github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
3,735 Commits
34 Branches
230 Tags
22 MiB
Commit Graph

773 Commits (0.9)

Author SHA1 Message Date
Orion Poplawski 3bc92610f7 Add dovecot auth failure from EL7 2015-01-29 09:11:59 -07:00
Lee Clemens f4341999cd simplify/unify log message 2015-01-28 19:43:22 -05:00
Lee Clemens 076b103f97 Conditionally log Ignore IP, and pass in reason (ignoreip, ignorecommand) 2015-01-27 21:06:06 -05:00
Lee Clemens 887fa2a3a0 Update protocol with [FLAVOR] argument to status <JAIL> 2015-01-26 20:11:53 -05:00
Lee Clemens 297a32e6bb Update test since JailThread.action was changed from property to method 2015-01-26 20:02:49 -05:00
Lee Clemens 486214585e Update extended status to accept additional argument, flavor 
Default to as-in behavior, or flavor=="basic"
 2015-01-26 19:38:06 -05:00
Lee Clemens 735c51adae fix test of new banManager's instance 2015-01-24 12:45:42 -05:00
Lee Clemens a0debea56a test dnspython nxdomain returned 2015-01-24 12:45:42 -05:00
Lee Clemens 07a47179a7 conditionally import dnspython 2015-01-24 12:45:42 -05:00
Lee Clemens 405f363fe8 Conditionally test fail2ban-client status <JAIL> extended when dnspython is installed 2015-01-24 12:45:42 -05:00
Lee Clemens ba69969057 Add `pass` to empty methods 2015-01-24 12:45:42 -05:00
Lee Clemens 60ac0a1a17 Add extended info to status output using Cyrmu 2015-01-24 12:45:42 -05:00
sebres d0b932aaca code review + more test cases (embedded replace in a string) 2015-01-21 09:44:55 +01:00
sebres 6b42878b8c better recognition of embedded-recursive substitution to repeat interpolation 2015-01-20 17:31:17 +01:00
sebres 33e9e2174a recursive/embedded version of issue/907; 
test cases merged from remote-tracking branch 'yarikoptic:enh/embedded_tags' into issue/907
infinite busy loop on _escapedTags match in substituteRecursiveTags gh-907
 2015-01-20 17:18:25 +01:00
sebres 607af36ad3 workaround for the "Bad file descriptor" issue on Python 2.7, gh-161 : asyncore.loop() using poll 
by the way, prevents to write "'build/bdist.linux-x86_64' does not exist -- can't clean it" into stderr;
 2015-01-20 14:08:30 +01:00
sebres b04a51246f infinite busy loop on _escapedTags match in substituteRecursiveTags gh-907 2015-01-20 11:32:15 +01:00
Yaroslav Halchenko fdd93d1475 ENH: unittest to catch actions without Init or Definition section and all must have actionban at least 2015-01-08 21:51:52 -05:00
Yaroslav Halchenko c7edd9e67f Merge pull request #901 from leeclemens/ENH/PostfixRBL 
Create Jail for Postfix based on RBL
 2015-01-07 21:45:36 -05:00
Lee Clemens bda8dc1926 Merge branch 'master' of github.com:fail2ban/fail2ban into ENH/PostfixRBL 2015-01-03 15:29:42 -05:00
Lee Clemens 38641e741a Merge branch 'master' of github.com:fail2ban/fail2ban into BF/755-strptime 
Conflicts:
	ChangeLog
 2015-01-03 15:25:54 -05:00
Lee Clemens b26725f654 Move strptime workaround to fail2ban/__init__.py 2015-01-03 13:45:06 -05:00
Lee Clemens fe72a5585c Create Jail for Postfix based on RBL 
Use RBL blocks to ban addresses, unique Jail so maxretry can be set to 1 (vs postfix.conf)
 2014-12-30 19:06:17 -05:00
Lee Clemens e6ffa2e4a1 Update year in postfix logs test file 2014-12-30 18:10:19 -05:00
Lee Clemens 2d7429c47c Add 'Client host rejected error message' regex 
Not sure if it was reworded (using Postfix 2.6) or a slightly different error, but I only have "Client host rejected: cannot find your hostname"
 2014-12-30 18:05:19 -05:00
Yaroslav Halchenko bcfcefa203 Merge branch 'patch-2' of https://github.com/szepeviktor/fail2ban 
* 'patch-2' of https://github.com/szepeviktor/fail2ban:
  downcase example
  Added an item to "Fixes"
  postfix-sasl failregex case insensitive
 2014-12-30 16:35:09 -05:00
Yaroslav Halchenko cc89649d04 BF: adjusted for new IP of example.com 
Conflicts:
	fail2ban/tests/filtertestcase.py
 2014-12-21 21:45:30 -05:00
Viktor Szépe a9b6a3754b downcase example 2014-12-11 21:01:52 +01:00
Yaroslav Halchenko fb2b52af14 Merge pull request #879 from sebres/broken-test-setup_install_root 
testSetupInstallRoot will be always skipped, ...
 2014-12-05 11:20:31 -05:00
sebres a71a64733a clean all after test setup (removes a build directory in current root of fail2ban) 2014-12-05 16:39:17 +01:00
bes-internal ccc986b7d8 exim filter: correct failregex for exim with extended log options 
incoming_interface, incoming_port, outgoing_port
 2014-12-04 13:34:44 +03:00
sebres 7d4f071d4b small fix: no cover for failed case 2014-12-03 15:25:27 +01:00
sebres d62b046704 testSetupInstallRoot will be always skipped, because of "wrong" location of 'setup.py'; 2014-12-03 14:45:46 +01:00
sebres 80fb48c5b0 Merge remote-tracking branch 'remotes/upstream/master' into sebres:addfailregex-gh-867 2014-12-01 13:14:42 +01:00
Yaroslav Halchenko a170afcb76 Merge pull request #839 from sebres/fix-none-getattempt-lambda 
Fix none getattempt lambda (close #838,  close #848)
 2014-11-29 21:33:09 -05:00
sebres effdb450fc better and scalable solution for gh-867 (and gh-868), using only name convention like %(known/failregex)s to add custom expressions, so no interface changes in jail.conf are necessary (for example see test-known-interp in test cases); 2014-11-29 20:33:32 +01:00
sebres 00c2ac4b03 python 2.6 compatibility: preventing RuntimeError: dictionary changed size during iteration. 2014-11-28 19:50:52 +01:00
sebres d63b125877 interpolation of config readers extended with `%(known/parameter)s`. 
(means last known option with name `parameter`).
 2014-11-28 19:06:17 +01:00
sebres 1439152121 test cases extended (now correct) 2014-11-28 14:52:12 +01:00
sebres cad09d2df3 BF: failregex declared direct in jail was joined to single line, (specifying of multiple expressions was not possible); 
feature request (gh-867): new options for jail introduced addfailregex/addignoreregex: extends regex specified in filter (opposite to failregex/ignoreregex that overwrites it);
 2014-11-28 03:17:47 +01:00
Serg G. Brester 6dfddbcdf6 Bug fix in formatJournalEntry, gh-851 
Unhandled exception in fail2ban 0.9.1 #851
 2014-11-07 01:21:38 +01:00
sebres 92ba5ae09c few confusing merge info helper 2014-10-29 22:08:44 +01:00
sebres 46a8899f20 code review 2014-10-29 19:27:45 +01:00
sebres 8dbc04aa06 Test cases fixed: 
testFail2BanExceptHook - use local sys.__excepthook__ to check was really executed and prevent write error in stderr.
 2014-10-29 13:30:24 +01:00
sebres 518cc92ccc actions: bug fix in lambdas in checkBan, because getBansMerged could return None (purge resp. asynchronous addBan), make the logic all around more stable; 
test cases: extended with test to check action together with database functionality (ex.: to verify lambdas in checkBan);
database: getBansMerged should work within lock, using reentrant lock (cause call of getBans inside of getBansMerged);
 2014-10-29 12:36:21 +01:00
Yaroslav Halchenko 7acddcbe4a Post-release boost to .dev 2014-10-27 23:45:51 -04:00
Yaroslav Halchenko 987356d6c0 Changes for the 0.9.1 release versioning 2014-10-27 21:43:17 -04:00
Yaroslav Halchenko fc145eb795 Merge pull request #748 from pacop/master 
ENH: Add dateTime format for PortSentry
 2014-10-25 12:34:00 -04:00
Yaroslav Halchenko 8a453018a9 Merge pull request #830 from sebres/_tent/cache-config-read-fix1 
fix: fail2ban-regex with filter file failed
 2014-10-25 12:30:55 -04:00
