github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
3,260 Commits
34 Branches
229 Tags
21 MiB
Commit Graph

588 Commits (576719198805063c1c3b30a7cb31f7beedd7c2f8)

Author SHA1 Message Date
Yaroslav Halchenko f756278fe5 ENH: just a bit more descriptive exception ;-) 2014-08-12 11:53:54 -04:00
Yaroslav Halchenko b2a1032f57 ENH/BF(TST): making permissions restrictive is not sufficient -- really remove file to test 2014-08-12 11:31:42 -04:00
Yaroslav Halchenko 6fc04c2256 Merge branch 'bf+enh/cyrus-imap' of https://github.com/yarikoptic/fail2ban (with some tune up to Changelog entry) 
* 'bf+enh/cyrus-imap' of https://github.com/yarikoptic/fail2ban:
  ENH: cyrus-imap -- catch also 'user not found' attempts
  BF: cyrus-imaps -- catch also for secured daemons

Conflicts:
	ChangeLog
 2014-08-11 13:09:43 -04:00
Yaroslav Halchenko f9cfbd66e6 Merge pull request #771 from szepeviktor/patch-1 
named users + smtp auth probes
 2014-07-28 10:14:18 -04:00
Yaroslav Halchenko 81c98f77ca Merge pull request #769 from kwirk/unban-database 
BF: Remove manually unbanned IPs from persistent database
 2014-07-27 21:54:44 -04:00
Yaroslav Halchenko 45c1095606 Merge pull request #750 from niorg/master 
Added Directadmin filter, jail and log test
 2014-07-27 21:47:07 -04:00
Yaroslav Halchenko 3339dc8d84 ENH: cyrus-imap -- catch also 'user not found' attempts 2014-07-25 10:13:04 -04:00
Yaroslav Halchenko 3e5c598b79 BF: cyrus-imaps -- catch also for secured daemons 2014-07-25 10:02:40 -04:00
Szépe Viktor 68bf5a1c36 I don't understand those years. 2014-07-20 21:23:57 +02:00
Szépe Viktor 9c4f9a3de8 added Jul 3 & Jul 4 2014-07-20 21:13:55 +02:00
Steven Hiscocks 01d02ca5e6 BF: Remove manually unbanned IPs from persistent database 
Stops them being restored when Fail2Ban is restarted. Particularly this
is an issue with bantime < 0

Fixes gh-768
 2014-07-19 15:17:32 +01:00
Steven Hiscocks 8e0a59f04d Merge pull request #763 from Sean-Der/round-banip-time 
BF: Round timeofban before inserting into the persistant database
 2014-07-19 14:56:32 +01:00
Sean DuBois ac9fa90625 BF: Round timeofban before inserting into the persistant database 2014-07-17 21:57:52 +00:00
Sean DuBois 84b7e93a47 ENH: Add version command to protocol 
TST: Add test for version server command
 2014-07-15 06:19:13 +00:00
Cyril Roos add8e61036 Added Directadmin filter, jail and log test 2014-07-02 13:52:06 +02:00
Yaroslav Halchenko 0adb10f653 Merge branch 'ainfo-copy' of https://github.com/kwirk/fail2ban 
* 'ainfo-copy' of https://github.com/kwirk/fail2ban:
  TST: actions modifying aInfo test more robust
  TST: Test for actions modifying (un)ban aInfo
  BF: aInfo could be modified by actions, causing unexpected behaviour
 2014-06-22 10:53:30 -04:00
Steven Hiscocks dd3ab858dd TST: actions modifying aInfo test more robust 2014-06-22 13:56:32 +01:00
Steven Hiscocks 7640aa0918 TST: Test for actions modifying (un)ban aInfo 2014-06-22 13:47:25 +01:00
Steven Hiscocks 2d54161696 Merge branch 'kwirk/harmonize-log-msgs' 
Conflicts:
	ChangeLog - Keep all additions
 2014-06-22 12:57:49 +01:00
Steven Hiscocks 94232d7c31 Merge pull request #726 from pmarrapese/master 
Minor improvement to sshd filter
 2014-06-17 23:43:42 +01:00
Steven Hiscocks 8268c1641f BF: aInfo could be modified by actions, causing unexpected behaviour 
A separate copy of aInfo is passed to each action
 2014-06-17 23:24:23 +01:00
Yaroslav Halchenko 4190a4030c Merge branch 'sebres-strptime-bug' of https://github.com/kwirk/fail2ban 
* 'sebres-strptime-bug' of https://github.com/kwirk/fail2ban:
  DOC: Tweak ChangeLog and THANKS
  DOC: Update docs in reference to time zone related fix
  TST: Fix tests due to @sebres fix and based from gh-349 reverts
  strptime bug fix: if gmtoff is None we have 1 hour increment of time (through utctimetuple), compare: >>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().timetuple())).strftime("%Y-%m-%d %H:%M:%S") '2014-04-29 17:26:31' >>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().utctimetuple())).strftime("%Y-%m-%d %H:%M:%S") '2014-04-29 18:26:37'

