github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5,228 Commits
34 Branches
230 Tags
19 MiB
Commit Graph

5228 Commits (4c22d4a801378c8c9483d2c1b2597cc31060aa1c)

Author SHA1 Message Date
sebres 5126068099 loglevel and shortloglevel combined to single parameter loglevel, below an example logging summary with NOTICE and rest with DEBUG log-levels: 
action = badips.py[... , loglevel="debug, notice"]
 2019-02-22 14:05:19 +01:00
Ben RUBSON 34edec297b Add changelog entry 2019-02-22 13:33:08 +01:00
benrubson 689938ee99 Add a shortloglevel badips.py option 2019-02-22 13:32:46 +01:00
sebres a3b7a0525a Merge branch '0.10' into 0.11 2019-02-22 13:22:52 +01:00
sebres 140243328f coverage: try to avoid sporadic "coverage decreased" in CI 2019-02-22 13:20:40 +01:00
Sergey G. Brester 7e46ceed7e
Merge pull request #2353 from Yannik/patch-3 
Add asterisk ipv6 test cases with and without port (related to #2317)
 2019-02-22 13:09:21 +01:00
sebres 3d7b072a15 covering short form of IPv6 (written-out full form of IPv6 is safe, no matter with or without square brackets) 2019-02-22 12:50:34 +01:00
Yannik Sembritzki 62acaae327 Add asterisk ipv6 test cases with and without port (related to #2317) 2019-02-22 12:43:07 +01:00
Sergey G. Brester d3f6d6ffdd
Merge pull request #2286 from crazy-max/0.10 
New filter `traefik-auth`
 2019-02-21 22:27:04 +01:00
Sergey G. Brester dcede9b3f1
comment rewritten (belongs to the filter) 2019-02-21 22:26:28 +01:00
Sergey G. Brester d84fb8a4b1
regex rewritten (more secure now, resolves catch-all vulni) 2019-02-21 22:19:04 +01:00
sebres 9ed35c423a Merge branch '0.9' into 0.10 (gh-2317) 2019-02-21 20:13:54 +01:00
Sergey G. Brester 5c44ca714f
Merge pull request #2317 from Yannik/patch-2 
Fix asterisk filter not catching attackers when port is logged (in pjsip module)
 2019-02-21 20:09:05 +01:00
sebres e046b09c8a coverage for get ban --with-time 2019-02-21 17:56:31 +01:00
sebres e44cd671b2 Merge branch '0.10' into 0.11 (conflicts resolved, tests fixed) 2019-02-21 17:29:04 +01:00
sebres 883864c774 optimizes processing of server-configuration stream by start and reload (no interim outputs produced, several calls of get-functions avoided also). 2019-02-21 15:54:56 +01:00
sebres 34dba44816 MANIFEST: forgotten test file 2019-02-21 15:50:12 +01:00
Sergey G. Brester 487e19420e
Merge pull request #2351 from sebres/0.10-multi-ban-unban-in-jail 
fail2ban-client: multi ban/unban and attempt for set jail
 2019-02-21 15:42:00 +01:00
Sergey G. Brester a48d50efc0
Update ChangeLog 2019-02-21 14:37:07 +01:00
sebres fc92021211 coverage and few enhancements 2019-02-21 14:36:18 +01:00
sebres 2dd3c546dd small code review (normalization and duplicated codes removal) 2019-02-20 16:48:11 +01:00
sebres 00a6717953 fail2ban-client: extended with new feature which allows to inform fail2ban about single or multiple attempts (failure) for IP (failure-ID), syntax: 
set <JAIL> attempt <IP> [<failure1> ... <failureN>]
 2019-02-20 16:47:53 +01:00
sebres 84cec5e861 implements gh-2349: `fail2ban-client set jain banip/unbanip ip1 .. ipN` extended to ban/unban multiple tickets; 
reorganized banning facilities (addBannedIP moved from filter to actions in order to ban directly without implication of fail-manager in between.