pacop e3a037ee3f merge master 2014-10-25 18:15:34 +02:00
sebres 3dac765598 ConfigReader.touch renamed into protected _create_unshared 2014-10-25 17:20:01 +02:00
Yaroslav Halchenko e1a5decc00 DOC: adjust docs in mytime to place docs into docstrings 2014-10-25 09:34:37 -04:00
Yaroslav Halchenko caa6006a31 ENH: do use @staticmethod (we are well beyond support of 2.4 now) 2014-10-25 09:25:18 -04:00
sebres 07d4badfd0 testExecuteTimeout fixed: give a test still 1 second, because system could be too busy 2014-10-24 05:42:58 +02:00
sebres bef0502e6b coverage: no cover (for failed except) 2014-10-24 05:28:35 +02:00
sebres 0b0ea41f87 fix: fail2ban-regex with filter file failed (after merging #824, because test case missing); 
test case for 'readexplicit' added;
 2014-10-24 04:59:44 +02:00
Yaroslav Halchenko d4015d6566 ENH: remove obsolete code for python < 2.6 (we support >= 2.6) 2014-10-23 14:51:51 -04:00
Yaroslav Halchenko 78e1a13fad Merge branch '_tent/cache-config-read' of https://github.com/sebres/fail2ban 
* '_tent/cache-config-read' of https://github.com/sebres/fail2ban:
  code review, change log entries added;
  reset share/cache storage (if we use 'reload' in client with interactive mode)
  normalize tabs/spaces in docstrings;
  cache-config-read-v2 merged; logging normalized, set log level for loading (read or use shared) file(s) to INFO; prevent to read some files twice by read inside "_getIncludes" and by "read" self (occurred by only one file);
  code review; more stable config sharing, configurator always shares it config readers now;
  code review: use the same code (corresponding test cases - with sharing on and without it);
  rewritten caching resp. sharing of ConfigReader and SafeConfigParserWithIncludes (v.2, first and second level cache, without fingerprinting etc.);
  code review
  ConfigReader/ConfigWrapper renamed as suggested from @yarikoptic; + code clarifying (suggested also);
  Partially merge remote-tracking from 'sebres:cache-config-read-820': test cases extended, configurator.py adapted for test case.
  ENH: keep spitting out logging to the screen in LogCaptureTestCases if HEAVYDEBUG
  test case for check the read of config files will be cached;
  more precise by test
  ConfigWrapper class introduced: sharing of the same ConfigReader object between JailsReader and JailReader (don't read jail config each jail); sharing of the same DefinitionInitConfigReader (ActionReader, FilterReader) between all jails using that; cache of read a config files was optimized; test case extended for all types of config readers;
  config cache optimized - prevent to read the same config file inside different resources multiple times; test case: read jail file only once;
  test case for check the read of config files will be cached;
  caching of read config files, to make start of fail2ban faster, see issue #820
 2014-10-23 14:28:33 -04:00
Yaroslav Halchenko 86a5f42f73 BF: made tests util digest.py friendly to python3 2014-10-12 16:40:29 -04:00
sebres 7d3e6e9935 code review, change log entries added; 2014-10-10 20:06:58 +02:00
sebres 73a06d55a8 reset share/cache storage (if we use 'reload' in client with interactive mode) 2014-10-10 18:50:24 +02:00
sebres 7f5d4aa7a6 normalize tabs/spaces in docstrings; 2014-10-10 16:59:40 +02:00
sebres 95bdcdecaa cache-config-read-v2 merged; 
logging normalized, set log level for loading (read or use shared) file(s) to INFO;
prevent to read some files twice by read inside "_getIncludes" and by "read" self (occurred by only one file);
 2014-10-10 16:49:08 +02:00
sebres 02a46d0901 code review; 
more stable config sharing, configurator always shares it config readers now;
 2014-10-10 12:05:49 +02:00
sebres e0eb4f2358 code review: use the same code (corresponding test cases - with sharing on and without it); 2014-10-10 02:47:42 +02:00
sebres c35b4b24d2 rewritten caching resp. sharing of ConfigReader and SafeConfigParserWithIncludes (v.2, first and second level cache, without fingerprinting etc.); 2014-10-10 02:10:13 +02:00
sebres 37952ab75f code review 2014-10-09 19:51:53 +02:00
sebres f67053c2ec ConfigReader/ConfigWrapper renamed as suggested from @yarikoptic; 
+ code clarifying (suggested also);
 2014-10-09 19:01:49 +02:00
sebres f6723a12ff Merge branch 'cache-config-read-820' into _tent/cache-config-read 2014-10-09 18:01:31 +02:00
sebres b62ce14ccd Partially merge remote-tracking from 'sebres:cache-config-read-820': 
test cases extended, configurator.py adapted for test case.
 2014-10-09 18:00:45 +02:00
Yaroslav Halchenko 0c5f11079c ENH: keep spitting out logging to the screen in LogCaptureTestCases if HEAVYDEBUG 2014-10-09 10:47:00 -04:00
sebres f31607ded1 test case for check the read of config files will be cached; 
Conflicts:
	fail2ban/tests/clientreadertestcase.py -- removed not needed
        time in imports
 2014-10-09 10:30:17 -04:00
sebres 51cae63bf0 more precise by test 2014-10-09 15:39:58 +02:00
sebres 4244c87802 ConfigWrapper class introduced: sharing of the same ConfigReader object between JailsReader and JailReader (don't read jail config each jail); 
sharing of the same DefinitionInitConfigReader (ActionReader, FilterReader) between all jails using that;
cache of read a config files was optimized;
test case extended for all types of config readers;
 2014-10-09 14:51:08 +02:00
sebres 2a54e61238 config cache optimized - prevent to read the same config file inside different resources multiple times; 
test case: read jail file only once;
 2014-10-08 15:44:32 +02:00
sebres af4b48e841 test case for check the read of config files will be cached; 2014-10-07 14:37:40 +02:00
pacop ce4f2d1c88 added filter for PortSentry with jail and samples 2014-10-04 15:08:12 +02:00
pacop 37acc6b832 ENH: Add dateTime format for PortSentry 
Added dateTime format for PortSentry with EPOCH format
 2014-10-04 14:55:22 +02:00
sebres d00af327c5 caching of read config files, to make start of fail2ban faster, see issue #820 2014-10-03 02:11:55 +02:00
Yaroslav Halchenko 05fcb1f104 Merge pull request #813 from schaal/tests-configdir-env-variable 
tests: Add function to utils to calculate CONFIG_DIR
 2014-10-01 14:19:26 -04:00
Daniel Schaal 270ea363d3 tests: define CONFIG_DIR in utils. 2014-10-01 19:50:03 +02:00
SlowRiot 5d526bbeb1 forgot to add test case to last commit 2014-09-29 00:49:22 +01:00
Nick Weeds 2c158fe168 Add apache filter for AH01630 client denied by server configuration 2014-09-14 21:54:05 +01:00
Yaroslav Halchenko 0e1f8f7f39 RF: remove those two additional failregexes for the postfix 
see comment
https://github.com/fail2ban/fail2ban/pull/804\#discussion_r17512426
 2014-09-13 10:25:27 -04:00
Paul Traina 249e169d8e Update test cases and also suport smtps per request. 2014-09-08 11:53:51 -07:00
Yaroslav Halchenko f756278fe5 ENH: just a bit more descriptive exception ;-) 2014-08-12 11:53:54 -04:00
Yaroslav Halchenko b2a1032f57 ENH/BF(TST): making permissions restrictive is not sufficient -- really remove file to test 2014-08-12 11:31:42 -04:00
Yaroslav Halchenko 6fc04c2256 Merge branch 'bf+enh/cyrus-imap' of https://github.com/yarikoptic/fail2ban (with some tune up to Changelog entry) 
* 'bf+enh/cyrus-imap' of https://github.com/yarikoptic/fail2ban:
  ENH: cyrus-imap -- catch also 'user not found' attempts
  BF: cyrus-imaps -- catch also for secured daemons