Conflicts:
	ChangeLog
 2014-06-16 09:28:41 -04:00
Steven Hiscocks 664f1db0ba BF: Fix getLogger for single level log level names 2014-06-10 20:58:57 +01:00
Steven Hiscocks 9764c78415 ENH: Rename fail2ban_excepthook to excepthook 2014-06-10 20:38:18 +01:00
Steven Hiscocks 4fc7f1a831 ENH: Tweak naming of getF2BLogger, and ensure consistent use 2014-06-10 20:36:19 +01:00
Steven Hiscocks f7da091437 ENH: Log unhandled exceptions to Fail2Ban log 2014-06-09 22:27:51 +01:00
Steven Hiscocks e8131475cd ENH: Realign and harmonise log messages with getF2BLogger helper 2014-06-09 22:17:00 +01:00
JoelSnyder 54317d7c3b Create test for oracleims filter 
This test file shows configuration information for the application, three log lines that DO match the pattern, and one log line that does NOT match the pattern (the first one).
 2014-06-02 22:58:39 -07:00
pmarrapese 96918acee4 more explicit match for sshd filter & added test 2014-05-19 20:47:16 -07:00
Steven Hiscocks 0ca97431a0 ENH: Clearer warning with lines which failed to decode correctly 2014-05-15 22:48:03 +01:00
sebres 213c4315c3 fix a TypeError bugs like "Failed to execute ban jail 'pam-generic' action 'iptables-allports'" 
getAttempt returns not a list (numeric), so by call of both lambda we have a TypeError except;
simplifying code;
 2014-05-15 19:41:00 +02:00
Steven Hiscocks 8843423c8f TST: Fix tests due to @sebres fix and based from gh-349 reverts 2014-05-14 23:01:14 +01:00
sebres 2bf0b4a50c strptime bug fix: if gmtoff is None we have 1 hour increment of time (through utctimetuple), compare: 
>>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().timetuple())).strftime("%Y-%m-%d %H:%M:%S")
'2014-04-29 17:26:31'
>>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().utctimetuple())).strftime("%Y-%m-%d %H:%M:%S")
'2014-04-29 18:26:37'
 2014-05-14 22:29:06 +01:00
Yaroslav Halchenko 2526dbae92 Merge branch 'recursive-tag-fix' of https://github.com/kwirk/fail2ban 
* 'recursive-tag-fix' of https://github.com/kwirk/fail2ban:
  ENH: explicitly define tags which should be escaped
  DOC: ChangeLog update for recursive tag bug fix
  BF: Tags not fully recursively substituted

Conflicts:
	ChangeLog -- kept all as is
 2014-05-13 11:23:30 -04:00
Steven Hiscocks 1e586fb0e9 ENH: explicitly define tags which should be escaped 2014-05-11 14:49:49 +01:00
Yaroslav Halchenko c619202d6f Merge branch 'master' of github.com:fail2ban/fail2ban 
* 'master' of github.com:fail2ban/fail2ban:
  ENH: Match non "Bye Bye" for sshd locked accounts failregex
  Even stricter monit regex, now covers entire line
  Tidy up filter.d/monit.conf, make regex more complete. Add ChangeLog / THANKS entry. Add test cases.
  ENH: Move traceback formatter to from tests.utils to helpers
  Block brute-force attempts against the Monit gui
 2014-05-10 20:02:47 -04:00
Steven Hiscocks 904b362215 DOC: ChangeLog update for recursive tag bug fix 
Also minor typo fixes in comments
 2014-05-09 20:25:44 +01:00
Steven Hiscocks 77ba065571 Merge pull request #697 from jhmartin/monit_admin_hack 
Block brute-force attempts against the Monit gui
 2014-05-07 22:23:01 +01:00
Yaroslav Halchenko 3471f13a84 Merge pull request #700 from kwirk/format-traceback-to-helpers 
ENH: Move traceback formatter to from tests.utils to helpers
 2014-05-07 09:09:01 -04:00
Yaroslav Halchenko 1f8b554d31 Merge branch 'database-persistent-bans' of https://github.com/kwirk/fail2ban 
* 'database-persistent-bans' of https://github.com/kwirk/fail2ban:
  BF: bantime < 0 database should return all bans, as they are persistent

Conflicts:
	ChangeLog - kept all ;)
 2014-05-05 23:29:35 -04:00
Yaroslav Halchenko 3eabf4a7bd Merge pull request #708 from kwirk/ssh-bye-bye 
ENH: Match non "Bye Bye" for sshd locked accounts failregex
 2014-05-05 23:22:57 -04:00
Steven Hiscocks b3266ba44d BF: Tags not fully recursively substituted 
Note: recursive check ignored for "matches", as tags would be escaped,
and hence shouldn't match "<%s>" as "<ip>" would become "\<ip\>". This
therefore maintains advantage of delayed call for {ip,jail,}matches.

Fixes gh-713
 2014-05-03 14:28:13 +01:00
Steven Hiscocks cf3a6015f0 BF: Avoid closing "/dev/urandom" for Python 3.4.0 
Upstream bug: http://bugs.python.org/issue21207

