github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
1,880 Commits
33 Branches
229 Tags
19 MiB
Commit Graph

1880 Commits (4765bc757c5d651bd5fc556890d21b6a6b01f649)

Author SHA1 Message Date
Daniel Black a9b7d33c51 ENH: apache-noscript now matched php-cgi scripts. Closes gh-503 2013-12-19 10:01:24 +00:00
Daniel Black 56f54dc2eb Merge pull request #504 from kwirk/nsd 
ENH: Add nsd filter and amend DateEpoch to match date format
 2013-12-19 01:30:14 -08:00
Steven Hiscocks d22716ab63 ENH: Add nsd filter and amend DateEpoch to match date format 2013-12-18 22:31:54 +00:00
Daniel Black 42a51930dd Merge pull request #500 from alasdairdc/master 
ENH: Updated nagios check_fail2ban to return performance data for all jails
 2013-12-18 00:38:15 -08:00
alasdairdc 04c267c307 Updated Changelog 2013-12-18 08:36:30 +00:00
alasdairdc 4e4f194457 Updated Thanks. 2013-12-18 08:31:54 +00:00
alasdairdc 2e5a2b26fb Updated check_fail2ban to return performance data for all jails and applied to specific jail code 2013-12-17 17:48:19 +00:00
alasdairdc 5f623596ee Updated check_fail2ban to return performance data for all jails 
Allows perf data from all jails to enable pnp4nagios to display a chart per jail when run with the command:
check_fail2ban -p -w 1 -c 5 -P /usr/bin/fail2ban-client

sample output:
CHECK FAIL2BAN ACTIVITY - CRITICAL - 9 detected jails with 5 current banned IP(s) | apache-noscript.currentBannedIP=0 sendmail.currentBannedIP=0 postfix.currentBannedIP=0 ssh-probe.currentBannedIP=3 ssh-ddos.currentBannedIP=0 apache-multiport.currentBannedIP=0 apache.currentBannedIP=0 ssh.currentBannedIP=2 apache-overflows.currentBannedIP=0
 2013-12-17 17:45:50 +00:00
Daniel Black dd79889904 Merge pull request #484 from grooverdan/more-more-tests 
BF/TST: fix internals of jailreader and add test cases
 2013-12-16 02:29:50 -08:00
Daniel Black 729929ada9 TST: jails can occur in any order once parsed. Sort results to facilitate comparison 2013-12-16 10:21:46 +00:00
Daniel Black 5c26bcbd2b TST: hopefully normalise config so that consistent test results occur on travis and locally 2013-12-16 10:07:41 +00:00
Steven Hiscocks 00ad239e2e Merge pull request #487 from grooverdan/firewall-cmd 
BF: fix actioncheck in firewallcmd
 2013-12-15 15:13:29 -08:00
Daniel Black a398c51d6c ENH: simplify actioncheck on firewallcmd-new a little more 2013-12-15 22:36:47 +00:00
Daniel Black f1e593da67 DOC: Changelog for adding firewallcmd-ipset 2013-12-14 10:27:11 +00:00
Daniel Black 9fe0a69852 ENH: add firewallcmd-ipset 2013-12-14 09:06:01 +00:00
Daniel Black 4ffc57e14f ENH: simplify firewallcmd-new actioncheck and provide output samples 2013-12-14 07:11:29 +00:00
Daniel Black 603095bc16 BF: errors in a jail prevents further sections from being parsed. Closes #485 2013-12-14 07:00:41 +00:00
Daniel Black b39729a2ab BF: fix unintential typo 2013-12-14 06:51:36 +00:00
Daniel Black 1ff52dfe4d DOC: document ufw a bit more. Change insertpos default to 1 to allow it to work if the user run ufw enable 2013-12-14 00:40:47 +00:00
Daniel Black f35345ecaa ENH: add ufw action based off Guilhem Lettron's work in lp-#701522. Closes gh-455 2013-12-14 00:34:12 +00:00
Daniel Black 13ccebe78f BF: fix actioncheck in firewallcmd 2013-12-13 23:40:51 +00:00
Daniel Black d402701b9f Merge pull request #452 from grooverdan/early-sighup-ignore 
ENH: move signal.signal(signal.SIGHUP, signal.SIG_IGN) before fork in server
 2013-12-13 15:33:33 -08:00
Daniel Black 2dac984b97 Merge pull request #482 from grooverdan/squid 
ENH: add squid filter
 2013-12-13 15:31:38 -08:00
Daniel Black 18f0e58caa TST: increase coverage in jailreader 2013-12-13 11:41:40 +00:00
Daniel Black b147270be7 BF: allow processing with empty filter 2013-12-13 11:36:00 +00:00
Daniel Black 2f3648c458 DOC: add missing jail directives 2013-12-13 11:11:58 +00:00
Daniel Black f6fb737e6c TST: remove commented test print 2013-12-13 10:55:15 +00:00
Daniel Black e916fcdce4 TST: test case for actions and filters missing in a jail 2013-12-13 10:51:38 +00:00
Daniel Black 1407b955e6 TST: more client/jailreader tests 2013-12-13 10:03:51 +00:00
Daniel Black d74dd31d23 BF: corrected tests for missing jail 
Previously tests relied on the missing filter to trigger the conditions
required for a missing jail. We now handle this explicitly.
 2013-12-13 10:00:34 +00:00
Daniel Black 3ddf8da76e ENH: ensure filter is defined in jail before its read 2013-12-13 08:45:10 +00:00
Daniel Black c6d14dcf0e TST: complete coverage of splitAction 2013-12-12 20:35:30 +00:00
Daniel Black b18ce122dd BF/ENH: fix error when action doesn't match regex. Document unreachable code. Simplify regex 2013-12-12 20:07:09 +00:00
Daniel Black 3036afca91 TST: check dangling link log message 2013-12-12 10:13:57 +00:00
Daniel Black cb4f1e5142 TST: remove temp files in glob test 2013-12-12 09:10:12 +00:00
Daniel Black f84a03d6b5 BF: remove nonreachable parts of code 
Glob ensures the file exists so only a check that a missing dangling
symlink needs to be done.

