4492 Commits (4129f940bbd86064f0a6cbf66c08c5db4e34c8c5)

 

All Branches   

Search

Author	SHA1	Message	Date
sebres	c30144b37a	Merge branch '0.9' into 0.10 ... # Conflicts: # config/action.d/firewallcmd-ipset.conf # config/filter.d/asterisk.conf # Merge-point after cherry-pick, no changes: # fail2ban/client/jailreader.py # fail2ban/helpers.py	7 years ago
Serg G. Brester	029cd5aa24	Update ChangeLog	7 years ago
Serg G. Brester	597a27576e	Merge pull request #1908 from GetPageSpeed/firewallcmd-ipset-allports ... New ban mode `allports` for `firewallcmd-ipset`. Closes #1167	7 years ago
sebres	131b94e11e	firewallcmd-ipset-allports: implemented in `action.d/firewallcmd-ipset.conf` now (`action.d/firewallcmd-ipset-allports.conf` removed), usage: ... banaction = firewallcmd-ipset[actiontype="<allports>"]	7 years ago
Danila Vershinin	c190631f88	New ban action firewallcmd-ipset-allports. Closes #1167	7 years ago
sebres	3d9a112c8f	cherry-pick newer version of extractOptions, in order to avoid large discrepancy between 0.10 and 0.9 config-parsers: ... allow to use dual parameter lists (coming through substitutions), e. g.: `name[p1=0, p2="..."][p3='...']`; simplified explanation: `][` treats as `,` in new version. cherry-picked from 0.10.	7 years ago
Serg G. Brester	82f8bd8639	Merge pull request #2011 from Yannik/patch-1 ... Fix filter not catching asterisk requests with quote character in username (fixes #2010)	7 years ago
Serg G. Brester	f7e2d3610b	Update ChangeLog	7 years ago
Serg G. Brester	a1d1498561	Restore log-entries not affected by #2011	7 years ago
sebres	f6d0c86533	test cases extended: flush jail in database	7 years ago
sebres	2c69c0e7e5	flush jail in database: bulk remove of all IPs in the database (e. g. reload --unban).	7 years ago
Yannik Sembritzki	aab54bb0dd	don't replace normal test case with specialized test case	7 years ago
Yannik Sembritzki	94f0b15c32	Allow faster parsing of hosts without ' characters in them	7 years ago
Yannik Sembritzki	eaf5e88692	replace actual offenders ip with 1.2.3.4	7 years ago
Yannik Sembritzki	184202c6aa	remove duplicate testcase	7 years ago
Yannik Sembritzki	a53ee46ad4	add test for asterisk pjsip attack with quote in username	7 years ago
Yannik Sembritzki	b28dfb965a	Fix filter not catching asterisk requests with quote character in username (fixes #2010)	7 years ago
sebres	1e39c2600c	cherry-pick from 0.11: changes in updateDb because it can be executed after repair, and some tables can be missing.	7 years ago
sebres	277edd5fe5	amend to pull request #2004: merge remote-tracking branch 'sebres/auto-repair-database' into 0.10	7 years ago
sebres	ab3d03beec	Better variant of repair database: recreate all tables/indices, that can be missing after supposedly successful rescue	7 years ago
Serg G. Brester	75f00a3a6c	Merge pull request #2004 from sebres/auto-repair-database ... Automatically recover or recreate corrupt persistent database	7 years ago
Serg G. Brester	b104da2800	Merge pull request #2005 from sebres/0.10 ... Stability fix for fail2banclienttestcase, avoid sporadic coverage decrease.	7 years ago
sebres	a10d544ddc	coverage: fix another sporadic coverage decrease, if idle mode never reached in some test-cases (e. g. by slowly reloading of jails).	7 years ago
sebres	80932af406	coverage: testErrorsInLoop should avoid sporadic coverage changes, if some communication errors not occurred sometimes.	7 years ago
sebres	a1fd2c507e	method `waitForServerEnd` renamed into `stopAndWaitForServerEnd` (because will also stop the server)	7 years ago
sebres	1ad587ac7c	Stability fix for fail2banclienttestcase: ... - provide waitForServerEnd method for decorator `with_foreground_server_thread`, to wait for real server stop if needed; - accept any exit code in decorator `with_foreground_server_thread`, because multi-threaded, thus server can exit in-between; - fix sporadic fail "AssertionError: 'Banned 5 / 5, 5 ticket(s)' was not found" (if some tickets will be processed earlier, thus not as chunk but separately), so in case of: Banned 1 / 1, 1 ticket(s) in 'nginx-blck-lst' Banned 4 / 5, 5 ticket(s) in 'nginx-blck-lst'	7 years ago