Closes gh-687
 2014-05-03 12:44:03 +01:00
Steven Hiscocks bc10b64c69 ENH: Match non "Bye Bye" for sshd locked accounts failregex 2014-04-27 13:35:55 +01:00
Steven Hiscocks bbcbefd494 BF: bantime < 0 database should return all bans, as they are persistent 2014-04-22 19:20:44 +01:00
Steven Hiscocks a7766d3316 DOC: Add notice message for systemd backend when no journal match 2014-04-20 17:59:41 +01:00
Jason Martin 72bfd14330 Tidy up filter.d/monit.conf, make regex more complete. 
Add ChangeLog / THANKS entry.
Add test cases.
 2014-04-19 13:04:03 -07:00
Steven Hiscocks 03d90c2f42 BF: recidive filter and samples at wrong log level: WARNING->NOTICE 2014-04-19 18:07:23 +01:00
Steven Hiscocks 6a740f684a ENH: Move traceback formatter to from tests.utils to helpers 
Now allows for tests to be removed from package if desired
 2014-04-18 23:27:30 +01:00
Yaroslav Halchenko 5e179f5dcb TST: skip the test if a known problem with Python 2.6 is detected 
As was original "discovered" while running tests on OSX with python2.6:
http://nipy.bic.berkeley.edu/builders/fail2ban-py2.7-osx-10.6_master/builds/6/steps/shell_2/logs/stdio
 2014-04-17 22:23:20 -04:00
Yaroslav Halchenko 16077a2771 add .dev to 0.9.0 version 2014-04-17 14:08:43 -04:00
Yaroslav Halchenko 3c0d6a77d2 BF: testDatabase -- close and unlink the created test db file 2014-04-17 10:40:37 -04:00
Steven Hiscocks 9d6fc6eca2 ENH: For syslog use SYSLOG_PID over _PID in systemd journal log format 2014-04-16 23:58:00 +01:00
Yaroslav Halchenko c2289bc8fe ENH(TST): relax test of sleep to "1" places from "2" 
The reason is that internally it does round, so even 1.005 then would not
be equal to 1.  Making it spaces==1 should be sufficient for up to 1.05
i.e. we would allow 50ms "drift"
 2014-04-16 15:52:18 -04:00
Steven Hiscocks 1369701f87 ENH: Log trace info for failed action events when in DEBUG 2014-04-12 11:27:05 +01:00
Yung-Chin Oei 941a38ea8e nginx-http-auth: match when "referrer" is present 
A sample log-line is provided.  The updated regex successfully matches
this line.

Signed-off-by: Yung-Chin Oei <yungchin@yungchin.nl>
 2014-04-04 01:27:39 +01:00
Steven Hiscocks 100b5e61f5 Merge 'kwirk/config-warnings' (early part) 2014-04-03 18:36:56 +01:00
yungchin 6e8c1b2871 nginx-http-auth filter: match server_name = "" 
As documented at
http://nginx.org/en/docs/http/server_names.html#miscellaneous_names "If
no server_name is defined in a server block then nginx uses the empty
name as the server name."  This regex change allows us to match error
output for such a configuration.

The log line added to the tests was lifted from our logs verbatim; it
did not match without the patched regex.

Signed-off-by: Yung-Chin Oei <yungchin@yungchin.nl>
 2014-04-03 11:04:21 +01:00
Steven Hiscocks 638c013557 ENH: Suppress configuration warnings if non-critical options are not set 2014-04-02 18:30:21 +01:00
Daniel Black ce982debae Merge pull request #670 from kwirk/reban-once-per-ip 
BF: On jail restart reinstatement of bans, fetch one ticket per IP
 2014-03-31 18:36:06 +11:00
Daniel Black 73fb716920 Merge pull request #671 from kwirk/sphinx 
DOC: sphinx documentation
 2014-03-31 18:32:37 +11:00
Steven Hiscocks 953ebd62c6 DOC: Improve error logging when specific backend set and fails 2014-03-29 23:08:37 +00:00
Steven Hiscocks 3781ff845a BF: Fix getting jail name from exceptions in beautifier for Python 3+ 2014-03-29 22:54:06 +00:00
Steven Hiscocks baeff6141e DOC: sphinx documentation 2014-03-29 22:07:33 +00:00
Steven Hiscocks dc24d3d494 BF: On jail restart reinstatement of bans, fetch one ticket per IP 
Closes gh-664
 2014-03-29 21:44:39 +00:00
Ruben Kerkhof 1695d5c076 Fix a few typos 
Found with https://github.com/lucasdemarchi/codespell

Signed-off-by: Ruben Kerkhof <ruben@rubenkerkhof.com>
 2014-03-24 13:16:52 +00:00
Steven Hiscocks b73ed9b59e BF: Ignored IPs no longer being banned from database on restart 2014-03-24 00:30:46 +00:00
Steven Hiscocks 7046388291 Merge branch 'database-no-sqlite' 
Conflicts:
	ChangeLog
        - Entries added in both branches, both kept
 2014-03-22 17:34:38 +00:00
Steven Hiscocks 175c593462 TST: Skip badips.py test is no network option set 2014-03-19 19:30:48 +00:00
Steven Hiscocks 75325da090 TST: Skip SYSLOG log target test if '/dev/log' not present 2014-03-19 19:21:23 +00:00
Steven Hiscocks 1470e3c01d BF: fail2ban.conf reader expected "int" type for `loglevel` 
Closes #657
 2014-03-19 19:09:07 +00:00
Steven Hiscocks 1c65b94617 BF: Handle case when no sqlite library is available for the database 2014-03-19 18:55:54 +00:00
Steven Hiscocks b83550ad0b TST: Unused import in test_smtp 
Remnants from c7df15f014
 2014-03-16 22:13:37 +00:00
Steven Hiscocks 41de7ca879 TST: Fix test failing due to wrapping of long subject lines v2 
Another fix based from c7df15f014 which
failed due to python3.3 not wrapping headers to 78 characters.
 2014-03-16 21:14:54 +00:00
Steven Hiscocks c7df15f014 TST: Fix test failing due to wrapping of log subject lines 
Typically flagged by pypy due to what appears to be typically longer
object "ids" compared to python{2,3}
 2014-03-16 19:10:32 +00:00
Steven Hiscocks 41cbbbc248 BF: Remove unused imports and variables. 
All highlighted by using pyflakes.
 2014-03-16 14:31:34 +00:00
Steven Hiscocks 5b14bc048f BF: FilterSystemd.formatJournalEntry is a classmethod, not staticmethod 
Reference to undefined `self` was raising error.
 2014-03-16 13:27:13 +00:00
Daniel Black c7f4c48090 TST/BF: more changes to make sure testcases can be run on live install 2014-03-15 11:18:01 +11:00
Daniel Black 64d1502d48 TST: learn to spell executable 2014-03-15 11:09:55 +11:00
Daniel Black 51403fec50 TST: fail2ban-testcases to be able to be run on installed fail2ban 2014-03-15 11:06:29 +11:00
Daniel Black fe582e67e3 TST: allow for ignorecommand.py not installed with execute permissions 2014-03-15 11:05:43 +11:00
Daniel Black 8671b73958 DOC: versioning and release/readme notes 2014-03-14 23:08:25 +11:00
Daniel Black 476d79d3cc ENH: asterisk filter to support syslog format 2014-03-14 09:03:27 +11:00
Steven Hiscocks 0222ff4677 Merge branch 'badips-blacklist' into 0.9 
Conflicts:
	ChangeLog
        - entires added in both branches.

