github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5,801 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

5801 Commits (48c91dfb6bd8478968c226d0c6ca965bdce2768d)

Author SHA1 Message Date
Markus Felten 5aa20c30d8 fix: add journalmatch to nginx filters 2021-04-03 19:20:50 +02:00
j-marz 5d8f500471 updated formatting to pass tests 2021-03-29 08:36:53 +11:00
j-marz 2686811593 Updated zoneminder filter 
Support new log format, ERR instead of WAR. Add detection of non-existent user login attempts
 2021-03-28 21:19:10 +11:00
sebres 80a33b1dee Merge branch '0.11' 2021-03-25 12:14:11 +01:00
sebres b259e81911 test-suite: skip testFQDN if no network 2021-03-25 12:13:46 +01:00
sebres d8e450cf12 Merge branch 'fix-readline-multibyte' 2021-03-25 12:13:18 +01:00
sebres 4b17dddc23 update ChangeLog 2021-03-25 12:07:34 +01:00
sebres ccf4f3a07d amend with common log-file iterator in fail2ban-regex and test-suite (in sample regex factory also) 2021-03-25 12:07:31 +01:00
sebres 9659033523 fail2ban-regex: reimplemented log-file iterator - uses FileContainer facilities now instead of direct read from file and decode; 
fail2banregextestcase.py extended to cover proper line-ending handling by interim NL char as part of multi-byte encodings (utf-16be, utf-16le)
 2021-03-25 12:07:29 +01:00
sebres cbac7c176a readline fixed to consider interim new-line character as part of code point in multi-byte logs (e. g. unicode: utf-16be, utf-16le); 
suppress warning "Error decoding line" for incomplete line (produced by not fully read multi-byte new-line character at end of data);
added test coverage for such logs
 2021-03-25 12:07:26 +01:00
sebres 6cf4669dee Merge branch '0.10' into 0.11 2021-03-24 14:18:22 +01:00
sebres d135aeea16 fixes restore of original logging withing tests (`LogCaptureTestCase.tearDown`) - python 3 seemed still to log wordy after tear down (setting of log.level does not restore the level for related log objects - e. g. for logger of `fail2ban.jail` etc, so `fail2ban-testcases '(testVersion|testLongName).*servertest'` generating messages in stdout handler in testLongName) 2021-03-24 14:14:47 +01:00
sebres 8757563be1 close fork 2021-03-23 14:20:10 +01:00
sebres 996920cdaa in operation mode the filter reads only complete lines (ended with new-line) now, otherwise it would wait for end of line (for its completion) 2021-03-22 01:17:26 +01:00
sebres 061fab898a Merge branch '0.10' into 0.11 2021-03-22 00:58:03 +01:00
sebres e587526ede tests: add missing constraint (causing incomplete comparison in below cycle if fewer lines as expected was found) 2021-03-22 00:56:40 +01:00
sebres 343ccd7e8a small optimization 2021-03-21 23:35:38 +01:00
sebres 9bdc4be6cc stability: better recognition of rotation (e. g. on hash collision, consider current size and last known position now), no hash of empty file (or not fulfilled line), etc; 
performance: avoid unnecessary seek to start of file and hash calculation - now it occurs only if file really rotated (ino changing or size shrinking), otherwise not earlier than in 30 seconds;
avoid unneeded log-rotation in tests
 2021-03-21 23:35:09 +01:00
sebres 725354c793 action info extended with new members for jail info (usable as tags in command actions): 
`jail.found`, `jail.found_total` - current and total found failures
  `jail.banned`, `jail.banned_total` - current and total bans
closes #10
 2021-03-20 22:33:31 +01:00
oukb 529866b2bb
nsd.conf: fix for the current log format 
New nsd 4.3.5 log format:

