github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

added reference to doc/README.pwhois

pull/515/head
Robb Ballard 2013-12-23 07:34:45 -07:00
parent 2fe2261f67 7af58b9984
commit 8e560d3f4a
9 changed files with 41 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -18,7 +18,7 @@ ver. 0.8.12 (2013/12/XX) - things-can-only-get-better
- allow for ",milliseconds" in the custom date format of proftpd.log - allow for ",milliseconds" in the custom date format of proftpd.log
- allow for ", referer ..." in apache-* filter for apache error logs. - allow for ", referer ..." in apache-* filter for apache error logs.
- allow for spaces at the beginning of kernel messages. Closes gh-448 - allow for spaces at the beginning of kernel messages. Closes gh-448
- recidive jail to block all protocols. Closes gh-440. Thanks Ioan Indreias - recidive jail to block all protocols. Closes gh-440. Thanksg Ioan Indreias
- smtps not a IANA standard and has been removed from Arch. Replaced with - smtps not a IANA standard and has been removed from Arch. Replaced with
465. Thanks Stefan. Closes gh-447 465. Thanks Stefan. Closes gh-447
- mysqld-syslog-iptables rule was too long. Part of gh-447. - mysqld-syslog-iptables rule was too long. Part of gh-447.
@ -35,6 +35,8 @@ ver. 0.8.12 (2013/12/XX) - things-can-only-get-better
resolve syslog(-ng) parsing problems. Closes Debian bug #730202. resolve syslog(-ng) parsing problems. Closes Debian bug #730202.
- added squid filter. Thanks Roman Gelfand. - added squid filter. Thanks Roman Gelfand.
- updated check_fail2ban to return performance data for all jails. - updated check_fail2ban to return performance data for all jails.
- filter apache-noscript now includes php cgi scripts.
Thanks dani. Closes gh-503
- New Features: - New Features:

2
THANKS
View File

@ -26,6 +26,7 @@ Christoph Haas
Christos Psonis Christos Psonis
Cyril Jaquier Cyril Jaquier
Daniel B. Cid Daniel B. Cid
Daniel B.
Daniel Black Daniel Black
David Nutter David Nutter
Eric Gerbier Eric Gerbier
@ -48,6 +49,7 @@ Justin Shore
Kévin Drapel Kévin Drapel
kjohnsonecl kjohnsonecl
kojiro kojiro
Lee Clemens
Manuel Arostegui Ramirez Manuel Arostegui Ramirez
Marcel Dopita Marcel Dopita
Mark Edgington Mark Edgington

1
config/action.d/complain-pwhois.conf
View File

@ -3,6 +3,7 @@
# Author: Russell Odom <russ@gloomytrousers.co.uk> # Author: Russell Odom <russ@gloomytrousers.co.uk>
# #
# Pwhois modifications added by Robb Ballard <robb@pwhois.org> # Pwhois modifications added by Robb Ballard <robb@pwhois.org>
# See doc/README.pwhois for more information.
# #
# Sends a complaint e-mail to addresses listed in the whois record for an # Sends a complaint e-mail to addresses listed in the whois record for an
# offending IP address. # offending IP address.

1
config/action.d/sendmail-pwhois-lines.conf
View File

@ -3,6 +3,7 @@
# Author: Cyril Jaquier # Author: Cyril Jaquier
# #
# Pwhois modifications added by Robb Ballard <robb@pwhois.org> # Pwhois modifications added by Robb Ballard <robb@pwhois.org>
# See doc/README.pwhois for more information.
# #
# #

1
config/action.d/sendmail-pwhois.conf
View File

@ -3,6 +3,7 @@
# Author: Cyril Jaquier # Author: Cyril Jaquier
# #
# Pwhois modifications added by Robb Ballard <robb@pwhois.org> # Pwhois modifications added by Robb Ballard <robb@pwhois.org>
# See doc/README.pwhois for more information.
# #
# #

4
config/filter.d/apache-noscript.conf
View File

@ -9,8 +9,8 @@ before = apache-common.conf
[Definition] [Definition]
failregex = ^%(_apache_error_client)s ((AH001(28|30): )?File does not exist|(AH01264: )?script not found or unable to stat): /\S*(\.php|\.asp|\.exe|\.pl)(, referer: \S+)?\s*$ failregex = ^%(_apache_error_client)s ((AH001(28|30): )?File does not exist|(AH01264: )?script not found or unable to stat): /\S*(php([45]|[.-]cgi)?|\.asp|\.exe|\.pl)(, referer: \S+)?\s*$
^%(_apache_error_client)s script '/\S*(\.php|\.asp|\.exe|\.pl)\S*' not found or unable to stat(, referer: \S+)?\s*$ ^%(_apache_error_client)s script '/\S*(php([45]|[.-]cgi)?|\.asp|\.exe|\.pl)\S*' not found or unable to stat(, referer: \S+)?\s*$
ignoreregex = ignoreregex =

1
fail2ban-testcases
View File

@ -177,6 +177,7 @@ if not opts.no_network:
tests.addTest(unittest.makeSuite(filtertestcase.IgnoreIP)) tests.addTest(unittest.makeSuite(filtertestcase.IgnoreIP))
tests.addTest(unittest.makeSuite(filtertestcase.BasicFilter)) tests.addTest(unittest.makeSuite(filtertestcase.BasicFilter))
tests.addTest(unittest.makeSuite(filtertestcase.LogFile)) tests.addTest(unittest.makeSuite(filtertestcase.LogFile))
tests.addTest(unittest.makeSuite(filtertestcase.LogFileFilterPoll))
tests.addTest(unittest.makeSuite(filtertestcase.LogFileMonitor)) tests.addTest(unittest.makeSuite(filtertestcase.LogFileMonitor))
if not opts.no_network: if not opts.no_network:
tests.addTest(unittest.makeSuite(filtertestcase.GetFailures)) tests.addTest(unittest.makeSuite(filtertestcase.GetFailures))

