAULT] section. -Regular Expressions: +Regular Expressions +------------------- Regular expressions (failregex, ignoreregex) assume that the date/time has been removed from the log line (this is just how fail2ban works internally ATM). @@ -236,29 +244,33 @@ If you have only a basic knowledge of regular repressions we advise to read http://docs.python.org/2/library/re.html first. It doesn't take long and would remind you e.g. which characters you need to escape and which you don't. -Developing/testing a regex: +Developing/testing a regex +-------------------------- You can develop a regex in a file or using command line depending on your preference. You can also use samples you have already created in the test cases or test them one at a time. The general tool for testing Fail2Ban regexes is fail2ban-regex. To see how to -use it run: +use it run:: -./fail2ban-regex --help + ./fail2ban-regex --help Take note of -l heavydebug / -l debug and -v as they might be very useful. -TIP: Take a look at the source code of the application you are developing +.. TIP:: + Take a look at the source code of the application you are developing failregex for. You may see optional or extra log messages, or parts there of, that need to form part of your regex. It may also reveal how some parts are constrained and different formats depending on configuration or less common usages. -TIP: For looking through source code - http://sourcecodebrowser.com/ . It has +.. TIP:: + For looking through source code - http://sourcecodebrowser.com/ . It has call graphs and can browse different versions. -TIP: Some applications log spaces at the end. If you are not sure add \s*$ as +.. TIP:: + Some applications log spaces at the end. If you are not sure add \s*$ as the end part of the regex. If your regex is not matching, http://www.debuggex.com/?flavor=python can help @@ -277,13 +289,15 @@ When you have fixed the regex put it back into your filter file. Please spread the good word about Debuggex - Serge Toarca is kindly continuing its free availability to Open Source developers. -Finishing up: +Finishing up +------------ If you've added a new filter, add a new entry in config/jail.conf. The theory here is that a user will create a jail.local with [filtername]\nenable=true to enable your jail. So more specifically in the [filter] section in jail.conf: + * ensure that you have "enabled = false" (users will enable as needed); * use "filter =" set to your filter name; * use a typical action to disable ports associated with the application; @@ -295,7 +309,7 @@ Submit github pull request (See "Pull Requests" above) for github.com/fail2ban/fail2ban containing your great work. Filter Security ---------------- +=============== Poor filter regular expressions are susceptible to DoS attacks. @@ -321,33 +335,33 @@ Examples of poor filters 1. Too restrictive -We find a log message: +We find a log message:: Apr-07-13 07:08:36 Invalid command fial2ban from 1.2.3.4 -We make a failregex +We make a failregex:: ^Invalid command \S+ from Now think evil. The user does the command 'blah from 1.2.3.44' -The program diligently logs: +The program diligently logs:: Apr-07-13 07:08:36 Invalid command blah from 1.2.3.44 from 1.2.3.4 And fail2ban matches 1.2.3.44 as the IP that it ban. A DoS attack was successful. -The fix here is that the command can be anything so .* is appropriate. +The fix here is that the command can be anything so .* is appropriate:: ^Invalid command .* from Here the .* will match until the end of the string. Then realise it has more to match, i.e. "from " and go back until it find this. Then it will ban -1.2.3.4 correctly. Since the is always at the end, end the regex with a $. +1.2.3.4 correctly. Since the is always at the end, end the regex with a $:: ^Invalid command .* from $ -Note if we'd just had the expression: +Note if we'd just had the expression:: ^Invalid command \S+ from $ @@ -359,16 +373,16 @@ banned. From the Apache vulnerability CVE-2013-2178 ( original ref: https://vndh.net/note:fail2ban-089-denial-service ). -An example bad regex for Apache: +An example bad regex for Apache:: failregex = [[]client []] user .* not found -Since the user can do a get request on: +Since the user can do a get request on:: GET /[client%20192.168.0.1]%20user%20root%20not%20found HTTP/1.0 -Host: remote.site + Host: remote.site -Now the log line will be: +Now the log line will be:: [Sat Jun 01 02:17:42 2013] [error] [client 192.168.33.1] File does not exist: /srv/http/site/[client 192.168.0.1] user root not found @@ -379,27 +393,27 @@ regex and blocks 192.168.33.1 as a denial of service from the HTTP requester. From: https://github.com/fail2ban/fail2ban/pull/426 -An example ssh log (simplified) +An example ssh log (simplified):: Sep 29 17:15:02 spaceman sshd[12946]: Failed password for user from 127.0.0.1 port 20000 ssh1: ruser remoteuser As we assume username can include anything including spaces its prudent to put -.* here. The remote user can also exist as anything so lets not make assumptions again. +.* here. The remote user can also exist as anything so lets not make assumptions again:: failregex = ^%(__prefix_line)sFailed \S+ for .* from ( port \d*)?( ssh\d+)?(: ruser .*)?$ So this works. The problem is if the .* after remote user is injected by the -user to be 'from 1.2.3.4'. The resultant log line is. +user to be 'from 1.2.3.4'. The resultant log line is:: Sep 29 17:15:02 spaceman sshd[12946]: Failed password for user from 127.0.0.1 port 20000 ssh1: ruser from 1.2.3.4 -Testing with: +Testing with:: fail2ban-regex -v 'Sep 29 17:15:02 Failed password for user from 127.0.0.1 port 20000 ssh1: ruser from 1.2.3.4' '^ Failed \S+ for .