sebres
1eb93e2556
filter.py: repair start-time of initial seek to time (regardless the position of `findtime` option in config);
...
jailreader.py: additionally relocate the option `logpath` after all log-related data (backend, date-pattern, etc) that may be needed by the first usage (gh-2173).
Thanks to Matt Stancliff (mattsta)
2018-07-06 17:04:10 +02:00
Matt Stancliff
00a0e98041
Load logpath only after findtime is configured
...
When new log paths are configured, their start offset is immediately determined
by a filter searching for (now - findTime).
But, since findTime is configured *after* the log is loaded and
searched, logs are only searched back by the default 10 minute findTime,
regardless of user configuration of jail settings.
So, findTime must be configured before logpath or else the default findtime
is used, which ignores any findtime time defined by the user.
This fixes new reads on startup for actual log files. The systemd filter
always performed as expected due to being setup after the jail's
findtime config submission.
2018-07-06 16:42:36 +02:00
sebres
857d6954c4
Merge pull request #2171 from sebres/0.10-fix-decoding-issues
2018-07-06 11:42:48 +02:00
sebres
d0945120bf
ChangeLog
2018-07-06 11:41:05 +02:00
sebres
73e89df912
amend to bcf557990e15922aff22485cc86ddd2fcf41b796: wrong logging syntax will not throw an error anymore (logged now, as logging is safe)
2018-07-05 23:04:38 +02:00
sebres
bcf557990e
relocate exception-safe logging from database json-handler to common logger handling, using injection on _log-method of Logger class;
...
additionally provides more info if handler/conversion failed (with double protection inside catch-case);
tests/utils.py: log handler "_MemHandler" of LogCaptureTestCase fixed now to be safe also (test-cases only);
tests/misctestcase.py: the safe logging of all possible constellations is covered in testSafeLogging now.
2018-07-05 22:36:30 +02:00
sebres
06f2130575
typo/indent fix (no functional changes)
2018-07-05 19:27:07 +02:00
sebres
6ce67a6d21
coverage
2018-07-05 16:27:36 +02:00
sebres
bd54d472b3
extend test-cases to check the database is still operable (not locked) after all the errors during the simulation
2018-07-05 16:23:33 +02:00
sebres
3be82a9ce9
coverage
2018-07-04 20:16:11 +02:00
sebres
5a4b47464b
a bit optimized helpers
2018-07-04 18:37:25 +02:00
sebres
7dffa7a2a1
coverage related, after default encoding change
2018-07-04 18:01:39 +02:00
sebres
c81de46d21
remove some no cover pragma's - covered now
2018-07-04 17:17:21 +02:00
sebres
48c2cbfa0b
improve failure-message of assertNotLogged in case of single match given
2018-07-04 17:05:36 +02:00
sebres
7c9146feb3
ticket can contains bytes now (if deserialized from json by py3.x)
2018-07-04 17:04:12 +02:00
sebres
930cc6c8f1
improve adapter/converter handlers working on invalid characters in sense of json and/or sqlite-database;
...
both should be additionally exception-safe, so avoid possible errors in log-handlers (concat, str. conversion, etc);
test cases extended to cover any possible variants (invalid chars in unicode, bytes, str + unterminated char-sequence) with both cases (with replace of chars, with and without errors inside adapter-handlers).
2018-07-04 17:03:04 +02:00
sebres
85fd1854bc
minimize influence of implicit conversions errors (between unicode, bytes and str), provide new universal helper `uni_string`, which uses safe explicit conversion to string (also if default encoding is ascii); avoid conversion errors on wrong-chars by replace tags.
2018-07-04 16:51:18 +02:00
sebres
227550684a
**interim** try to fix several conversion errors
2018-06-29 22:02:41 +02:00
sebres
79350e916e
fixes issue with wrong-chars in string items of CallingMap by its representation, additionally don't calculate values implicitly (may be unexpected for some constellations resp. too slow in DEBUG)
2018-06-29 18:33:24 +02:00
sebres
2f5059ebfb
test-cases: rewrite dirty-read algorithm of _MemHandler to avoid sporadic reset of dirty flag by too fast logging;
...
prevents sporadic tests-failures (too often by pypy) if waiting for some log-message (that was mistakenly swallowed up from cache-mechanism, so was logged but "dirty" flag is already reset)
2018-06-14 15:57:46 +02:00
sebres
8cbe1e6b13
Merge pull request #2155
2018-06-14 12:35:57 +02:00
cheese1
43db4411de
small typo
2018-06-14 12:35:04 +02:00
sebres
8ec225e20a
Merge pull request #2153
2018-06-11 14:36:17 +02:00
sebres
38631d0cd4
fix test-case from gh-2153 (test-suite running in year 2005)
2018-06-11 14:34:28 +02:00
Boris Gulay
34f363f6af
Added test case for updated dovecot failregex.
