github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5,889 Commits
34 Branches
229 Tags
21 MiB
Commit Graph

5889 Commits (4f679a56e0d564bafa7781938f8d28bb69fd96af)

Author SHA1 Message Date
sebres 4f679a56e0 filter.d/sshd.conf: ddos/aggressive mode extended to match new messages caused by port scanner, wrong payload on ssh port: 
- message authentication code incorrect [preauth]
  - connection corrupted [preauth]
  - timeout before authentication
closes gh-3486
 2024-02-13 16:53:21 +01:00
sebres 9bedc3c383 Merge branch 'gh-2655--f2b-regex-4-jail': implemented loading of jail settings in fail2ban-regex; 
closes gh-2655
 2024-01-03 13:43:44 +01:00
sebres 302252b25c ChangeLog, gh-2655 2024-01-03 13:38:14 +01:00
sebres cab6f93364 fail2ban-regex: fixes forgotten basedir (-c "$basedir") of jailreader 2024-01-03 13:18:33 +01:00
sebres b3178851fe test coverage (restore usage with filter and load setting from jail) 2023-12-31 17:03:38 +01:00
sebres 781321d609 fail2ban-regex: loading parsing settings from jail now (by simple name it'd prefer jail to the filter now), fallback: 
- fail2ban-regex ... sshd
  + fail2ban-regex ... filter.d/sshd
closes gh-2655
 2023-12-31 16:38:18 +01:00
sebres 7de1057f94 avoid DNS of local names in fast tests (small optimization) 2023-12-31 12:48:22 +01:00
sebres dd4431cd63 remove remaining tweaks for obsolete python 2023-12-31 12:45:24 +01:00
Sergey G. Brester e1b7720d43
Merge pull request #3268 from Logic-32/feature/smtp-ssl 
`action.d/smtp.py` - add support for TLS SMTP connections.
 2023-12-30 21:56:01 +01:00
sebres 0c2edfacb0 combine smtpd and aiosmtpd tests; encapsulate smtp facilities to setUpClass/tearDownClass (behaves like a singleton, doesn't start smtp server per test); don't generate cert every time (too slow by RSA:2048, use short ECC:256 instead); 
drastically speedup all smtp-action tests
 2023-12-30 21:27:35 +01:00
Logic-32 b161e55ca7 Adding STARTTLS test with the help of aiosmtp. Make sure SMTP specifies host/port in addition to connect() due to bug with starttls. 2023-12-30 16:42:31 +01:00
Sergey G. Brester 6fb3198a41 attempt to fix action for 2.x 
self.host cannot be supplied to SMTP because it can contain port (but `connect` takes place few lines below)
 2023-12-30 16:42:27 +01:00
Logic-32 6a1da5e164 Removing logging in favor of just throwing. Removing user from message as it doesn't add any value. 2023-12-30 16:42:23 +01:00
Logic-32 419e380870 Add support for TLS SMTP connections. 2023-12-30 16:42:18 +01:00
sebres 6fb89d1709 testIPToName: switch from google to one of the root-servers (8.8.4.4 seems not to have rDNS anymore) 2023-12-30 15:49:44 +01:00
sebres 3190febb27 IPv6 fix (second IP logged in form for IPv6); pam authentication failure (part of gh-3410) 2023-12-30 15:10:37 +01:00
sebres c6244a8509 `fail2ban-regex`: don't error by output if stdout pipe gets closed (e. g. using together with `head`); 
amend to gh-2758 (see gh-3653)
 2023-12-22 14:08:39 +01:00
sebres 7523a777f0 amend for python 3.x switch: BrokenPipeError is a build-in exception since 3.3 2023-12-22 14:05:04 +01:00
sebres 093cd763ce filter.d/postfix.conf: "rejected" extended to match "Access denied" too; 
closes gh-3474
 2023-12-15 01:03:30 +01:00
sebres ff4a2a12fc filter.d/postfix.conf: avoid double counting ('lost connection after AUTH' together with message 'disconnect ...'); 
closes gh-3505
 2023-12-15 00:32:48 +01:00
sebres cabcc9b3f4 fixes testRepairDb for sqlite >= 3.42; 
closes gh-3586
 2023-12-15 00:07:43 +01:00