11
testcases/files/logs/apache-noscript
View File

@ -2,3 +2,14 @@
[Sun Jun 09 07:57:47 2013] [error] [client 192.0.43.10] script '/usr/lib/cgi-bin/gitweb.cgiwp-login.php' not found or unable to stat [Sun Jun 09 07:57:47 2013] [error] [client 192.0.43.10] script '/usr/lib/cgi-bin/gitweb.cgiwp-login.php' not found or unable to stat
# failJSON: { "time": "2008-07-22T06:48:30", "match": true , "host": "198.51.100.86" } # failJSON: { "time": "2008-07-22T06:48:30", "match": true , "host": "198.51.100.86" }
[Tue Jul 22 06:48:30 2008] [error] [client 198.51.100.86] File does not exist: /home/southern/public_html/azenv.php [Tue Jul 22 06:48:30 2008] [error] [client 198.51.100.86] File does not exist: /home/southern/public_html/azenv.php
# failJSON: { "time": "2008-07-22T06:48:30", "match": true , "host": "198.51.100.86" }
[Tue Jul 22 06:48:30 2008] [error] [client 198.51.100.86] script not found or unable to stat: /home/e-smith/files/ibays/Primary/cgi-bin/php
# failJSON: { "time": "2008-07-22T06:48:30", "match": true , "host": "198.51.100.86" }
[Tue Jul 22 06:48:30 2008] [error] [client 198.51.100.86] script not found or unable to stat: /home/e-smith/files/ibays/Primary/cgi-bin/php5
# failJSON: { "time": "2008-07-22T06:48:30", "match": true , "host": "198.51.100.86" }
[Tue Jul 22 06:48:30 2008] [error] [client 198.51.100.86] script not found or unable to stat: /home/e-smith/files/ibays/Primary/cgi-bin/php-cgi
# failJSON: { "time": "2008-07-22T06:48:30", "match": true , "host": "198.51.100.86" }
[Tue Jul 22 06:48:30 2008] [error] [client 198.51.100.86] script not found or unable to stat: /home/e-smith/files/ibays/Primary/cgi-bin/php.cgi
# failJSON: { "time": "2008-07-22T06:48:30", "match": true , "host": "198.51.100.86" }
[Tue Jul 22 06:48:30 2008] [error] [client 198.51.100.86] script not found or unable to stat: /home/e-smith/files/ibays/Primary/cgi-bin/php4

24
testcases/filtertestcase.py
View File

@ -215,15 +215,28 @@ class IgnoreIPDNS(IgnoreIP):
self.assertFalse(self.filter.inIgnoreIPList("128.178.50.11")) self.assertFalse(self.filter.inIgnoreIPList("128.178.50.11"))
self.assertFalse(self.filter.inIgnoreIPList("128.178.50.13")) self.assertFalse(self.filter.inIgnoreIPList("128.178.50.13"))
class LogFile(LogCaptureTestCase):
class LogFile(unittest.TestCase): MISSING = 'testcases/missingLogFile'
def setUp(self):
LogCaptureTestCase.setUp(self)
def tearDown(self):
LogCaptureTestCase.tearDown(self)
def testMissingLogFiles(self):
self.filter = FilterPoll(None)
self.assertRaises(IOError, self.filter.addLogPath, LogFile.MISSING)
class LogFileFilterPoll(unittest.TestCase):
FILENAME = "testcases/files/testcase01.log" FILENAME = "testcases/files/testcase01.log"
def setUp(self): def setUp(self):
"""Call before every test case.""" """Call before every test case."""
self.filter = FilterPoll(None) self.filter = FilterPoll(None)
self.filter.addLogPath(LogFile.FILENAME) self.filter.addLogPath(LogFileFilterPoll.FILENAME)
def tearDown(self): def tearDown(self):
"""Call after every test case.""" """Call after every test case."""
@ -233,7 +246,8 @@ class LogFile(unittest.TestCase):
# self.filter.openLogFile(LogFile.FILENAME) # self.filter.openLogFile(LogFile.FILENAME)
def testIsModified(self): def testIsModified(self):
self.assertTrue(self.filter.isModified(LogFile.FILENAME)) self.assertTrue(self.filter.isModified(LogFileFilterPoll.FILENAME))
self.assertFalse(self.filter.isModified(LogFileFilterPoll.FILENAME))
class LogFileMonitor(LogCaptureTestCase): class LogFileMonitor(LogCaptureTestCase):
@ -604,11 +618,11 @@ class GetFailures(unittest.TestCase):
"""Call after every test case.""" """Call after every test case."""
def testTail(self): def testTail(self):
self.filter.addLogPath(LogFile.FILENAME, tail=True) self.filter.addLogPath(GetFailures.FILENAME_01, tail=True)
self.assertEqual(self.filter.getLogPath()[-1].getPos(), 1653) self.assertEqual(self.filter.getLogPath()[-1].getPos(), 1653)
self.filter.getLogPath()[-1].close() self.filter.getLogPath()[-1].close()
self.assertEqual(self.filter.getLogPath()[-1].readline(), "") self.assertEqual(self.filter.getLogPath()[-1].readline(), "")
self.filter.delLogPath(LogFile.FILENAME) self.filter.delLogPath(GetFailures.FILENAME_01)
self.assertEqual(self.filter.getLogPath(),[]) self.assertEqual(self.filter.getLogPath(),[])
def testGetFailures01(self, filename=None, failures=None): def testGetFailures01(self, filename=None, failures=None):