2018-06-11 14:30:12 +02:00
Boris Gulay
a923cd209b
`filter.d/dovecot.conf`: failregex enhancement to catch sql password mismatch errors;
2018-06-11 14:30:10 +02:00
sebres
61e30949b3
Merge branch '0.10-short-version' into 0.10
2018-05-28 19:13:00 +02:00
sebres
f220aba26f
minor: added missing new-line (no functional changes)
2018-05-28 19:09:41 +02:00
sebres
e36f4667ab
fail2ban-client, fail2ban-server and fail2ban-regex will return version without logo info, additionally option `-V` can be used to get version in normalized machine-readable short format;
...
closes gh-2122.
2018-05-28 19:07:38 +02:00
Sergey G. Brester
a3cb1dbd4d
Update jailreader.py
...
changed log-level of annoying message "no file(s) found for glob" to NOTICE - this is rather a warning (not error).
2018-05-25 19:42:28 +02:00
sebres
1b4ba602ba
normalize bool conversion, introduced common helper function `_as_bool`
2018-04-26 16:48:23 +02:00
sebres
60b36c4213
rewritten preventive measure to convert "unexpected" type before pickled in CS-protocols: don't convert all basic types now (also bool, int etc).
...
Fixed bug with ignoreself option, which reached fail2ban-server as string 'False' (and not as boolean), so no matter which value was set - it results always in True (see gh-2078).
2018-04-26 16:24:35 +02:00
sebres
e01981cc72
tweak performance a bit (filter.py: inIgnoreIPList: changed default of parameter `log_ignore=True`, mostly used against filter-calls)
2018-04-25 19:13:56 +02:00
sebres
a208b11796
added log message if ignored by `ignoreself` rule (similar to both other rules `ignoreip` and `ignorecommand`), and test covered now;
2018-04-25 19:06:03 +02:00
sebres
4099897be0
test dummy action first
2018-04-17 19:10:31 +02:00
Sergey G. Brester
9f3a80a21a
Update ChangeLog
2018-04-17 19:08:48 +02:00
sebres
bba7a6c5cf
amend to (gh-2067) / b34ae5999e0d8ee1af8939527305c13152844b3d: fix parameter in config (dynamic parameters stating with '_' are protected and don't allowed in command-actions);
...
the interpolation of hostsdeny is test-covered now;
closes gh-2114.
2018-04-17 18:59:24 +02:00
sebres
22e9ccb387
amend to 5f021aa648c42ee188d8c31a81937d764982a58a: void throw a socket error on shutdown for already closed connection;
...
closes gh-2109
2018-04-09 14:19:48 +02:00
sebres
8069eef50c
badips: try to fix sporadic test errors if badips-server timed out resp. not available (502 bad gateway or similar).
2018-04-05 12:31:29 +02:00
sebres
414469c102
Merge '0.10.3.fix1' into 0.10
2018-04-05 00:41:29 +02:00
sebres
ac0d441fd6
0.10.3.fix1: version bump
2018-04-05 00:21:30 +02:00
sebres
cb0f4cbb32
test_badips.py: amend to 2ff65f5d3ce1a4bd107cb4dbbd5343f7146a0677:
...
increase timeout in normal mode + catch timeout exceptions to skip the test (avoid sporadic CI errors if badips gets slowly).
2018-04-05 00:17:00 +02:00
sebres
c1923f9644
update ChangeLog
2018-04-04 23:32:22 +02:00
sebres
34b586b51e
fix for JSON serialization bug for set object (gh-2103): currently there are only users, so simply serialized as a list.
2018-04-04 23:28:44 +02:00
sebres
187514eda7
bump version (0.10.3 -> 0.10.4.dev1)
2018-04-04 20:17:26 +02:00
sebres
0a50f2e19e
next release of 0.10: bump version, update ChangeLog, man's and MANIFEST etc.
2018-04-04 19:44:09 +02:00
sebres
5dfba17663
Merge pull request #2064 from mgrant0/0.11 (rebased)
...
Sendmail logs IPv6 addresses with the prefix 'IPv6:'. Changed <HOST> to (?:IPv6:<IP6>|<IP4>)
2018-04-04 18:59:13 +02:00
sebres
4a8506fcca
update ChangeLog
2018-04-04 18:57:41 +02:00
Michael Grant
57bc502d5c
Update sendmail-reject.conf
2018-04-04 18:52:36 +02:00
Michael Grant
2ab6a5ae62
Update sendmail-auth.conf
2018-04-04 18:52:35 +02:00