f84e58e769
Tweaks to action.d/pf.conf
...
Document recent changes.
Add an option to customize the pf block rule (surely, what the user
really wants, here, is "block quick").
2017-08-18 13:31:34 +02:00
579d2477f5
Merge pull request #1867 from distler/0.11
...
Tweaks to action.d/pf.conf: introduced parameter `block` with default `block quick`
2017-08-17 17:34:05 +02:00
d646d06e91
Tweaks to action.d/pf.conf
...
Document recent changes.
Add an option to customize the pf block rule (surely, what the user
really wants, here, is "block quick").
2017-08-17 09:13:32 -05:00
fdcd847f4a
Merge branch '0.10' into 0.11
2017-08-16 21:26:00 +02:00
69a6d0e653
amend to 10c0d954017fac270bf1c568e4b02e94d5949b58: order in cymru-info can variate on each level,
...
sorted using key=str (otherwise `['nxdomain', u'US'] != ['US', 'nxdomain']` may occur on some python versions).
2017-08-16 21:23:42 +02:00
870a33247b
Merge branch '0.10' into 0.11
2017-08-16 20:54:53 +02:00
a3c6bb601d
Fixes version, causes "UserWarning: Normalizing '0.10.1dev1' to '0.10.1.dev1'" during setup-process.
2017-08-16 20:50:33 +02:00
72bd666797
Fixes representation of IPAddr (likely the string representation, enclosed in single-quotes).
2017-08-16 20:50:06 +02:00
10c0d95401
prevent sporadic assert errors on nested lists/dict differ at some level (mostly causes on python 3.4 because of different dict hashing);
...
introduces new test assertion routine `asesertSortedEqual` for comparison regardless elements order (regarding level/nestedOnly arguments).
2017-08-16 20:48:18 +02:00
aa140f0fa7
Merge branch 0.10 to 0.11, restores merge-point after rebased PR gh-1866 (mistakenly created and merged on 0.11th base);
2017-08-16 17:58:52 +02:00
33874d6e53
action.d/pf.conf: anchored call arguments combined as `<pfctl>` parameter;
...
test cases fixed;
2017-08-16 17:51:07 +02:00
f6ccede2f1
Update pf.conf fixing #1863
...
Fix #1863
Introduce own PF anchors for fail2ban rules.
2017-08-16 17:51:05 +02:00
7c01a9c7b9
Merge pull request #1866 from koeppea/patch-1
...
Update pf.conf fixing #1863 : erroneous flush of all rulesets, also not created with fail2ban.
2017-08-16 17:49:30 +02:00
19e59fff3e
ChangeLog: added incompatibility list (compared to v.0.9)
2017-08-16 15:38:44 +02:00
08646bc339
Always supply jail name as name parameter (if not specified explicit in the action parameters `action[name=...]`).
...
Avoid usage of the same chains (etc.) if someone use `action` instead of `banaction` jail parameter.
2017-08-16 13:14:42 +02:00
3f83b22de2
action.d/pf.conf: anchored call arguments combined as `<pfctl>` parameter;
...
test cases fixed;
2017-08-16 11:58:39 +02:00
e5169d8f84
pyinotify: be sure possible IOError/OSError by remove monitor (log-rotate? normally not raises) are handled properly.
2017-08-16 11:37:22 +02:00
55baf93635
Update pf.conf fixing #1863
...
Fix #1863
Introduce own PF anchors for fail2ban rules.
2017-08-16 11:33:45 +02:00
7867228146
closes part of gh-1865: fixed "Retrieving own IPs of localhost failed: inet_pton() argument 2 must be string, not int"
...
some python-versions resp. host configurations causes returning of integer (instead of ip-string)
2017-08-16 10:45:37 +02:00
099e35103f
Merge branch '0.10' into 0.11
2017-08-14 18:31:52 +02:00
d1de20dd41
Move some ticket-independent tag replacements from ActionInfo to ADD_REPL_TAGS (will be wrapped in replaceTag into calling map).
...
Thus tags `<fq-hostname>` and `<sh-hostname>` could be used without ticket (a. g. in `actionstart` etc.).
Closes gh-1859.
2017-08-14 18:29:36 +02:00
409de18a65
Update README.md
...
0.11: CI stats, etc.
2017-08-10 15:45:50 +02:00
b5dd5adb08
Merge pull request #1460 from sebres/0.10-full
...
