github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
3,260 Commits
34 Branches
229 Tags
21 MiB
Commit Graph

588 Commits (576719198805063c1c3b30a7cb31f7beedd7c2f8)

Author SHA1 Message Date
Yaroslav Halchenko 16077a2771 add .dev to 0.9.0 version 2014-04-17 14:08:43 -04:00
Yaroslav Halchenko 3c0d6a77d2 BF: testDatabase -- close and unlink the created test db file 2014-04-17 10:40:37 -04:00
Steven Hiscocks 9d6fc6eca2 ENH: For syslog use SYSLOG_PID over _PID in systemd journal log format 2014-04-16 23:58:00 +01:00
Yaroslav Halchenko c2289bc8fe ENH(TST): relax test of sleep to "1" places from "2" 
The reason is that internally it does round, so even 1.005 then would not
be equal to 1.  Making it spaces==1 should be sufficient for up to 1.05
i.e. we would allow 50ms "drift"
 2014-04-16 15:52:18 -04:00
Steven Hiscocks 1369701f87 ENH: Log trace info for failed action events when in DEBUG 2014-04-12 11:27:05 +01:00
Yung-Chin Oei 941a38ea8e nginx-http-auth: match when "referrer" is present 
A sample log-line is provided.  The updated regex successfully matches
this line.

Signed-off-by: Yung-Chin Oei <yungchin@yungchin.nl>
 2014-04-04 01:27:39 +01:00
Steven Hiscocks 100b5e61f5 Merge 'kwirk/config-warnings' (early part) 2014-04-03 18:36:56 +01:00
yungchin 6e8c1b2871 nginx-http-auth filter: match server_name = "" 
As documented at
http://nginx.org/en/docs/http/server_names.html#miscellaneous_names "If
no server_name is defined in a server block then nginx uses the empty
name as the server name."  This regex change allows us to match error
output for such a configuration.

The log line added to the tests was lifted from our logs verbatim; it
did not match without the patched regex.

Signed-off-by: Yung-Chin Oei <yungchin@yungchin.nl>
 2014-04-03 11:04:21 +01:00
Steven Hiscocks 638c013557 ENH: Suppress configuration warnings if non-critical options are not set 2014-04-02 18:30:21 +01:00
Daniel Black ce982debae Merge pull request #670 from kwirk/reban-once-per-ip 
BF: On jail restart reinstatement of bans, fetch one ticket per IP
 2014-03-31 18:36:06 +11:00
Daniel Black 73fb716920 Merge pull request #671 from kwirk/sphinx 
DOC: sphinx documentation
 2014-03-31 18:32:37 +11:00
Steven Hiscocks 953ebd62c6 DOC: Improve error logging when specific backend set and fails 2014-03-29 23:08:37 +00:00
Steven Hiscocks 3781ff845a BF: Fix getting jail name from exceptions in beautifier for Python 3+ 2014-03-29 22:54:06 +00:00
Steven Hiscocks baeff6141e DOC: sphinx documentation 2014-03-29 22:07:33 +00:00
Steven Hiscocks dc24d3d494 BF: On jail restart reinstatement of bans, fetch one ticket per IP 
Closes gh-664
 2014-03-29 21:44:39 +00:00
Ruben Kerkhof 1695d5c076 Fix a few typos 
Found with https://github.com/lucasdemarchi/codespell

