github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
3,542 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

3542 Commits (3b4bf59c6a8e975ad52c78163f04c3dd16f7e9d4)

Author SHA1 Message Date
Steven Hiscocks 94232d7c31 Merge pull request #726 from pmarrapese/master 
Minor improvement to sshd filter
 2014-06-17 23:43:42 +01:00
Steven Hiscocks 8268c1641f BF: aInfo could be modified by actions, causing unexpected behaviour 
A separate copy of aInfo is passed to each action
 2014-06-17 23:24:23 +01:00
Yaroslav Halchenko 4190a4030c Merge branch 'sebres-strptime-bug' of https://github.com/kwirk/fail2ban 
* 'sebres-strptime-bug' of https://github.com/kwirk/fail2ban:
  DOC: Tweak ChangeLog and THANKS
  DOC: Update docs in reference to time zone related fix
  TST: Fix tests due to @sebres fix and based from gh-349 reverts
  strptime bug fix: if gmtoff is None we have 1 hour increment of time (through utctimetuple), compare: >>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().timetuple())).strftime("%Y-%m-%d %H:%M:%S") '2014-04-29 17:26:31' >>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().utctimetuple())).strftime("%Y-%m-%d %H:%M:%S") '2014-04-29 18:26:37'

Conflicts:
	ChangeLog
 2014-06-16 09:28:41 -04:00
Yaroslav Halchenko 93d5c363ca Merge branch 'enh/oracle_msg_server' 
* enh/oracle_msg_server:
  ENH: make oracleims failregex better anchored (more explicit)
  Update oracleims.conf to be 'less greedy'
  Update THANKS
  Update jail.conf for oracleims filter.
  Create test for oracleims filter
  Create oracleims.conf in filter.d for new filter
 2014-06-16 09:22:42 -04:00
SATO Kentaro 1e1c4ac62a ENH: Add <chain> to iptables-ipsets. 2014-06-16 21:30:13 +09:00
Steven Hiscocks 664f1db0ba BF: Fix getLogger for single level log level names 2014-06-10 20:58:57 +01:00
Steven Hiscocks dd75d35420 Merge pull request #724 from yarikoptic/enh_elapsed_time_regex 
ENH: minor -- print time which was used to process lines
 2014-06-10 20:49:55 +01:00
Steven Hiscocks 9764c78415 ENH: Rename fail2ban_excepthook to excepthook 2014-06-10 20:38:18 +01:00
Steven Hiscocks 4fc7f1a831 ENH: Tweak naming of getF2BLogger, and ensure consistent use 2014-06-10 20:36:19 +01:00
Yaroslav Halchenko 994fe77e59 ENH: make oracleims failregex better anchored (more explicit) 2014-06-10 03:52:16 -04:00
Yaroslav Halchenko 2a51a0176a BF: minor type for delignoreregex in bash completions 2014-06-10 03:42:07 -04:00
JoelSnyder 5165d2f6ea Update oracleims.conf to be 'less greedy' 
This assumes that the protocol is always a string, which it always is, and that the other four fields in the "tr" are always numeric (which they always are).  See port_access documentation at http://docs.oracle.com/cd/E19563-01/819-4428/bgaur/index.html
 2014-06-09 18:44:27 -07:00
JoelSnyder c325e88634 Update THANKS 
Per Steven.
 2014-06-09 18:38:22 -07:00
JoelSnyder 70ed93d8cc Update jail.conf for oracleims filter. 
