github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
4,982 Commits
34 Branches
230 Tags
20 MiB
Commit Graph

4982 Commits (4c2539856c7e4bd29f0173ad8562abec7821a86a)

Author SHA1 Message Date
sebres 5126068099 loglevel and shortloglevel combined to single parameter loglevel, below an example logging summary with NOTICE and rest with DEBUG log-levels: 
action = badips.py[... , loglevel="debug, notice"]
 2019-02-22 14:05:19 +01:00
Ben RUBSON 34edec297b Add changelog entry 2019-02-22 13:33:08 +01:00
benrubson 689938ee99 Add a shortloglevel badips.py option 2019-02-22 13:32:46 +01:00
sebres 140243328f coverage: try to avoid sporadic "coverage decreased" in CI 2019-02-22 13:20:40 +01:00
Sergey G. Brester 7e46ceed7e
Merge pull request #2353 from Yannik/patch-3 
Add asterisk ipv6 test cases with and without port (related to #2317)
 2019-02-22 13:09:21 +01:00
sebres 3d7b072a15 covering short form of IPv6 (written-out full form of IPv6 is safe, no matter with or without square brackets) 2019-02-22 12:50:34 +01:00
Yannik Sembritzki 62acaae327 Add asterisk ipv6 test cases with and without port (related to #2317) 2019-02-22 12:43:07 +01:00
Sergey G. Brester d3f6d6ffdd
Merge pull request #2286 from crazy-max/0.10 
New filter `traefik-auth`
 2019-02-21 22:27:04 +01:00
Sergey G. Brester dcede9b3f1
comment rewritten (belongs to the filter) 2019-02-21 22:26:28 +01:00
Sergey G. Brester d84fb8a4b1
regex rewritten (more secure now, resolves catch-all vulni) 2019-02-21 22:19:04 +01:00
sebres 9ed35c423a Merge branch '0.9' into 0.10 (gh-2317) 2019-02-21 20:13:54 +01:00
Sergey G. Brester 5c44ca714f
Merge pull request #2317 from Yannik/patch-2 
Fix asterisk filter not catching attackers when port is logged (in pjsip module)
 2019-02-21 20:09:05 +01:00
sebres 883864c774 optimizes processing of server-configuration stream by start and reload (no interim outputs produced, several calls of get-functions avoided also). 2019-02-21 15:54:56 +01:00
sebres 34dba44816 MANIFEST: forgotten test file 2019-02-21 15:50:12 +01:00
Sergey G. Brester 487e19420e
Merge pull request #2351 from sebres/0.10-multi-ban-unban-in-jail 
fail2ban-client: multi ban/unban and attempt for set jail
 2019-02-21 15:42:00 +01:00
Sergey G. Brester a48d50efc0
Update ChangeLog 2019-02-21 14:37:07 +01:00
sebres fc92021211 coverage and few enhancements 2019-02-21 14:36:18 +01:00
sebres 2dd3c546dd small code review (normalization and duplicated codes removal) 2019-02-20 16:48:11 +01:00
sebres 00a6717953 fail2ban-client: extended with new feature which allows to inform fail2ban about single or multiple attempts (failure) for IP (failure-ID), syntax: 
set <JAIL> attempt <IP> [<failure1> ... <failureN>]
 2019-02-20 16:47:53 +01:00
sebres 84cec5e861 implements gh-2349: `fail2ban-client set jain banip/unbanip ip1 .. ipN` extended to ban/unban multiple tickets; 
reorganized banning facilities (addBannedIP moved from filter to actions in order to ban directly without implication of fail-manager in between.
 2019-02-20 14:56:00 +01:00
sebres e30ebb1f3b closes gh-2277: fixed and optimized cache facilities (operations on OrderedDict are not atomic); increased max-size of IPAddr cache; don't cache raw objects (it is fast enough). 2019-02-18 17:05:11 +01:00
sebres 14f997231d add test case to cover gh-2277, testOverflowedIPCache testing overflow of IP-cache multi-threaded (2 "parasite" threads flooding cache) 2019-02-18 16:56:43 +01:00
Viktor Szépe 824afbf52d Fix whitespaces 2019-02-17 09:12:30 +00:00
Viktor Szépe 24b0e048d1 Normalizing quote usage in initd 2019-02-17 09:08:59 +00:00
Yaroslav Halchenko c545315192 ENH: travis - run shellcheck on files/debian-initd 2019-02-17 09:08:43 +00:00
Yaroslav Halchenko 62f957973d ENH: disable shell check for $DAEMON_ARGS expansion 2019-02-17 09:08:32 +00:00
Viktor Szépe dfd2a2063d Safer, nicer, uniform Debian initd script 2019-02-17 09:08:29 +00:00
Cool Fire 27526e431b Changes static logfile string to variable 
Since we don't want to re-declare a log file name we already
have a varialbe for, use the existing variable to set dovecot_log.