Conflicts:
	ChangeLog
 2014-08-11 13:09:43 -04:00
Yaroslav Halchenko f9cfbd66e6 Merge pull request #771 from szepeviktor/patch-1 
named users + smtp auth probes
 2014-07-28 10:14:18 -04:00
Yaroslav Halchenko 81c98f77ca Merge pull request #769 from kwirk/unban-database 
BF: Remove manually unbanned IPs from persistent database
 2014-07-27 21:54:44 -04:00
Yaroslav Halchenko 45c1095606 Merge pull request #750 from niorg/master 
Added Directadmin filter, jail and log test
 2014-07-27 21:47:07 -04:00
Yaroslav Halchenko 3339dc8d84 ENH: cyrus-imap -- catch also 'user not found' attempts 2014-07-25 10:13:04 -04:00
Yaroslav Halchenko 3e5c598b79 BF: cyrus-imaps -- catch also for secured daemons 2014-07-25 10:02:40 -04:00
Szépe Viktor 68bf5a1c36 I don't understand those years. 2014-07-20 21:23:57 +02:00
Szépe Viktor 9c4f9a3de8 added Jul 3 & Jul 4 2014-07-20 21:13:55 +02:00
Steven Hiscocks 01d02ca5e6 BF: Remove manually unbanned IPs from persistent database 
Stops them being restored when Fail2Ban is restarted. Particularly this
is an issue with bantime < 0

Fixes gh-768
 2014-07-19 15:17:32 +01:00
Steven Hiscocks 8e0a59f04d Merge pull request #763 from Sean-Der/round-banip-time 
BF: Round timeofban before inserting into the persistant database
 2014-07-19 14:56:32 +01:00
Sean DuBois ac9fa90625 BF: Round timeofban before inserting into the persistant database 2014-07-17 21:57:52 +00:00
Sean DuBois 84b7e93a47 ENH: Add version command to protocol 
TST: Add test for version server command
 2014-07-15 06:19:13 +00:00
Cyril Roos add8e61036 Added Directadmin filter, jail and log test 2014-07-02 13:52:06 +02:00
Yaroslav Halchenko 0adb10f653 Merge branch 'ainfo-copy' of https://github.com/kwirk/fail2ban 
* 'ainfo-copy' of https://github.com/kwirk/fail2ban:
  TST: actions modifying aInfo test more robust
  TST: Test for actions modifying (un)ban aInfo
  BF: aInfo could be modified by actions, causing unexpected behaviour
 2014-06-22 10:53:30 -04:00
Steven Hiscocks dd3ab858dd TST: actions modifying aInfo test more robust 2014-06-22 13:56:32 +01:00
Steven Hiscocks 7640aa0918 TST: Test for actions modifying (un)ban aInfo 2014-06-22 13:47:25 +01:00
Steven Hiscocks 2d54161696 Merge branch 'kwirk/harmonize-log-msgs' 
Conflicts:
	ChangeLog - Keep all additions
 2014-06-22 12:57:49 +01:00
Steven Hiscocks 94232d7c31 Merge pull request #726 from pmarrapese/master 
Minor improvement to sshd filter
 2014-06-17 23:43:42 +01:00
Steven Hiscocks 8268c1641f BF: aInfo could be modified by actions, causing unexpected behaviour 
A separate copy of aInfo is passed to each action
 2014-06-17 23:24:23 +01:00
Yaroslav Halchenko 4190a4030c Merge branch 'sebres-strptime-bug' of https://github.com/kwirk/fail2ban 
* 'sebres-strptime-bug' of https://github.com/kwirk/fail2ban:
  DOC: Tweak ChangeLog and THANKS
  DOC: Update docs in reference to time zone related fix
  TST: Fix tests due to @sebres fix and based from gh-349 reverts
  strptime bug fix: if gmtoff is None we have 1 hour increment of time (through utctimetuple), compare: >>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().timetuple())).strftime("%Y-%m-%d %H:%M:%S") '2014-04-29 17:26:31' >>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().utctimetuple())).strftime("%Y-%m-%d %H:%M:%S") '2014-04-29 18:26:37'

Conflicts:
	ChangeLog
 2014-06-16 09:28:41 -04:00
Steven Hiscocks 664f1db0ba BF: Fix getLogger for single level log level names 2014-06-10 20:58:57 +01:00
Steven Hiscocks 9764c78415 ENH: Rename fail2ban_excepthook to excepthook 2014-06-10 20:38:18 +01:00
Steven Hiscocks 4fc7f1a831 ENH: Tweak naming of getF2BLogger, and ensure consistent use 2014-06-10 20:36:19 +01:00
Steven Hiscocks f7da091437 ENH: Log unhandled exceptions to Fail2Ban log 2014-06-09 22:27:51 +01:00
Steven Hiscocks e8131475cd ENH: Realign and harmonise log messages with getF2BLogger helper 2014-06-09 22:17:00 +01:00
JoelSnyder 54317d7c3b Create test for oracleims filter 
This test file shows configuration information for the application, three log lines that DO match the pattern, and one log line that does NOT match the pattern (the first one).
 2014-06-02 22:58:39 -07:00
pmarrapese 96918acee4 more explicit match for sshd filter & added test 2014-05-19 20:47:16 -07:00
Steven Hiscocks 0ca97431a0 ENH: Clearer warning with lines which failed to decode correctly 2014-05-15 22:48:03 +01:00
sebres 213c4315c3 fix a TypeError bugs like "Failed to execute ban jail 'pam-generic' action 'iptables-allports'" 
getAttempt returns not a list (numeric), so by call of both lambda we have a TypeError except;
simplifying code;
 2014-05-15 19:41:00 +02:00
Steven Hiscocks 8843423c8f TST: Fix tests due to @sebres fix and based from gh-349 reverts 2014-05-14 23:01:14 +01:00
sebres 2bf0b4a50c strptime bug fix: if gmtoff is None we have 1 hour increment of time (through utctimetuple), compare: 
>>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().timetuple())).strftime("%Y-%m-%d %H:%M:%S")
'2014-04-29 17:26:31'
>>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().utctimetuple())).strftime("%Y-%m-%d %H:%M:%S")
'2014-04-29 18:26:37'
 2014-05-14 22:29:06 +01:00
Yaroslav Halchenko 2526dbae92 Merge branch 'recursive-tag-fix' of https://github.com/kwirk/fail2ban 
* 'recursive-tag-fix' of https://github.com/kwirk/fail2ban:
  ENH: explicitly define tags which should be escaped
  DOC: ChangeLog update for recursive tag bug fix
  BF: Tags not fully recursively substituted