0.11 ban-time-incr
2017-08-10 15:23:18 +02:00
1c06a8b1ef
0.11 - prepared new development edition: README.md, ChangeLog, version.py
2017-08-10 15:19:43 +02:00
28076618fd
back to development edition: README.md, ChangeLog, version.py
2017-08-09 17:37:40 +02:00
c60784540c
version bump: release 0.10.0
2017-08-09 16:53:05 +02:00
30219b54c4
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2017-08-09 16:38:29 +02:00
c540217844
Update ChangeLog
...
action.d/cloudflare.conf - Cloudflare API v4 implementation (gh-1651)
2017-08-09 16:34:37 +02:00
c0eb7752a8
Merge pull request #1651 from szepeviktor/patch-9
...
Introduce Cloudflare API v4
2017-08-09 16:28:52 +02:00
2ed8a38eca
Update cloudflare.conf
...
Switch to API v1 to API v4 per default
2017-08-09 16:27:53 +02:00
da7072d40e
Merge pull request #1846 from Chocobozzz/patch-3
...
Fix empty logfile.log in xarf login attack action
2017-08-09 16:21:47 +02:00
94b163936a
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
...
Removed init section (not needed in filter for 0.10).
# Conflicts:
# config/filter.d/sendmail-reject.conf
2017-08-09 16:16:31 +02:00
af25a9d203
Merge pull request #1566 from opoplawski/journalmatch
...
Add sendmail journalmatch options
2017-08-09 16:14:10 +02:00
84f552881c
Add sendmail journalmatch options
2017-08-09 16:03:34 +02:00
5b7375c614
Merge pull request #1638 from roedie/shorewall-ipv6
...
Add shorewall IPv6 support
2017-08-09 15:54:57 +02:00
9a3716465b
Merge pull request #1750 from sebres/0.10-fix-default-backend
...
fixes default backend handling (as default used value of `%(default/backend)s`...
2017-08-09 15:49:45 +02:00
7549f44ded
code review: removed unused (unneeded) code, coverage increase...
2017-08-09 15:36:36 +02:00
6f4fde2c29
Update changelog and man/jail.conf.5
2017-08-08 21:50:38 +02:00
9a768c19d0
Fixes raw to interpolated value by recursive substitution. Avoid too deeply recursive extended interpolation cross sections (test covered now);
2017-08-08 21:48:50 +02:00
0782b28460
allow usage of "-" character in the name of sections by extended interpolation (like `%(my-section/some-value)s`).
2017-08-08 21:13:49 +02:00
e52f483557
Config reader's: introduced new syntax `%(section/option)s`, in opposite to extended interpolation of python 3 `${section:option}` work with all supported python version in fail2ban and this syntax is like our another features like `%(known/option)s`, etc.;
...
Variable `default_backend` switched to `%(default/backend)s`, so totally backwards compatible now, but now the setting of parameter `backend` in default section of `jail.local` can overwrite default backend also.
Test cases extended: test targeted section options "section/option" (default and cross sections options);
2017-08-08 20:21:44 +02:00
5ce8d4f741
fixes default backend handling (as default used value of `known/backend`, which can now be overridden in default section of jail.local);
...
introduces fallback for `known/option`: interpolate missing `known/option` as `option` from default section
2017-08-08 18:41:15 +02:00
51c54b3253
ChangeLog entry for 9a42ce12f4
2017-08-08 13:04:36 +02:00
8f76a052ec
rebuild man's and MANIFEST
2017-08-08 13:00:10 +02:00
9a42ce12f4
amend to gh-1792: introduced new fail2ban-regex option "--timezone" ("--TZ"), to set time-zone used by convert of time format.
2017-08-08 12:55:13 +02:00
2fe1479484
Merge branch '_0.9/gh-1849' into 0.10
2017-08-07 18:07:36 +02:00
5c538fb658
Recognize "unknown user" for additional auth-methods (pam, passwd-file, ldap, sql, etc); simplifying regular expressions (put "unknown user" and "invalid credentials" together as one regex).
2017-08-07 18:04:09 +02:00
cb0f7ba4b9
Merge amend to PR #1850 : removed greedy catch-all
2017-08-07 15:25:37 +02:00
0ef5b7c4d4
small amend to gh-1850: removed greedy catch-all at end.
2017-08-07 15:24:16 +02:00
047d516661
Merge pull request #1850 from MarcelWaldvogel/ejabberd-17-06
...
Support ejabberd 17.06 log format
2017-08-07 15:16:34 +02:00
Jacques Distler