308bba448c
ChangeLog update
2016-11-24 20:43:55 +01:00
45174c5eaf
if fail2ban running as systemd-service, for logging to the systemd-journal, the `logtarget` could be set to STDOUT
...
small fixes by logging in stdout (+ system targets also allowed in lowercase now)
2016-11-24 12:13:47 +01:00
1cd67ecaa2
automatically creates /var/run/fail2ban before start fail2ban (systems which /var/run/ is virtual resp. memory mount device)
2016-11-24 11:37:18 +01:00
528a7a5abb
systemd service update:
...
- starting service in normal mode (without forking)
- does not restart if service exited normally (exit-code 0, e.g. stopped via fail2ban-client)
- does not restart if service can not start (exit-code 255, e.g. wrong configuration, etc.)
- service can be additionally started/stopped with commands (fail2ban-client, fail2ban-server)
2016-11-22 11:14:27 +01:00
261f875748
Fixed sporadic tab-replacement (`\n\t` instead of `\n ` by word wrapping) in mime content of smtp-message in test cases, see
...
https://github.com/fail2ban/fail2ban/pull/1410#issuecomment-262000804
2016-11-21 19:06:17 +01:00
44fddc102d
Merge pull request #1616 from sebres/fix-1194
...
[fix-gh-1194] Fixed misleading errors logged from ignorecommand in success case on retcode 1
2016-11-21 17:15:16 +01:00
701abfd250
ChangeLog entry added
...
+ indentation fix (space-tab replacement)
2016-11-21 17:13:43 +01:00
c442569b63
executeCmd: added possibility to select success return codes
...
ignorecommand: both return codes (0, 1) are success codes now, so no errors will be logged + test cases extended to check this (and error case)
2016-11-21 16:35:33 +01:00
189e70d99c
processLine etc. rewritten:
...
- normalize calling parameters (persistent parameters moved from function arguments to filter member variables)
- save last line as lambda instead of return it as string (lazy convert of process line tuple to string on demand, needed in fail2ban-regex only)
2016-11-18 17:02:00 +01:00
ea4c1f6356
Merge branch 'master' into 0.10
2016-11-11 10:29:45 +01:00
dab5f56609
Merge branch 'fix-gh-1477'
2016-11-11 10:17:07 +01:00
4e252be76f
Update FILTERS
...
closes #1591
2016-10-25 11:01:32 +02:00
5502e47486
Merge pull request #1579 from sebres/fix-gh-1578
...
filter.d/sendmail-reject.conf: double space (should be by missing dns-host only)
2016-10-15 13:18:52 -04:00
10bdadaef2
fixed sporadically (multi-threading) errors by reload/stop/start of polling filter inside getModified (so prevents to stop running main cycle)
2016-10-15 19:12:11 +02:00
519e355bf2
ChangeLog entry added
2016-10-15 14:59:36 +02:00
84c3eb3e0e
filter.d/sendmail-reject.conf: double space (should be by missing dns-host only)
...
Closes #1578
2016-10-15 14:53:45 +02:00
c1174d7935
Merge pull request #1577 from sebres/_0.10/code-review-fix-log-fmt-auto-verbosity
...
0.10/code review + fix log format by auto verbosity
2016-10-15 13:01:19 +02:00
7f8c48d59e
code review (e. g. remove code duplication) and coverage
2016-10-15 00:39:25 +02:00
5b40309052
code coverage of server module: switch backend
2016-10-14 23:57:52 +02:00
57a7795282
code coverage of server module: multiple ignoreregex
2016-10-14 23:57:35 +02:00
1ef367e77a
fixes log format by starting server with `--loglevel=debug` without specifying of verbosity level
2016-10-14 23:30:12 +02:00
98f87a1a52
better server-ready event: notify waiting thread if server really ready (communication ready) or failed to start
2016-10-14 22:50:30 +02:00
c809c3e61e
Merge branch 'master' into 0.10
2016-10-13 19:01:13 +02:00
15dc2db8bb
Merge pull request #1498 from ahpnils:npf to master:
...
This new action files adds support for the NPF packet filter, available on NetBSD since version 6.0.
Closes #1498
2016-10-13 19:00:54 +02:00
f7df6026a3
Update Changelog to reflect the new np.conf action
2016-10-13 18:53:16 +02:00
d08db22b92
Create npf.conf for the NPF packet filter
...