Change:
        config/action.d/badips.py
        - jail.getName() changed to jail.name
 2014-03-13 20:01:15 +00:00
Steven Hiscocks dfb46cfda6 BF: Require Python 2.7+ for badips.py action 2014-03-12 21:54:15 +00:00
Daniel Black 50d938e0bf MRG: merge filter sendmail-spam into sendmail-reject 2014-03-02 16:28:23 +11:00
Daniel Black 2d45becb0e Merge branch '0.9' into distro-paths-gh-315 2014-03-02 15:17:21 +11:00
Daniel Black cc8ec826c5 MRG: from master 2014-03-02 2014-03-02 14:33:45 +11:00
Steven Hiscocks beca72e188 DOC: Change Found and Ignore message to INFO rather than NOTICE 
This was the original proposal in gh-621 but was put to NOTICE in error
 2014-02-27 20:47:58 +00:00
Steven Hiscocks 689ed9d511 DOC: Fix up doc strings styling to comply with numpy doc style 2014-02-27 20:46:48 +00:00
Steven Hiscocks f68ab3c4de DOC: Added missing parameter for jail `add` method 2014-02-24 19:05:22 +00:00
Steven Hiscocks a9b9c6ea03 Merge branch 'logging' into 0.9 
Conflicts:
	fail2ban/server/actions.py
                jail getName()->name
	fail2ban/server/filter.py
                jail getName()->name
 2014-02-23 23:03:56 +00:00
Steven Hiscocks edd0bf7d46 ENH+DOC: Update Fail2Ban database doc strings and use properties 2014-02-23 18:38:22 +00:00
Steven Hiscocks df8d700d17 RF: Refactor Jail and JailThread 
Includes:
    - documentation to new format and use of properties
    - change isActive->is_active as former no longer documented for
      python3, and later introduction and documented in python2.6
    - status formatter in beautifier somewhat more automatically
      formatted; no changes are required for additional status elements
    - JailThread now set to active within `start` method, complimenting
      `stop` method
 2014-02-23 17:41:14 +00:00
Steven Hiscocks 2b33a5fbaa TST+DOC: Improve error message for log level, and test HEAVYDEBUG 2014-02-22 17:08:30 +00:00
Steven Hiscocks 5630c56c75 ENH: Change logging levels and make info more verbose 2014-02-20 23:01:40 +00:00
Daniel Black a044517cb7 MRG: from master to 0.9 2014-02-20 2014-02-20 08:35:24 +11:00
Daniel Black 79e6543eca Merge branch '0.9' into distro-paths-gh-315 2014-02-20 08:20:47 +11:00
Steven Hiscocks df3e4a2742 ENH: Warn when multiline regex used when maxlines not greater than 1 2014-02-15 14:42:44 +00:00
Steven Hiscocks 5c7630c4be ENH: Allow separate blacklist category for badips.py action 2014-02-14 17:45:08 +00:00
Steven Hiscocks fceac53776 TST: Move nagios log sample to correct folder 2014-02-13 21:02:26 +00:00
Steven Hiscocks f68d85a6ac Merge branch 'master' into 0.9 
Conflicts:
	ChangeLog
                Spelling correction of 0.8.13 fixed in master
	config/jail.conf
                Added nagios and duplicate php-url removal in master
                Just nagios added, duplicate not issue in 0.9
 2014-02-13 20:14:40 +00:00
Steven Hiscocks 9bbf4ea258 BF: Keep sure database errors are captured during Fail2Ban startup 2014-02-13 20:07:12 +00:00
Daniel Black 45157ddc86 TST: fix failJSON for ssh filter change 2014-02-13 09:26:59 +11:00
Daniel Black 5f4d0ed576 ENH: ssh filter - "Disconnecting: Too many authentication failures.." matching Connection log message 2014-02-13 09:13:46 +11:00
Steven Hiscocks a9f0545d8f BF: Add threading lock to database 2014-02-09 23:16:36 +00:00
Steven Hiscocks dff8909473 ENH: Add badips.com reporting and blacklisting action (python based) 2014-02-09 12:23:14 +00:00
Steven Hiscocks 530cd53add BF: Due to python3 bug, importlib.machinery may need explicit import 2014-02-08 20:52:32 +00:00
Daniel Black 59b9045e88 MRG: from master 2014-02-02 2014-02-02 13:21:16 +11:00
Daniel Black a7456377b5 ENH: more datetemplate compression 2014-01-28 08:15:48 +11:00
Daniel Black a749a2780e Merge pull request #593 from grooverdan/tine 
ENH: Tine20 filter
 2014-01-26 18:50:42 -08:00
Steven Hiscocks e7d4cf6296 TST: Fix dates in ISO8601 being converted back to local time. 2014-01-26 23:37:57 +00:00
Daniel Black 8b51d0c394 ENH: compress DateDetector templates more 2014-01-27 10:10:06 +11:00
Steven Hiscocks f2ddb3e3d0 RF: Refactor date detector and date template elements 
Changes include to use Python class properties, merge some date
patterns, and change ISO8601 date template to DatePatternRegex class.
 2014-01-26 22:03:55 +00:00
Daniel Black 1a1e3bec86 ENH: framework for distro paths 2014-01-25 23:25:54 +11:00
Daniel Black c8ae064b79 ENH: tighten regex and change failJSON to support timezone. Closes gh-583 2014-01-22 22:16:03 +11:00
Steven Hiscocks 0fb7921fb1 BF: Tweak python action tests and fix Deprecation Warning 2014-01-20 23:10:43 +00:00
Steven Hiscocks 8221c7ca71 TST+BF: Add tests for python actions, including test for smtp.py 
Also fix bug when specifying multiple recipients for smtp.py action
 2014-01-20 23:10:43 +00:00
Steven Hiscocks 4aa50684ab Merge pull request #581 from kwirk/datetemplate-regroupdict 
ENH: Full regex for datepattern, utilising modified Python `_strptime`
 2014-01-20 14:53:28 -08:00
Steven Hiscocks e614a2f4a4 BF: Resolve Deprecation Warnings for python3 
Mainly python imp -> importlib for python3.3+, and other minor tweaks
 2014-01-20 22:46:17 +00:00
Daniel Black a650178bd1 MRG: merge from master 2014-01-19 2014-01-19 14:48:29 +11:00
Daniel Black 263ac32730 ENH: test log samples for kerio thanks to 
Tony Lawrence
 2014-01-18 23:18:33 +11:00
Daniel Black 2333b2d5d9 MRG: from 0.9 2014-01-13 22:17:14 +11:00
Daniel Black c7f887642d Merge branch '0.9' into master_to_0.9 2014-01-13 21:23:42 +11:00
Daniel Black 3de80545e0 MRG: from master 2014/01/13 2014-01-13 21:23:39 +11:00
Steven Hiscocks d41f372c6c BF: Typo in "z" regex addition for TimeRE 2014-01-12 19:09:11 +00:00
Steven Hiscocks 5c16ac3a89 ENH: Full regex for datepattern, utilising modified Python `_strptime` 2014-01-12 18:59:31 +00:00
Daniel Black cd3e94140c MRG: complete merge 2014-01-12 21:16:55 +11:00