This is the jail.conf update.  Hopefully this will go into pull request #734.
 2014-06-09 18:37:31 -07:00
Steven Hiscocks f7da091437 ENH: Log unhandled exceptions to Fail2Ban log 2014-06-09 22:27:51 +01:00
Steven Hiscocks e8131475cd ENH: Realign and harmonise log messages with getF2BLogger helper 2014-06-09 22:17:00 +01:00
Steven Hiscocks db023be09b BF: Fix bad syntax in badips.py action 
Taken from https://bugzilla.redhat.com/attachment.cgi?id=895966&action=diff
 2014-06-07 20:51:53 +01:00
JoelSnyder 54317d7c3b Create test for oracleims filter 
This test file shows configuration information for the application, three log lines that DO match the pattern, and one log line that does NOT match the pattern (the first one).
 2014-06-02 22:58:39 -07:00
JoelSnyder 9b7c35810a Create oracleims.conf in filter.d for new filter 
Created oracleims.conf to catch messages from Sun/Oracle Communications Messaging Server v6.3 and above (including v7)
 2014-06-02 22:55:59 -07:00
Yaroslav Halchenko 98daa9d301 Merge pull request #723 from kwirk/decode-warning 
ENH: Clearer warning with lines which failed to decode correctly
 2014-05-30 12:15:51 -04:00
pmarrapese 96918acee4 more explicit match for sshd filter & added test 2014-05-19 20:47:16 -07:00
pmarrapese 46d6e93800 adjusted sshd filter regex to catch more verbose lines 2014-05-18 22:12:54 -07:00
Yaroslav Halchenko eb2487986c ENH: minor -- print time which was used to process lines 2014-05-15 21:17:43 -04:00
Steven Hiscocks 0ca97431a0 ENH: Clearer warning with lines which failed to decode correctly 2014-05-15 22:48:03 +01:00
Steven Hiscocks 1fa8f9fa70 DOC: Tweak ChangeLog and THANKS 2014-05-15 22:18:07 +01:00
Steven Hiscocks fc4b69a282 DOC: Update ChangeLog fix for ip{,jail}failures action tags 2014-05-15 22:15:12 +01:00
sebres 213c4315c3 fix a TypeError bugs like "Failed to execute ban jail 'pam-generic' action 'iptables-allports'" 
getAttempt returns not a list (numeric), so by call of both lambda we have a TypeError except;
simplifying code;
 2014-05-15 19:41:00 +02:00
Steven Hiscocks 1c20fd88d4 DOC: Update docs in reference to time zone related fix 2014-05-14 23:04:48 +01:00
Steven Hiscocks 8843423c8f TST: Fix tests due to @sebres fix and based from gh-349 reverts 2014-05-14 23:01:14 +01:00
sebres 2bf0b4a50c strptime bug fix: if gmtoff is None we have 1 hour increment of time (through utctimetuple), compare: 
>>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().timetuple())).strftime("%Y-%m-%d %H:%M:%S")
'2014-04-29 17:26:31'
>>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().utctimetuple())).strftime("%Y-%m-%d %H:%M:%S")
'2014-04-29 18:26:37'
 2014-05-14 22:29:06 +01:00
Yaroslav Halchenko 2526dbae92 Merge branch 'recursive-tag-fix' of https://github.com/kwirk/fail2ban 
* 'recursive-tag-fix' of https://github.com/kwirk/fail2ban:
  ENH: explicitly define tags which should be escaped
  DOC: ChangeLog update for recursive tag bug fix
  BF: Tags not fully recursively substituted