Serg G. Brester	2d23f35d26	Update ChangeLog ... typo: missing newline restored.	7 years ago
sebres	79443210ad	Update ChangeLog	7 years ago
sebres	9374de59f3	Automatically recover or recreate corrupt persistent database (e. g. if failed to open with 'database disk image is malformed'). ... Closes #1465	7 years ago
Serg G. Brester	61109d5c4f	Merge pull request #1996 from meke/firewallcmd-new_actioncheck_error ... firewallcmd-new actioncheck Error	7 years ago
root	79f414c6a2	fix <family> typo	7 years ago
root	7c63eb2378	In the CentOS7 and epel environment, result of "firewall-cmd -direct -get -chains ipv4 filter" is displayed one line ... Changed to be multiple lines with reference to firewallcmd-multiport.conf	7 years ago
Serg G. Brester	95a87077f7	Merge pull request #1995 from sebres/firewallcmd-ipset-flush ... action.d/firewallcmd-ipset.conf: extended with actionflush to bulk unban resp. flush ipset	7 years ago
sebres	bf6667d4da	better (sane) stop server handling, AsyncServer.stop_communication back-ported to 0.10 (cherry-picked from 0.11);	7 years ago
sebres	6ccaa03e00	action.d/firewallcmd-ipset.conf: extended with actionflush to bulk unban resp. flush ipset	7 years ago
sebres	aa9cefc3f8	proper stop server in the test cases (quit should stop all server-side threads, also if server was not really started); ... fix-up for run_with_except_hook: avoid very sporadic error "'NoneType' object has no attribute 'exc_info'" (https://bugs.python.org/issue7336), only extremely fast systems are affected ATM (2.x / 3.x), if thread ends nothing is available in .	7 years ago
sebres	2712f72650	Merge remote-tracking branch 'master' into 0.10	7 years ago
Serg G. Brester	ad658a0a95	Merge pull request #1989 from sebres/logging-options ... New server logging options	7 years ago
Serg G. Brester	f96761927d	Merge pull request #1969 from RaidForums/patch-1 ... Update nginx-limit-req filter.	7 years ago
sebres	cc9ff31c9c	Update ChangeLog: `action.d/firewallcmd-ipset.conf`: fixed create of set for ipv6 (missing `family inet6`, gh-1990)	7 years ago
sebres	e384acca5f	action.d/firewallcmd-ipset.conf: fixed create of set for ipv6 (missing `family inet6`)	7 years ago
Kevin Maradona	6c705d572b	filter.d/nginx-limit-req.conf: nginx limit-req log-level can be set to warn or error therefore having this regex will include both of them.	7 years ago
sebres	55143ce1d9	coverage increase	7 years ago
sebres	f9833ddee4	Update ChangeLog	7 years ago
sebres	1bf6636446	Introduced new parameters for logging within fail2ban-server; ... Usage `logtarget = target[facility=..., datetime=on|off, format="..."]`: - `facility` - specify syslog facility (default `daemon`, see https://docs.python.org/2/library/logging.handlers.html#sysloghandler for the list of facilities); - `datetime` - add date-time to the message (default on, ignored if `format` specified); - `format` - specify own format how it will be logged, for example for short-log into STDOUT: `fail2ban-server -f --logtarget 'stdout[format="%(relativeCreated)5d | %(message)s"]' start`; Closes gh-1980	7 years ago
sebres	de97dedba0	move extractOptions from JailReader to helpers (common usage server- / client-side);	7 years ago
Serg G. Brester	ff987b60cd	Merge pull request #1988 from sebres/exim-aggressive ... Exim aggressive	7 years ago
Serg G. Brester	b0ba1aa846	Update ChangeLog	7 years ago
sebres	ffd6b9f6de	jail.conf: extended with new parameter `mode` for the filters supporting it;	7 years ago
sebres	2b68882502	filter.d/exim.conf: provides mode "aggressive" to ban flood resp. DDOS-similar failures; ... Closes #1983	7 years ago