mirror of https://github.com/fail2ban/fail2ban
added reference to doc/README.pwhois
Robb Ballard
commit
8e560d3f4a
|
|
@ -18,7 +18,7 @@ ver. 0.8.12 (2013/12/XX) - things-can-only-get-better
|
|||
- allow for ",milliseconds" in the custom date format of proftpd.log
|
||||
- allow for ", referer ..." in apache-* filter for apache error logs.
|
||||
- allow for spaces at the beginning of kernel messages. Closes gh-448
|
||||
- recidive jail to block all protocols. Closes gh-440. Thanks Ioan Indreias
|
||||
- recidive jail to block all protocols. Closes gh-440. Thanksg Ioan Indreias
|
||||
- smtps not a IANA standard and has been removed from Arch. Replaced with
|
||||
465. Thanks Stefan. Closes gh-447
|
||||
- mysqld-syslog-iptables rule was too long. Part of gh-447.
|
||||
|
|
@ -35,6 +35,8 @@ ver. 0.8.12 (2013/12/XX) - things-can-only-get-better
|
|||
resolve syslog(-ng) parsing problems. Closes Debian bug #730202.
|
||||
- added squid filter. Thanks Roman Gelfand.
|
||||
- updated check_fail2ban to return performance data for all jails.
|
||||
- filter apache-noscript now includes php cgi scripts.
|
||||
Thanks dani. Closes gh-503
|
||||
|
||||
- New Features:
|
||||
|
||||
|
|
|
|||
2
THANKS
2
THANKS
|
|
@ -26,6 +26,7 @@ Christoph Haas
|
|||
Christos Psonis
|
||||
Cyril Jaquier
|
||||
Daniel B. Cid
|
||||
Daniel B.
|
||||
Daniel Black
|
||||
David Nutter
|
||||
Eric Gerbier
|
||||
|
|
@ -48,6 +49,7 @@ Justin Shore
|
|||
Kévin Drapel
|
||||
kjohnsonecl
|
||||
kojiro
|
||||
Lee Clemens
|
||||
Manuel Arostegui Ramirez
|
||||
Marcel Dopita
|
||||
Mark Edgington
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@
|
|||
# Author: Russell Odom <russ@gloomytrousers.co.uk>
|
||||
#
|
||||
# Pwhois modifications added by Robb Ballard <robb@pwhois.org>
|
||||
# See doc/README.pwhois for more information.
|
||||
#
|
||||
# Sends a complaint e-mail to addresses listed in the whois record for an
|
||||
# offending IP address.
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@
|
|||
# Author: Cyril Jaquier
|
||||
#
|
||||
# Pwhois modifications added by Robb Ballard <robb@pwhois.org>
|
||||
# See doc/README.pwhois for more information.
|
||||
#
|
||||
#
|
||||
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@
|
|||
# Author: Cyril Jaquier
|
||||
#
|
||||
# Pwhois modifications added by Robb Ballard <robb@pwhois.org>
|
||||
# See doc/README.pwhois for more information.
|
||||
#
|
||||
#
|
||||
|
||||
|
|
|
|||
|
|
@ -9,8 +9,8 @@ before = apache-common.conf
|
|||
|
||||
[Definition]
|
||||
|
||||
failregex = ^%(_apache_error_client)s ((AH001(28|30): )?File does not exist|(AH01264: )?script not found or unable to stat): /\S*(\.php|\.asp|\.exe|\.pl)(, referer: \S+)?\s*$
|
||||
^%(_apache_error_client)s script '/\S*(\.php|\.asp|\.exe|\.pl)\S*' not found or unable to stat(, referer: \S+)?\s*$
|
||||
failregex = ^%(_apache_error_client)s ((AH001(28|30): )?File does not exist|(AH01264: )?script not found or unable to stat): /\S*(php([45]|[.-]cgi)?|\.asp|\.exe|\.pl)(, referer: \S+)?\s*$
|
||||
^%(_apache_error_client)s script '/\S*(php([45]|[.-]cgi)?|\.asp|\.exe|\.pl)\S*' not found or unable to stat(, referer: \S+)?\s*$
|
||||
|
||||
ignoreregex =
|
||||
|
||||
|
|
|
|||
|
|
@ -177,6 +177,7 @@ if not opts.no_network:
|
|||
tests.addTest(unittest.makeSuite(filtertestcase.IgnoreIP))
|
||||
tests.addTest(unittest.makeSuite(filtertestcase.BasicFilter))
|
||||
tests.addTest(unittest.makeSuite(filtertestcase.LogFile))
|
||||
tests.addTest(unittest.makeSuite(filtertestcase.LogFileFilterPoll))
|
||||
tests.addTest(unittest.makeSuite(filtertestcase.LogFileMonitor))
|
||||
if not opts.no_network:
|
||||
tests.addTest(unittest.makeSuite(filtertestcase.GetFailures))
|
||||
|
|
|
|||
|
|
@ -2,3 +2,14 @@
|
|||
