github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
1,308 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

215 Commits (444e989dd5f6995197065b6654ea14d1f14d3523)

Author SHA1 Message Date
Daniel Black 444e989dd5 TST: another zone transfer refused example for file named-refused 2013-08-18 22:49:59 +10:00
Daniel Black 5d451bc4d6 ENH: add refused zone tranfer to named-refused filter. closes #323 2013-08-18 22:19:31 +10:00
Yaroslav Halchenko 2aa8ddea4d BF: fixed up conditioning of tests under cygwin (still 3 fail) 2013-08-08 22:58:06 -04:00
Yaroslav Halchenko 511e0ace2e TST: Even more of conditioning of tests for cygwin 2013-08-08 22:35:07 -04:00
Yaroslav Halchenko e4dad8dfc9 TST: SYSLOG present only on Linuxes thus do not test if not Linux 2013-08-08 22:00:17 -04:00
Yaroslav Halchenko e7d5e466b9 Merge branch 'enh/asterisk_and_dropbear_filters' 
* enh/asterisk_and_dropbear_filters:
  ENH: hardened added dropbear failregex to avoid trailing .* and enclose username in ''
  minor: consistent indentation in dropbear.conf
  https://github.com/fail2ban/fail2ban/issues/306
  fail2ban-users: Sebastian Arcus - Detect device auth failures on Asterisk 11
 2013-08-08 09:59:24 -04:00
Yaroslav Halchenko 547c123cfb BF: example.com is pointing to another IP now. Closes #313 
This is a permanent change according to private correspondence with
David Closson @ IANN, thus replaced 192.0.43.10 with updated IP
93.184.216.119, while leaving 192.0.43.10 as is in the sample log
files (it is still within IANN dedicated testing network).
 2013-08-07 22:56:57 -04:00
Steven Hiscocks 1e270078b4 TST: Warn if date templates overlap in default detectors 2013-07-27 20:21:05 +01:00
Jamyn Shanley a355fab91b https://github.com/fail2ban/fail2ban/issues/306 
Fix regex for latest dropbear (keep backwards compatibility). Add test case logfiles.

Signed-off-by: Jamyn Shanley <jshanley@gmail.com>
 2013-07-27 03:43:32 +00:00
Jamyn Shanley 8936f2cd02 fail2ban-users: Sebastian Arcus - Detect device auth failures on Asterisk 11 2013-07-27 00:06:06 +00:00
Yaroslav Halchenko 1721991755 Merge pull request #304 from yarikoptic/master 
RF(ENH): JailsReader.getOptions -- avoid code duplication when asking for 1 jail or all

