Merge remote-tracking branch 'origin/master' into enh-split-comma

* origin/master: DOC: changelog for the timeout change Set Timeout at urlopen to 3 seconds README :: init/service example mentions debian based systems as the example README :: fitted paragraph style BF: disable testing on python 3.2 until coverage gets a fix README :: Some style/grammar tweaks, and init/service script mention. Re: #1193 Set Timeout at urlopen to 3 seconds
2015-09-27 00:52:14 -04:00 · 2015-09-27 00:52:14 -04:00 · ff06176e9e
parent 8cf614e221 4c48e994eb
commit ff06176e9e
5 changed files with 26 additions and 11 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -6,7 +6,8 @@ python:
  - 2.6
  - 2.7
  - pypy
-  - 3.2
+  # disabled until coverage module fixes up compatibility issue
+  # - 3.2
  - 3.3
  - 3.4
  - pypy3
--- a/2
+++ b/2
@ -26,6 +26,8 @@ ver. 0.9.4 (2015/XX/XXX) - wanna-be-released
     http://bugs.debian.org/798923
   * Added openSUSE path configuration (Thanks Johannes Weberhofer)
   * Allow to split ignoreip entries by ',' as well as by ' ' (gh-1197)
+   * Added a timeout (3 sec) to urlopen within badips.py action
+     (Thanks M. Maraun)

 ver. 0.9.3 (2015/08/01) - lets-all-stay-friends
 ----------
--- a/README.md
+++ b/README.md
@ -6,13 +6,15 @@

 ## Fail2Ban: ban hosts that cause multiple authentication errors

-Fail2Ban scans log files like /var/log/pwdfail and bans IP that makes too many
-password failures. It updates firewall rules to reject the IP address. These
-rules can be defined by the user. Fail2Ban can read multiple log files such as
-sshd or Apache web server ones.
+Fail2Ban scans log files like `/var/log/auth.log` and bans IP addresses having
+too many failed login attempts. It does this by updating system firewall rules
+to reject new connections from those IP addresses, for a configurable amount
+of time. Fail2Ban comes out-of-the-box ready to read many standard log files,
+such as those for sshd and Apache, and is easy to configure to read any log
+file you choose, for any error you choose.

-Fail2Ban is able to reduce the rate of incorrect authentications attempts
-however it cannot eliminate the risk that weak authentication presents.
+Though Fail2Ban is able to reduce the rate of incorrect authentications
+attempts, it cannot eliminate the risk that weak authentication presents.
 Configure services to use only two factor or public/private authentication
 mechanisms if you really want to protect services.

@ -42,7 +44,7 @@ To install, just do:
    python setup.py install

 This will install Fail2Ban into the python library directory. The executable
-scripts are placed into /usr/bin, and configuration under /etc/fail2ban.
+scripts are placed into `/usr/bin`, and configuration under `/etc/fail2ban`.

 Fail2Ban should be correctly installed now. Just type:

@ -51,11 +53,20 @@ Fail2Ban should be correctly installed now. Just type:
 to see if everything is alright. You should always use fail2ban-client and
 never call fail2ban-server directly.

+Please note that the system init/service script is not automatically installed.
+To enable fail2ban as an automatic service, simply copy the script for your
+distro from the `files` directory to `/etc/init.d`. Example (on a Debian-based
+system):
+
+    cp files/debian-initd /etc/init.d/fail2ban
+    update-rc.d fail2ban defaults
+    service fail2ban start
+
 Configuration:
 --------------

-You can configure Fail2Ban using the files in /etc/fail2ban. It is possible to
-configure the server using commands sent to it by fail2ban-client. The
+You can configure Fail2Ban using the files in `/etc/fail2ban`. It is possible to
+configure the server using commands sent to it by `fail2ban-client`. The
 available commands are described in the fail2ban-client(1) manpage.  Also see
 fail2ban(1) and jail.conf(5)  manpages for further references.

--- a/1
+++ b/1
@ -71,6 +71,7 @@ kojiro
 Lars Kneschke
 Lee Clemens
 leftyfb (Mike Rushton)
+M. Maraun
 Manuel Arostegui Ramirez
 Marcel Dopita
 Mark Edgington
--- a/config/action.d/badips.py
+++ b/config/action.d/badips.py
@ -117,7 +117,7 @@ class BadIPsAction(ActionBase):
 		"""
 		try:
 			response = urlopen(
-				self._Request("/".join([self._badips, "get", "categories"])))
+				self._Request("/".join([self._badips, "get", "categories"])), None, 3)
 		except HTTPError as response:
 			messages = json.loads(response.read().decode('utf-8'))
 			self._logSys.error(