fail2ban

Commit Graph

Author	SHA1	Message	Date
Daniel Black	5413f9b3a1	DOC: move new actions and filters to New Features in ChangeLog	12 years ago
Daniel Black	ed123ea403	DOC: tomcat and Guacmole are next release	12 years ago
Daniel Black	d4b5e8ec30	DOC: credit man page edits	12 years ago
Daniel Black	0a57b61836	DOC: developers please rebase and use a single commit	12 years ago
Daniel Black	3e0e0482ae	DOC: post release ChangeLog entry	12 years ago
Daniel Black	dc2f42b24d	DOC: ChangeLog - current HEAD back to `ce3ab34`	12 years ago
Daniel Black	60fa4b5d7c	DOC: begining of ChangeLog	12 years ago
Daniel Black	6b260ab974	DOC: version/date of release	12 years ago
Daniel Black	d1c8b57952	DOC: ChangeLog versions and dates for Releasing	12 years ago
Daniel Black	1331e15ac3	DOC: guidance for pull requests	12 years ago
Yaroslav Halchenko	76c08cebe9	DOC: a plugin to thanks for the community support	12 years ago
Yaroslav Halchenko	82e2fc34eb	Merge branch 'systemd' of https://github.com/opoplawski/fail2ban Just two files to enable fail2ban within systemd: files/fail2ban-tmpfiles.conf \| 1 + files/fail2ban.service \| 14 ++++++++++++++ * 'systemd' of https://github.com/opoplawski/fail2ban: Add After, PIDFile, and change WantedBy to multi-user.target in fail2ban.server Add systemd unit file and tmpfiles.d configuration files	12 years ago
Orion Poplawski	ddebcab9aa	Add After, PIDFile, and change WantedBy to multi-user.target in fail2ban.server	12 years ago
Yaroslav Halchenko	6f4dad46f0	DOC: slight tune ups to README (we are no longer compatible with python 2.3 ;) )	12 years ago
Yaroslav Halchenko	b8e823bd4e	DOC: initiated changelog (but not juice left to actually fill it up ;-))	12 years ago
Yaroslav Halchenko	12f1398ec1	Merge pull request #172 from kwirk/minor Minor tweaks -- removing duplication and improving testing	12 years ago
Steven Hiscocks	94956bee84	TST: test all valid loglevels in server testcases	12 years ago
Steven Hiscocks	4c4b60f4b4	TST: Add tag replace and escape test for actions	12 years ago
Steven Hiscocks	3d6791fe3e	ENH: Minor change to action for consistency of execStart/Stop	12 years ago
Steven Hiscocks	d259e903a3	TST: Coverage for coveralls.io should only be run on success	12 years ago
Steven Hiscocks	28e9acf86a	TST: no cover additions to server, primarily daemon creation	12 years ago
Yaroslav Halchenko	ffe48741e3	DOC: thanks @kwirk for spotting the typos in exception message	12 years ago
Yaroslav Halchenko	301460f451	Merge remote-tracking branch 'pr/167/head': FD_CLOEXEC bug fixes (filters) + support (actions). Avoid sockets descriptors leak. * pr/167/head: FD_CLOEXEC support	12 years ago
Yaroslav Halchenko	59192a5585	Merge remote-tracking branch 'github_kwirk_fail2ban/pidfile' * github_kwirk_fail2ban/pidfile: Typo in default pidfile in fail2ban.conf	12 years ago
Yaroslav Halchenko	99a5d78e37	ENH: for consistency (and future expansion ;)) -- rename to mysqld-auth	12 years ago
Yaroslav Halchenko	ffaa9697ee	Adjusting previous PR (MySQL logs) according to my comments	12 years ago
Yaroslav Halchenko	3e6be243bf	Merge branch 'Support_for_mysql_log_example' of https://github.com/arto-p/fail2ban * 'Support_for_mysql_log_example' of https://github.com/arto-p/fail2ban: Added testcase for MySQL date format to testcases/datedetectortestcase.py and example of MySQL log file. Added support for MySQL logfiles Conflicts: testcases/datedetectortestcase.py -- conflictde with other added test cases	12 years ago
Yaroslav Halchenko	4fb06170f1	Merge 'Update the check_fail2ban script' PR from https://github.com/labynocle/fail2ban * 'master' of https://github.com/labynocle/fail2ban: change the license to GPLv2 + adapat text fix the script name to check_fail2ban everywhere Replace the check_fail2ban script by a new one which respects the Nagios specs (like status, output, perfdata, help...). Also add a README which includes the content of f2ban.txt (which is now removed)	12 years ago
Yaroslav Halchenko	f5ad99b527	Merge pull request #166 from kwirk/travis-gamin Travis gamin support on Travis CI	12 years ago
Steven Hiscocks	47c54ba293	TST: Add gamin testing for and only coveralls coverage for python2.7	12 years ago