Daniel Black 1e8ed55a36 MRG: from 0.9 2014-01-12 20:15:34 +11:00
Steven Hiscocks e73090d040 Merge pull request #577 from grooverdan/rel-imports 
ENH: fix test case imports to relative
 2014-01-09 15:14:20 -08:00
Daniel Black e9752d8d29 ENH: fix test case imports to relative 2014-01-10 10:04:05 +11:00
Steven Hiscocks 62cfad3c2d Merge pull request #575 from grooverdan/no-dot-filters 
ENH: dont run samples on filter filenames beginning with .
 2014-01-09 14:49:47 -08:00
Daniel Black 8e8c80d980 ENH: dont run samples on filter filenames beginning with . 2014-01-10 09:44:30 +11:00
Daniel Black 8333abe420 Merge pull request #557 from grooverdan/apache-botsearch 
ENH: Apache botsearch + BF: tag substition
 2014-01-09 14:11:00 -08:00
Daniel Black b0baab3a0e ENH: more test cases and wider regex 2014-01-10 08:40:24 +11:00
Daniel Black 9e358541b7 BF: fix multiple tag substitutions on the same line 2014-01-10 08:39:39 +11:00
Steven Hiscocks 7e8da15fc6 Merge pull request #572 from grooverdan/counterstrike 
ENH: Counter Strike filter
 2014-01-08 12:47:10 -08:00
Yaroslav Halchenko 6532a2e2f7 Merge pull request #548 from grooverdan/exim-honeypot 
Exim honeypot
 2014-01-07 06:14:42 -08:00
Daniel Black 0fb6bc7188 ENH: add filter for Counter Strike 1.6. Closes gh-347 2014-01-07 20:33:57 +11:00
Daniel Black a115297ebd TST: add datepattern for samplestestcases 2014-01-07 20:32:55 +11:00
Daniel Black 9e087b508d MRG: from 0.9 2014-01-07 16:11:40 +11:00
Daniel Black 58ebf659e4 MRG: from 0.9 to make history cleaner 2014-01-07 16:07:58 +11:00
Daniel Black ed9ed6d0cb TST/ENH: fix test case for ReadStockJailFilterComplete and add missing jails 2014-01-07 11:27:54 +11:00
Daniel Black ad41b2d198 TST: correct name. Still dont know why it isnt called 2014-01-07 11:12:59 +11:00
Daniel Black 76468942f9 MRG: complete merge from master 2014-01-07 10:24:23 +11:00
Daniel Black 51d4263358 TST: test for filter coverage in jail.conf 2014-01-07 10:00:08 +11:00
Steven Hiscocks bc5809ead0 DOC: Remove encoding descriptive tag from protocol "get" command 2014-01-06 21:19:22 +00:00
Daniel Black fecb07f36d MRG: filter substition 2014-01-06 22:07:49 +11:00
Daniel Black ab3ded2205 Merge pull request #549 from kwirk/python-actions 
ENH: Python actions
 2014-01-06 02:58:45 -08:00
Daniel Black 981ded4da9 TST: add JSON data 2014-01-06 09:52:39 +11:00
Daniel Black b963d17009 TST: datepattern needed in testSampleRegexsFactory 2014-01-06 09:07:25 +11:00
Daniel Black 03aba92238 ENH: add kerio filter 2014-01-05 23:41:49 +11:00
Steven Hiscocks cfcf841ae4 TST: Added some more tests for Python actions 2014-01-04 23:07:59 +00:00
Steven Hiscocks 69a850d226 DOC: Update docstrings for smtp.py action 2014-01-04 22:46:57 +00:00
Steven Hiscocks 41ed2ea8cd DOC: Update docstrings in action 2014-01-04 22:16:40 +00:00
Steven Hiscocks 6e63f0ea5a RF: Change Jails and Actions to Mapping types 2014-01-04 16:57:08 +00:00
Steven Hiscocks a070284a18 ENH: Change all imports to "." style relative imports 2014-01-04 13:19:09 +00:00
Daniel Black 20f41849a2 BF: default for logpath is head. "false" is not valid 2014-01-04 16:37:29 +11:00
Daniel Black 05b159c74b Merge pull request #464 from grooverdan/increase-jail-name-length 
ENH: Actions to have f2b- as prefix instead of fail2ban- as per #462
 2014-01-03 14:48:56 -08:00
Daniel Black 3d1a1afca4 MRG: to more recent 0.9 2014-01-04 09:31:05 +11:00
Daniel Black c1535a43c7 BF: Fix failJSON for stunnel 2014-01-04 07:57:47 +11:00
Steven Hiscocks cd5c57c8dd TST: Fix sorting of properties and methods in servertestcase in python3 2014-01-03 17:24:12 +00:00
Steven Hiscocks 80d6f74ee8 RF: Refactor actions further, include removing server proxy interface 
This allows direct setting of action properties and calling of methods
from the fail2ban-client if so required.
 2014-01-03 17:04:49 +00:00
Daniel Black 7c09a61ca5 ENH: add apache-botsearch. Closes gh-544 2014-01-03 23:12:58 +11:00
Daniel Black b8536490ef ENH: filter for stunnel from fail2ban wiki 2014-01-03 19:32:29 +11:00
Daniel Black 117d3b0466 MRG: horde filter from master 2014-01-03 10:34:59 +11:00
Steven Hiscocks 414c5e1146 BF: Stop actName being passed to python actions 2014-01-02 15:51:30 +00:00
Daniel Black daf2816f6b MRG: with 0.9 again 2014-01-02 11:35:39 +11:00
Daniel Black e6a329210f correct overprune on imports to filterreader.py 2014-01-02 10:59:18 +11:00
Daniel Black d61734b9ac MRG: from python-actions 2014-01-02 10:54:14 +11:00
Steven Hiscocks 776b65f73e TST: Add non-callable values to CallableMap test 2014-01-01 23:27:36 +00:00
Steven Hiscocks 5b2b59d752 ENH: python actions use initOpts as **kwargs 
Adds an easy way to handle case where mandatory arguments are missed, or
not valid arguments are passed
 2014-01-01 23:18:11 +00:00
Daniel Black 58a5983367 ENH: fix fail2ban-regex for filter arguement substition 2014-01-02 10:03:14 +11:00
Steven Hiscocks 6ef911185d ENH: Add matches to smtp.py action 2014-01-01 12:27:49 +00:00
Daniel Black 1365a7781b TST: log files to cinlude only the #541 test case 2014-01-01 22:41:48 +11:00
Ivo Truxa 67436078f7 TST: test case for honeypot exim-spam 2014-01-01 21:02:16 +11:00
Daniel Black 391b5fc883 MRG: from master again 2014-01-01 2014-01-01 19:28:38 +11:00
Steven Hiscocks f37c90cdba ENH: Python based actions 
Python actions are imported from action.d config folder, which have .py
file extension. This imports and creates an instance of the Action class
(Action can be a variable that points to a class of another name).
fail2ban.server.action.ActionBase is a base class which can be inherited
from or as a minimum has a subclass hook which is used to ensure any
imported actions implements the methods required.
All calls to the execAction are also wrapped in a try except such that
any errors won't cripple the jail.
Action is renamed CommandAction, to clearly distinguish it from other
actions.