 2019-02-20 14:56:00 +01:00
sebres 4a829cb51b Merge branch '0.10' into 0.11 2019-02-18 17:19:33 +01:00
sebres e30ebb1f3b closes gh-2277: fixed and optimized cache facilities (operations on OrderedDict are not atomic); increased max-size of IPAddr cache; don't cache raw objects (it is fast enough). 2019-02-18 17:05:11 +01:00
sebres 14f997231d add test case to cover gh-2277, testOverflowedIPCache testing overflow of IP-cache multi-threaded (2 "parasite" threads flooding cache) 2019-02-18 16:56:43 +01:00
Viktor Szépe 824afbf52d Fix whitespaces 2019-02-17 09:12:30 +00:00
Viktor Szépe 24b0e048d1 Normalizing quote usage in initd 2019-02-17 09:08:59 +00:00
Yaroslav Halchenko c545315192 ENH: travis - run shellcheck on files/debian-initd 2019-02-17 09:08:43 +00:00
Yaroslav Halchenko 62f957973d ENH: disable shell check for $DAEMON_ARGS expansion 2019-02-17 09:08:32 +00:00
Viktor Szépe dfd2a2063d Safer, nicer, uniform Debian initd script 2019-02-17 09:08:29 +00:00
Yaroslav Halchenko 31e6ec3c5b
Merge pull request #2323 from todgru/fix-spelling-abuseipdb-conf 
fix: correct spelling category
 2019-02-15 17:08:45 -05:00
Cool Fire 27526e431b Changes static logfile string to variable 
Since we don't want to re-declare a log file name we already
have a varialbe for, use the existing variable to set dovecot_log.
 2019-02-13 10:10:24 +01:00
Cool Fire b31a018e7c Add override for dovecot failed logins on debian 2019-02-13 10:01:14 +01:00
sebres 5a54a44559 provide more meaningful error-message if invalid `datepattern` set; 
fail2ban-regex: catch errors/exceptions by set of parameter, more verbose output if needed (`-v` or log-level `debug` would produce output of call-stack additionally).
 2019-02-12 14:36:40 +01:00
sebres 1647d0090e Merge branch '0.10' into 0.11 2019-02-11 19:19:44 +01:00
Sergey G. Brester c819a18a0a
Update ChangeLog 2019-02-11 19:15:11 +01:00
sebres e651bc7866 amend to #1622: jail-reader supports now multi-line option for multi-line action parameter: 
logpath = a.log
            b.log
            c.log
  action  = ban[...]
          = log[logpath="%(logpath)s"]
closes gh-2341, ultimate fix for gh-976
 2019-02-11 11:54:58 +01:00
todgru 39ed016a1e fix: correct spelling category 2019-01-14 22:08:38 -08:00
sebres 89c611064d test-cases: be sure the test-files always written with new-line at end 2019-01-14 19:00:42 +01:00
sebres d88ce7181c Merge branch '0.10' into 0.11 2019-01-07 01:51:59 +01:00
Sergey G. Brester 4108e04ab4
Update ChangeLog 2019-01-07 01:50:44 +01:00
sebres a13fdcf4f7 closes gh-2314: extended regex for mysql 8.0.13 if used logging with details (e. g. log-error-verbosity = 3, so log output has few additional words enclosed in brackets after "[Note]"). 2019-01-07 01:34:12 +01:00
Sergey G. Brester 53684af0e3
Merge pull request #2315 from psvi/ban_list 
New command `fail2ban-client get <JAIL> banip`
 2019-01-07 01:11:28 +01:00
sebres 59688d7cd5 move helper to test, normalize invocations in order to emphasize assert comparison. 2019-01-07 00:05:27 +01:00
sebres 963e14c685 resolve sporadic timing errors (unban if ban still not occurred, resp. get list of IPs if not yet banned); 
simplify helper procedure for testJailBanList.
 2019-01-06 23:49:05 +01:00
sebres 4b934c784d normalized time to string calls. 2019-01-06 23:33:28 +01:00
sebres f959f58e15 extend protocol (command-line) and regenerate man's 2019-01-06 22:45:48 +01:00
sebres df97fd33cf ip-list is sorted now (by end of ban) per default; 
extended with new option `--with-time` to provide more pretty and informative result (separated by new-line, including time strings: time of ban + ban-time = end of ban):
  192.0.2.1    2019-01-06 22:24:48 + 300 = 2019-01-06 22:29:48
  192.0.2.2    2019-01-06 22:24:48 + 600 = 2019-01-06 22:34:48
also it is possible now to provide separator-character as extra-parameter after `get <jail> banip ?sep-char?` (default is space).
removed unneeded test-cases (test code-base minimization) and unexpected manually changed files.
 2019-01-06 22:31:23 +01:00
Sergey G. Brester 67247999ff
closes #2313: missing dependency to nftables.service 2019-01-06 17:03:09 +01:00