Merge branch '0.10' into 0.11 (version bump after r.0.10.4)

2018-10-04 13:08:25 +02:00 · 2018-10-04 13:08:25 +02:00 · f9f7e29295
parent a462966cf6 0ae02ba2a1
commit f9f7e29295
8 changed files with 49 additions and 33 deletions
--- a/11
+++ b/11
@ -58,6 +58,17 @@ ver. 0.11.0-dev-0 (20??/??/??) - development nightly edition


 ver. 0.10.4-dev-1 (20??/??/??) - development edition
+ver. 0.10.5-dev-1 (20??/??/??) - development edition
+-----------
+
+### Fixes
+
+### New Features
+
+### Enhancements
+
+
+ver. 0.10.4 (2018/10/04) - ten-four-on-due-date-ten-four
 -----------

 ### Fixes
--- a/config/action.d/badips.py
+++ b/config/action.d/badips.py
@ -32,6 +32,8 @@ else: # pragma: 3.x no cover
 	from urllib import urlencode

 from fail2ban.server.actions import ActionBase
+from fail2ban.helpers import str2LogLevel
+


 class BadIPsAction(ActionBase): # pragma: no cover - may be unavailable
@ -70,6 +72,9 @@ class BadIPsAction(ActionBase): # pragma: no cover - may be unavailable
 	updateperiod : int, optional
 		Time in seconds between updating bad IPs blacklist.
 		Default 900 (15 minutes)
+	loglevel : int/str, optional
+		Log level of the message when an IP is (un)banned.
+		Default `DEBUG`.
 	agent : str, optional
 		User agent transmitted to server.
 		Default `Fail2Ban/ver.`
@ -86,7 +91,7 @@ class BadIPsAction(ActionBase): # pragma: no cover - may be unavailable
 		return Request(url, headers={'User-Agent': self.agent}, **argv)

 	def __init__(self, jail, name, category, score=3, age="24h", key=None,
-		banaction=None, bancategory=None, bankey=None, updateperiod=900, agent="Fail2Ban", 
+		banaction=None, bancategory=None, bankey=None, updateperiod=900, loglevel='DEBUG', agent="Fail2Ban", 
 		timeout=TIMEOUT):
 		super(BadIPsAction, self).__init__(jail, name)

@ -99,6 +104,7 @@ class BadIPsAction(ActionBase): # pragma: no cover - may be unavailable
 		self.banaction = banaction
 		self.bancategory = bancategory or category
 		self.bankey = bankey
+		self.loglevel = str2LogLevel(loglevel)
 		self.updateperiod = updateperiod

 		self._bannedips = set()
@ -289,7 +295,7 @@ class BadIPsAction(ActionBase): # pragma: no cover - may be unavailable
 					exc_info=self._logSys.getEffectiveLevel()<=logging.DEBUG)
 			else:
 				self._bannedips.add(ip)
-				self._logSys.debug(
+				self._logSys.log(self.loglevel,
 					"Banned IP %s for jail '%s' with action '%s'",
 					ip, self._jail.name, self.banaction)

@ -304,12 +310,12 @@ class BadIPsAction(ActionBase): # pragma: no cover - may be unavailable
 					'ipjailmatches': "",
 				})
 			except Exception as e:
-				self._logSys.info(
+				self._logSys.error(
 					"Error unbanning IP %s for jail '%s' with action '%s': %s",
 					ip, self._jail.name, self.banaction, e,
 					exc_info=self._logSys.getEffectiveLevel()<=logging.DEBUG)
 			else:
-				self._logSys.debug(
+				self._logSys.log(self.loglevel,
 					"Unbanned IP %s for jail '%s' with action '%s'",
 					ip, self._jail.name, self.banaction)
 			finally:
@ -337,13 +343,16 @@ class BadIPsAction(ActionBase): # pragma: no cover - may be unavailable
 				ips = self.getList(
 					self.bancategory, self.score, self.age, self.bankey)
 				# Remove old IPs no longer listed
-				self._unbanIPs(self._bannedips - ips)
+				s = self._bannedips - ips
+				m = len(s)
+				self._unbanIPs(s)
 				# Add new IPs which are now listed
-				self._banIPs(ips - self._bannedips)
-
-				self._logSys.debug(
-					"Updated IPs for jail '%s'. Update again in %i seconds",
-					self._jail.name, self.updateperiod)
+				s = ips - self._bannedips
+				p = len(s)
+				self._banIPs(s)
+				self._logSys.log(self.loglevel,
+					"Updated IPs for jail '%s' (-%d/+%d). Update again in %i seconds",
+					self._jail.name, m, p, self.updateperiod)
 			finally:
 				self._timer = threading.Timer(self.updateperiod, self.update)
 				self._timer.start()
--- a/fail2ban/version.py
+++ b/fail2ban/version.py
@ -24,7 +24,7 @@ __author__ = "Cyril Jaquier, Yaroslav Halchenko, Steven Hiscocks, Daniel Black"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier, 2005-2016 Yaroslav Halchenko, 2013-2014 Steven Hiscocks, Daniel Black"
 __license__ = "GPL-v2+"