$ ls -la /tmp/f2b-tempq0ipGY/f2
lrwxrwxrwx. 1 dan dan 11 Dec 12 08:42 /tmp/f2b-tempq0ipGY/f2 ->
xisting

In [3]: os.path.exists('/tmp/f2b-tempq0ipGY/f2')
Out[3]: False

In [4]: os.path.lexists('/tmp/f2b-tempq0ipGY/f2')
Out[4]: True
 2013-12-12 09:08:42 +00:00
Daniel Black 970fd5d289 BF: ensure dangling symlink error message is reachable 
$ ls -la /tmp/f2b-tempq0ipGY/f2
lrwxrwxrwx. 1 dan dan 11 Dec 12 08:42 /tmp/f2b-tempq0ipGY/f2 -> nonexisting

In [3]: os.path.exists('/tmp/f2b-tempq0ipGY/f2')
Out[3]: False

In [4]: os.path.lexists('/tmp/f2b-tempq0ipGY/f2')
Out[4]: True
 2013-12-12 08:52:01 +00:00
Daniel Black f2c58e74c1 TST: check client.JailReader.setName 2013-12-12 08:24:29 +00:00
Yaroslav Halchenko 60699a6585 Merge pull request #483 from grooverdan/more-tests 
More tests and slight RF of tests to provide base log capturing unittest clas
 2013-12-10 18:28:28 -08:00
Daniel Black a03815facf TST: FileFilter tail tests 2013-12-11 13:07:08 +11:00
Daniel Black 5005719180 TST: permission denied on log file 2013-12-11 12:34:26 +11:00
Daniel Black 33d96ae462 TST: separate out DNS based IgnoreIP tests 2013-12-11 12:10:44 +11:00
Daniel Black c13b91fa70 TST: separate out DNS based IgnoreIP tests 2013-12-11 12:08:23 +11:00
Daniel Black 2b89457dc9 TST: addBanned IP when ignore exists 2013-12-11 10:55:06 +11:00
Daniel Black f3c4285118 TST: no test coverage on subclass overwritten function _delLogPath 2013-12-11 10:46:52 +11:00
Daniel Black ebf4a02004 TST: get/set use DNS on Filters 2013-12-11 10:43:47 +11:00
Daniel Black a8b5c5b5f3 TST: check IgnoreIP happens in filter.processLine 2013-12-11 10:31:58 +11:00
Daniel Black 60c4957a52 DOC/TST: remove TODO as all regexs have samples 2013-12-11 10:21:19 +11:00
Daniel Black 988e14d8c6 TST: negative match for DNS lookup test added 2013-12-11 10:17:55 +11:00
Daniel Black 44bbaebfe5 TST: CIDR for ignoreip 2013-12-11 10:15:24 +11:00