Nicolas Collignon	39667ff6f7	FD_CLOEXEC support * 001-fail2ban-server-socket-close-on-exec-no-leak.diff Add code that marks server and client sockets with FD_CLOEXEC flags. Avoid leaking file descriptors to processes spawned when handling fail2ban actions (ex: iptables). Unix sockets managed by fail2ban-server don't need to be passed to any child process. Fail2ban already uses the FD_CLOEXEC flags in the filter code. This patch also avoids giving iptables access to fail2ban UNIX socket in a SELinux environment (A sane SELinux policy should trigger an audit event because "iptables" will be given read/write access to the fail2ban control socket). Some random references related to this bug: http://sourceforge.net/tracker/?func=detail&atid=689044&aid=2086568&group_id=121032 http://www.redhat.com/archives/fedora-selinux-list/2009-June/msg00124.html http://forums.fedoraforum.org/showthread.php?t=234230 * 002-fail2ban-filters-close-on-exec-typo-fix.diff There is a typo in the fail2ban server/filter.py source code. The FD_CLOEXEC is correctly set but additional random flags are also set. It has no side-effect as long as the fd doesn't match a valid flag :) "fcntl.fcntl(fd, fcntl.F_SETFD, fd \| fcntl.FD_CLOEXEC)" <== the 3rd parameter should be flags, not a file descriptor. * 003-fail2ban-gamin-socket-close-on-exec-no-leak.diff Add code that marks the Gamin monitor file descriptor with FD_CLOEXEC flags. Avoid leaking file descriptors to processes spawned when handling fail2ban actions (ex: iptables). --- File descriptors in action process before patches: dr-x------ 2 root root 0 . dr-xr-xr-x 8 root root 0 .. lr-x------ 1 root root 64 0 -> /dev/null <== OK l-wx------ 1 root root 64 1 -> /tmp/test.log <== used by test action lrwx------ 1 root root 64 2 -> /dev/null <== OK lrwx------ 1 root root 64 3 -> socket:[116361] <== NOK (fail2ban.sock leak) lr-x------ 1 root root 64 4 -> /proc/20090/fd <== used by test action l-wx------ 1 root root 64 5 -> /var/log/fail2ban.log <== OK lrwx------ 1 root root 64 6 -> socket:[115608] <== NOK (gamin sock leak) File descriptors in action process after patches: dr-x------ 2 root root 0 . dr-xr-xr-x 8 root root 0 .. lr-x------ 1 root root 64 0 -> /dev/null <== OK l-wx------ 1 root root 64 1 -> /tmp/test.log <== used by test action lrwx------ 1 root root 64 2 -> /dev/null <== OK lr-x------ 1 root root 64 3 -> /proc/18284/fd <== used by test action l-wx------ 1 root root 64 5 -> /var/log/fail2ban.log <== OK	12 years ago
Erwan Ben Souiden	44736035bd	change the license to GPLv2 + adapat text	12 years ago
Steven Hiscocks	b0a08b9790	TST: Add gamin support for Travis CI	12 years ago
Yaroslav Halchenko	74e76e068c	Merge pull request #164 from kwirk/coveralls TST+BF: Use separate coveragerc for Travis CI	12 years ago
Steven Hiscocks	0002fb4ca3	TST+BF: Use separate coveragerc for Travis CI Should now ignore server/filtergamin.py as gamin is not tested. Also ignores Travis CI python virtual environments	12 years ago
Yaroslav Halchenko	33a31e096a	RF+TST: bring inBanList back from private to protected and enabled its rudimentary unittests	12 years ago
Yaroslav Halchenko	08dd6fed26	Merge pull request #163 from kwirk/coveralls Coveralls.io	12 years ago
Steven Hiscocks	e0e116cb36	TST: coverage ignore Travis CI python virtual environments	12 years ago
Yaroslav Halchenko	e7184e70f6	ENH: increase waiting to 4 sec for gamin/pyinotify This will be the last gesture from me for the bloody tests: https://travis-ci.org/kwirk/fail2ban/jobs/5904668	12 years ago
Steven Hiscocks	92d26e6897	TST+BF: Fix incorrect commands for coveralls support	12 years ago
Steven Hiscocks	b3251fca79	TST: Add support for coveralls for python 2.6 and python 2.7	12 years ago
Yaroslav Halchenko	ffbbb9f8a3	ENH: deleted trailing spaces in fail2ban- cmdline tools Now it was already a mix, and Cyril is not working on this code any longer so no need to maintain this convention.	12 years ago
Yaroslav Halchenko	7cf509378c	DOC: minor change -- refer to the fail2ban manpage	12 years ago
Yaroslav Halchenko	ef3f2b7e99	TST: be more aggressive in cleanup of temp files + use mktemp instead of mkstemp	12 years ago
Yaroslav Halchenko	bf4d4af1d4	ENH(BF?): overload open() (for buffering) within filtertestcase to guarantee atomic writing This is with the hope to further resolve random tests failures ( primarily on fast travis-ci systems ;) )	12 years ago
Yaroslav Halchenko	ab044b75ea	BF: delay check for the existence of config directory until read()	12 years ago
Yaroslav Halchenko	4b11f071ed	DOC: minor fix ups of manpages. fixes #159	12 years ago
Yaroslav Halchenko	f643e2e907	non-static (get\|set)BaseDir for Configurator. fixes #160 ConfigReader's (get\|set)BaseDir are no longer static as a result of .d/ support RFing	12 years ago
Yaroslav Halchenko	72b06479a5	ENH: Slight tune ups for fresh SOGo filter + comment into the sample log file	12 years ago
Yaroslav Halchenko	105306e1a8	Merge remote-tracking branch 'pr/117/head' -- SOGo filters * pr/117/head: An example of failed logins against sogo Update sogo-auth.conf Update config/filter.d/sogo-auth.conf Create sogo-auth.conf Update config/jail.conf	12 years ago

1 2 3 4 5 ...

1005 Commits (5413f9b3a18eccc120c547e2f3027205e1463567) All Branches Search

1005 Commits (5413f9b3a18eccc120c547e2f3027205e1463567)

All Branches