github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
1,308 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

1308 Commits (444e989dd5f6995197065b6654ea14d1f14d3523)

Author SHA1 Message Date
Daniel Black 444e989dd5 TST: another zone transfer refused example for file named-refused 2013-08-18 22:49:59 +10:00
Daniel Black 5d451bc4d6 ENH: add refused zone tranfer to named-refused filter. closes #323 2013-08-18 22:19:31 +10:00
Yaroslav Halchenko 2aa8ddea4d BF: fixed up conditioning of tests under cygwin (still 3 fail) 2013-08-08 22:58:06 -04:00
Yaroslav Halchenko a120ff191a Merge pull request #317 from opoplawski/paths 
Use /var/run/fail2ban in config/action.d/dummy.conf
 2013-08-08 19:46:28 -07:00
Orion Poplawski 31a78b2711 Use /var/run/fail2ban in config/action.d/dummy.conf 2013-08-08 20:41:44 -06:00
Yaroslav Halchenko e75fa74994 Merge pull request #316 from opoplawski/paths 
Change /tmp/fail2ban.sock to /var/run/fail2ban/fail2ban.sock
 2013-08-08 19:37:48 -07:00
Yaroslav Halchenko 511e0ace2e TST: Even more of conditioning of tests for cygwin 2013-08-08 22:35:07 -04:00
Orion Poplawski 67497db6e5 Change /tmp/fail2ban.sock to /var/run/fail2ban/fail2ban.sock 2013-08-08 20:28:55 -06:00
Yaroslav Halchenko e4dad8dfc9 TST: SYSLOG present only on Linuxes thus do not test if not Linux 2013-08-08 22:00:17 -04:00
Yaroslav Halchenko e7d5e466b9 Merge branch 'enh/asterisk_and_dropbear_filters' 
* enh/asterisk_and_dropbear_filters:
  ENH: hardened added dropbear failregex to avoid trailing .* and enclose username in ''
  minor: consistent indentation in dropbear.conf
  https://github.com/fail2ban/fail2ban/issues/306
  fail2ban-users: Sebastian Arcus - Detect device auth failures on Asterisk 11
 2013-08-08 09:59:24 -04:00
Yaroslav Halchenko 4e0ddc5f67 ENH: hardened added dropbear failregex to avoid trailing .* and enclose username in '' 2013-08-08 09:58:36 -04:00
Yaroslav Halchenko 9487ee5562 minor: consistent indentation in dropbear.conf 2013-08-08 09:54:15 -04:00
Yaroslav Halchenko c0456fd835 BF: Fixing a name for MySQL date pattern which misplaced Year (should not effect functionality) Closes #312 2013-08-08 09:47:47 -04:00
Yaroslav Halchenko 547c123cfb BF: example.com is pointing to another IP now. Closes #313 
This is a permanent change according to private correspondence with
David Closson @ IANN, thus replaced 192.0.43.10 with updated IP
93.184.216.119, while leaving 192.0.43.10 as is in the sample log
files (it is still within IANN dedicated testing network).
 2013-08-07 22:56:57 -04:00
Daniel Black 04ff9450b5 BF: testcases is a package that needs to be installed. Thanks to Michael Danko on irc 2013-07-29 10:45:15 +10:00
Daniel Black 56faf7f5ad DOC: fix ChangeLog merge 2013-07-28 18:02:38 +10:00
Steven Hiscocks 1e270078b4 TST: Warn if date templates overlap in default detectors 2013-07-27 20:21:05 +01:00
Steven Hiscocks 879c1a32f7 ENH: fail2ban-regex now uses iteraable for log file 
Previosuly, the whole file was read in first
 2013-07-27 11:36:01 +01:00
Steven Hiscocks af46cd0e4f ENH: fail2ban-regex now sorts date templates, similar to actual filters 
Sort occurs every 10 lines, as to not overly effect performance
 2013-07-27 11:34:10 +01:00
Jamyn Shanley a355fab91b https://github.com/fail2ban/fail2ban/issues/306 
Fix regex for latest dropbear (keep backwards compatibility). Add test case logfiles.

Signed-off-by: Jamyn Shanley <jshanley@gmail.com>
 2013-07-27 03:43:32 +00:00
Jamyn Shanley 8936f2cd02 fail2ban-users: Sebastian Arcus - Detect device auth failures on Asterisk 11 2013-07-27 00:06:06 +00:00
Yaroslav Halchenko 1721991755 Merge pull request #304 from yarikoptic/master 
RF(ENH): JailsReader.getOptions -- avoid code duplication when asking for 1 jail or all