sebres f2d7f16d2f satisfy CI spelling (let's use original asyncore lib as long as possible) 2023-12-12 15:41:40 +01:00
sebres 1024452fe1 Merge fix-gh-3487: bundling async modules removed in python 3.12 into f2b (fallback to local libraries if import would miss them); 
closes gh-3487
 2023-12-12 15:35:39 +01:00
sebres 86cacca9e4 pyasyncore and pyasynchat optional for python 3.12+ (bundled-in within fail2ban) 2023-12-12 15:30:41 +01:00
sebres 1371c91512 don't install async* modules, we need to cover bundled-in libraries and their successful import 2023-12-12 15:23:10 +01:00
sebres 054e1d89ca bundling async modules removed in python 3.12 into f2b (fallback to local libraries if import would miss them); 
closes gh-3487
 2023-12-12 15:16:05 +01:00
sebres 8d6bfd89bf Merge test-3.13: python 3.13 support, see gh-3487 2023-12-12 14:40:46 +01:00
sebres 7e88c9be8d more compat issues (Logger.warn -> Logger.warning) 2023-12-12 14:27:24 +01:00
sebres 337a519cb2 python3.13 support - unittest.makeSuite is removed in 3.13 2023-12-12 14:21:11 +01:00
Sergey G. Brester e3b36756c0
main.yml: test python 3.13 2023-12-12 14:13:39 +01:00
Sergey G. Brester 36c890f15b
main.yml: restore test systemd/journal for python >= 3.10 2023-12-12 13:45:11 +01:00
sebres 4e326cb5cb Merge python-3.12--asyncore: python 3.12 support, see gh-3487 2023-12-12 13:40:11 +01:00
sebres 340d45ca88 amend to 70aef2c3c68d690232fe6c96ba2b6d84ca8af019: py3.12: silence warnings "invalid escape sequence" 2023-12-12 13:37:56 +01:00
sebres 26597f625d revert heavydebug logging for 3.12 in GHA 2023-12-12 13:31:04 +01:00
sebres f1efea6a4f py3.12: install setuptools (packaged now) 2023-12-12 12:54:55 +01:00
sebres f966d88ce5 verbose output for 3.12 2023-12-11 21:50:56 +01:00
sebres ef208e9149 py3.12: ignore smtpd based tests (if no smtpd module) 2023-12-11 21:45:34 +01:00
sebres 70aef2c3c6 py3.12: silence warnings "invalid escape sequence" 2023-12-11 21:26:55 +01:00
sebres 572582137c try to use pip-modules asyncore/asynchat 2023-12-11 19:51:49 +01:00
Sergey G. Brester 7076af637f
main.yml: bump pypy to latest stock version (3.10, because 3.9 seems to have sporadic timing issues anyway) 2023-12-10 16:24:02 +01:00
Sergey G. Brester 5277e91013
Merge pull request #3503 from repcsi/pf_allproto 
BSD Pf allproto actiontype to block all communication from source on IP level
 2023-12-10 16:11:05 +01:00
Sergey G. Brester c03afd3ad4
servertestcase.py: adjusted, protocol is variable now 2023-12-10 16:09:32 +01:00
sebres e03df4805f Merge branch 'fix-gh-3646': nginx error-log filters extended with support of journal format; closes gh-3646 2023-12-10 15:43:21 +01:00
sebres 7c83669700 update main CI flow to new version of GHA (silence deprecated warnings, etc) 2023-12-10 15:41:03 +01:00
Sergey G. Brester b71ed9e472
GHA: pypy seems need exact version now 2023-12-10 15:36:44 +01:00
Sergey G. Brester 9554279129
CI/main.yml: try to silence warning about deprecated node usage (switch to newer actions version) 2023-12-10 15:30:38 +01:00
sebres 0abba5dc6e more filters for nginx error-log supporting journal format now, added generalized include and __prefix_line 2023-12-10 15:21:20 +01:00
sebres b245225b13 filter.d/nginx-http-auth.conf: added optional prefix to support systemd-journal format and additional timestamp (optionally) in prefix 2023-12-10 14:39:21 +01:00
repcsi 199759f0ba added pf[protocol=all] options as recommended by sebres 2023-12-10 11:20:39 +01:00
sebres 44fa2959e7 fixes gh-3635: avoid sporadic error in pyinotify backend if pending file deleted in other thread; restore correct logging in tests 2023-11-22 20:16:53 +01:00