Signed-off-by: Ruben Kerkhof <ruben@rubenkerkhof.com>
 2014-03-24 13:16:52 +00:00
Steven Hiscocks b73ed9b59e BF: Ignored IPs no longer being banned from database on restart 2014-03-24 00:30:46 +00:00
Steven Hiscocks 7046388291 Merge branch 'database-no-sqlite' 
Conflicts:
	ChangeLog
        - Entries added in both branches, both kept
 2014-03-22 17:34:38 +00:00
Steven Hiscocks 175c593462 TST: Skip badips.py test is no network option set 2014-03-19 19:30:48 +00:00
Steven Hiscocks 75325da090 TST: Skip SYSLOG log target test if '/dev/log' not present 2014-03-19 19:21:23 +00:00
Steven Hiscocks 1470e3c01d BF: fail2ban.conf reader expected "int" type for `loglevel` 
Closes #657
 2014-03-19 19:09:07 +00:00
Steven Hiscocks 1c65b94617 BF: Handle case when no sqlite library is available for the database 2014-03-19 18:55:54 +00:00
Steven Hiscocks b83550ad0b TST: Unused import in test_smtp 
Remnants from c7df15f014
 2014-03-16 22:13:37 +00:00
Steven Hiscocks 41de7ca879 TST: Fix test failing due to wrapping of long subject lines v2 
Another fix based from c7df15f014 which
failed due to python3.3 not wrapping headers to 78 characters.
 2014-03-16 21:14:54 +00:00
Steven Hiscocks c7df15f014 TST: Fix test failing due to wrapping of log subject lines 
Typically flagged by pypy due to what appears to be typically longer
object "ids" compared to python{2,3}
 2014-03-16 19:10:32 +00:00
Steven Hiscocks 41cbbbc248 BF: Remove unused imports and variables. 
All highlighted by using pyflakes.
 2014-03-16 14:31:34 +00:00
Steven Hiscocks 5b14bc048f BF: FilterSystemd.formatJournalEntry is a classmethod, not staticmethod 
Reference to undefined `self` was raising error.
 2014-03-16 13:27:13 +00:00
Daniel Black c7f4c48090 TST/BF: more changes to make sure testcases can be run on live install 2014-03-15 11:18:01 +11:00
Daniel Black 64d1502d48 TST: learn to spell executable 2014-03-15 11:09:55 +11:00
Daniel Black 51403fec50 TST: fail2ban-testcases to be able to be run on installed fail2ban 2014-03-15 11:06:29 +11:00
Daniel Black fe582e67e3 TST: allow for ignorecommand.py not installed with execute permissions 2014-03-15 11:05:43 +11:00
Daniel Black 8671b73958 DOC: versioning and release/readme notes 2014-03-14 23:08:25 +11:00
Daniel Black 476d79d3cc ENH: asterisk filter to support syslog format 2014-03-14 09:03:27 +11:00
Steven Hiscocks 0222ff4677 Merge branch 'badips-blacklist' into 0.9 
Conflicts:
	ChangeLog
        - entires added in both branches.

