Yaroslav Halchenko
63237a785e
DOC: forgotten --help entry for " unban "
2012-11-05 21:50:49 -05:00
Yaroslav Halchenko
f52ba9923a
ENH: downgrade "already banned" from WARN to INFO level (Closes gh-79)
...
Most of the time it is a benign latency effect so nothing to warn about.
2012-11-05 21:30:07 -05:00
Yaroslav Halchenko
1e12c220e6
minor: added a note on now "negative" log entries on "POSSIBLE BREAK-IN ATTEMPT"
2012-11-05 21:22:33 -05:00
Yaroslav Halchenko
6ecf4fd80a
Merge pull request #64 from sourcejedi/remove_sshd_rdns
...
Misconfigured DNS should not ban *successful* ssh logins
Per our discussion indeed better (and still as "safe") to not punish users behind bad DNS
2012-11-05 18:20:37 -08:00
Yaroslav Halchenko
b773ed617b
DOC: minor "fixes" in DEVELOP
2012-11-05 21:12:03 -05:00
David Engeset
2d672d1c81
Added in while loop to process the Fail Manager after the requested banned IP was added to its queue. This solves the issue of needing to touch the log file that is being monitored to get the IP to be banned accordingly. Added in import of FailManagerEmpty exception class.
2012-11-05 20:38:40 -05:00
Yaroslav Halchenko
f14c7ae401
ENH: refactored previous commit to make it more Pythonic (With prev commit closes gh-86, gh-81)
2012-11-05 20:37:06 -05:00
David Engeset
6288ec2757
Added in command option to unban and IP, just like using 'banip'. Command looks like: fail2ban-client set <jail name> unbanip <ip>
2012-11-05 20:11:28 -05:00
Yaroslav Halchenko
8e64c281dd
BF: in code we should use MyTime wrapper instead of time module directly
...
to allow for some tests to work correctly
2012-11-05 20:09:15 -05:00
Yaroslav Halchenko
09355663f7
BF: (python 2.4) -- access to staticmethod should go via Class
...
TODO: get away from using all those staticmethods in f2b
2012-11-05 16:54:19 -05:00
Yaroslav Halchenko
5becaf8ef2
BF: (python 2.[45]) store backends names in a list to use .index later on (Closes gh-83)
...
.index() got into tuple's API only in 2.6
2012-11-01 15:34:20 -04:00
Yaroslav Halchenko
9510619b7b
ENH: minor -- print out why skipping a backend while testing
2012-11-01 15:24:32 -04:00
Mark McKinstry
95de9c1a97
add support for the APF firewall
2012-10-18 11:17:04 -04:00
Yaroslav Halchenko
652b5a77e0
BF: fixing current version string to contain the patch index, i.e. ".1" Thanks Fabian Fischer
2012-10-10 08:39:18 -04:00
Yaroslav Halchenko
83109bce14
BF: escape the content of <matches> since its value could contain arbitrary symbols
2012-10-08 22:14:51 -04:00
Yaroslav Halchenko
6ee2c0a014
DOC: untabified for proper formatting + trailing spaces
2012-10-03 09:12:37 -04:00
Yaroslav Halchenko
282724a7f9
ENH: join both failregex for lighttpd-auth into a single one
...
they are close in meaning
should provide a slight run-time performance benefit
2012-09-30 11:30:24 -04:00
Yaroslav Halchenko
cc5d410004
Merge pull request #77 from sciunto/lightty
...
Lighttpd: support auth.backend = "htdigest"
2012-09-30 08:28:12 -07:00
François Boulogne
958a1b0a40
Lighttpd: support auth.backend = "htdigest"
2012-09-30 13:27:21 +02:00
Yaroslav Halchenko
2a225aa6ee
Added a warning within "complaint.conf" action about care with enabling it
2012-08-13 23:03:52 -04:00
Yaroslav Halchenko
2d66f31ef5
ENH: instead of "Invalid command" warning log exception why command failed
2012-08-02 19:48:59 -04:00
Yaroslav Halchenko
0b5c66fb59
Changelog for the fix -- will rerelease 0.8.7.1
2012-07-31 21:45:04 -04:00
Yaroslav Halchenko
6b7544a63a
BF: removed sneaked a commented out sys.path.insert
2012-07-31 21:45:03 -04:00
Yaroslav Halchenko
c06c504a8e
Adjusted changelog to reflect the last change
2012-07-31 15:54:33 -04:00
Yaroslav Halchenko
2082fee7b1
ENH: match possibly present "pam_unix(sshd:auth):" portion for sshd ( Closes : #648020 )
2012-07-31 15:53:41 -04:00
Yaroslav Halchenko
2b885e07f4
Adjusted changelog to reflect the last change
2012-07-31 15:52:48 -04:00
Yaroslav Halchenko
6ad55f64b3
ENH: add wu-ftpd failregex for use against syslog ( Closes : #514239 )
2012-07-31 15:43:13 -04:00
Yaroslav Halchenko
a512ea47d2
Adjusted changelog to reflect the last change
2012-07-31 15:33:30 -04:00
Yaroslav Halchenko
80b191c7fd
BF: anchor chain name in actioncheck's for iptables actions ( Closes : #672228 )
2012-07-31 15:27:05 -04:00
Yaroslav Halchenko
a3b242d6dd
BF: inline comments must use ; not # -- recidive jail
2012-07-31 14:05:42 -04:00
Yaroslav Halchenko
99c0caa9cc
Boosted version to 0.8.7 + few more comments
2012-07-31 12:32:25 -04:00
Yaroslav Halchenko
da752aff14
perspective changelog for 0.8.7
...