Conflicts:
	ChangeLog -- kept all as is
 2014-05-13 11:23:30 -04:00
Steven Hiscocks 1e586fb0e9 ENH: explicitly define tags which should be escaped 2014-05-11 14:49:49 +01:00
Yaroslav Halchenko c619202d6f Merge branch 'master' of github.com:fail2ban/fail2ban 
* 'master' of github.com:fail2ban/fail2ban:
  ENH: Match non "Bye Bye" for sshd locked accounts failregex
  Even stricter monit regex, now covers entire line
  Tidy up filter.d/monit.conf, make regex more complete. Add ChangeLog / THANKS entry. Add test cases.
  ENH: Move traceback formatter to from tests.utils to helpers
  Block brute-force attempts against the Monit gui
 2014-05-10 20:02:47 -04:00
Steven Hiscocks 904b362215 DOC: ChangeLog update for recursive tag bug fix 
Also minor typo fixes in comments
 2014-05-09 20:25:44 +01:00
Steven Hiscocks 77ba065571 Merge pull request #697 from jhmartin/monit_admin_hack 
Block brute-force attempts against the Monit gui
 2014-05-07 22:23:01 +01:00
Yaroslav Halchenko 3471f13a84 Merge pull request #700 from kwirk/format-traceback-to-helpers 
ENH: Move traceback formatter to from tests.utils to helpers
 2014-05-07 09:09:01 -04:00
Yaroslav Halchenko 1f8b554d31 Merge branch 'database-persistent-bans' of https://github.com/kwirk/fail2ban 
* 'database-persistent-bans' of https://github.com/kwirk/fail2ban:
  BF: bantime < 0 database should return all bans, as they are persistent

Conflicts:
	ChangeLog - kept all ;)
 2014-05-05 23:29:35 -04:00
Yaroslav Halchenko 3eabf4a7bd Merge pull request #708 from kwirk/ssh-bye-bye 
ENH: Match non "Bye Bye" for sshd locked accounts failregex
 2014-05-05 23:22:57 -04:00
Steven Hiscocks b3266ba44d BF: Tags not fully recursively substituted 
Note: recursive check ignored for "matches", as tags would be escaped,
and hence shouldn't match "<%s>" as "<ip>" would become "\<ip\>". This
therefore maintains advantage of delayed call for {ip,jail,}matches.

Fixes gh-713
 2014-05-03 14:28:13 +01:00
Steven Hiscocks cf3a6015f0 BF: Avoid closing "/dev/urandom" for Python 3.4.0 
Upstream bug: http://bugs.python.org/issue21207

Closes gh-687
 2014-05-03 12:44:03 +01:00
Steven Hiscocks bc10b64c69 ENH: Match non "Bye Bye" for sshd locked accounts failregex 2014-04-27 13:35:55 +01:00
Steven Hiscocks bbcbefd494 BF: bantime < 0 database should return all bans, as they are persistent 2014-04-22 19:20:44 +01:00
Steven Hiscocks a7766d3316 DOC: Add notice message for systemd backend when no journal match 2014-04-20 17:59:41 +01:00
Jason Martin 72bfd14330 Tidy up filter.d/monit.conf, make regex more complete. 
Add ChangeLog / THANKS entry.
Add test cases.
 2014-04-19 13:04:03 -07:00
Steven Hiscocks 03d90c2f42 BF: recidive filter and samples at wrong log level: WARNING->NOTICE 2014-04-19 18:07:23 +01:00
Steven Hiscocks 6a740f684a ENH: Move traceback formatter to from tests.utils to helpers 
Now allows for tests to be removed from package if desired
 2014-04-18 23:27:30 +01:00
Yaroslav Halchenko 5e179f5dcb TST: skip the test if a known problem with Python 2.6 is detected 
As was original "discovered" while running tests on OSX with python2.6:
http://nipy.bic.berkeley.edu/builders/fail2ban-py2.7-osx-10.6_master/builds/6/steps/shell_2/logs/stdio
 2014-04-17 22:23:20 -04:00
Yaroslav Halchenko 16077a2771 add .dev to 0.9.0 version 2014-04-17 14:08:43 -04:00
Yaroslav Halchenko 3c0d6a77d2 BF: testDatabase -- close and unlink the created test db file 2014-04-17 10:40:37 -04:00
Steven Hiscocks 9d6fc6eca2 ENH: For syslog use SYSLOG_PID over _PID in systemd journal log format 2014-04-16 23:58:00 +01:00
Yaroslav Halchenko c2289bc8fe ENH(TST): relax test of sleep to "1" places from "2" 
The reason is that internally it does round, so even 1.005 then would not
be equal to 1.  Making it spaces==1 should be sufficient for up to 1.05
i.e. we would allow 50ms "drift"
 2014-04-16 15:52:18 -04:00
Steven Hiscocks 1369701f87 ENH: Log trace info for failed action events when in DEBUG 2014-04-12 11:27:05 +01:00
Yung-Chin Oei 941a38ea8e nginx-http-auth: match when "referrer" is present 
A sample log-line is provided.  The updated regex successfully matches
this line.

Signed-off-by: Yung-Chin Oei <yungchin@yungchin.nl>
 2014-04-04 01:27:39 +01:00
Steven Hiscocks 100b5e61f5 Merge 'kwirk/config-warnings' (early part) 2014-04-03 18:36:56 +01:00
yungchin 6e8c1b2871 nginx-http-auth filter: match server_name = "" 
As documented at
http://nginx.org/en/docs/http/server_names.html#miscellaneous_names "If
no server_name is defined in a server block then nginx uses the empty
name as the server name."  This regex change allows us to match error
output for such a configuration.

The log line added to the tests was lifted from our logs verbatim; it
did not match without the patched regex.

Signed-off-by: Yung-Chin Oei <yungchin@yungchin.nl>
 2014-04-03 11:04:21 +01:00
Steven Hiscocks 638c013557 ENH: Suppress configuration warnings if non-critical options are not set 2014-04-02 18:30:21 +01:00
Daniel Black ce982debae Merge pull request #670 from kwirk/reban-once-per-ip 
BF: On jail restart reinstatement of bans, fetch one ticket per IP
 2014-03-31 18:36:06 +11:00
Daniel Black 73fb716920 Merge pull request #671 from kwirk/sphinx 
DOC: sphinx documentation
 2014-03-31 18:32:37 +11:00
Steven Hiscocks 953ebd62c6 DOC: Improve error logging when specific backend set and fails 2014-03-29 23:08:37 +00:00
Steven Hiscocks 3781ff845a BF: Fix getting jail name from exceptions in beautifier for Python 3+ 2014-03-29 22:54:06 +00:00
Steven Hiscocks baeff6141e DOC: sphinx documentation 2014-03-29 22:07:33 +00:00
Steven Hiscocks dc24d3d494 BF: On jail restart reinstatement of bans, fetch one ticket per IP 
Closes gh-664
 2014-03-29 21:44:39 +00:00
Ruben Kerkhof 1695d5c076 Fix a few typos 
Found with https://github.com/lucasdemarchi/codespell