 2019-02-13 10:10:24 +01:00
Cool Fire b31a018e7c Add override for dovecot failed logins on debian 2019-02-13 10:01:14 +01:00
sebres 5a54a44559 provide more meaningful error-message if invalid `datepattern` set; 
fail2ban-regex: catch errors/exceptions by set of parameter, more verbose output if needed (`-v` or log-level `debug` would produce output of call-stack additionally).
 2019-02-12 14:36:40 +01:00
Sergey G. Brester c819a18a0a
Update ChangeLog 2019-02-11 19:15:11 +01:00
sebres e651bc7866 amend to #1622: jail-reader supports now multi-line option for multi-line action parameter: 
logpath = a.log
            b.log
            c.log
  action  = ban[...]
          = log[logpath="%(logpath)s"]
closes gh-2341, ultimate fix for gh-976
 2019-02-11 11:54:58 +01:00
sebres 89c611064d test-cases: be sure the test-files always written with new-line at end 2019-01-14 19:00:42 +01:00
Sergey G. Brester 4108e04ab4
Update ChangeLog 2019-01-07 01:50:44 +01:00
sebres a13fdcf4f7 closes gh-2314: extended regex for mysql 8.0.13 if used logging with details (e. g. log-error-verbosity = 3, so log output has few additional words enclosed in brackets after "[Note]"). 2019-01-07 01:34:12 +01:00
Sergey G. Brester 67247999ff
closes #2313: missing dependency to nftables.service 2019-01-06 17:03:09 +01:00
Yannik Sembritzki 547504873e
Add test case for new asterisk pjsip log syntax which includes the port 2019-01-03 23:59:38 +01:00
Yannik Sembritzki 6b4404b1bc
Fix asterisk filter not catching attackers when port is logged (Fixes #2316) 2019-01-03 23:55:42 +01:00
sebres c9ba695ba3 minor, no cover for 3.x (2.6 only) 2018-12-28 00:04:15 +01:00
sebres 4a4780be04 test-cases: prevent sporadic timing errors (unban if ban still not occurred) 2018-12-27 18:10:09 +01:00
sebres 0298c8a31e closes gh-2277: fixed cache-object clean-up process (if max-size reached) used multi-threaded (del can throw KeyError if get/unset changes the list); 
additionally OrderedDict is used now for cache (if available, so >= 2.7) - avoids (slow) search of expired items in full cache and always prefers older objects to remove (like FIFO).
 2018-12-27 18:07:23 +01:00
Alexander Koeppe df9b352bac Update information reg. ipdns.py as successor for dnsutils.py 2018-12-19 12:17:44 +01:00
Sergey G. Brester c540babfb6
matches not empty username only 2018-12-17 12:30:46 +01:00
CrazyMax 7cdabdd7ae
Update traefik-auth failregex 2018-12-14 19:06:09 +01:00
sebres c1ccabc1f9 fixed read of included config-files (`.local` overwrites options of `.conf` for config-files included with before/after) 2018-12-11 15:43:25 +01:00
sebres 9b96a7de89 fix of SafeConfigParserWithIncludes 2018-12-11 15:39:43 +01:00
sebres 0245777c84 SafeConfigParserWithIncludes: fixed read of included config-files (expands with localized version, so `inc.local` overwrites options of `inc.conf` for config-files included with before/after); 
added new test to cover this case.
 2018-12-11 14:48:48 +01:00
CrazyMax 90516d6b67
Add login success example for traefik-auth 2018-11-28 00:37:24 +01:00
CrazyMax a160c38211
Fix UTC Time mismatch 2018-11-24 23:16:27 +01:00
CrazyMax a8fbdd6a87
Fix UTC Time mismatch 2018-11-24 23:13:50 +01:00