Conflicts:
ChangeLog
2012-07-30 14:50:43 -04:00
Yaroslav Halchenko
6495942550
DOC: minor (untabify, utf8) for ChangeLog
2012-07-30 13:57:00 -04:00
Yaroslav Halchenko
dca5634717
Merge branch '_enh/test_backends' -- fixing inotify backend, RF backends, unittests
...
* _enh/test_backends:
RF: reordered tests + enabled gamin now that its fix is pending in Debian
ENH+BF: filtergamin -- to be more inline with current design of filterinotify
ENH: 1 more sleep_4_poll to guarantee difference in time stamp
ENH: few more delays for cases relying on time stamps
ENH: tests much more robust now across pythons 2.4 -- 2.7
BF+RF: pyinotify refreshes watcher upon CREATE, unified/simplified *(add|del)LogPath among *Filters
ENH: fail2ban-testcases -- custom logging format to ease debugging, non-0 exit code in case of failure
ENH: Filter's testcases -- rename, del + list again --- a bit unstable, might still fail from time to time
BF: pyinotify -- monitor the parent directory for IN_CREATE + process freshly added file (Closes gh-44)
ENH: first working unittest for checking polling and inotify backends
RF/BF: just use pyinotify.ThreadedNotifier thread in filterpyinotify
RF: filter.py -- single readline in a loop
ENH: FilterPoll -- adjusted some msgs + allowed to operate without jail (for testing)
Minor additional comment to DEVELOP
ENH: extended test LogfileMonitor
2012-07-20 09:50:08 -04:00
Yaroslav Halchenko
481b1530d6
RF: reordered tests + enabled gamin now that its fix is pending in Debian
...
reference: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542361
2012-07-19 23:08:33 -04:00
Yaroslav Halchenko
c6f5d854d3
ENH+BF: filtergamin -- to be more inline with current design of filterinotify
2012-07-19 23:07:43 -04:00
Yaroslav Halchenko
337f3f6f7b
ENH: 1 more sleep_4_poll to guarantee difference in time stamp
2012-07-19 23:07:08 -04:00
Yaroslav Halchenko
e9964846fa
ENH: few more delays for cases relying on time stamps
2012-07-19 21:41:04 -04:00
Yaroslav Halchenko
c0c1232c5f
Merge branch 'master' into _enh/test_backends
...
* master:
Ask users to report bugs to github's issues
Replace "|" with "_" in ipmasq-ZZZzzz|fail2ban.rul (Closes gh-66)
2012-07-19 17:29:35 -04:00
Yaroslav Halchenko
a1a67d34a9
ENH: tests much more robust now across pythons 2.4 -- 2.7
...
* needed additional sleeps for polling filter since that one relies on
time-stamps and too rapid changes would not be caught by the
PollFilter
* in python 2.4, time stamps are up to a second (int's) so sleeps longer
* test_new_bogus_file -- just to make sure that addition of new files
does not alter our monitoring
2012-07-19 17:29:12 -04:00
Yaroslav Halchenko
d9248a6cf8
BF+RF: pyinotify refreshes watcher upon CREATE, unified/simplified *(add|del)LogPath among *Filters
...
* all of the *Filters had too much of common logic in their *LogPath
methods, which is now handled by FileFilter and derived classes only
add custom actions in corresponding _(add|del)LogPath methods
pyinotify:
* upon CREATE event:
- unknown files should not be handled at all
- "watcher" for the monitored files should be recreated.
Lead to adding _(add|del)FileWatcher helper methods
* callback now obtains full event to judge what to do
2012-07-19 17:26:09 -04:00
Yaroslav Halchenko
b33ae8c194
Ask users to report bugs to github's issues
2012-07-19 14:51:46 -04:00
Yaroslav Halchenko
08564bda1a
ENH: fail2ban-testcases -- custom logging format to ease debugging, non-0 exit code in case of failure
2012-07-19 13:30:55 -04:00
Yaroslav Halchenko
6ac9fd5d26
ENH: Filter's testcases -- rename, del + list again --- a bit unstable, might still fail from time to time
2012-07-19 13:30:01 -04:00
Yaroslav Halchenko
3c95121a8b
BF: pyinotify -- monitor the parent directory for IN_CREATE + process freshly added file (Closes gh-44)
2012-07-19 13:28:48 -04:00
Yaroslav Halchenko
60260bce3d
ENH: first working unittest for checking polling and inotify backends
2012-07-19 01:14:55 -04:00
Yaroslav Halchenko
baa09098f0
RF/BF: just use pyinotify.ThreadedNotifier thread in filterpyinotify
...
that seems also to overcome the problem of often locking upon stop()
2012-07-19 01:14:02 -04:00
Yaroslav Halchenko
25674a95f8
RF: filter.py -- single readline in a loop
2012-07-19 01:10:59 -04:00
Yaroslav Halchenko
b3614d4ea2
ENH: FilterPoll -- adjusted some msgs + allowed to operate without jail (for testing)
2012-07-19 01:08:34 -04:00
Yaroslav Halchenko
42523dce92
Minor additional comment to DEVELOP
2012-07-19 01:04:05 -04:00