upon @kwirk blessing ;)
 2013-07-25 18:45:10 -07:00
Yaroslav Halchenko 3b52eca608 ENH+TST: Ticket -- drop unused/bogus get|setFile + enh __str__ + basic testing 2013-07-22 12:09:33 -04:00
Yaroslav Halchenko 149a83545f TST: basic test for reading of a bogus jail 2013-07-22 11:52:51 -04:00
Daniel Black bdcde678d1 TST: fix year 2013-07-20 15:15:02 +10:00
Daniel Black fcf79b475f ENH: new filter perdition.conf 2013-07-19 20:14:53 +10:00
Steven Hiscocks a012b54117 TST: Add additional postfix filter sample 2013-07-18 22:17:31 +01:00
Steven Hiscocks 2a3a627322 TST: Add sample for sieve regex 2013-07-18 22:17:14 +01:00
Steven Hiscocks bf05f2ac95 Merge branch 'filter-failregex-return' 
Conflicts:
	server/filter.py
 2013-07-16 21:17:18 +01:00
Yaroslav Halchenko f6a8a04cf3 ENH: roundcube-auth - adopt for current format with trailing error message. thanks @kwirk for the review/feedback 
I also used non-greedy .*? for the login portion since not sure if space could
be there and trying to minimize possibility of reacting on injected "from
<HOST>" somewhere within the trailing .*
 2013-07-16 15:07:32 -04:00
Yaroslav Halchenko 0a02cfe9e8 ENH: <HOST> must end with alphanumeric \w (not a dot or a dash etc) 
Otherwise <HOST> regexp might swallow period in the sentence right after the address.
I have decided to enforce alphanumeric instead of switching to non-greedy +? ... because
I think it is closer to what we actually want here
 2013-07-16 15:03:06 -04:00
Steven Hiscocks 1a2b6442a0 ENH+BF+TST: Filter now returns reference to failregex and ignoreregex 
This avoids duplication of code across fail2ban-regex and samples test
cases. This also now more neatly resolves the issue of double counting
date templates matches in fail2ban-regex.
In addition, the samples test cases now also print a warning message
that not all regexs have samples for them, with future plan to change
this to an assertion.
 2013-07-15 22:22:13 +01:00
Steven Hiscocks 4855cae487 Merge branch 'sample-log-meta-data' 
Conflicts:
    testcases/files/logs/dovecot
 2013-07-14 18:29:36 +01:00
Steven Hiscocks 1116f23151 TST: Sample log regex test now warns if no log for a filter 
Also checks that at least some tests are present
 2013-07-14 18:19:16 +01:00
Steven Hiscocks 728399c39e Merge pull request #281 from kwirk/dovecot-filter 
ENH: dovecot filter additions for session, time value and blank user
 2013-07-14 05:18:04 -07:00
Steven Hiscocks 94376bfbe1 TST: Handle lack of `json` library in python2.5 for samples test case 2013-07-14 11:15:45 +01:00
Steven Hiscocks 40f67c64b8 TST: Test sample logs' entries are matched by filter regexs 2013-07-13 23:03:01 +01:00
Daniel Black 5412d7336f DOC: ChangeLog confict 2013-07-09 08:23:44 +10:00
Yaroslav Halchenko 5f04b4954f Merge pull request #280 from yarikoptic/master 
BF+ENHs: polling backend tracks ino and size now in addition to mtime, filters do not read file unless it has content + few other minor issues
 2013-07-07 08:33:55 -07:00
Daniel Black 619603fe05 BF: match asterisk InvalidPassword correctly 2013-07-07 17:48:20 +10:00
Steven Hiscocks bfa2b9dec3 ENH: dovecot filter additions for session, time value and blank user 2013-07-05 18:36:02 +01:00
Yaroslav Halchenko 47ac39fb34 TST: minor enhancement to test failure msg 2013-07-02 23:37:41 -04:00
Yaroslav Halchenko 052e7ff9da ENH: deprecate sophisticated MTimeSleep in favor of no sleeping at all 
all invocations of mtimesleep() are left in the tests for now
 2013-07-02 20:44:28 -04:00
Yaroslav Halchenko 8c125b6053 ENH: do not sleep 1 sec only on older Pythons while testing filters 2013-07-02 19:50:22 -04:00
Daniel Black d6dece4900 ENH: Split log and provide jail examples 2013-07-03 07:42:47 +10:00
Yaroslav Halchenko e9c8a51ce4 ENH: further tighten up detection of mtimesleep duration + log what was assigned 2013-07-02 17:26:41 -04:00
Yaroslav Halchenko 8f3671bc94 BF: figure out minimal sleep time needed for mtime changes to get detected. Close #223, and probably #103 2013-07-02 17:10:00 -04:00
Yaroslav Halchenko e6ebcf6687 Merge branch 'dovecot' of https://github.com/grooverdan/fail2ban 
* 'dovecot' of https://github.com/grooverdan/fail2ban:
  ENH: remove non-capturing groups for readibility
  BF: fix dovecot filter for when no TLS is enabled on pop/imap

Conflicts:
	ChangeLog -- changelog entries.  Also untabified few other spots
 2013-07-02 10:12:51 -04:00
Yaroslav Halchenko f0f237fa05 Merge pull request #269 from grooverdan/asterisk 
ENH: filter.d/asterisk - consolidate log prefix regex and add a few fail messages
 2013-07-02 07:04:10 -07:00
Daniel Black 4777cfd4e7 ENH: split out exim-spam into speparate filter 2013-07-02 20:03:16 +10:00
Yaroslav Halchenko 54cce29b3e Merge pull request #271 from yarikoptic/master 
BF: support apache 2.4 more detailed error log format. Close #268

Thanks @grooverdan for the review
 2013-07-01 20:52:36 -07:00
Daniel Black c7d64c3c7f TST: url reference fix 2013-07-01 21:58:03 +10:00
Daniel Black ca996ace5e ENH: remove temporary failures from local_scan in line with comments in gh-258 2013-07-01 21:56:02 +10:00
Daniel Black 72f9e6a51e ENH/TST: more samples and rejection types for sender verify fail and rejected RCPT 2013-07-01 21:50:35 +10:00
Daniel Black 3b76fc79f9 BF: fix dovecot filter for when no TLS is enabled on pop/imap 2013-07-01 21:12:51 +10:00
Steven Hiscocks b670b5c792 TST: Change depreciated assertEquals to assertEqual in some tests 2013-06-29 20:17:42 +01:00
Yaroslav Halchenko 1b170b2aef BF: support apache 2.4 more detailed error log format. Close #268 2013-06-28 09:49:36 -04:00
Yaroslav Halchenko 6d331bcbea BF: make colon after [daemon] optional. Close #267 2013-06-27 11:44:47 -04:00
Daniel Black fa7a105483 ENH: filter.d/asterisk - consolidate log prefix regex and add a few fail messages 2013-06-27 09:16:14 +10:00
Yaroslav Halchenko b9e971c25d Merge branch 'exim' of https://github.com/grooverdan/fail2ban 
* 'exim' of https://github.com/grooverdan/fail2ban:
  DOC: credits/blame to me for changes to exim
  ENH: new exim filter regexs. Also note a begining PID in this format. Thanks to ftoppi for the log entries
  TST/ENH: Improve regex around exim
 2013-06-23 00:21:28 -04:00
Yaroslav Halchenko 057f0ad135 ENH: allow_no_files option for jail's convert to allow testing of stock jail.conf 2013-06-21 12:44:37 -04:00