d1ef33cc45
New command action parameter `actionrepair` - command executed in order to restore sane environment in error case of `actioncheck`.
...
# [WARNING] TODO: be sure all banactions get a repair command, because otherwise stop/start will theoretically remove all the bans, but the tickets are still in BanManager, so in case of new failures it will not be banned, because "already banned" will happen.
2016-09-08 20:06:22 +02:00
8cba537f6c
code review and use new logger-signals for waiting; + regenerated man-files
2016-09-08 18:38:33 +02:00
27f6fc083a
optimized BanManager: increase performance, fewer system load, try to prevent memory leakage:
...
- better ban/unban handling within actions (e.g. used dict instead of list)
- don't copy bans resp. its list on some operations;
- added new unbantime handling to relieve unBanList (prevent permanent searching for tickets to unban)
- prefer failure-ID as identifier of the ticket to its IP (most of the time the same, but it can be something else e.g. user name in some complex jails, as introduced in 0.10)
2016-09-08 18:27:55 +02:00
d2ddc59c40
build replacement of `<HOST>` substitution corresponding parameter `usedns` - dns-part will be added only if `usedns` is not `no`;
...
new replacement for `<ADDR>` in opposition to `<HOST>`, for separate usage of 2 address groups only (regardless of `usedns`), `ip4` and `ip6` together, without host (dns)
2016-09-08 15:38:36 +02:00
8c26cada27
temp commit: partially cherry picked from ban-time-incr branch
2016-09-08 11:43:27 +02:00
b12a3acb06
temp commit: reload not ready...
2016-09-07 21:07:50 +02:00
f512628af2
make with_foreground_server_thread decorator to test several client/server commands
2016-09-06 20:15:45 +02:00
0a7374dec6
Merge branch '_0.9/fix-systemd-convert-gh-1341' into _0.10/fix-systemd-convert-gh-1341
2016-09-06 16:53:01 +02:00
7ac9890bf6
forgotten obsolete code removed
2016-09-06 16:51:06 +02:00
ad61f0f381
Merge branch '_0.9/fix-systemd-convert-gh-1341' into _0.10/fix-systemd-convert-gh-1341
2016-09-06 16:37:45 +02:00
51fd9a1027
amend to activate performance-fix (respect findtime before search of match) + code coverage
2016-09-06 16:33:16 +02:00
e3a75b4f1e
optimize test cases after merge (using 0.10-features)
2016-09-06 15:30:35 +02:00
ae38b626d1
Merge branch '_0.9/fix-systemd-convert-gh-1341' into 0.10
2016-09-06 15:30:08 +02:00
57458a462e
allow to set default or preferred encoding for other filters (e.g. to decode bytes from journal)
...
# Conflicts:
# fail2ban/server/filter.py
2016-09-06 15:26:10 +02:00
3119f81705
fixed journal systemd ascii/utf-8 default converting (see gh-1341, gh-1344)
2016-09-06 15:25:59 +02:00
aff680eb43
Merge branch 'master' into 0.10 (strategy ours)
...
* master:
RF: Replace old fashioned "except E , e" with "except E as e" (Closes #1537 )
2016-09-06 08:19:10 -04:00
87acd7a0fc
RF: Replace old fashioned "except E , e" with "except E as e" ( Closes #1537 )
...
0.10 specific
supplement to b875e51cd7
2016-09-06 08:18:34 -04:00
f6258c7b69
Merge branch 'rf-exc'
...
* rf-exc:
RF: Replace old fashioned "except E , e" with "except E as e" (Closes #1537 )
2016-09-06 08:16:40 -04:00
adeb6e94a5
Merge remote-tracking branch 'origin/master' into 0.10
...
* origin/master:
2016-09-06 08:14:23 -04:00
00c08f0cfa
Merge pull request #1523 from sebres/_0.10/systemd-journal-path-gh-1408 with 0.10
2016-09-06 10:07:29 +02:00
0f942aba17
Merge pull request #1539 from sebres/_0.10/fix-gh-1529
...
0.10/fix-gh-1529
2016-09-06 09:08:18 +02:00
1d6b546658
sleep a little bit in error case (to get around time-related errors, e.g. something like log-rotate, etc.)
2016-09-05 16:37:32 +02:00
6454d0cd75
prevents to stop processing after first unhandled exception inside processLineAndAdd (filter going idle after 100th error);
2016-09-05 16:17:14 +02:00
90f9009959
fixes wrong date (invalid format or value) recognition if template available (+ test cases extended)
2016-09-05 16:11:45 +02:00
d974ebd581
rewritten idle handling for all filters, test cases extended to work in idle mode also (should not find/process failures)
2016-09-05 14:12:12 +02:00
b875e51cd7
RF: Replace old fashioned "except E , e" with "except E as e" ( Closes #1537 )
2016-09-04 23:25:09 -04:00
23c14acec0
update `_0.10/systemd-journal-path-gh-1408` (after merge `_0.9/systemd-journal-path-gh-1408` to 0.10)
2016-09-01 16:28:58 +02:00
387aa6ba47
Merge master branch '_0.9/systemd-journal-path-gh-1408' into 0.10
...
