diff --git a/fail2ban/protocol.py b/fail2ban/protocol.py index 6299794e..879183e5 100644 --- a/fail2ban/protocol.py +++ b/fail2ban/protocol.py @@ -50,7 +50,7 @@ protocol = [ ["start", "starts the server and the jails"], ["restart", "restarts the server"], ["restart [--unban] [--if-exists] ", "restarts the jail (alias for 'reload --restart ... ')"], -["reload [--restart] [--unban] [--all]", "reloads the configuration without restarting of the server, the option '--restart' activates completely restarting of affected jails, thereby unbans IP addresses (if option '--unban' specified)"], +["reload [--restart] [--unban] [--all]", "reloads the configuration without restarting of the server, the option '--restart' activates completely restarting of affected jails, thereby can unban IP addresses (if option '--unban' specified)"], ["reload [--restart] [--unban] [--if-exists] ", "reloads the jail , or restarts it (if option '--restart' specified)"], ["stop", "stops all jails and terminate the server"], ["unban --all", "unbans all IP addresses (in all jails and database)"], diff --git a/fail2ban/tests/fail2banclienttestcase.py b/fail2ban/tests/fail2banclienttestcase.py index 1ce35d92..394a000f 100644 --- a/fail2ban/tests/fail2banclienttestcase.py +++ b/fail2ban/tests/fail2banclienttestcase.py @@ -712,8 +712,12 @@ class Fail2banServerTest(Fail2banClientServerBase): _out_file(test1log) self.execSuccess(startparams, "reload") self.assertTrue( - Utils.wait_for(lambda: self._is_logged("[test-jail1] Ban 192.0.2.1"), MID_WAITTIME)) + Utils.wait_for(lambda: \ + self._is_logged("Reload finished.") and + self._is_logged("1 ticket(s) in 'test-jail1") + , MID_WAITTIME)) self.assertLogged("Added logfile: %r" % test1log) + self.assertLogged("[test-jail1] Ban 192.0.2.1") # enable both jails, 3 logs for jail1, etc... # truncate test-log - we should not find unban/ban again by reload: @@ -751,13 +755,16 @@ class Fail2banServerTest(Fail2banClientServerBase): # test all will be found in jail1 and one in jail2: self.assertTrue( Utils.wait_for(lambda: \ - self._is_logged("[test-jail1] Ban 192.0.2.2") and - self._is_logged("[test-jail1] Ban 192.0.2.3") and - self._is_logged("[test-jail1] Ban 192.0.2.4") and - self._is_logged("[test-jail1] Ban 192.0.2.8") and - self._is_logged("[test-jail2] Ban 192.0.2.4") and - self._is_logged("[test-jail2] Ban 192.0.2.8") + self._is_logged("2 ticket(s) in 'test-jail2") and + self._is_logged("5 ticket(s) in 'test-jail1") , MID_WAITTIME)) + self.assertLogged( + "[test-jail1] Ban 192.0.2.2", + "[test-jail1] Ban 192.0.2.3", + "[test-jail1] Ban 192.0.2.4", + "[test-jail1] Ban 192.0.2.8", + "[test-jail2] Ban 192.0.2.4", + "[test-jail2] Ban 192.0.2.8", all=True) # test ips at all not visible for jail2: self.assertNotLogged( "[test-jail2] Found 192.0.2.2", @@ -775,9 +782,9 @@ class Fail2banServerTest(Fail2banClientServerBase): "restart", "test-jail2") self.assertTrue( Utils.wait_for(lambda: \ - self._is_logged("Jail 'test-jail2' started") and - self._is_logged("[test-jail2] Restore Ban 192.0.2.4") and - self._is_logged("[test-jail2] Restore Ban 192.0.2.8") + self._is_logged("Reload finished.") and + self._is_logged("Restore Ban") and + self._is_logged("2 ticket(s) in 'test-jail2") , MID_WAITTIME)) # stop/start and unban/restore ban: self.assertLogged( @@ -794,8 +801,10 @@ class Fail2banServerTest(Fail2banClientServerBase): self.execSuccess(startparams, "restart", "--unban", "test-jail2") self.assertTrue( - Utils.wait_for(lambda: self._is_logged("Jail 'test-jail2' started"), - MID_WAITTIME)) + Utils.wait_for(lambda: \ + self._is_logged("Reload finished.") and + self._is_logged("Jail 'test-jail2' started") + , MID_WAITTIME)) self.assertLogged( "Jail 'test-jail2' stopped", "Jail 'test-jail2' started", @@ -849,16 +858,17 @@ class Fail2banServerTest(Fail2banClientServerBase): )) if DefLogSys.level < logging.DEBUG: # if HEAVYDEBUG _out_file(test1log) - # test "failure" regexp still available: self.assertTrue( Utils.wait_for(lambda: \ - self._is_logged("[test-jail1] 192.0.2.1 already banned") and - self._is_logged("[test-jail1] Ban 192.0.2.6") + self._is_logged("6 ticket(s) in 'test-jail1") and + self._is_logged("[test-jail1] 192.0.2.1 already banned") , MID_WAITTIME)) + # test "failure" regexp still available: self.assertLogged( "[test-jail1] Found 192.0.2.1", - "[test-jail1] Found 192.0.2.6", all=True - ) + "[test-jail1] Found 192.0.2.6", + "[test-jail1] 192.0.2.1 already banned", + "[test-jail1] Ban 192.0.2.6", all=True) # test "error" regexp no more available: self.assertNotLogged("[test-jail1] Found 192.0.2.5") diff --git a/man/fail2ban-client.1 b/man/fail2ban-client.1 index 0da5fb02..33bce652 100644 --- a/man/fail2ban-client.1 +++ b/man/fail2ban-client.1 @@ -1,12 +1,12 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.44.1. -.TH FAIL2BAN-CLIENT "1" "July 2016" "fail2ban-client v0.10.0a1" "User Commands" +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.3. +.TH FAIL2BAN-CLIENT "1" "September 2016" "fail2ban-client v0.10.0a2" "User Commands" .SH NAME fail2ban-client \- configure and control the server .SH SYNOPSIS .B fail2ban-client -[\fIOPTIONS\fR] \fI\fR +[\fI\,OPTIONS\/\fR] \fI\,\/\fR .SH DESCRIPTION -Fail2Ban v0.10.0a1 reads log file that contains password failure report +Fail2Ban v0.10.0a2 reads log file that contains password failure report and bans the corresponding IP addresses using firewall rules. .SH OPTIONS .TP @@ -68,17 +68,36 @@ starts the server and the jails \fBrestart\fR restarts the server .TP -\fBreload\fR -reloads the configuration without -restart +\fBrestart [\-\-unban] [\-\-if\-exists] \fR +restarts the jail (alias +for 'reload \fB\-\-restart\fR ... ') .TP -\fBreload \fR -reloads the jail +\fBreload [\-\-restart] [\-\-unban] [\-\-all]\fR +reloads the configuration without +restarting of the server, the +option '\-\-restart' activates +completely restarting of affected +jails, thereby can unban IP +addresses (if option '\-\-unban' +specified) +.TP +\fBreload [\-\-restart] [\-\-unban] [\-\-if\-exists] \fR +reloads the jail , or +restarts it (if option '\-\-restart' +specified) .TP \fBstop\fR stops all jails and terminate the server .TP +\fBunban \fB\-\-all\fR\fR +unbans all IP addresses (in all +jails and database) +.TP +\fBunban ... \fR +unbans (in all jails and +database) +.TP \fBstatus\fR gets the current status of the server @@ -248,9 +267,8 @@ for \fBset maxlines \fR sets the number of to buffer for regex search for -.IP -set addaction [ ] -.IP +.TP +\fBset addaction [ ]\fR adds a new action named for . Optionally for a Python based action, a and @@ -262,45 +280,38 @@ removes the action from .IP COMMAND ACTION CONFIGURATION -.IP -set action actionstart -.IP +.TP +\fBset action actionstart \fR sets the start command of the action for -.IP -set action actionstop sets the stop command of the -.IP +.TP +\fBset action actionstop sets the stop command of the\fR action for -.IP -set action actioncheck -.IP +.TP +\fBset action actioncheck \fR sets the check command of the action for .TP \fBset action actionban \fR sets the ban command of the action for -.IP -set action actionunban -.IP +.TP +\fBset action actionunban \fR sets the unban command of the action for -.IP -set action timeout -.IP +.TP +\fBset action timeout \fR sets as the command timeout in seconds for the action for .IP GENERAL ACTION CONFIGURATION -.IP -set action -.IP +.TP +\fBset action \fR sets the of for the action for -.IP -set action [ ] -.IP +.TP +\fBset action [ ]\fR calls the with for the action for diff --git a/man/fail2ban-regex.1 b/man/fail2ban-regex.1 index f954cb3a..342d18f7 100644 --- a/man/fail2ban-regex.1 +++ b/man/fail2ban-regex.1 @@ -1,10 +1,10 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.44.1. -.TH FAIL2BAN-REGEX "1" "July 2016" "fail2ban-regex 0.10.0a1" "User Commands" +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.3. +.TH FAIL2BAN-REGEX "1" "September 2016" "fail2ban-regex 0.10.0a2" "User Commands" .SH NAME fail2ban-regex \- test Fail2ban "failregex" option .SH SYNOPSIS .B fail2ban-regex -[\fIOPTIONS\fR] \fI \fR[\fIIGNOREREGEX\fR] +[\fI\,OPTIONS\/\fR] \fI\, \/\fR[\fI\,IGNOREREGEX\/\fR] .SH DESCRIPTION Fail2Ban reads log file that contains password failure report and bans the corresponding IP addresses using firewall rules. @@ -16,7 +16,7 @@ string a string representing a log line .TP filename -path to a log file (\fI/var/log/auth.log\fP) +path to a log file (\fI\,/var/log/auth.log\/\fP) .TP "systemd\-journal" search systemd journal (systemd\-python required) @@ -42,23 +42,23 @@ show program's version number and exit \fB\-h\fR, \fB\-\-help\fR show this help message and exit .TP -\fB\-d\fR DATEPATTERN, \fB\-\-datepattern\fR=\fIDATEPATTERN\fR +\fB\-d\fR DATEPATTERN, \fB\-\-datepattern\fR=\fI\,DATEPATTERN\/\fR set custom pattern used to match date/times .TP -\fB\-e\fR ENCODING, \fB\-\-encoding\fR=\fIENCODING\fR +\fB\-e\fR ENCODING, \fB\-\-encoding\fR=\fI\,ENCODING\/\fR File encoding. Default: system locale .TP \fB\-r\fR, \fB\-\-raw\fR Raw hosts, don't resolve dns .TP -\fB\-L\fR MAXLINES, \fB\-\-maxlines\fR=\fIMAXLINES\fR +\fB\-L\fR MAXLINES, \fB\-\-maxlines\fR=\fI\,MAXLINES\/\fR maxlines for multi\-line regex .TP -\fB\-m\fR JOURNALMATCH, \fB\-\-journalmatch\fR=\fIJOURNALMATCH\fR +\fB\-m\fR JOURNALMATCH, \fB\-\-journalmatch\fR=\fI\,JOURNALMATCH\/\fR journalctl style matches overriding filter file. "systemd\-journal" only .TP -\fB\-l\fR LOG_LEVEL, \fB\-\-log\-level\fR=\fILOG_LEVEL\fR +\fB\-l\fR LOG_LEVEL, \fB\-\-log\-level\fR=\fI\,LOG_LEVEL\/\fR Log level for the Fail2Ban logger to use .TP \fB\-v\fR, \fB\-\-verbose\fR diff --git a/man/fail2ban-server.1 b/man/fail2ban-server.1 index 3b970024..de8ba6a4 100644 --- a/man/fail2ban-server.1 +++ b/man/fail2ban-server.1 @@ -1,12 +1,12 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.44.1. -.TH FAIL2BAN-SERVER "1" "July 2016" "fail2ban-server v0.10.0a1" "User Commands" +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.3. +.TH FAIL2BAN-SERVER "1" "September 2016" "fail2ban-server v0.10.0a2" "User Commands" .SH NAME fail2ban-server \- start the server .SH SYNOPSIS .B fail2ban-server -[\fIOPTIONS\fR] +[\fI\,OPTIONS\/\fR] .SH DESCRIPTION -Fail2Ban v0.10.0a1 reads log file that contains password failure report +Fail2Ban v0.10.0a2 reads log file that contains password failure report and bans the corresponding IP addresses using firewall rules. .SH OPTIONS .TP diff --git a/man/fail2ban-testcases.1 b/man/fail2ban-testcases.1 index 9089d1ed..26dbae96 100644 --- a/man/fail2ban-testcases.1 +++ b/man/fail2ban-testcases.1 @@ -1,10 +1,10 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.44.1. -.TH FAIL2BAN-TESTCASES "1" "July 2016" "fail2ban-testcases 0.10.0a1" "User Commands" +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.3. +.TH FAIL2BAN-TESTCASES "1" "September 2016" "fail2ban-testcases 0.10.0a2" "User Commands" .SH NAME fail2ban-testcases \- run Fail2Ban unit-tests .SH SYNOPSIS .B fail2ban-testcases -[\fIOPTIONS\fR] [\fIregexps\fR] +[\fI\,OPTIONS\/\fR] [\fI\,regexps\/\fR] .SH DESCRIPTION Script to run Fail2Ban tests battery .SH OPTIONS @@ -15,9 +15,15 @@ show program's version number and exit \fB\-h\fR, \fB\-\-help\fR show this help message and exit .TP -\fB\-l\fR LOG_LEVEL, \fB\-\-log\-level\fR=\fILOG_LEVEL\fR +\fB\-l\fR LOG_LEVEL, \fB\-\-log\-level\fR=\fI\,LOG_LEVEL\/\fR Log level for the logger to use during running tests .TP +\fB\-v\fR VERBOSITY, \fB\-\-verbosity\fR=\fI\,VERBOSITY\/\fR +Set numerical level of verbosity (0..4) +.TP +\fB\-\-log\-direct\fR +Prevent lazy logging inside tests +.TP \fB\-n\fR, \fB\-\-no\-network\fR Do not run tests that require the network .TP