[Sun Jun 09 07:57:47 2013] [error] [client 192.0.43.10] script '/usr/lib/cgi-bin/gitweb.cgiwp-login.php' not found or unable to stat
|
||||
# failJSON: { "time": "2008-07-22T06:48:30", "match": true , "host": "198.51.100.86" }
|
||||
[Tue Jul 22 06:48:30 2008] [error] [client 198.51.100.86] File does not exist: /home/southern/public_html/azenv.php
|
||||
|
||||
# failJSON: { "time": "2008-07-22T06:48:30", "match": true , "host": "198.51.100.86" }
|
||||
[Tue Jul 22 06:48:30 2008] [error] [client 198.51.100.86] script not found or unable to stat: /home/e-smith/files/ibays/Primary/cgi-bin/php
|
||||
# failJSON: { "time": "2008-07-22T06:48:30", "match": true , "host": "198.51.100.86" }
|
||||
[Tue Jul 22 06:48:30 2008] [error] [client 198.51.100.86] script not found or unable to stat: /home/e-smith/files/ibays/Primary/cgi-bin/php5
|
||||
# failJSON: { "time": "2008-07-22T06:48:30", "match": true , "host": "198.51.100.86" }
|
||||
[Tue Jul 22 06:48:30 2008] [error] [client 198.51.100.86] script not found or unable to stat: /home/e-smith/files/ibays/Primary/cgi-bin/php-cgi
|
||||
# failJSON: { "time": "2008-07-22T06:48:30", "match": true , "host": "198.51.100.86" }
|
||||
[Tue Jul 22 06:48:30 2008] [error] [client 198.51.100.86] script not found or unable to stat: /home/e-smith/files/ibays/Primary/cgi-bin/php.cgi
|
||||
# failJSON: { "time": "2008-07-22T06:48:30", "match": true , "host": "198.51.100.86" }
|
||||
[Tue Jul 22 06:48:30 2008] [error] [client 198.51.100.86] script not found or unable to stat: /home/e-smith/files/ibays/Primary/cgi-bin/php4
|
||||
|
|
|
|||
|
|
@ -215,15 +215,28 @@ class IgnoreIPDNS(IgnoreIP):
|
|||
self.assertFalse(self.filter.inIgnoreIPList("128.178.50.11"))
|
||||
self.assertFalse(self.filter.inIgnoreIPList("128.178.50.13"))
|
||||
|
||||
class LogFile(LogCaptureTestCase):
|
||||
|
||||
class LogFile(unittest.TestCase):
|
||||
MISSING = 'testcases/missingLogFile'
|
||||
|
||||
def setUp(self):
|
||||
LogCaptureTestCase.setUp(self)
|
||||
|
||||
def tearDown(self):
|
||||
LogCaptureTestCase.tearDown(self)
|
||||
|
||||
def testMissingLogFiles(self):
|
||||
self.filter = FilterPoll(None)
|
||||
self.assertRaises(IOError, self.filter.addLogPath, LogFile.MISSING)
|
||||
|
||||
class LogFileFilterPoll(unittest.TestCase):
|
||||
|
||||
FILENAME = "testcases/files/testcase01.log"
|
||||
|
||||
def setUp(self):
|
||||
"""Call before every test case."""
|
||||
self.filter = FilterPoll(None)
|
||||
self.filter.addLogPath(LogFile.FILENAME)
|
||||
self.filter.addLogPath(LogFileFilterPoll.FILENAME)
|
||||
|
||||
def tearDown(self):
|
||||
"""Call after every test case."""
|
||||
|
|
@ -233,7 +246,8 @@ class LogFile(unittest.TestCase):
|
|||
# self.filter.openLogFile(LogFile.FILENAME)
|
||||
|
||||
def testIsModified(self):
|
||||
self.assertTrue(self.filter.isModified(LogFile.FILENAME))
|
||||
self.assertTrue(self.filter.isModified(LogFileFilterPoll.FILENAME))
|
||||
self.assertFalse(self.filter.isModified(LogFileFilterPoll.FILENAME))
|
||||
|
||||
|
||||
class LogFileMonitor(LogCaptureTestCase):
|
||||
|
|
@ -604,11 +618,11 @@ class GetFailures(unittest.TestCase):
|
|||
"""Call after every test case."""
|
||||
|
||||
def testTail(self):
|
||||
self.filter.addLogPath(LogFile.FILENAME, tail=True)
|
||||
self.filter.addLogPath(GetFailures.FILENAME_01, tail=True)
|
||||
self.assertEqual(self.filter.getLogPath()[-1].getPos(), 1653)
|
||||
self.filter.getLogPath()[-1].close()
|
||||
self.assertEqual(self.filter.getLogPath()[-1].readline(), "")
|
||||
self.filter.delLogPath(LogFile.FILENAME)
|
||||
self.filter.delLogPath(GetFailures.FILENAME_01)
|
||||
self.assertEqual(self.filter.getLogPath(),[])
|
||||
|
||||
def testGetFailures01(self, filename=None, failures=None):
|
||||
|
|
|
|||
Loading…
Reference in New Issue