# Conflicts:
# fail2ban/tests/filtertestcase.py
# fail2ban/tests/utils.py
2016-09-01 16:26:21 +02:00
c0e0cfb39d
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2016-09-01 16:23:13 +02:00
564b696530
Merge branch '_0.9/systemd-journal-path-gh-1408'
2016-09-01 16:18:53 +02:00
5f35b52b9a
test cases extended
...
several test-case functionality cherry picked from 0.10 (SkipTest, with_tmpdir)
2016-09-01 16:17:06 +02:00
35b5fea038
backend "systemd" can be used as prefix now - `backend = systemd[...]`
2016-09-01 16:17:04 +02:00
7ed6cab120
jail configuration extended with new syntax to pass options to the backend (see gh-1408),
...
examples:
- `backend = systemd[journalpath=/run/log/journal/machine-1]`
- `backend = systemd[journalfiles="/run/log/journal/machine-1/system.journal, /run/log/journal/machine-1/user.journal"]`
- `backend = systemd[journalflags=2]`
2016-09-01 16:17:02 +02:00
1c4733ef89
[systemd] added new constructor parameters like journalpath, journalfiles and journalflags for systemd backup
...
optimized FilterSystemd method `run`: better wait in idle (no busy-loop), better poll handling, the ban will executed anywhere (at least at 100th log-entry), also if we have never ending logging in this jail (e.g. extremely logging or too many failures)
systemd test cases extended
2016-08-24 20:55:06 +02:00
0ab042fcce
Merge pull request #1522 from sebres/fix-asterisk-log-prefix
...
filter.d/asterisk.conf: another part ` chan_sip.c:28468 handle_request_register:` (without `in`) in log prefix
2016-08-23 11:18:59 +02:00
4a1d720344
filter.d/asterisk.conf: another part ` chan_sip.c:28468 handle_request_register:` in log prefix
2016-08-22 14:10:50 +02:00
2c54f90469
sshd-filter: better universal regexp, that matches more complex different injects, using conditional expressions (on username and auth-info section), see new test cases also.
2016-08-19 10:19:12 +02:00
a544c5abac
sshd-filter: recognized "Failed publickey for" now (gh-1477) + improved regexp (not anchored now to recognize all "Failed anything for ... from <HOST>"
...
ChangeLog entry added
2016-08-18 21:38:55 +02:00
6c737454dd
RF+ENH: 0.10/let know version when running tests and move arg parsing code into the module ( #1516 )
2016-08-18 10:14:03 -04:00
af126eb308
simplify fail2ban-testcases: move some code pieces inclusive option parser from fail2ban-testcases to tests/utils.py (+ coverage)
2016-08-18 15:05:03 +02:00
f7f618b15d
Let know the version (and python), also in travis (no output if verbosity is 0)
2016-08-18 14:22:38 +02:00
13a70e3bdb
Merge pull request #1515 from sebres/_0.10/fix
...
0.10 fix sporadically test case assertion error in MonitorJournalFailures
2016-08-17 18:06:26 +02:00
9aca34d3b1
normalize name of the test cases: method and class name fixed for MonitorJournalFailures
2016-08-17 17:48:57 +02:00
4bb5f3492e
Merge branch '_0.10/tests-verbosity' into _0.10/fix
2016-08-17 16:45:04 +02:00
cd6b528542
new test-cases option "--verbosity" to set numeric level of verbosity during test cases;
...
travis uses same verbosity (2) running in python3 as from setup (python2)
2016-08-17 16:41:33 +02:00
f91ec84bfb
prevent theoretical time-related assertion errors for other filters, replace isFilled with waitFailTotal (known expected failure count)
2016-08-17 15:50:08 +02:00
67e4ac5c66
common monitor test case class, that unite some duplicate code
2016-08-17 13:45:50 +02:00
7b7d60c486
fixed sporadically test cases assertion error "AssertionError: 3 != 4" - because multi-threaded, occurred if getFailTicket() called after 3th failure (before 4th failure was monitored), so we will wait in new method waitFailTotal (instead of isFilled) for expected failure count...
2016-08-17 13:44:10 +02:00
e3f4ea7284
Update README.md
...
fixed coveralls url to the default branch
2016-08-16 10:43:01 +02:00
9a30cfa77d
Merge pull request #1510 from sebres/_0.10/optimize-setup-test-case
...
0.10/optimize setup test case
2016-08-16 10:16:42 +02:00
sebres