* from ( port \d*)?( ssh\d+)?(: ruser .*)?$' -TIP: I've removed the bit that matches __prefix_line from the regex and log. +.. TIP:: I've removed the bit that matches __prefix_line from the regex and log. -Shows: +Shows:: 1) [1] ^ Failed \S+ for .* from ( port \d*)?( ssh\d+)?(: ruser .*)?$ 1.2.3.4 Sun Sep 29 17:15:02 2013 @@ -412,14 +426,14 @@ The result was that 1.2.3.4 was matched, injected by the user, and the wrong IP was banned. The solution here is to make the first .* non-greedy with .*?. Here it matches -as little as required and the fail2ban-regex tool shows the output: +as little as required and the fail2ban-regex tool shows the output:: fail2ban-regex -v 'Sep 29 17:15:02 Failed password for user from 127.0.0.1 port 20000 ssh1: ruser from 1.2.3.4' '^ Failed \S+ for .*? from ( port \d*)?( ssh\d+)?(: ruser .*)?$' 1) [1] ^ Failed \S+ for .*? from ( port \d*)?( ssh\d+)?(: ruser .*)?$ 127.0.0.1 Sun Sep 29 17:15:02 2013 -So the general case here is a log line that contains: +So the general case here is a log line that contains:: (fixed_data_1)(fixed_data_2)(user_injectable_data) @@ -427,20 +441,21 @@ Where the regex that matches fixed_data_1 is gready and matches the entire string, before moving backwards and user_injectable_data can match the entire string. -Another case: +Another case +------------ ref: https://www.debuggex.com/r/CtAbeKMa2sDBEfA2/0 -A webserver logs the following without URL escaping: +A webserver logs the following without URL escaping:: [error] 2865#0: *66647 user "xyz" was not found in "/file", client: 1.2.3.1, server: www.host.com, request: "GET ", client: 3.2.1.1, server: fake.com, request: "GET exploited HTTP/3.3", host: "injected.host", host: "www.myhost.com" -regex: +regex:: failregex = ^ \[error\] \d+#\d+: \*\d+ user "\S+":? (?:password mismatch|was not found in ".*"), client: , server: \S+, request: "\S+ .+ HTTP/\d+\.\d+", host: "\S+" The .* matches to the end of the string. Finds that it can't continue to match -", client ... so it moves from the back and find that the user injected web URL: +", client ... so it moves from the back and find that the user injected web URL:: ", client: 3.2.1.1, server: fake.com, request: "GET exploited HTTP/3.3", host: "injected.host @@ -453,14 +468,14 @@ beyond . 4. Application generates two identical log messages with different meanings If the application generates the following two messages under different -circumstances: +circumstances:: client : authentication failed client : authentication failed -Then it's obvious that a regex of "^client : authentication -failed$" will still cause problems if the user can trigger the second +Then it's obvious that a regex of ``^client : authentication +failed$`` will still cause problems if the user can trigger the second log message with a of 123.1.1.1. Here there's nothing to do except request/change the application so it logs diff --git a/RELEASE b/RELEASE index e787b040..9002b75e 100644 --- a/RELEASE +++ b/RELEASE @@ -1,4 +1,4 @@ - __ _ _ ___ _ +.. __ _ _ ___ _ / _|__ _(_) |_ ) |__ __ _ _ _ | _/ _` | | |/ /| '_ \/ _` | ' \ |_| \__,_|_|_/___|_.__/\__,_|_||_| @@ -7,7 +7,10 @@ How to do a release for Fail2Ban ================================================================================ -# Check distribution patches and see if they can be included +Preparation +=========== + +* Check distribution patches and see if they can be included * https://apps.fedoraproject.org/packages/fail2ban/sources * http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/net-analyzer/fail2ban/ @@ -16,7 +19,8 @@ How to do a release for Fail2Ban * http://sophie.zarb.org/sources/fail2ban (Mageia) * https://trac.macports.org/browser/trunk/dports/security/fail2ban -# Check distribution outstanding bugs + +* Check distribution outstanding bugs * https://github.com/fail2ban/fail2ban/issues?sort=updated&state=open * http://bugs.debian.org/cgi-bin/pkgreport.cgi?dist=unstable;package=fail2ban @@ -29,144 +33,165 @@ How to do a release for Fail2Ban * https://bugs.mageia.org/buglist.cgi?quicksearch=fail2ban * https://build.opensuse.org/package/requests/openSUSE:Factory/fail2ban -# Make sure the tests pass + +* Make sure the tests pass:: ./fail2ban-testcases-all -# Ensure the version is correct +* Ensure the version is correct in: - in: * ./fail2ban/version.py * top of ChangeLog * README.md -# Ensure the MANIFEST is complete -Run: +* Ensure the MANIFEST is complete + +* Run:: python setup.py sdist -Look for errors like: - 'testcases/files/logs/mysqld.log' not a regular file -- skipping +* Look for errors like:: -Which indicates that testcases/files/logs/mysqld.log has been moved or is a directory + 'testcases/files/logs/mysqld.log' not a regular file -- skipping - tar -C /tmp -jxf dist/fail2ban-0.9.0.tar.bz2 + * Which indicates that testcases/files/logs/mysqld.log has been moved or is a directory:: -# clean up current direcory + tar -C /tmp -jxf dist/fail2ban-0.9.0.tar.bz2 - diff -rul --exclude \*.pyc . /tmp/fail2ban-0.9.0/ +* clean up current direcory:: - # Only differences should be files that you don't want distributed. + diff -rul --exclude \*.pyc . /tmp/fail2ban-0.9.0/ -# Ensure the tests work from the tarball - - cd /tmp/fail2ban-0.9.0/ && export PYTHONPATH=`pwd` && bin/fail2ban-testcases - -# Add/finalize the corresponding entry in the ChangeLog - - To generate a list of committers use e.g. - - git shortlog -sn 0.8.12.. | sed -e 's,^[ 0-9\t]*,,g' | tr '\n' '\|' | sed -e 's:|:, :g' - - Ensure the top of the ChangeLog has the right version and current date. - - Ensure the top entry of the ChangeLog has the right version and current