Include is an example smtp.py python action for sending emails via smtp.
This is work in progress, as looking to add the <matches> and whois
elements, and also SSL/TLS support.
 2013-12-31 18:54:34 +00:00
Daniel Black a4c38439df ENH: add substition tags to filter definitions. Closes gh-539 2013-12-31 19:01:21 +11:00
Daniel Black e4a215ca50 BF: fix infinite recursion case in Action.substituteRecursiveTags 2013-12-31 19:00:26 +11:00
Steven Hiscocks 6f104638cf BF: Ensure all imports for fail2ban modules are not relative 2013-12-30 22:31:06 +00:00
Daniel Black 92e2747034 Merge pull request #531 from grooverdan/master_to_0.9_merge 
MRG: current master to 0.9 20131228
 2013-12-29 15:57:59 -08:00
Daniel Black 671ca8bbca BF: ignorecommand is a jail option not a filter option 2013-12-29 21:58:35 +00:00
Daniel Black d1ea8e85f8 BF: Fix FailRegex.search test case for 0.9 2013-12-29 21:18:01 +00:00
Daniel Black ef47c33082 Merge pull request #530 from kwirk/logpath-tail 
ENH: Add option to addlogpath for tail option
 2013-12-29 12:42:39 -08:00
Steven Hiscocks 6a395f4cf7 ENH: add option to addlogpath for tail option 2013-12-29 18:37:21 +00:00
Daniel Black ea2a13946e TST: more test of filters 2013-12-29 05:29:59 +00:00
Daniel Black 8617898f00 TST: additional apache-modsecurity sample log entry 2013-12-29 02:42:42 +00:00
Daniel Black c9cfdca396 ENH: add filter for apache-modsecurity 2013-12-28 22:28:11 +00:00
Daniel Black 1dfb4e3374 Merge pull request #527 from kwirk/systemd-backend-datetime 
ENH: Pass date time straight from systemd backend
 2013-12-28 13:40:17 -08:00
Steven Hiscocks f460bde73c BF: Duplicate ip addresses returned from socket.gethostbyname_ex 2013-12-28 18:15:56 +00:00
Steven Hiscocks c80297045e ENH: Pass date time straight from systemd backend 
Removes need to reparse the date time back from the ISO format
 2013-12-28 18:02:16 +00:00
Steven Hiscocks 087af27c65 Merge pull request #523 from grooverdan/more-0.9-tests 
TST: more test of filters
 2013-12-27 14:02:59 -08:00
Steven Hiscocks d129321e7b Merge pull request #519 from grooverdan/db-migration 
addLog to single SQL statement
 2013-12-27 13:45:52 -08:00
Daniel Black 18fbfed91f ENH: error handling on re.group KeyError exception only for PyPy 2013-12-27 20:01:43 +00:00
Daniel Black 1f1fe254a6 DOC: document PyPy version that use KeyError instead of IndexError 2013-12-27 12:59:37 +00:00
Daniel Black 8df9112487 TST: get StartStop test case closer to something usable (not there yet however) 2013-12-27 12:54:59 +00:00
Daniel Black 6aae276d2b TST: add #pragma: no cover for python version branches 
Remove unused code.
 2013-12-27 11:07:11 +00:00
Daniel Black a3b758cdd3 TST: more test of filters 2013-12-27 09:08:13 +00:00
Daniel Black d3c065bf76 ENH: add PyPy compatibility 2013-12-27 05:15:33 +00:00
Daniel Black 41bd0470bd TST: table create definitations to end in ; for py26 compatibility 2013-12-26 21:28:46 +00:00
Daniel Black ec31e6a702 TST: restore Ticket testcase coverage to 100% after addition of exception test in Ticket.__eq__ 2013-12-26 10:13:14 +00:00
Daniel Black 37ab4147d1 TST: for db.getFilename 2013-12-26 10:09:12 +00:00
Daniel Black fed593e689 TST: for database.getBans with bantime argument 2013-12-26 10:03:51 +00:00
Daniel Black 1990eeae64 BF: Ticket compared to non-Ticket type returns False 2013-12-26 09:31:45 +00:00
Daniel Black 5d2a03e852 TST: remove deprecated warn method of logging and use warning() instead 2013-12-26 09:22:02 +00:00
Daniel Black 4ee018a84b TST: repr test for Ticket 2013-12-26 09:06:54 +00:00
Daniel Black de22c49b4d TST: (another) py26 compatible test fix 2013-12-26 09:05:45 +00:00
Daniel Black 74567d64b6 TST: py26 compatible test 2013-12-26 09:01:29 +00:00
Daniel Black 8a25dd2dad ENH: change addLog to use single SQL statement 
ENH: separate out the database creation defination to make updates
easier