Signed-off-by: Ruben Kerkhof <ruben@rubenkerkhof.com>
 2014-03-24 13:16:52 +00:00
Steven Hiscocks b73ed9b59e BF: Ignored IPs no longer being banned from database on restart 2014-03-24 00:30:46 +00:00
Steven Hiscocks 7046388291 Merge branch 'database-no-sqlite' 
Conflicts:
	ChangeLog
        - Entries added in both branches, both kept
 2014-03-22 17:34:38 +00:00
Steven Hiscocks 175c593462 TST: Skip badips.py test is no network option set 2014-03-19 19:30:48 +00:00
Steven Hiscocks 75325da090 TST: Skip SYSLOG log target test if '/dev/log' not present 2014-03-19 19:21:23 +00:00
Steven Hiscocks 1470e3c01d BF: fail2ban.conf reader expected "int" type for `loglevel` 
Closes #657
 2014-03-19 19:09:07 +00:00
Steven Hiscocks 1c65b94617 BF: Handle case when no sqlite library is available for the database 2014-03-19 18:55:54 +00:00
Steven Hiscocks b83550ad0b TST: Unused import in test_smtp 
Remnants from c7df15f014
 2014-03-16 22:13:37 +00:00
Steven Hiscocks 41de7ca879 TST: Fix test failing due to wrapping of long subject lines v2 
Another fix based from c7df15f014 which
failed due to python3.3 not wrapping headers to 78 characters.
 2014-03-16 21:14:54 +00:00
Steven Hiscocks c7df15f014 TST: Fix test failing due to wrapping of log subject lines 
Typically flagged by pypy due to what appears to be typically longer
object "ids" compared to python{2,3}
 2014-03-16 19:10:32 +00:00
Steven Hiscocks 41cbbbc248 BF: Remove unused imports and variables. 
All highlighted by using pyflakes.
 2014-03-16 14:31:34 +00:00
Steven Hiscocks 5b14bc048f BF: FilterSystemd.formatJournalEntry is a classmethod, not staticmethod 
Reference to undefined `self` was raising error.
 2014-03-16 13:27:13 +00:00
Daniel Black c7f4c48090 TST/BF: more changes to make sure testcases can be run on live install 2014-03-15 11:18:01 +11:00
Daniel Black 64d1502d48 TST: learn to spell executable 2014-03-15 11:09:55 +11:00
Daniel Black 51403fec50 TST: fail2ban-testcases to be able to be run on installed fail2ban 2014-03-15 11:06:29 +11:00
Daniel Black fe582e67e3 TST: allow for ignorecommand.py not installed with execute permissions 2014-03-15 11:05:43 +11:00
Daniel Black 8671b73958 DOC: versioning and release/readme notes 2014-03-14 23:08:25 +11:00
Daniel Black 476d79d3cc ENH: asterisk filter to support syslog format 2014-03-14 09:03:27 +11:00
Steven Hiscocks 0222ff4677 Merge branch 'badips-blacklist' into 0.9 
Conflicts:
	ChangeLog
        - entires added in both branches.