Conflicts:
	ChangeLog -- kept all as is
 2014-05-13 11:23:30 -04:00
Steven Hiscocks 1e586fb0e9 ENH: explicitly define tags which should be escaped 2014-05-11 14:49:49 +01:00
Yaroslav Halchenko c619202d6f Merge branch 'master' of github.com:fail2ban/fail2ban 
* 'master' of github.com:fail2ban/fail2ban:
  ENH: Match non "Bye Bye" for sshd locked accounts failregex
  Even stricter monit regex, now covers entire line
  Tidy up filter.d/monit.conf, make regex more complete. Add ChangeLog / THANKS entry. Add test cases.
  ENH: Move traceback formatter to from tests.utils to helpers
  Block brute-force attempts against the Monit gui
 2014-05-10 20:02:47 -04:00
Steven Hiscocks 904b362215 DOC: ChangeLog update for recursive tag bug fix 
Also minor typo fixes in comments
 2014-05-09 20:25:44 +01:00
Steven Hiscocks 77ba065571 Merge pull request #697 from jhmartin/monit_admin_hack 
Block brute-force attempts against the Monit gui
 2014-05-07 22:23:01 +01:00
Yaroslav Halchenko 3471f13a84 Merge pull request #700 from kwirk/format-traceback-to-helpers 
ENH: Move traceback formatter to from tests.utils to helpers
 2014-05-07 09:09:01 -04:00
Yaroslav Halchenko 1f8b554d31 Merge branch 'database-persistent-bans' of https://github.com/kwirk/fail2ban 
* 'database-persistent-bans' of https://github.com/kwirk/fail2ban:
  BF: bantime < 0 database should return all bans, as they are persistent

Conflicts:
	ChangeLog - kept all ;)
 2014-05-05 23:29:35 -04:00
Yaroslav Halchenko 3eabf4a7bd Merge pull request #708 from kwirk/ssh-bye-bye 
ENH: Match non "Bye Bye" for sshd locked accounts failregex
 2014-05-05 23:22:57 -04:00
Yaroslav Halchenko 65269365ee minor 2014-05-05 23:16:18 -04:00
Yaroslav Halchenko 91eb75098b Merge pull request #714 from kwirk/urandom-persistent 
BF: Avoid closing "/dev/urandom" for Python 3.4.0
 2014-05-05 23:13:34 -04:00
Steven Hiscocks b3266ba44d BF: Tags not fully recursively substituted 
Note: recursive check ignored for "matches", as tags would be escaped,
and hence shouldn't match "<%s>" as "<ip>" would become "\<ip\>". This
therefore maintains advantage of delayed call for {ip,jail,}matches.

Fixes gh-713
 2014-05-03 14:28:13 +01:00
Steven Hiscocks 2bb7401ec1 Merge pull request #686 from CameronNemo/patch-2 
Update fail2ban.upstart
 2014-05-03 13:21:13 +01:00
Steven Hiscocks 1e8402cb99 DOC: ChangeLog entry for Python 3.4.0 persistent "/dev/urandom" fix 2014-05-03 12:51:15 +01:00
Steven Hiscocks cf3a6015f0 BF: Avoid closing "/dev/urandom" for Python 3.4.0 
Upstream bug: http://bugs.python.org/issue21207

Closes gh-687
 2014-05-03 12:44:03 +01:00
Steven Hiscocks b486014b35 TST: Add Python 3.4 for TravisCI 
This reverts commit 233aa043f3.
 2014-05-03 12:09:48 +01:00
Yaroslav Halchenko 1e19bca28e Merge pull request #704 from CameronNemo/foreground-opt-client 
Add an option in fail2ban-client to pass the foreground option to the server
 2014-05-01 13:14:06 -04:00
Steven Hiscocks bc10b64c69 ENH: Match non "Bye Bye" for sshd locked accounts failregex 2014-04-27 13:35:55 +01:00
Steven Hiscocks 7cc64a14e0 BF: fail2ban-regex assertion error caused by miscounted "missed" lines 
Caused when removing lines as part of multiline regex, which had been
previously considered missed.
 2014-04-27 13:27:11 +01:00
Yaroslav Halchenko 596b819bdc DOC: minor -- tabify docstring in badips.py action 2014-04-23 10:04:17 -04:00
Cameron Norman 2a14e48f0b A few final touches on the Upstart job 
(a) use static-network-up, since it is more generic than the started networking event
(b) do not hook into network deconfiguration to speed up shutdown
(c) expect fork, per the use of the "-f" option
(d) use a variable for the run directory to make changing it simpler
(e) handle the situation of a left over socket file
(f) use the -f option to be able to track the PID
 2014-04-22 21:55:51 -07:00