TST: add test framework for updates
 2013-12-26 05:46:38 +00:00
Daniel Black e9f5f9b86f Add ticket equality test and representation. 2013-12-26 05:27:41 +00:00
Daniel Black 7247a6841a Merge pull request #495 from grooverdan/0.9_merge 
MRG: 0.9 merge
 2013-12-19 01:27:51 -08:00
Steven Hiscocks 49f9143535 ENH: Set date to "today" when neither month nor day is time match 2013-12-18 21:06:03 +00:00
Daniel Black 62e54424a7 TST: flushLog to run correctly regardless of user/travis instigated logging level 2013-12-16 23:12:00 +00:00
Daniel Black a4d4f7b8f8 TST: fix testIgnoreInProcessLine to occur at MyTime 2013-12-16 22:35:27 +00:00
Daniel Black e57175f604 TST: fix flushLogs test case 2013-12-16 22:23:14 +00:00
Daniel Black d4b58119b8 ENH: extra logging around log rotate 2013-12-16 22:22:53 +00:00
Daniel Black 7c0efc8ec8 MRG: merge so far - flushLogs not working yet 2013-12-16 15:08:34 +00:00
Steven Hiscocks 802029d83a BF: Database test keep ticket present in memory so address is reused 
This bug only seemed to effect python2.6 which seemed hasty to reuse the
memory id that was assigned to the ticket which was being used for
reference
 2013-12-15 22:20:48 +00:00
Steven Hiscocks fb7511fdea ENH: Add cache for database getBansMerged 
This is avoids duplicate queries when using the ip(jail)matches and
ip(jail)failures in actions
 2013-12-15 21:52:50 +00:00
Steven Hiscocks 40007abc1d ENH: Refactor and add database matches and failures for sendmail actions 2013-12-15 21:41:43 +00:00
Steven Hiscocks d6cbc05e35 ENH: Make use of functools.wraps for server.database decorators 2013-12-15 21:10:11 +00:00
Steven Hiscocks 0bcff771b8 ENH: Add <ipmatches> and <ipjailmatches> tags 
Example use filter also added for sendmail-whois with ipmatches rather
than grepped lines
 2013-12-13 22:40:11 +00:00
Steven Hiscocks 6dde1d5429 TST: Fix test for recidive samples broken is last commit 2013-12-13 22:06:58 +00:00
Steven Hiscocks bff170ec43 BF: In line comments need to specifically enabled in python3.2+ 2013-12-13 21:11:45 +00:00
Steven Hiscocks 1df634b68b BF: Database wasn't being passed to jails 2013-12-13 18:25:55 +00:00
Steven Hiscocks b7d1579c9d MRG: branch 'kwirk/database' into 0.9 - gh-480 
Conflicts:
	fail2ban/tests/utils.py
        - Another test suite added in separate commit e09b700
 2013-12-13 17:15:19 +00:00
Steven Hiscocks 43689d6470 TST: Appropriately mark JournalMatch transmitter test as skipped 2013-12-13 17:10:42 +00:00
Steven Hiscocks a60fbcc116 Merge pull request #476 from kwirk/multiline-matches 
Capture multiline matched lines into fail ticket
 2013-12-13 08:47:08 -08:00
Steven Hiscocks d9afcc178a MINOR: PEP-8 tweaks for multiline-matches change set 2013-12-13 16:38:26 +00:00
Steven Hiscocks 00ecd22851 ENH: Add getBansMerged method to Fail2BanDb 
Creates a single ticket for an IP, made up of all previous bans
 2013-12-12 22:22:30 +00:00
Steven Hiscocks e18af48e34 ENH: Database now optional, by setting dbfile to "None" 2013-12-10 21:16:36 +00:00
Steven Hiscocks 174f9a243a ENH: Remove thread locks from Fail2BanDb 2013-12-08 22:03:57 +00:00
Steven Hiscocks 7f063b46f9 BF: Improve handling of clearing old jails in database 2013-12-08 11:40:40 +00:00
Steven Hiscocks d8c7bca9b0 BF: Fix dbpurgeage default value, and change default dbfile extension 2013-12-08 11:35:12 +00:00
Daniel Black b64478c512 TST: iso8601 tests 2013-12-08 20:14:00 +11:00
Daniel Black a37590b3eb BF: Fix ISO8601 regex to handle [+-]XX timezone offsets 2013-12-08 19:36:21 +11:00
Steven Hiscocks d6fe80ba50 TST: Fix test for fail2ban.conf with new database options 2013-12-07 23:37:14 +00:00
Steven Hiscocks bbadef847b ENH: Add fail2ban persistent data storage 2013-12-07 23:23:28 +00:00
Daniel Black e09b7002e0 TST: missed including testcases CustomDateFormatsTest 2013-12-07 12:11:04 +11:00
Steven Hiscocks c03a50b44b BF: Allow handle case when SKIPLINES lines is not matched 
Example is when one or more SKIPLINES is optional in a regex
 2013-12-04 23:13:27 +00:00
Steven Hiscocks c886414e2e ENH+BF: Capture multiline matched lines into fail ticket 
Previously only the last line of the match was being saved, not all
lines involved in matching.