Change:
        config/action.d/badips.py
        - jail.getName() changed to jail.name
 2014-03-13 20:01:15 +00:00
Steven Hiscocks dfb46cfda6 BF: Require Python 2.7+ for badips.py action 2014-03-12 21:54:15 +00:00
Daniel Black 50d938e0bf MRG: merge filter sendmail-spam into sendmail-reject 2014-03-02 16:28:23 +11:00
Daniel Black 2d45becb0e Merge branch '0.9' into distro-paths-gh-315 2014-03-02 15:17:21 +11:00
Daniel Black cc8ec826c5 MRG: from master 2014-03-02 2014-03-02 14:33:45 +11:00
Steven Hiscocks beca72e188 DOC: Change Found and Ignore message to INFO rather than NOTICE 
This was the original proposal in gh-621 but was put to NOTICE in error
 2014-02-27 20:47:58 +00:00
Steven Hiscocks 689ed9d511 DOC: Fix up doc strings styling to comply with numpy doc style 2014-02-27 20:46:48 +00:00
Steven Hiscocks f68ab3c4de DOC: Added missing parameter for jail `add` method 2014-02-24 19:05:22 +00:00
Steven Hiscocks a9b9c6ea03 Merge branch 'logging' into 0.9 
Conflicts:
	fail2ban/server/actions.py
                jail getName()->name
	fail2ban/server/filter.py
                jail getName()->name
 2014-02-23 23:03:56 +00:00
Steven Hiscocks edd0bf7d46 ENH+DOC: Update Fail2Ban database doc strings and use properties 2014-02-23 18:38:22 +00:00
Steven Hiscocks df8d700d17 RF: Refactor Jail and JailThread 
Includes:
    - documentation to new format and use of properties
    - change isActive->is_active as former no longer documented for
      python3, and later introduction and documented in python2.6
    - status formatter in beautifier somewhat more automatically
      formatted; no changes are required for additional status elements
    - JailThread now set to active within `start` method, complimenting
      `stop` method
 2014-02-23 17:41:14 +00:00
Steven Hiscocks 2b33a5fbaa TST+DOC: Improve error message for log level, and test HEAVYDEBUG 2014-02-22 17:08:30 +00:00
Steven Hiscocks 5630c56c75 ENH: Change logging levels and make info more verbose 2014-02-20 23:01:40 +00:00
Daniel Black a044517cb7 MRG: from master to 0.9 2014-02-20 2014-02-20 08:35:24 +11:00
Daniel Black 79e6543eca Merge branch '0.9' into distro-paths-gh-315 2014-02-20 08:20:47 +11:00
Steven Hiscocks df3e4a2742 ENH: Warn when multiline regex used when maxlines not greater than 1 2014-02-15 14:42:44 +00:00
Steven Hiscocks 5c7630c4be ENH: Allow separate blacklist category for badips.py action 2014-02-14 17:45:08 +00:00
Steven Hiscocks fceac53776 TST: Move nagios log sample to correct folder 2014-02-13 21:02:26 +00:00
Steven Hiscocks f68d85a6ac Merge branch 'master' into 0.9 
Conflicts:
	ChangeLog
                Spelling correction of 0.8.13 fixed in master
	config/jail.conf
                Added nagios and duplicate php-url removal in master
                Just nagios added, duplicate not issue in 0.9
 2014-02-13 20:14:40 +00:00
Steven Hiscocks 9bbf4ea258 BF: Keep sure database errors are captured during Fail2Ban startup 2014-02-13 20:07:12 +00:00
Daniel Black 45157ddc86 TST: fix failJSON for ssh filter change 2014-02-13 09:26:59 +11:00
Daniel Black 5f4d0ed576 ENH: ssh filter - "Disconnecting: Too many authentication failures.." matching Connection log message 2014-02-13 09:13:46 +11:00
Steven Hiscocks a9f0545d8f BF: Add threading lock to database 2014-02-09 23:16:36 +00:00
Steven Hiscocks dff8909473 ENH: Add badips.com reporting and blacklisting action (python based) 2014-02-09 12:23:14 +00:00
Steven Hiscocks 530cd53add BF: Due to python3 bug, importlib.machinery may need explicit import 2014-02-08 20:52:32 +00:00
Daniel Black 59b9045e88 MRG: from master 2014-02-02 2014-02-02 13:21:16 +11:00
Daniel Black a7456377b5 ENH: more datetemplate compression 2014-01-28 08:15:48 +11:00
Daniel Black a749a2780e Merge pull request #593 from grooverdan/tine 
ENH: Tine20 filter
 2014-01-26 18:50:42 -08:00
Steven Hiscocks e7d4cf6296 TST: Fix dates in ISO8601 being converted back to local time. 2014-01-26 23:37:57 +00:00
Daniel Black 8b51d0c394 ENH: compress DateDetector templates more 2014-01-27 10:10:06 +11:00
Steven Hiscocks f2ddb3e3d0 RF: Refactor date detector and date template elements 
Changes include to use Python class properties, merge some date
patterns, and change ISO8601 date template to DatePatternRegex class.
 2014-01-26 22:03:55 +00:00
Daniel Black 1a1e3bec86 ENH: framework for distro paths 2014-01-25 23:25:54 +11:00
Daniel Black c8ae064b79 ENH: tighten regex and change failJSON to support timezone. Closes gh-583 2014-01-22 22:16:03 +11:00
Steven Hiscocks 0fb7921fb1 BF: Tweak python action tests and fix Deprecation Warning 2014-01-20 23:10:43 +00:00
Steven Hiscocks 8221c7ca71 TST+BF: Add tests for python actions, including test for smtp.py 
Also fix bug when specifying multiple recipients for smtp.py action
 2014-01-20 23:10:43 +00:00
Steven Hiscocks 4aa50684ab Merge pull request #581 from kwirk/datetemplate-regroupdict 
ENH: Full regex for datepattern, utilising modified Python `_strptime`
 2014-01-20 14:53:28 -08:00
Steven Hiscocks e614a2f4a4 BF: Resolve Deprecation Warnings for python3 
Mainly python imp -> importlib for python3.3+, and other minor tweaks
 2014-01-20 22:46:17 +00:00
Daniel Black a650178bd1 MRG: merge from master 2014-01-19 2014-01-19 14:48:29 +11:00
Daniel Black 263ac32730 ENH: test log samples for kerio thanks to 
Tony Lawrence
 2014-01-18 23:18:33 +11:00
Daniel Black 2333b2d5d9 MRG: from 0.9 2014-01-13 22:17:14 +11:00
Daniel Black c7f887642d Merge branch '0.9' into master_to_0.9 2014-01-13 21:23:42 +11:00
Daniel Black 3de80545e0 MRG: from master 2014/01/13 2014-01-13 21:23:39 +11:00
Steven Hiscocks d41f372c6c BF: Typo in "z" regex addition for TimeRE 2014-01-12 19:09:11 +00:00
Steven Hiscocks 5c16ac3a89 ENH: Full regex for datepattern, utilising modified Python `_strptime` 2014-01-12 18:59:31 +00:00
Daniel Black cd3e94140c MRG: complete merge 2014-01-12 21:16:55 +11:00
Daniel Black 1e8ed55a36 MRG: from 0.9 2014-01-12 20:15:34 +11:00
Steven Hiscocks e73090d040 Merge pull request #577 from grooverdan/rel-imports 
ENH: fix test case imports to relative
 2014-01-09 15:14:20 -08:00
Daniel Black e9752d8d29 ENH: fix test case imports to relative 2014-01-10 10:04:05 +11:00
Steven Hiscocks 62cfad3c2d Merge pull request #575 from grooverdan/no-dot-filters 
ENH: dont run samples on filter filenames beginning with .
 2014-01-09 14:49:47 -08:00
Daniel Black 8e8c80d980 ENH: dont run samples on filter filenames beginning with . 2014-01-10 09:44:30 +11:00
Daniel Black 8333abe420 Merge pull request #557 from grooverdan/apache-botsearch 
ENH: Apache botsearch + BF: tag substition
 2014-01-09 14:11:00 -08:00
Daniel Black b0baab3a0e ENH: more test cases and wider regex 2014-01-10 08:40:24 +11:00
Daniel Black 9e358541b7 BF: fix multiple tag substitutions on the same line 2014-01-10 08:39:39 +11:00
Steven Hiscocks 7e8da15fc6 Merge pull request #572 from grooverdan/counterstrike 
ENH: Counter Strike filter
 2014-01-08 12:47:10 -08:00
Yaroslav Halchenko 6532a2e2f7 Merge pull request #548 from grooverdan/exim-honeypot 
Exim honeypot
 2014-01-07 06:14:42 -08:00
Daniel Black 0fb6bc7188 ENH: add filter for Counter Strike 1.6. Closes gh-347 2014-01-07 20:33:57 +11:00
Daniel Black a115297ebd TST: add datepattern for samplestestcases 2014-01-07 20:32:55 +11:00
Daniel Black 9e087b508d MRG: from 0.9 2014-01-07 16:11:40 +11:00
Daniel Black 58ebf659e4 MRG: from 0.9 to make history cleaner 2014-01-07 16:07:58 +11:00
Daniel Black ed9ed6d0cb TST/ENH: fix test case for ReadStockJailFilterComplete and add missing jails 2014-01-07 11:27:54 +11:00
Daniel Black ad41b2d198 TST: correct name. Still dont know why it isnt called 2014-01-07 11:12:59 +11:00
Daniel Black 76468942f9 MRG: complete merge from master 2014-01-07 10:24:23 +11:00
Daniel Black 51d4263358 TST: test for filter coverage in jail.conf 2014-01-07 10:00:08 +11:00
Steven Hiscocks bc5809ead0 DOC: Remove encoding descriptive tag from protocol "get" command 2014-01-06 21:19:22 +00:00
Daniel Black fecb07f36d MRG: filter substition 2014-01-06 22:07:49 +11:00
Daniel Black ab3ded2205 Merge pull request #549 from kwirk/python-actions 
ENH: Python actions
 2014-01-06 02:58:45 -08:00
Daniel Black 981ded4da9 TST: add JSON data 2014-01-06 09:52:39 +11:00
Daniel Black b963d17009 TST: datepattern needed in testSampleRegexsFactory 2014-01-06 09:07:25 +11:00
Daniel Black 03aba92238 ENH: add kerio filter 2014-01-05 23:41:49 +11:00
Steven Hiscocks cfcf841ae4 TST: Added some more tests for Python actions 2014-01-04 23:07:59 +00:00
Steven Hiscocks 69a850d226 DOC: Update docstrings for smtp.py action 2014-01-04 22:46:57 +00:00
Steven Hiscocks 41ed2ea8cd DOC: Update docstrings in action 2014-01-04 22:16:40 +00:00
Steven Hiscocks 6e63f0ea5a RF: Change Jails and Actions to Mapping types 2014-01-04 16:57:08 +00:00
Steven Hiscocks a070284a18 ENH: Change all imports to "." style relative imports 2014-01-04 13:19:09 +00:00
Daniel Black 20f41849a2 BF: default for logpath is head. "false" is not valid 2014-01-04 16:37:29 +11:00
Daniel Black 05b159c74b Merge pull request #464 from grooverdan/increase-jail-name-length 
ENH: Actions to have f2b- as prefix instead of fail2ban- as per #462
 2014-01-03 14:48:56 -08:00
Daniel Black 3d1a1afca4 MRG: to more recent 0.9 2014-01-04 09:31:05 +11:00
Daniel Black c1535a43c7 BF: Fix failJSON for stunnel 2014-01-04 07:57:47 +11:00
Steven Hiscocks cd5c57c8dd TST: Fix sorting of properties and methods in servertestcase in python3 2014-01-03 17:24:12 +00:00
Steven Hiscocks 80d6f74ee8 RF: Refactor actions further, include removing server proxy interface 
This allows direct setting of action properties and calling of methods
from the fail2ban-client if so required.
 2014-01-03 17:04:49 +00:00
Daniel Black 7c09a61ca5 ENH: add apache-botsearch. Closes gh-544 2014-01-03 23:12:58 +11:00
Daniel Black b8536490ef ENH: filter for stunnel from fail2ban wiki 2014-01-03 19:32:29 +11:00
Daniel Black 117d3b0466 MRG: horde filter from master 2014-01-03 10:34:59 +11:00
Steven Hiscocks 414c5e1146 BF: Stop actName being passed to python actions 2014-01-02 15:51:30 +00:00
Daniel Black daf2816f6b MRG: with 0.9 again 2014-01-02 11:35:39 +11:00
Daniel Black e6a329210f correct overprune on imports to filterreader.py 2014-01-02 10:59:18 +11:00
Daniel Black d61734b9ac MRG: from python-actions 2014-01-02 10:54:14 +11:00
Steven Hiscocks 776b65f73e TST: Add non-callable values to CallableMap test 2014-01-01 23:27:36 +00:00
Steven Hiscocks 5b2b59d752 ENH: python actions use initOpts as **kwargs 
Adds an easy way to handle case where mandatory arguments are missed, or
not valid arguments are passed
 2014-01-01 23:18:11 +00:00
Daniel Black 58a5983367 ENH: fix fail2ban-regex for filter arguement substition 2014-01-02 10:03:14 +11:00
Steven Hiscocks 6ef911185d ENH: Add matches to smtp.py action 2014-01-01 12:27:49 +00:00
Daniel Black 1365a7781b TST: log files to cinlude only the #541 test case 2014-01-01 22:41:48 +11:00
Ivo Truxa 67436078f7 TST: test case for honeypot exim-spam 2014-01-01 21:02:16 +11:00
Daniel Black 391b5fc883 MRG: from master again 2014-01-01 2014-01-01 19:28:38 +11:00
Steven Hiscocks f37c90cdba ENH: Python based actions 
Python actions are imported from action.d config folder, which have .py
file extension. This imports and creates an instance of the Action class
(Action can be a variable that points to a class of another name).
fail2ban.server.action.ActionBase is a base class which can be inherited
from or as a minimum has a subclass hook which is used to ensure any
imported actions implements the methods required.
All calls to the execAction are also wrapped in a try except such that
any errors won't cripple the jail.
Action is renamed CommandAction, to clearly distinguish it from other
actions.

