github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5,157 Commits
33 Branches
229 Tags
19 MiB
Commit Graph

5157 Commits (27fb4790fbc6c2d7abe4465794da72dabfa047db)

Author SHA1 Message Date
sebres 00a6717953 fail2ban-client: extended with new feature which allows to inform fail2ban about single or multiple attempts (failure) for IP (failure-ID), syntax: 
set <JAIL> attempt <IP> [<failure1> ... <failureN>]
 2019-02-20 16:47:53 +01:00
sebres 84cec5e861 implements gh-2349: `fail2ban-client set jain banip/unbanip ip1 .. ipN` extended to ban/unban multiple tickets; 
reorganized banning facilities (addBannedIP moved from filter to actions in order to ban directly without implication of fail-manager in between.
 2019-02-20 14:56:00 +01:00
sebres 4a829cb51b Merge branch '0.10' into 0.11 2019-02-18 17:19:33 +01:00
sebres e30ebb1f3b closes gh-2277: fixed and optimized cache facilities (operations on OrderedDict are not atomic); increased max-size of IPAddr cache; don't cache raw objects (it is fast enough). 2019-02-18 17:05:11 +01:00
sebres 14f997231d add test case to cover gh-2277, testOverflowedIPCache testing overflow of IP-cache multi-threaded (2 "parasite" threads flooding cache) 2019-02-18 16:56:43 +01:00
Viktor Szépe 824afbf52d Fix whitespaces 2019-02-17 09:12:30 +00:00
Viktor Szépe 24b0e048d1 Normalizing quote usage in initd 2019-02-17 09:08:59 +00:00
Yaroslav Halchenko c545315192 ENH: travis - run shellcheck on files/debian-initd 2019-02-17 09:08:43 +00:00
Yaroslav Halchenko 62f957973d ENH: disable shell check for $DAEMON_ARGS expansion 2019-02-17 09:08:32 +00:00
Viktor Szépe dfd2a2063d Safer, nicer, uniform Debian initd script 2019-02-17 09:08:29 +00:00
Yaroslav Halchenko 31e6ec3c5b
Merge pull request #2323 from todgru/fix-spelling-abuseipdb-conf 
fix: correct spelling category
 2019-02-15 17:08:45 -05:00
Cool Fire 27526e431b Changes static logfile string to variable 
Since we don't want to re-declare a log file name we already
have a varialbe for, use the existing variable to set dovecot_log.
 2019-02-13 10:10:24 +01:00
Cool Fire b31a018e7c Add override for dovecot failed logins on debian 2019-02-13 10:01:14 +01:00
sebres 5a54a44559 provide more meaningful error-message if invalid `datepattern` set; 
fail2ban-regex: catch errors/exceptions by set of parameter, more verbose output if needed (`-v` or log-level `debug` would produce output of call-stack additionally).
 2019-02-12 14:36:40 +01:00
sebres 1647d0090e Merge branch '0.10' into 0.11 2019-02-11 19:19:44 +01:00
Sergey G. Brester c819a18a0a
Update ChangeLog 2019-02-11 19:15:11 +01:00
sebres e651bc7866 amend to #1622: jail-reader supports now multi-line option for multi-line action parameter: 
logpath = a.log
            b.log
            c.log
  action  = ban[...]
          = log[logpath="%(logpath)s"]
closes gh-2341, ultimate fix for gh-976
 2019-02-11 11:54:58 +01:00
todgru 39ed016a1e fix: correct spelling category 2019-01-14 22:08:38 -08:00
sebres 89c611064d test-cases: be sure the test-files always written with new-line at end 2019-01-14 19:00:42 +01:00
sebres d88ce7181c Merge branch '0.10' into 0.11 2019-01-07 01:51:59 +01:00
Sergey G. Brester 4108e04ab4
Update ChangeLog 2019-01-07 01:50:44 +01:00
sebres a13fdcf4f7 closes gh-2314: extended regex for mysql 8.0.13 if used logging with details (e. g. log-error-verbosity = 3, so log output has few additional words enclosed in brackets after "[Note]"). 2019-01-07 01:34:12 +01:00
Sergey G. Brester 53684af0e3
Merge pull request #2315 from psvi/ban_list 
New command `fail2ban-client get <JAIL> banip`
 2019-01-07 01:11:28 +01:00
sebres 59688d7cd5 move helper to test, normalize invocations in order to emphasize assert comparison. 2019-01-07 00:05:27 +01:00
sebres 963e14c685 resolve sporadic timing errors (unban if ban still not occurred, resp. get list of IPs if not yet banned); 
simplify helper procedure for testJailBanList.