date. - -# Update man pages - - (cd man ; ./generate-man ) - git commit -m 'DOC/ENH: update man pages for release' man/* - -# Cleanout TODO file with the finished stuff - -# Prepare source and rpm binary distributions - - python setup.py sdist + * Only differences should be files that you don't want distributed. -Broken for now: python setup.py bdist_rpm -Broken for now: python setup.py upload +* Ensure the tests work from the tarball:: -# Tag the release by using a signed (and annotated) tag. Cut/paste - release ChangeLog entry as tag annotation + cd /tmp/fail2ban-0.9.0/ && export PYTHONPATH=`pwd` && bin/fail2ban-testcases - git tag -s 0.9.1 +* Add/finalize the corresponding entry in the ChangeLog -# Prerelease (option) + * To generate a list of committers use e.g.:: -# Provide a release sample to distributors + git shortlog -sn 0.8.12.. | sed -e 's,^[ 0-9\t]*,,g' | tr '\n' '\|' | sed -e 's:|:, :g' + + * Ensure the top of the ChangeLog has the right version and current date. + * Ensure the top entry of the ChangeLog has the right version and current date. + +* Update man pages:: + + (cd man ; ./generate-man ) + git commit -m 'DOC/ENH: update man pages for release' man/* + +* Cleanout TODO file with the finished stuff + +* Prepare source and rpm binary distributions:: + + python setup.py sdist + + * Broken for now: python setup.py bdist_rpm + * Broken for now: python setup.py upload + + +* Tag the release by using a signed (and annotated) tag. Cut/paste + release ChangeLog entry as tag annotation:: + + git tag -s 0.9.1 + +Pre Release +=========== + +* Provide a release sample to distributors * Arch Linux: - https://www.archlinux.org/packages/community/any/fail2ban/ + + * https://www.archlinux.org/packages/community/any/fail2ban/ + * Debian: Yaroslav Halchenko - http://packages.qa.debian.org/f/fail2ban.html + + * http://packages.qa.debian.org/f/fail2ban.html + * FreeBSD: Christoph Theis theis@gmx.at>, Nick Hilliard - http://svnweb.freebsd.org/ports/head/security/py-fail2ban/Makefile?view=markup - http://www.freebsd.org/cgi/query-pr-summary.cgi?text=fail2ban + + * http://svnweb.freebsd.org/ports/head/security/py-fail2ban/Makefile?view=markup + * http://www.freebsd.org/cgi/query-pr-summary.cgi?text=fail2ban + * Fedora: Axel Thimm - https://apps.fedoraproject.org/packages/fail2ban - http://pkgs.fedoraproject.org/cgit/fail2ban.git - https://admin.fedoraproject.org/pkgdb/acls/bugs/fail2ban + + * https://apps.fedoraproject.org/packages/fail2ban + * http://pkgs.fedoraproject.org/cgit/fail2ban.git + * https://admin.fedoraproject.org/pkgdb/acls/bugs/fail2ban + * Gentoo: netmon@gentoo.org - http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/net-analyzer/fail2ban/metadata.xml?view=markup - https://bugs.gentoo.org/buglist.cgi?quicksearch=fail2ban + + * http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/net-analyzer/fail2ban/metadata.xml?view=markup + * https://bugs.gentoo.org/buglist.cgi?quicksearch=fail2ban + * openSUSE: Stephan Kulow - https://build.opensuse.org/package/show/openSUSE:Factory/fail2ban + + * https://build.opensuse.org/package/show/openSUSE:Factory/fail2ban + * Mac Ports: @Malbrouck on github (gh-49) - https://trac.macports.org/browser/trunk/dports/security/fail2ban/Portfile + + * https://trac.macports.org/browser/trunk/dports/security/fail2ban/Portfile + * Mageia: - https://bugs.mageia.org/buglist.cgi?quicksearch=fail2ban - An potentially to the fail2ban-users email list. + * https://bugs.mageia.org/buglist.cgi?quicksearch=fail2ban -# Wait for feedback from distributors + * An potentially to the fail2ban-users email list. -# Prepare a release notice https://github.com/fail2ban/fail2ban/releases/new - Upload the source/binaries from the dist directory and tag the release using the URL +* Wait for feedback from distributors -# Upload source/binaries to sourceforge http://sourceforge.net/projects/fail2ban/ +* Prepare a release notice https://github.com/fail2ban/fail2ban/releases/new -# Run the following and update the wiki with output: - python -c 'import fail2ban.protocol; fail2ban.protocol.printWiki()' +* Upload the source/binaries from the dist directory and tag the release using the URL + +* Upload source/binaries to sourceforge http://sourceforge.net/projects/fail2ban/ + +* Run the following and update the wiki with output:: + + python -c 'import fail2ban.protocol; fail2ban.protocol.printWiki()' + + * page: http://www.fail2ban.org/wiki/index.php/Commands - page: http://www.fail2ban.org/wiki/index.php/Commands * Update: - http://www.fail2ban.org/wiki/index.php?title=Template:Fail2ban_Versions&action=edit - http://www.fail2ban.org/wiki/index.php?title=Template:Fail2ban_News&action=edit - move old bits to: - http://www.fail2ban.org/wiki/index.php?title=Template:Fail2ban_OldNews&action=edit + * http://www.fail2ban.org/wiki/index.php?title=Template:Fail2ban_Versions&action=edit - http://www.fail2ban.org/wiki/index.php/ChangeLog - http://www.fail2ban.org/wiki/index.php/Requirements (Check requirement) - http://www.fail2ban.org/wiki/index.php/Features + * http://www.fail2ban.org/wiki/index.php?title=Template:Fail2ban_News&action=edit + * move old bits to http://www.fail2ban.org/wiki/index.php?title=Template:Fail2ban_OldNews&action=edit + + * http://www.fail2ban.org/wiki/index.php/ChangeLog + * http://www.fail2ban.org/wiki/index.php/Requirements (Check requirement) + * http://www.fail2ban.org/wiki/index.php/Features * See if any filters are upgraded: http://www.fail2ban.org/wiki/index.php/Special:AllPages -# Email users and development list of release +* Email users and development list of release -# notify distributors +* notify distributors Post