Include is an example smtp.py python action for sending emails via smtp.
This is work in progress, as looking to add the <matches> and whois
elements, and also SSL/TLS support.
 2013-12-31 18:54:34 +00:00
Daniel Black a4c38439df ENH: add substition tags to filter definitions. Closes gh-539 2013-12-31 19:01:21 +11:00
Daniel Black e4a215ca50 BF: fix infinite recursion case in Action.substituteRecursiveTags 2013-12-31 19:00:26 +11:00
Steven Hiscocks 6f104638cf BF: Ensure all imports for fail2ban modules are not relative 2013-12-30 22:31:06 +00:00
Daniel Black 92e2747034 Merge pull request #531 from grooverdan/master_to_0.9_merge 
MRG: current master to 0.9 20131228
 2013-12-29 15:57:59 -08:00
Daniel Black 671ca8bbca BF: ignorecommand is a jail option not a filter option 2013-12-29 21:58:35 +00:00
Daniel Black d1ea8e85f8 BF: Fix FailRegex.search test case for 0.9 2013-12-29 21:18:01 +00:00
Daniel Black ef47c33082 Merge pull request #530 from kwirk/logpath-tail 
ENH: Add option to addlogpath for tail option
 2013-12-29 12:42:39 -08:00
Steven Hiscocks 6a395f4cf7 ENH: add option to addlogpath for tail option 2013-12-29 18:37:21 +00:00
Daniel Black ea2a13946e TST: more test of filters 2013-12-29 05:29:59 +00:00
Daniel Black 8617898f00 TST: additional apache-modsecurity sample log entry 2013-12-29 02:42:42 +00:00
Daniel Black c9cfdca396 ENH: add filter for apache-modsecurity 2013-12-28 22:28:11 +00:00
Daniel Black 1dfb4e3374 Merge pull request #527 from kwirk/systemd-backend-datetime 
ENH: Pass date time straight from systemd backend
 2013-12-28 13:40:17 -08:00
Steven Hiscocks f460bde73c BF: Duplicate ip addresses returned from socket.gethostbyname_ex 2013-12-28 18:15:56 +00:00
Steven Hiscocks c80297045e ENH: Pass date time straight from systemd backend 
Removes need to reparse the date time back from the ISO format
 2013-12-28 18:02:16 +00:00
Steven Hiscocks 087af27c65 Merge pull request #523 from grooverdan/more-0.9-tests 
TST: more test of filters
 2013-12-27 14:02:59 -08:00
Steven Hiscocks d129321e7b Merge pull request #519 from grooverdan/db-migration 
addLog to single SQL statement
 2013-12-27 13:45:52 -08:00
Daniel Black 18fbfed91f ENH: error handling on re.group KeyError exception only for PyPy 2013-12-27 20:01:43 +00:00
Daniel Black 1f1fe254a6 DOC: document PyPy version that use KeyError instead of IndexError 2013-12-27 12:59:37 +00:00
Daniel Black 8df9112487 TST: get StartStop test case closer to something usable (not there yet however) 2013-12-27 12:54:59 +00:00
Daniel Black 6aae276d2b TST: add #pragma: no cover for python version branches 
Remove unused code.
 2013-12-27 11:07:11 +00:00
Daniel Black a3b758cdd3 TST: more test of filters 2013-12-27 09:08:13 +00:00
Daniel Black d3c065bf76 ENH: add PyPy compatibility 2013-12-27 05:15:33 +00:00
Daniel Black 41bd0470bd TST: table create definitations to end in ; for py26 compatibility 2013-12-26 21:28:46 +00:00
Daniel Black ec31e6a702 TST: restore Ticket testcase coverage to 100% after addition of exception test in Ticket.__eq__ 2013-12-26 10:13:14 +00:00
Daniel Black 37ab4147d1 TST: for db.getFilename 2013-12-26 10:09:12 +00:00
Daniel Black fed593e689 TST: for database.getBans with bantime argument 2013-12-26 10:03:51 +00:00
Daniel Black 1990eeae64 BF: Ticket compared to non-Ticket type returns False 2013-12-26 09:31:45 +00:00
Daniel Black 5d2a03e852 TST: remove deprecated warn method of logging and use warning() instead 2013-12-26 09:22:02 +00:00
Daniel Black 4ee018a84b TST: repr test for Ticket 2013-12-26 09:06:54 +00:00
Daniel Black de22c49b4d TST: (another) py26 compatible test fix 2013-12-26 09:05:45 +00:00
Daniel Black 74567d64b6 TST: py26 compatible test 2013-12-26 09:01:29 +00:00
Daniel Black 8a25dd2dad ENH: change addLog to use single SQL statement 
ENH: separate out the database creation defination to make updates
easier