|  [2021-03-05 05:25:14.562] nsd[160800]: info: axfr for example.com. from 192.35.168.32 refused, no acl matches
|  [2021-03-06 05:24:33.223] nsd[356033]: info: axfr for localhost. from 192.35.168.160 refused, no acl matches
|  [2021-03-07 05:23:26.641] nsd[547893]: info: axfr for example.com. from 192.35.168.64 refused, no acl matches
|  [2021-03-08 05:18:54.067] nsd[739606]: info: axfr for example.com. from 192.35.168.32 refused, no acl matches
 2021-03-08 19:14:28 +03:00
Mike Gabriel f15ed35619 config/: Add support for filtering out detected port scans via scanlogd. 2021-03-05 16:35:13 +01:00
Sergey G. Brester 08393f9d82
Update filter_request.md 2021-03-03 20:28:27 +01:00
sebres df5e024fb8 new issue templates 2021-03-03 20:16:34 +01:00
sebres fb08534ed7 Merge branch '0.11' 2021-03-03 18:17:35 +01:00
sebres 3eaefe8da0 Merge branch '0.10' into 0.11 2021-03-03 18:16:47 +01:00
sebres 04aba6168c fixed typo, `--` is not expected in options declaration, so `--dump-pretty` did never work (only `--dp` is working) 2021-03-03 13:02:00 +01:00
sebres a45b1c974c filter.d/ignorecommands/apache-fakegooglebot: added timeout parameter (default 55 seconds) - avoid fail with timeout (default 1 minute) by reverse lookup on some slow DNS services (googlebots must be resolved fast); 
closes gh-2951
 2021-03-02 19:35:27 +01:00
sebres 63acc862b1 `action.d/nginx-block-map.conf`: reload nginx only if it is running (also avoid error in nginx-errorlog, gh-2949) and better test coverage for the action 2021-02-24 18:21:42 +01:00
sebres fb6315ea5e Merge branch '0.10' into 0.11 2021-02-24 13:16:36 +01:00
sebres 6f4b6ec8cc action.d/badips.* removed (badips.com is no longer active, gh-2889) 2021-02-24 13:05:04 +01:00
sebres e3d43d1241 Merge branch 'fix-rc-on-too-many-failures' into 0.10: resolves RC with uncontrolled growth of failure list (jail with too many matches that did not cause ban, gh-2945) 2021-02-24 12:45:15 +01:00
sebres 92a2242174 amend fixing journal tests (systemd backend only) 2021-02-23 15:54:48 +01:00
sebres e353fb8024 fixed test cases (ban ASAP also followed in test suite now, so failure reached maxretry causes immediate ban now) 2021-02-23 02:46:44 +01:00
sebres 55d7d9e214 *WiP* try to solve RC on jails with too many failures without ban, gh-2945 ... 2021-02-22 18:39:58 +01:00
sebres 884cbbd6e1 Merge branch '0.11' 2021-02-17 19:04:23 +01:00
sebres abc5a4e062 ChangeLog (#2742) 2021-02-17 19:02:22 +01:00
sebres a0352182e8 Merge branch '0.10' into 0.11 2021-02-17 18:57:38 +01:00
sebres 294ec73f62 Merge branch 'py-3-10-alpha-5' into 0.10 2021-02-17 18:49:06 +01:00
Sergey G. Brester 9f1d1f4fbd amend for `Mapping` (jails) 2021-02-17 18:47:42 +01:00
Sergey G. Brester 42dee38ad2 amend for `Mapping` 2021-02-17 18:47:40 +01:00
Sergey G. Brester 2b6bb2c1be follow bpo-37324: :ref:`collections-abstract-base-classes` moved to the :mod:`collections.abc` module 
(since 3.10-alpha.5 `MutableMapping` is missing in collections module)
 2021-02-17 18:47:38 +01:00
Sergey G. Brester 8ae9208454 try to provide coverage for 3.10-alpha.5 (#2931) 2021-02-17 18:47:32 +01:00
Sergey G. Brester a2f0dbad87
Merge pull request #2742 from aresxc/patch-1 
Update  drupal-auth.conf
 2021-02-11 19:10:55 +01:00
Sergey G. Brester f4f92aa72d
more tests covering different cases, injections attempt etc 2021-02-11 18:56:53 +01:00
Sergey G. Brester d678440658
more precise RE (avoids weakness with catch-all's and is injection safe) 2021-02-11 18:32:32 +01:00
sebres ea26509594 Merge branch '0.11' 2021-02-03 14:59:00 +01:00
sebres 6198b4566c Merge branch '0.10' into 0.11 2021-02-03 14:47:56 +01:00
sebres 366c64cb9d extractOptions: ensure options are parsed completely - avoids unexpected skip or truncate of parameters, produces more verbose error message in case of incorrect syntax; added more tests covering several cases 
WARN: potential incompatibility (since it doesn't silently ignore wrong syntax anymore)
 2021-02-03 14:45:30 +01:00
sebres 409348394e Merge pull request #2913 
Add transport to asterisk RE
 2021-02-03 12:41:29 +01:00
Brian J. Murrell 7f185a828e Update date in failJSON 
The date format in failJSON is specific, so convert the date to use that format.
 2021-01-31 15:22:16 +01:00