Log lines are now broken into 3 part tuple, with the line pre-datetime,
the datetime, and post-datetime. Allows reformation of full line, but
also use of the line without the datetime present.
Attempting to use the term "tupleLine(s)" where possible, to avoid
confusion with normal read lines.

May also wish to consider that regexs could be made to capture more
lines of interest if some form of unique reference is available. This
may allow more lines of interest to be captured, which may not be picked
up by the traditional "grep <ip>" approach i.e. ones which do not have
the ip address in.

This also simplified the fail2ban-regex statistics for missed lines.
Also resolved bug with missed lines time extracted for debuggex having
some lines present which were captured in a multiline regex.
Also resolved independent issue with ignored line check including the
datetime, which raised assertion error in the rare case the datetime
matched the ignore regex, and the rest of line only matched a failregex
 2013-12-04 22:26:22 +00:00
Yaroslav Halchenko 2c1199cce0 Let's progress and mark a2 release toward 0.9.0 2013-11-30 12:25:17 -05:00
Daniel Black f7504d5b64 MRG: conflict in THANKS 2013-11-30 10:39:19 +11:00
Daniel Black af4feb0c92 Actions to have f2b- as prefix instead of fail2ban- as per #462 2013-11-29 19:08:38 +11:00
Daniel Black b157be22d2 TST: pids don't match test case for sshd filter 2013-11-29 16:02:28 +11:00
Daniel Black 227f27ce6b ENH: added multiline filter for sshd filter 2013-11-25 14:55:41 +11:00
Daniel Black 98eacdf333 MRG/BF: merge from master. Fix bugs in iso8601 2013-11-24 16:36:06 +11:00
Daniel Black 84f915c1f7 fix nginx-http-auth lof file location and MANIFEST 2013-11-13 09:57:13 +11:00
Daniel Black 1ac7b53cad MRG: merge from master 2013-11-13 09:16:45 +11:00