github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
3,467 Commits
34 Branches
230 Tags
20 MiB
Commit Graph

3467 Commits (1ec6782f321bf0fca43a2a598cc33f70b39e7f35)

Author SHA1 Message Date
sebres 02055ba4eb ignore already known tickets (from filter after restart); 
bug fixing and optimizing;
 2014-06-05 14:09:43 +02:00
JoelSnyder 54317d7c3b Create test for oracleims filter 
This test file shows configuration information for the application, three log lines that DO match the pattern, and one log line that does NOT match the pattern (the first one).
 2014-06-02 22:58:39 -07:00
JoelSnyder 9b7c35810a Create oracleims.conf in filter.d for new filter 
Created oracleims.conf to catch messages from Sun/Oracle Communications Messaging Server v6.3 and above (including v7)
 2014-06-02 22:55:59 -07:00
Yaroslav Halchenko 98daa9d301 Merge pull request #723 from kwirk/decode-warning 
ENH: Clearer warning with lines which failed to decode correctly
 2014-05-30 12:15:51 -04:00
pmarrapese 96918acee4 more explicit match for sshd filter & added test 2014-05-19 20:47:16 -07:00
pmarrapese 46d6e93800 adjusted sshd filter regex to catch more verbose lines 2014-05-18 22:12:54 -07:00
Yaroslav Halchenko eb2487986c ENH: minor -- print time which was used to process lines 2014-05-15 21:17:43 -04:00
Steven Hiscocks 0ca97431a0 ENH: Clearer warning with lines which failed to decode correctly 2014-05-15 22:48:03 +01:00
Steven Hiscocks 1fa8f9fa70 DOC: Tweak ChangeLog and THANKS 2014-05-15 22:18:07 +01:00
Steven Hiscocks fc4b69a282 DOC: Update ChangeLog fix for ip{,jail}failures action tags 2014-05-15 22:15:12 +01:00
sebres 213c4315c3 fix a TypeError bugs like "Failed to execute ban jail 'pam-generic' action 'iptables-allports'" 
getAttempt returns not a list (numeric), so by call of both lambda we have a TypeError except;
simplifying code;
 2014-05-15 19:41:00 +02:00
sebres 8fd083a1ea Merge remote-tracking branch 'remotes/kwirk/sebres-strptime-bug' into ban-time-incr 2014-05-15 17:12:11 +02:00
sebres addfea6614 static method forgotten; 2014-05-15 15:16:53 +02:00
Steven Hiscocks 1c20fd88d4 DOC: Update docs in reference to time zone related fix 2014-05-14 23:04:48 +01:00
Steven Hiscocks 8843423c8f TST: Fix tests due to @sebres fix and based from gh-349 reverts 2014-05-14 23:01:14 +01:00
sebres 2bf0b4a50c strptime bug fix: if gmtoff is None we have 1 hour increment of time (through utctimetuple), compare: 
>>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().timetuple())).strftime("%Y-%m-%d %H:%M:%S")
'2014-04-29 17:26:31'
>>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().utctimetuple())).strftime("%Y-%m-%d %H:%M:%S")
'2014-04-29 18:26:37'
 2014-05-14 22:29:06 +01:00
sebres ec3ed0e4ae introduced string to seconds (str2seconds) for configuration entries with time; 
todo: expands it for all time config entries;
 2014-05-14 16:01:35 +02:00
sebres f492aa7ac9 remove affected check, to delete jails always (pass testPurge) 2014-05-14 12:32:30 +02:00
sebres 99c9cbf470 code review, manually ban uses by addFailure the count "maxRetry" directly; 
log ticket time (found in line)
 2014-05-14 12:17:28 +02:00
sebres d22ab320e2 "magic" formula for auto increasing of retry count for known (bad) ip, corresponding banCount of it 
(one try will count than 2, 3, 5, 9 ...)
 2014-05-14 11:21:31 +02:00
Yaroslav Halchenko 2526dbae92 Merge branch 'recursive-tag-fix' of https://github.com/kwirk/fail2ban 
* 'recursive-tag-fix' of https://github.com/kwirk/fail2ban:
  ENH: explicitly define tags which should be escaped
  DOC: ChangeLog update for recursive tag bug fix
  BF: Tags not fully recursively substituted