 2019-01-06 23:49:05 +01:00
sebres 4b934c784d normalized time to string calls. 2019-01-06 23:33:28 +01:00
sebres f959f58e15 extend protocol (command-line) and regenerate man's 2019-01-06 22:45:48 +01:00
sebres df97fd33cf ip-list is sorted now (by end of ban) per default; 
extended with new option `--with-time` to provide more pretty and informative result (separated by new-line, including time strings: time of ban + ban-time = end of ban):
  192.0.2.1    2019-01-06 22:24:48 + 300 = 2019-01-06 22:29:48
  192.0.2.2    2019-01-06 22:24:48 + 600 = 2019-01-06 22:34:48
also it is possible now to provide separator-character as extra-parameter after `get <jail> banip ?sep-char?` (default is space).
removed unneeded test-cases (test code-base minimization) and unexpected manually changed files.
 2019-01-06 22:31:23 +01:00
Sergey G. Brester 67247999ff
closes #2313: missing dependency to nftables.service 2019-01-06 17:03:09 +01:00
SP 7f5f7017db ENH: added new test cases for `fail2ban-client get <JAIL> banip` command (gh-1916) 2019-01-04 18:00:38 +03:00
Yannik Sembritzki 547504873e
Add test case for new asterisk pjsip log syntax which includes the port 2019-01-03 23:59:38 +01:00
Yannik Sembritzki 6b4404b1bc
Fix asterisk filter not catching attackers when port is logged (Fixes #2316) 2019-01-03 23:55:42 +01:00
SP 3d477d229d ENH: added new command `fail2ban-client get <JAIL> banip` to get the banned ip addresses (gh-1916) 2019-01-03 23:55:35 +03:00
sebres c9ba695ba3 minor, no cover for 3.x (2.6 only) 2018-12-28 00:04:15 +01:00
sebres 966fa1be89 Merge branch '0.10' into 0.11 2018-12-27 20:09:15 +01:00
sebres 4a4780be04 test-cases: prevent sporadic timing errors (unban if ban still not occurred) 2018-12-27 18:10:09 +01:00
sebres 0298c8a31e closes gh-2277: fixed cache-object clean-up process (if max-size reached) used multi-threaded (del can throw KeyError if get/unset changes the list); 
additionally OrderedDict is used now for cache (if available, so >= 2.7) - avoids (slow) search of expired items in full cache and always prefers older objects to remove (like FIFO).
 2018-12-27 18:07:23 +01:00
sebres 2010dda6fa Merge branch '0.10' into 0.11 2018-12-19 12:20:10 +01:00
Alexander Koeppe df9b352bac Update information reg. ipdns.py as successor for dnsutils.py 2018-12-19 12:17:44 +01:00
Sergey G. Brester cadcc69bc0
minor amend for better readability 2018-12-17 18:42:28 +01:00
Sergey G. Brester 3fa54559e5
Update ChangeLog 2018-12-17 18:39:31 +01:00
Sergey G. Brester f87a43487e
Merge pull request #2287 from angeloc/0.11 
setup.py: adding option `--without-tests` to skip building and
installing of tests files
 2018-12-17 18:37:08 +01:00
Sergey G. Brester c540babfb6
matches not empty username only 2018-12-17 12:30:46 +01:00
CrazyMax 7cdabdd7ae
Update traefik-auth failregex 2018-12-14 19:06:09 +01:00
sebres c1ccabc1f9 fixed read of included config-files (`.local` overwrites options of `.conf` for config-files included with before/after) 2018-12-11 15:43:25 +01:00
sebres 9b96a7de89 fix of SafeConfigParserWithIncludes 2018-12-11 15:39:43 +01:00
sebres 0245777c84 SafeConfigParserWithIncludes: fixed read of included config-files (expands with localized version, so `inc.local` overwrites options of `inc.conf` for config-files included with before/after); 
added new test to cover this case.
 2018-12-11 14:48:48 +01:00
CrazyMax 90516d6b67
Add login success example for traefik-auth 2018-11-28 00:37:24 +01:00
Sergey G. Brester 3b8842e618
Merge pull request #2284 from jedie/patch-1 
Add link to https://fail2ban.readthedocs.io in README
 2018-11-26 13:12:52 +01:00
Sergey G. Brester c4c713ca6e
Update README.md 2018-11-26 13:10:30 +01:00