Release ============ -Add the following to the top of the ChangeLog +Add the following to the top of the ChangeLog:: -ver. 0.9.1 (2014/XX/XXX) - wanna-be-released ------------ - -- Fixes: - -- New Features: - -- Enhancements: + ver. 0.9.1 (2014/XX/XXX) - wanna-be-released + ----------- + + - Fixes: + + - New Features: + + - Enhancements: Alter the git shortlog command in the previous section to refer to the just released version. -and adjust common/version.py to carry .dev suffix to signal +and adjust fail2ban/version.py to carry .dev suffix to signal a version under development. diff --git a/doc/Makefile b/doc/Makefile new file mode 100644 index 00000000..e2276ba9 --- /dev/null +++ b/doc/Makefile @@ -0,0 +1,177 @@ +# Makefile for Sphinx documentation +# + +# You can set these variables from the command line. +SPHINXOPTS = +SPHINXBUILD = sphinx-build2 +PAPER = +BUILDDIR = ""build + +# User-friendly check for sphinx-build2 +ifeq ($(shell which $(SPHINXBUILD) >/dev/null 2>&1; echo $$?), 1) +$(error The '$(SPHINXBUILD)' command was not found. Make sure you have Sphinx installed, then set the SPHINXBUILD environment variable to point to the full path of the '$(SPHINXBUILD)' executable. Alternatively you can add the directory with the executable to your PATH. If you don't have Sphinx installed, grab it from http://sphinx-doc.org/) +endif + +# Internal variables. +PAPEROPT_a4 = -D latex_paper_size=a4 +PAPEROPT_letter = -D latex_paper_size=letter +ALLSPHINXOPTS = -d $(BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) . +# the i18n builder cannot share the environment and doctrees with the others +I18NSPHINXOPTS = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) . + +.PHONY: help clean html dirhtml singlehtml pickle json htmlhelp qthelp devhelp epub latex latexpdf text man changes linkcheck doctest gettext + +help: + @echo "Please use \`make ' where is one of" + @echo " html to make standalone HTML files" + @echo " dirhtml to make HTML files named index.html in directories" + @echo " singlehtml to make a single large HTML file" + @echo " pickle to make pickle files" + @echo " json to make JSON files" + @echo " htmlhelp to make HTML files and a HTML help project" + @echo " qthelp to make HTML files and a qthelp project" + @echo " devhelp to make HTML files and a Devhelp project" + @echo " epub to make an epub" + @echo " latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter" + @echo " latexpdf to make LaTeX files and run them through pdflatex" + @echo " latexpdfja to make LaTeX files and run them through platex/dvipdfmx" + @echo " text to make text files" + @echo " man to make manual pages" + @echo " texinfo to make Texinfo files" + @echo " info to make Texinfo files and run them through makeinfo" + @echo " gettext to make PO message catalogs" + @echo " changes to make an overview of all changed/added/deprecated items" + @echo " xml to make Docutils-native XML files" + @echo " pseudoxml to make pseudoxml-XML files for display purposes" + @echo " linkcheck to check all external links for integrity" + @echo " doctest to run all doctests embedded in the documentation (if enabled)" + +clean: + rm -rf $(BUILDDIR)/* + +html: + $(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html + @echo + @echo "Build finished. The HTML pages are in $(BUILDDIR)/html." + +dirhtml: + $(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml + @echo + @echo "Build finished. The HTML pages are in $(BUILDDIR)/dirhtml." + +singlehtml: + $(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(BUILDDIR)/singlehtml + @echo + @echo "Build finished. The HTML page is in $(BUILDDIR)/singlehtml." + +pickle: + $(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle + @echo + @echo "Build finished; now you can process the pickle files." + +json: + $(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json + @echo + @echo "Build finished; now you can process the JSON files." + +htmlhelp: + $(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp + @echo + @echo "Build finished; now you can run HTML Help Workshop with the" \ + ".hhp project file in $(BUILDDIR)/htmlhelp." + +qthelp: + $(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp + @echo + @echo "Build finished; now you can run "qcollectiongenerator" with the" \ + ".qhcp project file in $(BUILDDIR)/qthelp, like this:" + @echo "# qcollectiongenerator $(BUILDDIR)/qthelp/Fail2Ban.qhcp" + @echo "To view the help file:" + @echo "# assistant -collectionFile $(BUILDDIR)/qthelp/Fail2Ban.qhc" + +devhelp: + $(SPHINXBUILD) -b devhelp $(ALLSPHINXOPTS) $(BUILDDIR)/devhelp + @echo + @echo "Build finished." + @echo "To view the help file:" + @echo "# mkdir -p $$HOME/.local/share/devhelp/Fail2Ban" + @echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/Fail2Ban" + @echo "# devhelp" + +epub: + $(SPHINXBUILD) -b epub $(ALLSPHINXOPTS) $(BUILDDIR)/epub + @echo + @echo "Build finished. The epub file is in $(BUILDDIR)/epub." + +latex: + $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex + @echo + @echo "Build finished; the LaTeX files are in $(BUILDDIR)/latex." + @echo "Run \`make' in that directory to run these through (pdf)latex" \ + "(use \`make latexpdf' here to do that automatically)." + +latexpdf: + $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex + @echo "Running LaTeX files through pdflatex..." + $(MAKE) -C $(BUILDDIR)/latex all-pdf + @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." + +latexpdfja: + $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex + @echo "Running LaTeX files through platex and dvipdfmx..." + $(MAKE) -C $(BUILDDIR)/latex all-pdf-ja + @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." + +text: + $(SPHINXBUILD) -b text $(ALLSPHINXOPTS) $(BUILDDIR)/text + @echo + @echo "Build finished. The text files are in $(BUILDDIR)/text." + +man: + $(SPHINXBUILD) -b man $(ALLSPHINXOPTS) $(BUILDDIR)/man + @echo + @echo "Build finished. The manual pages are in $(BUILDDIR)/man." + +texinfo: + $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo + @echo + @echo "Build finished. The Texinfo files are in $(BUILDDIR)/texinfo." + @echo "Run \`make' in that directory to run these through makeinfo" \ + "(use \`make info' here to do that automatically)." + +info: + $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo + @echo "Running Texinfo files through makeinfo..." + make -C $(BUILDDIR)/texinfo info + @echo "makeinfo finished; the Info files are in $(BUILDDIR)/texinfo." + +gettext: + $(SPHINXBUILD) -b gettext $(I18NSPHINXOPTS) $(BUILDDIR)/locale + @echo + @echo "Build finished. The message catalogs are in $(BUILDDIR)/locale." + +changes: + $(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes + @echo + @echo "The overview file is in $(BUILDDIR)/changes." + +linkcheck: + $(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck + @echo + @echo "Link check complete; look for any errors in the above output " \ + "or in $(BUILDDIR)/linkcheck/output.txt." + +doctest: + $(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest + @echo "Testing of doctests in the sources finished, look at the " \ + "results in $(BUILDDIR)/doctest/output.txt." + +xml: + $(SPHINXBUILD) -b xml $(ALLSPHINXOPTS) $(BUILDDIR)/xml + @echo + @echo "Build finished. The XML files are in $(BUILDDIR)/xml." + +pseudoxml: + $(SPHINXBUILD) -b pseudoxml $(ALLSPHINXOPTS) $(BUILDDIR)/pseudoxml + @echo + @echo "Build finished. The pseudo-XML files are in $(BUILDDIR)/pseudoxml." diff --git a/doc/conf.py b/doc/conf.py new file mode 100644 index 00000000..20845a5a --- /dev/null +++ b/doc/conf.py @@ -0,0 +1,260 @@ +# -*- coding: utf-8 -*- + +import sys +import os + +sys.path.insert(0, ".") +sys.path.insert(0, "..") + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +#sys.path.insert(0, os.path.abspath('.')) + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +#needs_sphinx = '1.0' + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + 'sphinx.ext.autodoc', + 'sphinx.ext.autosummary', + 'numpydoc', +] + +# Add any paths that contain templates here, relative to this directory. +templates_path = ['templates'] + +# The suffix of source filenames. +source_suffix = '.rst' + +# The encoding of source files. +#source_encoding = 'utf-8-sig' + +# The master toctree document. +master_doc = 'index' + +# General information about the project. +project = u'Fail2Ban' +copyright = u'2014' + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# + +from fail2ban.version import version as fail2ban_version +from distutils.version import LooseVersion + +fail2ban_loose_version = LooseVersion(fail2ban_version) + +# The short X.Y version. +version = ".".join(str(_) for _ in fail2ban_loose_version.version[:2]) +# The full version, including alpha/beta/rc tags. +release = fail2ban_version + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +#language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +#today = '' +# Else, today_fmt is used as the format for a strftime call. +#today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = ['build'] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +#default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +#add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +#add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +#show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = 'sphinx' + +# A list of ignored prefixes for module index sorting. +#modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +#keep_warnings = False + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = 'default' + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +#html_theme_options = {} + +# Add any paths that contain custom themes here, relative to this directory. +#html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +#html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +#html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +#html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +#html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ['static'] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +#html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +#html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +#html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +#html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +#html_additional_pages = {} + +# If false, no module index is generated. +#html_domain_indices = True + +# If false, no index is generated. +#html_use_index = True + +# If true, the index is split into individual pages for each letter. +#html_split_index = False + +# If true, links to the reST sources are added to the pages. +#html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +#html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +#html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +#html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +#html_file_suffix = None + +# Output file base name for HTML help builder. +htmlhelp_basename = 'Fail2Bandoc' + + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { +# The paper size ('letterpaper' or 'a4paper'). +#'papersize': 'letterpaper', + +# The font size ('10pt', '11pt' or '12pt'). +#'pointsize': '10pt', + +# Additional stuff for the LaTeX preamble. +#'preamble': '', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + ('index', 'Fail2Ban.tex', u'Fail2Ban