Conflicts:
	ChangeLog -- kept all as is
 2014-05-13 11:23:30 -04:00
Steven Hiscocks 1e586fb0e9 ENH: explicitly define tags which should be escaped 2014-05-11 14:49:49 +01:00
Yaroslav Halchenko c619202d6f Merge branch 'master' of github.com:fail2ban/fail2ban 
* 'master' of github.com:fail2ban/fail2ban:
  ENH: Match non "Bye Bye" for sshd locked accounts failregex
  Even stricter monit regex, now covers entire line
  Tidy up filter.d/monit.conf, make regex more complete. Add ChangeLog / THANKS entry. Add test cases.
  ENH: Move traceback formatter to from tests.utils to helpers
  Block brute-force attempts against the Monit gui
 2014-05-10 20:02:47 -04:00
Steven Hiscocks 904b362215 DOC: ChangeLog update for recursive tag bug fix 
Also minor typo fixes in comments
 2014-05-09 20:25:44 +01:00
Steven Hiscocks 77ba065571 Merge pull request #697 from jhmartin/monit_admin_hack 
Block brute-force attempts against the Monit gui
 2014-05-07 22:23:01 +01:00
Yaroslav Halchenko 3471f13a84 Merge pull request #700 from kwirk/format-traceback-to-helpers 
ENH: Move traceback formatter to from tests.utils to helpers
 2014-05-07 09:09:01 -04:00
sebres 0121e09907 default formula faster and more readable, comparable with "multipliers", like 2**N, default factor for both solutions is 1 now 2014-05-07 13:28:04 +02:00
sebres 7d17fb5c6c python >= 3.x, local variable 'lastBanTime' reference bug fixed 2014-05-06 20:55:41 +02:00
sebres a4837da899 Merge branch 'ban-time-incr' of https://github.com/sebres/fail2ban into ban-time-incr 2014-05-06 20:32:23 +02:00
sebres 3a75c8a752 ban time incr: 2st test case added (code optimized for test cases), to test both stand-alone: 
python ./bin/fail2ban-testcases -l debug 'BanTimeIncr'
 2014-05-06 20:30:12 +02:00
sebres 6c8327e39f indentation level fix 2014-05-06 20:24:49 +02:00
sebres 14167ed778 ban time incr: 2st test case added (code optimized for test cases), to test both stand-alone: 
python ./bin/fail2ban-testcases -l debug 'BanTimeIncr'
 2014-05-06 20:14:23 +02:00
sebres 237706e39f ban time incr: 1st test case added, to test it stand-alone: 
python ./bin/fail2ban-testcases -l debug 'BanTimeIncr'
 2014-05-06 17:57:11 +02:00
sebres c48e404e63 option "multipliers" added, how proposed from @yarikoptic; 
the calculate formula is rewritten to lambda / compiled solution (up to 10 million times per seconds);
code review;
 2014-05-06 16:07:16 +02:00
Yaroslav Halchenko 1f8b554d31 Merge branch 'database-persistent-bans' of https://github.com/kwirk/fail2ban 
* 'database-persistent-bans' of https://github.com/kwirk/fail2ban:
  BF: bantime < 0 database should return all bans, as they are persistent

Conflicts:
	ChangeLog - kept all ;)
 2014-05-05 23:29:35 -04:00
Yaroslav Halchenko 3eabf4a7bd Merge pull request #708 from kwirk/ssh-bye-bye 
ENH: Match non "Bye Bye" for sshd locked accounts failregex
 2014-05-05 23:22:57 -04:00
Yaroslav Halchenko 65269365ee minor 2014-05-05 23:16:18 -04:00
Yaroslav Halchenko 91eb75098b Merge pull request #714 from kwirk/urandom-persistent 
BF: Avoid closing "/dev/urandom" for Python 3.4.0
 2014-05-05 23:13:34 -04:00
sebres ccacfc1047 code review 2014-05-05 15:17:22 +02:00
sebres ccf07c4b21 - some bug fixed to pass all test cases; 
- database_v1.db/bans/jail-name bug fixed - cause of different jail name in jails and bans, in test case (by updateDb): FOREIGN KEY constraint failed:
  $ sqlite3 fail2ban/tests/files/database_v1.db
  sqlite> select distinct jail from bans;
  DummyJail #16244880 with 0 tickets
  sqlite> select distinct name from jails;
  DummyJail #29162448 with 0 tickets
  sqlite> update bans set jail = (select distinct name from jails);
 2014-05-05 14:47:50 +02:00
sebres 6f7c9b7d0f introduced new feature "ban time exponential increasing": 
"bantimeextra.enabled" in jail.conf allows to use database for searching of previously banned ip's to increase a default ban time using special formula,
   by default, each next ban it will be original banTime * 1, 2, 4, 8, 16, 32...
see "jail.conf" for some other options of "bantimeextra";
additional we can configure a little randomization of ban time, to prevent "clever" botnets calculate exact time IP can be unbanned.
WARNING: by first start the server upgrades sqlite database (table "bans" will recreated with another schema);
 2014-05-05 12:38:54 +02:00
Steven Hiscocks b3266ba44d BF: Tags not fully recursively substituted 
Note: recursive check ignored for "matches", as tags would be escaped,
and hence shouldn't match "<%s>" as "<ip>" would become "\<ip\>". This
therefore maintains advantage of delayed call for {ip,jail,}matches.

Fixes gh-713
 2014-05-03 14:28:13 +01:00
Steven Hiscocks 2bb7401ec1 Merge pull request #686 from CameronNemo/patch-2 
Update fail2ban.upstart
 2014-05-03 13:21:13 +01:00
Steven Hiscocks 1e8402cb99 DOC: ChangeLog entry for Python 3.4.0 persistent "/dev/urandom" fix 2014-05-03 12:51:15 +01:00
Steven Hiscocks cf3a6015f0 BF: Avoid closing "/dev/urandom" for Python 3.4.0 
Upstream bug: http://bugs.python.org/issue21207

Closes gh-687
 2014-05-03 12:44:03 +01:00
Steven Hiscocks b486014b35 TST: Add Python 3.4 for TravisCI 
This reverts commit 233aa043f3.
 2014-05-03 12:09:48 +01:00
Yaroslav Halchenko 1e19bca28e Merge pull request #704 from CameronNemo/foreground-opt-client 
Add an option in fail2ban-client to pass the foreground option to the server
 2014-05-01 13:14:06 -04:00
Steven Hiscocks bc10b64c69 ENH: Match non "Bye Bye" for sshd locked accounts failregex 2014-04-27 13:35:55 +01:00
Steven Hiscocks 7cc64a14e0 BF: fail2ban-regex assertion error caused by miscounted "missed" lines 
Caused when removing lines as part of multiline regex, which had been
previously considered missed.
 2014-04-27 13:27:11 +01:00
Yaroslav Halchenko 596b819bdc DOC: minor -- tabify docstring in badips.py action 2014-04-23 10:04:17 -04:00