TST: add test framework for updates
 2013-12-26 05:46:38 +00:00
Daniel Black e9f5f9b86f Add ticket equality test and representation. 2013-12-26 05:27:41 +00:00
Daniel Black 7247a6841a Merge pull request #495 from grooverdan/0.9_merge 
MRG: 0.9 merge
 2013-12-19 01:27:51 -08:00
Steven Hiscocks 49f9143535 ENH: Set date to "today" when neither month nor day is time match 2013-12-18 21:06:03 +00:00
Daniel Black 62e54424a7 TST: flushLog to run correctly regardless of user/travis instigated logging level 2013-12-16 23:12:00 +00:00
Daniel Black a4d4f7b8f8 TST: fix testIgnoreInProcessLine to occur at MyTime 2013-12-16 22:35:27 +00:00
Daniel Black e57175f604 TST: fix flushLogs test case 2013-12-16 22:23:14 +00:00
Daniel Black d4b58119b8 ENH: extra logging around log rotate 2013-12-16 22:22:53 +00:00
Daniel Black 7c0efc8ec8 MRG: merge so far - flushLogs not working yet 2013-12-16 15:08:34 +00:00
Steven Hiscocks 802029d83a BF: Database test keep ticket present in memory so address is reused 
This bug only seemed to effect python2.6 which seemed hasty to reuse the
memory id that was assigned to the ticket which was being used for
reference
 2013-12-15 22:20:48 +00:00
Steven Hiscocks fb7511fdea ENH: Add cache for database getBansMerged 
This is avoids duplicate queries when using the ip(jail)matches and
ip(jail)failures in actions
 2013-12-15 21:52:50 +00:00
Steven Hiscocks 40007abc1d ENH: Refactor and add database matches and failures for sendmail actions 2013-12-15 21:41:43 +00:00
Steven Hiscocks d6cbc05e35 ENH: Make use of functools.wraps for server.database decorators 2013-12-15 21:10:11 +00:00
Steven Hiscocks 0bcff771b8 ENH: Add <ipmatches> and <ipjailmatches> tags 
Example use filter also added for sendmail-whois with ipmatches rather
than grepped lines
 2013-12-13 22:40:11 +00:00
Steven Hiscocks 6dde1d5429 TST: Fix test for recidive samples broken is last commit 2013-12-13 22:06:58 +00:00
Steven Hiscocks bff170ec43 BF: In line comments need to specifically enabled in python3.2+ 2013-12-13 21:11:45 +00:00
Steven Hiscocks 1df634b68b BF: Database wasn't being passed to jails 2013-12-13 18:25:55 +00:00
Steven Hiscocks b7d1579c9d MRG: branch 'kwirk/database' into 0.9 - gh-480 
Conflicts:
	fail2ban/tests/utils.py
        - Another test suite added in separate commit e09b700
 2013-12-13 17:15:19 +00:00
Steven Hiscocks 43689d6470 TST: Appropriately mark JournalMatch transmitter test as skipped 2013-12-13 17:10:42 +00:00
Steven Hiscocks a60fbcc116 Merge pull request #476 from kwirk/multiline-matches 
Capture multiline matched lines into fail ticket
 2013-12-13 08:47:08 -08:00
Steven Hiscocks d9afcc178a MINOR: PEP-8 tweaks for multiline-matches change set 2013-12-13 16:38:26 +00:00
Steven Hiscocks 00ecd22851 ENH: Add getBansMerged method to Fail2BanDb 
Creates a single ticket for an IP, made up of all previous bans
 2013-12-12 22:22:30 +00:00
Steven Hiscocks e18af48e34 ENH: Database now optional, by setting dbfile to "None" 2013-12-10 21:16:36 +00:00
Steven Hiscocks 174f9a243a ENH: Remove thread locks from Fail2BanDb 2013-12-08 22:03:57 +00:00
Steven Hiscocks 7f063b46f9 BF: Improve handling of clearing old jails in database 2013-12-08 11:40:40 +00:00
Steven Hiscocks d8c7bca9b0 BF: Fix dbpurgeage default value, and change default dbfile extension 2013-12-08 11:35:12 +00:00
Daniel Black b64478c512 TST: iso8601 tests 2013-12-08 20:14:00 +11:00
Daniel Black a37590b3eb BF: Fix ISO8601 regex to handle [+-]XX timezone offsets 2013-12-08 19:36:21 +11:00
Steven Hiscocks d6fe80ba50 TST: Fix test for fail2ban.conf with new database options 2013-12-07 23:37:14 +00:00
Steven Hiscocks bbadef847b ENH: Add fail2ban persistent data storage 2013-12-07 23:23:28 +00:00
Daniel Black e09b7002e0 TST: missed including testcases CustomDateFormatsTest 2013-12-07 12:11:04 +11:00
Steven Hiscocks c03a50b44b BF: Allow handle case when SKIPLINES lines is not matched 
Example is when one or more SKIPLINES is optional in a regex
 2013-12-04 23:13:27 +00:00
Steven Hiscocks c886414e2e ENH+BF: Capture multiline matched lines into fail ticket 
Previously only the last line of the match was being saved, not all
lines involved in matching.

Log lines are now broken into 3 part tuple, with the line pre-datetime,
the datetime, and post-datetime. Allows reformation of full line, but
also use of the line without the datetime present.
Attempting to use the term "tupleLine(s)" where possible, to avoid
confusion with normal read lines.

May also wish to consider that regexs could be made to capture more
lines of interest if some form of unique reference is available. This
may allow more lines of interest to be captured, which may not be picked
up by the traditional "grep <ip>" approach i.e. ones which do not have
the ip address in.

This also simplified the fail2ban-regex statistics for missed lines.
Also resolved bug with missed lines time extracted for debuggex having
some lines present which were captured in a multiline regex.
Also resolved independent issue with ignored line check including the
datetime, which raised assertion error in the rare case the datetime
matched the ignore regex, and the rest of line only matched a failregex
 2013-12-04 22:26:22 +00:00
Yaroslav Halchenko 2c1199cce0 Let's progress and mark a2 release toward 0.9.0 2013-11-30 12:25:17 -05:00
Daniel Black f7504d5b64 MRG: conflict in THANKS 2013-11-30 10:39:19 +11:00
Daniel Black af4feb0c92 Actions to have f2b- as prefix instead of fail2ban- as per #462 2013-11-29 19:08:38 +11:00
Daniel Black b157be22d2 TST: pids don't match test case for sshd filter 2013-11-29 16:02:28 +11:00
Daniel Black 227f27ce6b ENH: added multiline filter for sshd filter 2013-11-25 14:55:41 +11:00
Daniel Black 98eacdf333 MRG/BF: merge from master. Fix bugs in iso8601 2013-11-24 16:36:06 +11:00
Daniel Black 84f915c1f7 fix nginx-http-auth lof file location and MANIFEST 2013-11-13 09:57:13 +11:00
Daniel Black 1ac7b53cad MRG: merge from master 2013-11-13 09:16:45 +11:00
Daniel Black cb982ef921 ENH: multiline filter for sendmail-spam. Closes gh-418 2013-11-08 08:55:45 +11:00
Daniel Black 2f79e7cd49 TST: fix test case for testVariousTimes 2013-11-06 11:01:35 +11:00
Daniel Black 47d35c9d80 MRG: 0.8.11 to 0.9 
Epnoc of selinux is now true UTC

Merge multiline support and date detection in filter
 2013-11-02 15:59:05 +11:00
Daniel Black 359210f224 ENH: filter.d/squirrelmail added 2013-10-08 20:37:33 +11:00
Daniel Black b8d9c07280 Merge pull request #368 from grooverdan/0.9_datedetmerge 
MRG: general merge from master + date time zone
 2013-09-28 15:18:20 -07:00
Daniel Black 7b52a578bd BF: group _f for %f in strptime for py2.5 compatibility 2013-09-28 21:29:39 +10:00
Daniel Black 6fd2179725 BF: timefix 2013-09-28 21:15:01 +10:00
Daniel Black 30d1f003e1 BF: add multiline support 2013-09-28 20:56:48 +10:00
Steven Hiscocks 011ccbc675 TST+BF: Fix bug in Filter.{get,set}DatePattern and improve tests 2013-09-24 22:25:17 +01:00
Steven Hiscocks 9c61adcad7 ENH+DOC: Allow setting of Epoch and TAI64N date pattern 
Also add this to jail.conf man page
 2013-09-24 22:11:04 +01:00
Steven Hiscocks badf9d03b9 ENH: Allow setting of ISO8601 via datepattern (default for systemd) 2013-09-22 18:12:16 +01:00
Daniel Black b3cd5ca807 BF: correct scope for datetime.now 2013-09-22 21:51:51 +10:00
Daniel Black 37de5462be ENH: iso8601 - remove default_timezone set to UTC, isn't valid any more - calculate from local timezone. Enforce T date/time separator in iso8601 regex. Make minutes in timezone optional as per ISO8601. Use consistant regex for ISO8601 2013-09-21 11:47:24 +10:00
Daniel Black a0676cdd1e ENH: add date format 2005-01-23 21:59:59 (%Y-%m-%d %H:%M:%S) so ISO8601 doesnt handle it 2013-09-21 11:44:50 +10:00
Daniel Black 855d802ba8 ENH: more detail in debug messages in date/time detection 2013-09-21 10:31:26 +10:00