upon @kwirk blessing ;)
 2013-07-25 18:45:10 -07:00
Daniel Black 2d52fc3d18 Merge pull request #302 from grooverdan/perdition 
ENH: new filter perdition.conf
 2013-07-23 18:31:27 -07:00
Daniel Black 8f532f9148 NIT: space remove 2013-07-24 11:29:58 +10:00
Daniel Black 7d7ef08145 ENH: authentication_id can be an imap4 quoted string, whatever that is, so using .+ as its id 2013-07-24 10:44:52 +10:00
Daniel Black abc4146079 ENH: perdition proxies other types hence daemon can include (perdidtion.(imap|pop)s?|managesieve). Also support local authentication resulting in the log message: local authentication failure 2013-07-24 10:27:12 +10:00
Yaroslav Halchenko 3b52eca608 ENH+TST: Ticket -- drop unused/bogus get|setFile + enh __str__ + basic testing 2013-07-22 12:09:33 -04:00
Yaroslav Halchenko 149a83545f TST: basic test for reading of a bogus jail 2013-07-22 11:52:51 -04:00
Yaroslav Halchenko b92316ff17 RF(ENH): JailsReader.getOptions -- avoid code duplication when asking for 1 jail or all 2013-07-22 11:47:36 -04:00
Daniel Black bdcde678d1 TST: fix year 2013-07-20 15:15:02 +10:00
Daniel Black 6fdfd8d356 BF: fix port 2013-07-20 15:09:25 +10:00
Daniel Black eea5b071e6 ENH: jail for perdition 2013-07-19 20:27:15 +10:00
Daniel Black fcf79b475f ENH: new filter perdition.conf 2013-07-19 20:14:53 +10:00
Steven Hiscocks a012b54117 TST: Add additional postfix filter sample 2013-07-18 22:17:31 +01:00
Steven Hiscocks 2a3a627322 TST: Add sample for sieve regex 2013-07-18 22:17:14 +01:00
Yaroslav Halchenko 60aa44f42d DOC: added a note on commit comments for merges with Conflicts 2013-07-18 14:43:41 -04:00
Steven Hiscocks bf05f2ac95 Merge branch 'filter-failregex-return' 
Conflicts:
	server/filter.py
 2013-07-16 21:17:18 +01:00
Steven Hiscocks ba29f6bef3 DOC: Update doc in reference to changes for sample testcases 2013-07-16 21:11:10 +01:00
Steven Hiscocks c2bdfefb62 DOC: Comment to fail2ban-regex - flagging lines matched multiple regexs 2013-07-16 20:58:44 +01:00
Yaroslav Halchenko e4d759ac94 Merge pull request #283 from yarikoptic/master 
Roundcube failregex -- anchor at the beginning as well + mandate <HOST> to end with alphanumeric
 2013-07-16 12:49:25 -07:00
Yaroslav Halchenko 90ec82669c DOC: changelog entries for preceeding changes 2013-07-16 15:10:41 -04:00
Yaroslav Halchenko f6a8a04cf3 ENH: roundcube-auth - adopt for current format with trailing error message. thanks @kwirk for the review/feedback 
I also used non-greedy .*? for the login portion since not sure if space could
be there and trying to minimize possibility of reacting on injected "from
<HOST>" somewhere within the trailing .*
 2013-07-16 15:07:32 -04:00
Yaroslav Halchenko 0a02cfe9e8 ENH: <HOST> must end with alphanumeric \w (not a dot or a dash etc) 
Otherwise <HOST> regexp might swallow period in the sentence right after the address.
I have decided to enforce alphanumeric instead of switching to non-greedy +? ... because
I think it is closer to what we actually want here
 2013-07-16 15:03:06 -04:00
Yaroslav Halchenko 8add63c733 ENH: anchor roundcube-auth at the beginning as well 2013-07-16 14:16:23 -04:00
Yaroslav Halchenko 148cbd8d2a ENH: heavier debugging -- log split date/log line even for no match. Log matching regex upon match 2013-07-16 14:16:23 -04:00
Steven Hiscocks 1a2b6442a0 ENH+BF+TST: Filter now returns reference to failregex and ignoreregex 
This avoids duplication of code across fail2ban-regex and samples test
cases. This also now more neatly resolves the issue of double counting
date templates matches in fail2ban-regex.
In addition, the samples test cases now also print a warning message
that not all regexs have samples for them, with future plan to change
this to an assertion.
 2013-07-15 22:22:13 +01:00
Yaroslav Halchenko 5bd186b854 ENH(minor): fail2ban-regex comment line doesn't have to have a space after leading # 2013-07-15 13:52:42 -04:00
Steven Hiscocks 2c8747cc76 BF: fail2ban-regex date detector template hits count now correct 
closes #295
 2013-07-15 18:40:32 +01:00
Steven Hiscocks 4855cae487 Merge branch 'sample-log-meta-data' 
Conflicts:
    testcases/files/logs/dovecot
 2013-07-14 18:29:36 +01:00
Steven Hiscocks 1116f23151 TST: Sample log regex test now warns if no log for a filter 
Also checks that at least some tests are present
 2013-07-14 18:19:16 +01:00