-version = "0.11.0.dev2"
+version = "0.11.0.dev3"

 def normVersion():
  """ Returns fail2ban version in normalized machine-readable format"""
--- a/man/fail2ban-client.1
+++ b/man/fail2ban-client.1
@ -1,12 +1,12 @@
 .\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.47.4.
-.TH FAIL2BAN-CLIENT "1" "April 2018" "fail2ban-client v0.11.0.dev2" "User Commands"
+.TH FAIL2BAN-CLIENT "1" "October 2018" "fail2ban-client v0.11.0.dev3" "User Commands"
 .SH NAME
 fail2ban-client \- configure and control the server
 .SH SYNOPSIS
 .B fail2ban-client
 [\fI\,OPTIONS\/\fR] \fI\,<COMMAND>\/\fR
 .SH DESCRIPTION
-Fail2Ban v0.11.0.dev2 reads log file that contains password failure report
+Fail2Ban v0.11.0.dev3 reads log file that contains password failure report
 and bans the corresponding IP addresses using firewall rules.
 .SH OPTIONS
 .TP
@ -67,7 +67,7 @@ convert time abbreviation format to seconds
 display this help message
 .TP
 \fB\-V\fR, \fB\-\-version\fR
-print the version
+print the version (\fB\-V\fR returns machine\-readable short format)
 .SH COMMAND
 .IP
 BASIC
@ -210,6 +210,12 @@ adds <IP> to the ignore list of
 removes <IP> from the ignore list
 of <JAIL>
 .TP
+\fBset <JAIL> ignorecommand <VALUE>\fR
+sets ignorecommand of <JAIL>
+.TP
+\fBset <JAIL> ignorecache <VALUE>\fR
+sets ignorecache of <JAIL>
+.TP
 \fBset <JAIL> addlogpath <FILE> ['tail']\fR
 adds <FILE> to the monitoring list
 of <JAIL>, optionally starting at
@ -241,9 +247,6 @@ for <JAIL>
 removes the regular expression at
 <INDEX> for failregex
 .TP
-\fBset <JAIL> ignorecommand <VALUE>\fR
-sets ignorecommand of <JAIL>
-.TP
 \fBset <JAIL> addignoreregex <REGEX>\fR
 adds the regular expression
 <REGEX> which should match pattern
@ -438,11 +441,6 @@ the action <ACT> for <JAIL>
 \fI/etc/fail2ban/*\fR
 .SH "REPORTING BUGS"
 Report bugs to https://github.com/fail2ban/fail2ban/issues
-.SH COPYRIGHT
-Copyright \(co 2004\-2008 Cyril Jaquier, 2008\- Fail2Ban Contributors
-.br
-Copyright of modifications held by their respective authors.
-Licensed under the GNU General Public License v2 (GPL).
 .SH "SEE ALSO"
 .br 
 fail2ban-server(1)
--- a/man/fail2ban-python.1
+++ b/man/fail2ban-python.1
@ -1,5 +1,5 @@
 .\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.47.4.
-.TH FAIL2BAN-PYTHON "1" "April 2018" "fail2ban-python f2bversion" "User Commands"
+.TH FAIL2BAN-PYTHON "1" "October 2018" "fail2ban-python f2bversion" "User Commands"
 .SH NAME
 fail2ban-python \- a helper for Fail2Ban to assure that the same Python is used
 .SH DESCRIPTION
--- a/man/fail2ban-regex.1
+++ b/man/fail2ban-regex.1
@ -1,5 +1,5 @@
 .\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.47.4.
-.TH FAIL2BAN-REGEX "1" "April 2018" "fail2ban-regex 0.11.0.dev2" "User Commands"
+.TH FAIL2BAN-REGEX "1" "October 2018" "fail2ban-regex 0.11.0.dev3" "User Commands"
 .SH NAME
 fail2ban-regex \- test Fail2ban "failregex" option
 .SH SYNOPSIS
@ -72,6 +72,9 @@ journalctl style matches overriding filter file.
 \fB\-l\fR LOG_LEVEL, \fB\-\-log\-level\fR=\fI\,LOG_LEVEL\/\fR
 Log level for the Fail2Ban logger to use
 .TP
+\fB\-V\fR
+get version in machine\-readable short format
+.TP
 \fB\-v\fR, \fB\-\-verbose\fR
 Increase verbosity
 .TP
--- a/man/fail2ban-server.1
+++ b/man/fail2ban-server.1
@ -1,12 +1,12 @@
 .\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.47.4.
-.TH FAIL2BAN-SERVER "1" "April 2018" "fail2ban-server v0.11.0.dev2" "User Commands"
+.TH FAIL2BAN-SERVER "1" "October 2018" "fail2ban-server v0.11.0.dev3" "User Commands"
 .SH NAME
 fail2ban-server \- start the server
 .SH SYNOPSIS
 .B fail2ban-server
 [\fI\,OPTIONS\/\fR]
 .SH DESCRIPTION
-Fail2Ban v0.11.0.dev2 reads log file that contains password failure report
+Fail2Ban v0.11.0.dev3 reads log file that contains password failure report
 and bans the corresponding IP addresses using firewall rules.
 .SH OPTIONS
 .TP
@ -67,14 +67,9 @@ convert time abbreviation format to seconds
 display this help message
 .TP
 \fB\-V\fR, \fB\-\-version\fR
-print the version
+print the version (\fB\-V\fR returns machine\-readable short format)
 .SH "REPORTING BUGS"
 Report bugs to https://github.com/fail2ban/fail2ban/issues
-.SH COPYRIGHT
-Copyright \(co 2004\-2008 Cyril Jaquier, 2008\- Fail2Ban Contributors
-.br
-Copyright of modifications held by their respective authors.
-Licensed under the GNU General Public License v2 (GPL).
 .SH "SEE ALSO"
 .br 
 fail2ban-client(1)
--- a/man/fail2ban-testcases.1
+++ b/man/fail2ban-testcases.1
@ -1,5 +1,5 @@
 .\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.47.4.
-.TH FAIL2BAN-TESTCASES "1" "April 2018" "fail2ban-testcases 0.11.0.dev2" "User Commands"
+.TH FAIL2BAN-TESTCASES "1" "October 2018" "fail2ban-testcases 0.11.0.dev3" "User Commands"
 .SH NAME
 fail2ban-testcases \- run Fail2Ban unit-tests
 .SH SYNOPSIS