This file adds support for the NPF packet filter, available on NetBSD since version 6.0
2016-10-13 18:50:54 +02:00
77f2dcfdb6
Merge pull request #1576 from sebres/_0.10/fail2ban-regex-coverage
...
tests of fail2ban-regex extended to cover exec_command_line also
2016-10-13 18:42:07 +02:00
44f93bfbff
increase coverage, better test and output of errors
2016-10-13 18:27:59 +02:00
7e8575cc56
tests of fail2ban-regex extended to cover exec_command_line also;
...
Closes #1573
2016-10-13 17:32:38 +02:00
733d0ef596
Merge pull request #1569 from sebres/_0.10/fix-fakegooglebot
...
fixes deprecated DNSUtils.IsValidIP in fakegooglebot ignore command
2016-10-06 12:15:49 +02:00
2d2d4cf185
amend to c2d2e79b0d48bf66b04c3772c2419f30a4b1f9db: fixed sporadically bug in getBanListExtendedCymruInfo:
...
except dns.resolver.NXDOMAIN:
UnboundLocalError: local variable 'dns' referenced before assignment
2016-10-05 15:43:39 +02:00
0ae932ba5e
setup fix for python3, bypass directories (__pycache__) created after ignore command was tested
2016-10-05 15:29:56 +02:00
fa8184d4cc
fixes deprecated DNSUtils.IsValidIP in fakegooglebot ignore command + test covered now;
...
Closes #1559
2016-10-05 15:01:33 +02:00
973ac9a45c
amend to c2d2e79b0d48bf66b04c3772c2419f30a4b1f9db: missing error variable in import block;
...
additionally fixes forgotten skip for cymru server case, if --no-network specified);
Closes #1568
2016-10-05 12:18:55 +02:00
c2d2e79b0d
ExtendedCymruInfo: better availability check (code review and timeout's);
...
max sleep time check of too long sleep increased to 1 second (typo fix)
2016-09-30 17:01:06 +02:00
ee1727ecca
Merge pull request #1563 from niklasf/fix-lazy-ipv6-regex (and sebres/fix-lazy-ipv6-regex) into 0.10
2016-09-30 13:34:54 +02:00
276759b6c2
ExtendedCymruInfo code review and availability check in test cases;
...
max sleep time check of too long sleep increased to 1 second
2016-09-30 13:19:00 +02:00
9bf8985e2a
nginx-limit-req.conf: more precise failregex (word-boundary if `<HOST>` should be non-greedy for some reasons)
2016-09-30 12:33:43 +02:00
06674bb989
use common regex for IP addresses (removed code duplication)
2016-09-30 12:33:41 +02:00
ba9a88977f
Merge pull request #1562 from sebres/_0.10/fix-stability-and-speed
...
0.10/fix stability and speed optimization
2016-09-30 12:14:51 +02:00
8b0f6c5413
badips test cases check availability of badips service (and skip this tests if it not available)
2016-09-30 12:03:27 +02:00
9a7c753372
fixes method-related filter for tests of suite loaded with loadTestsFromName (they may be a suite self)
2016-09-30 11:26:49 +02:00
057f2f3c56
make the ipv6 host regex greedy
...
Previously the regex was lazily matching ``2606:2800:220:1:248:1893:25c8:1946``
as ``2606:2800:220:1:248:1893:25c8:1``.
2016-09-30 11:08:07 +02:00
77ec9df678
standardize and normalize verbosity parameters for fail2ban-regex / fail2ban-testcases (-v ... -vvvv, or --verbosity=0..4)
2016-09-30 10:01:21 +02:00
2cfaf845ca
standardize and normalize logging and verbosity formats, logging level etc between command lines (server, client, test-cases);
...
test cases could pass (so increase) verbosity to the client (and furthermore client to the server also), usable for debug purposes resp. simplifying read of the log-file;
custom and precise numeric log-levels can be given in test cases now;
2016-09-29 21:23:37 +02:00
62b8664175
speedup server start/stop (waiting for communicate, etc);
...
extend server socket with timeouts, extend ping with timeout parameter;
2016-09-29 21:11:54 +02:00
542419acab
filtertestcase: use shorter sleep (almost just for the context switch here)
2016-09-29 21:08:27 +02:00
b615ba49ff
disengage testExecuteTimeout test-case from -fast option, just make it faster (timeout shorter) in this case
2016-09-29 21:08:25 +02:00
b011cf17b2
increase performance of executeCmd (actions), thereby introduced new shorter interval for fast operations (leaves unchanged default wait operation intervals (sleep time, threshold interval) - for the same inertance, to save same system (load by many jails resp. log files);
...
extends wait_for with callable timeout (test case fixed);
2016-09-29 21:07:46 +02:00
310d4e224d
Merge branch master (0.9) into 0.10
2016-09-29 19:46:11 +02:00
sebres