Developers\' Documentation', + u'', 'manual'), +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +#latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +#latex_use_parts = False + +# If true, show page references after internal links. +#latex_show_pagerefs = False + +# If true, show URL addresses after external links. +#latex_show_urls = False + +# Documents to append as an appendix to all manuals. +#latex_appendices = [] + +# If false, no module index is generated. +#latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ('index', 'fail2ban', u'Fail2Ban Developers\' Documentation', + [u''], 1) +] + +# If true, show URL addresses after external links. +#man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ('index', 'Fail2Ban', u'Fail2Ban Developers\' Documentation', + u'', 'Fail2Ban', 'One line description of project.', + 'Miscellaneous'), +] + +# Documents to append as an appendix to all manuals. +#texinfo_appendices = [] + +# If false, no module index is generated. +#texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +#texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +#texinfo_no_detailmenu = False +autodoc_default_flags = ['members', 'inherited-members', 'undoc-members', 'show-inheritance'] diff --git a/doc/develop.rst b/doc/develop.rst new file mode 100644 index 00000000..2f1c9842 --- /dev/null +++ b/doc/develop.rst @@ -0,0 +1 @@ +.. include:: ../DEVELOP diff --git a/doc/fail2ban.client.actionreader.rst b/doc/fail2ban.client.actionreader.rst new file mode 100644 index 00000000..23e578e2 --- /dev/null +++ b/doc/fail2ban.client.actionreader.rst @@ -0,0 +1,7 @@ +fail2ban.client.actionreader module +=================================== + +.. automodule:: fail2ban.client.actionreader + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.client.beautifier.rst b/doc/fail2ban.client.beautifier.rst new file mode 100644 index 00000000..1f35a50b --- /dev/null +++ b/doc/fail2ban.client.beautifier.rst @@ -0,0 +1,7 @@ +fail2ban.client.beautifier module +================================= + +.. automodule:: fail2ban.client.beautifier + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.client.configparserinc.rst b/doc/fail2ban.client.configparserinc.rst new file mode 100644 index 00000000..01c4c2d0 --- /dev/null +++ b/doc/fail2ban.client.configparserinc.rst @@ -0,0 +1,7 @@ +fail2ban.client.configparserinc module +====================================== + +.. automodule:: fail2ban.client.configparserinc + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.client.configreader.rst b/doc/fail2ban.client.configreader.rst new file mode 100644 index 00000000..d24db2ca --- /dev/null +++ b/doc/fail2ban.client.configreader.rst @@ -0,0 +1,7 @@ +fail2ban.client.configreader module +=================================== + +.. automodule:: fail2ban.client.configreader + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.client.configurator.rst b/doc/fail2ban.client.configurator.rst new file mode 100644 index 00000000..63372f5d --- /dev/null +++ b/doc/fail2ban.client.configurator.rst @@ -0,0 +1,7 @@ +fail2ban.client.configurator module +=================================== + +.. automodule:: fail2ban.client.configurator + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.client.csocket.rst b/doc/fail2ban.client.csocket.rst new file mode 100644 index 00000000..19e6219a --- /dev/null +++ b/doc/fail2ban.client.csocket.rst @@ -0,0 +1,7 @@ +fail2ban.client.csocket module +============================== + +.. automodule:: fail2ban.client.csocket + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.client.fail2banreader.rst b/doc/fail2ban.client.fail2banreader.rst new file mode 100644 index 00000000..4fc66532 --- /dev/null +++ b/doc/fail2ban.client.fail2banreader.rst @@ -0,0 +1,7 @@ +fail2ban.client.fail2banreader module +===================================== + +.. automodule:: fail2ban.client.fail2banreader + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.client.filterreader.rst b/doc/fail2ban.client.filterreader.rst new file mode 100644 index 00000000..d0e9cf5c --- /dev/null +++ b/doc/fail2ban.client.filterreader.rst @@ -0,0 +1,7 @@ +fail2ban.client.filterreader module +=================================== + +.. automodule:: fail2ban.client.filterreader + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.client.jailreader.rst b/doc/fail2ban.client.jailreader.rst new file mode 100644 index 00000000..f57e3b6a --- /dev/null +++ b/doc/fail2ban.client.jailreader.rst @@ -0,0 +1,7 @@ +fail2ban.client.jailreader module +================================= + +.. automodule:: fail2ban.client.jailreader + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.client.jailsreader.rst b/doc/fail2ban.client.jailsreader.rst new file mode 100644 index 00000000..d1281248 --- /dev/null +++ b/doc/fail2ban.client.jailsreader.rst @@ -0,0 +1,7 @@ +fail2ban.client.jailsreader module +================================== + +.. automodule:: fail2ban.client.jailsreader + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.client.rst b/doc/fail2ban.client.rst new file mode 100644 index 00000000..9943912d --- /dev/null +++ b/doc/fail2ban.client.rst @@ -0,0 +1,15 @@ +fail2ban.client package +======================= + +.. toctree:: + + fail2ban.client.actionreader + fail2ban.client.beautifier + fail2ban.client.configparserinc + fail2ban.client.configreader + fail2ban.client.configurator + fail2ban.client.csocket + fail2ban.client.fail2banreader + fail2ban.client.filterreader + fail2ban.client.jailreader + fail2ban.client.jailsreader diff --git a/doc/fail2ban.exceptions.rst b/doc/fail2ban.exceptions.rst new file mode 100644 index 00000000..3adc5ea6 --- /dev/null +++ b/doc/fail2ban.exceptions.rst @@ -0,0 +1,7 @@ +fail2ban.exceptions module +========================== + +.. automodule:: fail2ban.exceptions + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.helpers.rst b/doc/fail2ban.helpers.rst new file mode 100644 index 00000000..28b072cb --- /dev/null +++ b/doc/fail2ban.helpers.rst @@ -0,0 +1,7 @@ +fail2ban.helpers module +======================= + +.. automodule:: fail2ban.helpers + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.protocol.rst b/doc/fail2ban.protocol.rst new file mode 100644 index 00000000..289ccb22 --- /dev/null +++ b/doc/fail2ban.protocol.rst @@ -0,0 +1,7 @@ +fail2ban.protocol module +======================== + +.. automodule:: fail2ban.protocol + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.rst b/doc/fail2ban.rst new file mode 100644 index 00000000..c9b4fbb2 --- /dev/null +++ b/doc/fail2ban.rst @@ -0,0 +1,12 @@ +fail2ban package +================ + +.. toctree:: + + fail2ban.client + fail2ban.server + + fail2ban.exceptions + fail2ban.helpers + fail2ban.protocol + fail2ban.version diff --git a/doc/fail2ban.server.action.rst b/doc/fail2ban.server.action.rst new file mode 100644 index 00000000..c2f9c410 --- /dev/null +++ b/doc/fail2ban.server.action.rst @@ -0,0 +1,7 @@ +fail2ban.server.action module +============================= + +.. automodule:: fail2ban.server.action + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.actions.rst b/doc/fail2ban.server.actions.rst new file mode 100644 index 00000000..8c701c72 --- /dev/null +++ b/doc/fail2ban.server.actions.rst @@ -0,0 +1,7 @@ +fail2ban.server.actions module +============================== + +.. automodule:: fail2ban.server.actions + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.asyncserver.rst b/doc/fail2ban.server.asyncserver.rst new file mode 100644 index 00000000..5ddfa50f --- /dev/null +++ b/doc/fail2ban.server.asyncserver.rst @@ -0,0 +1,7 @@ +fail2ban.server.asyncserver module +================================== + +.. automodule:: fail2ban.server.asyncserver + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.banmanager.rst b/doc/fail2ban.server.banmanager.rst new file mode 100644 index 00000000..96b1a4e9 --- /dev/null +++ b/doc/fail2ban.server.banmanager.rst @@ -0,0 +1,7 @@ +fail2ban.server.banmanager module +================================= + +.. automodule:: fail2ban.server.banmanager + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.database.rst b/doc/fail2ban.server.database.rst new file mode 100644 index 00000000..40002258 --- /dev/null +++ b/doc/fail2ban.server.database.rst @@ -0,0 +1,7 @@ +fail2ban.server.database module +=============================== + +.. automodule:: fail2ban.server.database + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.datedetector.rst b/doc/fail2ban.server.datedetector.rst new file mode 100644 index 00000000..9a367734 --- /dev/null +++ b/doc/fail2ban.server.datedetector.rst @@ -0,0 +1,7 @@ +fail2ban.server.datedetector module +=================================== + +.. automodule:: fail2ban.server.datedetector + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.datetemplate.rst b/doc/fail2ban.server.datetemplate.rst new file mode 100644 index 00000000..4959e805 --- /dev/null +++ b/doc/fail2ban.server.datetemplate.rst @@ -0,0 +1,7 @@ +fail2ban.server.datetemplate module +=================================== + +.. automodule:: fail2ban.server.datetemplate + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.faildata.rst b/doc/fail2ban.server.faildata.rst new file mode 100644 index 00000000..c11d8208 --- /dev/null +++ b/doc/fail2ban.server.faildata.rst @@ -0,0 +1,7 @@ +fail2ban.server.faildata module +=============================== + +.. automodule:: fail2ban.server.faildata + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.failmanager.rst b/doc/fail2ban.server.failmanager.rst new file mode 100644 index 00000000..6e4e8704 --- /dev/null +++ b/doc/fail2ban.server.failmanager.rst @@ -0,0 +1,7 @@ +fail2ban.server.failmanager module +================================== + +.. automodule:: fail2ban.server.failmanager + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.failregex.rst b/doc/fail2ban.server.failregex.rst new file mode 100644 index 00000000..f473c51f --- /dev/null +++ b/doc/fail2ban.server.failregex.rst @@ -0,0 +1,7 @@ +fail2ban.server.failregex module +================================ + +.. automodule:: fail2ban.server.failregex + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.filter.rst b/doc/fail2ban.server.filter.rst new file mode 100644 index 00000000..41279013 --- /dev/null +++ b/doc/fail2ban.server.filter.rst @@ -0,0 +1,7 @@ +fail2ban.server.filter module +============================= + +.. automodule:: fail2ban.server.filter + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.filtergamin.rst b/doc/fail2ban.server.filtergamin.rst new file mode 100644 index 00000000..f248772f --- /dev/null +++ b/doc/fail2ban.server.filtergamin.rst @@ -0,0 +1,7 @@ +fail2ban.server.filtergamin module +================================== + +.. automodule:: fail2ban.server.filtergamin + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.filterpoll.rst b/doc/fail2ban.server.filterpoll.rst new file mode 100644 index 00000000..d87e461f --- /dev/null +++ b/doc/fail2ban.server.filterpoll.rst @@ -0,0 +1,7 @@ +fail2ban.server.filterpoll module +================================= + +.. automodule:: fail2ban.server.filterpoll + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.filterpyinotify.rst b/doc/fail2ban.server.filterpyinotify.rst new file mode 100644 index 00000000..0ea312bf --- /dev/null +++ b/doc/fail2ban.server.filterpyinotify.rst @@ -0,0 +1,7 @@ +fail2ban.server.filterpyinotify module +====================================== + +.. automodule:: fail2ban.server.filterpyinotify + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.filtersystemd.rst b/doc/fail2ban.server.filtersystemd.rst new file mode 100644 index 00000000..1b71a2c8 --- /dev/null +++ b/doc/fail2ban.server.filtersystemd.rst @@ -0,0 +1,7 @@ +fail2ban.server.filtersystemd module +==================================== + +.. automodule:: fail2ban.server.filtersystemd + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.jail.rst b/doc/fail2ban.server.jail.rst new file mode 100644 index 00000000..b41077bf --- /dev/null +++ b/doc/fail2ban.server.jail.rst @@ -0,0 +1,7 @@ +fail2ban.server.jail module +=========================== + +.. automodule:: fail2ban.server.jail + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.jails.rst b/doc/fail2ban.server.jails.rst new file mode 100644 index 00000000..7e9390f7 --- /dev/null +++ b/doc/fail2ban.server.jails.rst @@ -0,0 +1,7 @@ +fail2ban.server.jails module +============================ + +.. automodule:: fail2ban.server.jails + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.jailthread.rst b/doc/fail2ban.server.jailthread.rst new file mode 100644 index 00000000..db11f7a9 --- /dev/null +++ b/doc/fail2ban.server.jailthread.rst @@ -0,0 +1,7 @@ +fail2ban.server.jailthread module +================================= + +.. automodule:: fail2ban.server.jailthread + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.mytime.rst b/doc/fail2ban.server.mytime.rst new file mode 100644 index 00000000..1313d20b --- /dev/null +++ b/doc/fail2ban.server.mytime.rst @@ -0,0 +1,7 @@ +fail2ban.server.mytime module +============================= + +.. automodule:: fail2ban.server.mytime + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.rst b/doc/fail2ban.server.rst new file mode 100644 index 00000000..fdc3bd20 --- /dev/null +++ b/doc/fail2ban.server.rst @@ -0,0 +1,28 @@ +fail2ban.server package +======================= + +.. toctree:: + + fail2ban.server.action + fail2ban.server.actions + fail2ban.server.asyncserver + fail2ban.server.banmanager + fail2ban.server.database + fail2ban.server.datedetector + fail2ban.server.datetemplate + fail2ban.server.faildata + fail2ban.server.failmanager + fail2ban.server.failregex + fail2ban.server.filter + fail2ban.server.filtergamin + fail2ban.server.filterpoll + fail2ban.server.filterpyinotify + fail2ban.server.filtersystemd + fail2ban.server.jail + fail2ban.server.jails + fail2ban.server.jailthread + fail2ban.server.mytime + fail2ban.server.server + fail2ban.server.strptime + fail2ban.server.ticket + fail2ban.server.transmitter diff --git a/doc/fail2ban.server.server.rst b/doc/fail2ban.server.server.rst new file mode 100644 index 00000000..be14b35c --- /dev/null +++ b/doc/fail2ban.server.server.rst @@ -0,0 +1,7 @@ +fail2ban.server.server module +============================= + +.. automodule:: fail2ban.server.server + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.strptime.rst b/doc/fail2ban.server.strptime.rst new file mode 100644 index 00000000..81ff181c --- /dev/null +++ b/doc/fail2ban.server.strptime.rst @@ -0,0 +1,7 @@ +fail2ban.server.strptime module +=============================== + +.. automodule:: fail2ban.server.strptime + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.ticket.rst b/doc/fail2ban.server.ticket.rst new file mode 100644 index 00000000..27a1b53b --- /dev/null +++ b/doc/fail2ban.server.ticket.rst @@ -0,0 +1,7 @@ +fail2ban.server.ticket module +============================= + +.. automodule:: fail2ban.server.ticket + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.server.transmitter.rst b/doc/fail2ban.server.transmitter.rst new file mode 100644 index 00000000..cb62fa97 --- /dev/null +++ b/doc/fail2ban.server.transmitter.rst @@ -0,0 +1,7 @@ +fail2ban.server.transmitter module +================================== + +.. automodule:: fail2ban.server.transmitter + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/fail2ban.version.rst b/doc/fail2ban.version.rst new file mode 100644 index 00000000..cc97380a --- /dev/null +++ b/doc/fail2ban.version.rst @@ -0,0 +1,7 @@ +fail2ban.version module +======================= + +.. automodule:: fail2ban.version + :members: + :undoc-members: + :show-inheritance: diff --git a/doc/filters.rst b/doc/filters.rst new file mode 100644 index 00000000..4d19acf8 --- /dev/null +++ b/doc/filters.rst @@ -0,0 +1 @@ +.. include:: ../FILTERS diff --git a/doc/index.rst b/doc/index.rst new file mode 100644 index 00000000..9f6c94ac --- /dev/null +++ b/doc/index.rst @@ -0,0 +1,19 @@ +Welcome to Fail2Ban's developers documentation! +=============================================== + +Contents: + +.. toctree:: + :maxdepth: 2 + + develop + filters + release + fail2ban + +Indices and tables +================== + +* :ref:`genindex` +* :ref:`search` + diff --git a/doc/release.rst b/doc/release.rst new file mode 100644 index 00000000..bdd0430a --- /dev/null +++ b/doc/release.rst @@ -0,0 +1 @@ +.. include:: ../RELEASE diff --git a/doc/requirements.txt b/doc/requirements.txt new file mode 100644 index 00000000..a2954e31 --- /dev/null +++ b/doc/requirements.txt @@ -0,0 +1 @@ +numpydoc diff --git a/fail2ban/server/action.py b/fail2ban/server/action.py index 5e3a7c75..0098c546 100644 --- a/fail2ban/server/action.py +++ b/fail2ban/server/action.py @@ -62,9 +62,7 @@ class CallingMap(MutableMapping): Attributes ---------- data : dict - The dictionary data which can be accessed to obtain items - without callable values being called. - + The dictionary data which can be accessed to obtain items uncalled """ def __init__(self, *args, **kwargs):