Change:
        config/action.d/badips.py
        - jail.getName() changed to jail.name
 2014-03-13 20:01:15 +00:00
Steven Hiscocks dfb46cfda6 BF: Require Python 2.7+ for badips.py action 2014-03-12 21:54:15 +00:00
Daniel Black 50d938e0bf MRG: merge filter sendmail-spam into sendmail-reject 2014-03-02 16:28:23 +11:00
Daniel Black 2d45becb0e Merge branch '0.9' into distro-paths-gh-315 2014-03-02 15:17:21 +11:00
Daniel Black cc8ec826c5 MRG: from master 2014-03-02 2014-03-02 14:33:45 +11:00
Steven Hiscocks beca72e188 DOC: Change Found and Ignore message to INFO rather than NOTICE 
This was the original proposal in gh-621 but was put to NOTICE in error
 2014-02-27 20:47:58 +00:00
Steven Hiscocks 689ed9d511 DOC: Fix up doc strings styling to comply with numpy doc style 2014-02-27 20:46:48 +00:00
Steven Hiscocks f68ab3c4de DOC: Added missing parameter for jail `add` method 2014-02-24 19:05:22 +00:00
Steven Hiscocks a9b9c6ea03 Merge branch 'logging' into 0.9 
Conflicts:
	fail2ban/server/actions.py
                jail getName()->name
	fail2ban/server/filter.py
                jail getName()->name
 2014-02-23 23:03:56 +00:00
Steven Hiscocks edd0bf7d46 ENH+DOC: Update Fail2Ban database doc strings and use properties 2014-02-23 18:38:22 +00:00
Steven Hiscocks df8d700d17 RF: Refactor Jail and JailThread 
Includes:
    - documentation to new format and use of properties
    - change isActive->is_active as former no longer documented for
      python3, and later introduction and documented in python2.6
    - status formatter in beautifier somewhat more automatically
      formatted; no changes are required for additional status elements
    - JailThread now set to active within `start` method, complimenting
      `stop` method
 2014-02-23 17:41:14 +00:00
Steven Hiscocks 2b33a5fbaa TST+DOC: Improve error message for log level, and test HEAVYDEBUG 2014-02-22 17:08:30 +00:00
Steven Hiscocks 5630c56c75 ENH: Change logging levels and make info more verbose 2014-02-20 23:01:40 +00:00
Daniel Black a044517cb7 MRG: from master to 0.9 2014-02-20 2014-02-20 08:35:24 +11:00
Daniel Black 79e6543eca Merge branch '0.9' into distro-paths-gh-315 2014-02-20 08:20:47 +11:00
Steven Hiscocks df3e4a2742 ENH: Warn when multiline regex used when maxlines not greater than 1 2014-02-15 14:42:44 +00:00
Steven Hiscocks 5c7630c4be ENH: Allow separate blacklist category for badips.py action 2014-02-14 17:45:08 +00:00
Steven Hiscocks fceac53776 TST: Move nagios log sample to correct folder 2014-02-13 21:02:26 +00:00
Steven Hiscocks f68d85a6ac Merge branch 'master' into 0.9 
Conflicts:
	ChangeLog
                Spelling correction of 0.8.13 fixed in master
	config/jail.conf
                Added nagios and duplicate php-url removal in master
                Just nagios added, duplicate not issue in 0.9
 2014-02-13 20:14:40 +00:00
Steven Hiscocks 9bbf4ea258 BF: Keep sure database errors are captured during Fail2Ban startup 2014-02-13 20:07:12 +00:00
Daniel Black 45157ddc86 TST: fix failJSON for ssh filter change 2014-02-13 09:26:59 +11:00
Daniel Black 5f4d0ed576 ENH: ssh filter - "Disconnecting: Too many authentication failures.." matching Connection log message 2014-02-13 09:13:46 +11:00
Steven Hiscocks a9f0545d8f BF: Add threading lock to database 2014-02-09 23:16:36 +00:00
Steven Hiscocks dff8909473 ENH: Add badips.com reporting and blacklisting action (python based) 2014-02-09 12:23:14 +00:00
Steven Hiscocks 530cd53add BF: Due to python3 bug, importlib.machinery may need explicit import 2014-02-08 20:52:32 +00:00
Daniel Black 59b9045e88 MRG: from master 2014-02-02 2014-02-02 13:21:16 +11:00
Daniel Black a7456377b5 ENH: more datetemplate compression 2014-01-28 08:15:48 +11:00
Daniel Black a749a2780e Merge pull request #593 from grooverdan/tine 
ENH: Tine20 filter
 2014-01-26 18:50:42 -08:00
Steven Hiscocks e7d4cf6296 TST: Fix dates in ISO8601 being converted back to local time. 2014-01-26 23:37:57 +00:00
Daniel Black 8b51d0c394 ENH: compress DateDetector templates more 2014-01-27 10:10:06 +11:00
Steven Hiscocks f2ddb3e3d0 RF: Refactor date detector and date template elements 
Changes include to use Python class properties, merge some date
patterns, and change ISO8601 date template to DatePatternRegex class.
 2014-01-26 22:03:55 +00:00
Daniel Black 1a1e3bec86 ENH: framework for distro paths 2014-01-25 23:25:54 +11:00
Daniel Black c8ae064b79 ENH: tighten regex and change failJSON to support timezone. Closes gh-583 2014-01-22 22:16:03 +11:00
Steven Hiscocks 0fb7921fb1 BF: Tweak python action tests and fix Deprecation Warning 2014-01-20 23:10:43 +00:00
Steven Hiscocks 8221c7ca71 TST+BF: Add tests for python actions, including test for smtp.py 
Also fix bug when specifying multiple recipients for smtp.py action
 2014-01-20 23:10:43 +00:00
Steven Hiscocks 4aa50684ab Merge pull request #581 from kwirk/datetemplate-regroupdict 
ENH: Full regex for datepattern, utilising modified Python `_strptime`
 2014-01-20 14:53:28 -08:00
Steven Hiscocks e614a2f4a4 BF: Resolve Deprecation Warnings for python3 
Mainly python imp -> importlib for python3.3+, and other minor tweaks
 2014-01-20 22:46:17 +00:00
Daniel Black a650178bd1 MRG: merge from master 2014-01-19 2014-01-19 14:48:29 +11:00
Daniel Black 263ac32730 ENH: test log samples for kerio thanks to 
Tony Lawrence
 2014-01-18 23:18:33 +11:00
Daniel Black 2333b2d5d9 MRG: from 0.9 2014-01-13 22:17:14 +11:00
Daniel Black c7f887642d Merge branch '0.9' into master_to_0.9 2014-01-13 21:23:42 +11:00
Daniel Black 3de80545e0 MRG: from master 2014/01/13 2014-01-13 21:23:39 +11:00
Steven Hiscocks d41f372c6c BF: Typo in "z" regex addition for TimeRE 2014-01-12 19:09:11 +00:00
Steven Hiscocks 5c16ac3a89 ENH: Full regex for datepattern, utilising modified Python `_strptime` 2014-01-12 18:59:31 +00:00
Daniel Black cd3e94140c MRG: complete merge 2014-01-12 21:16:55 +11:00
Daniel Black 1e8ed55a36 MRG: from 0.9 2014-01-12 20:15:34 +11:00
Steven Hiscocks e73090d040 Merge pull request #577 from grooverdan/rel-imports 
ENH: fix test case imports to relative
 2014-01-09 15:14:20 -08:00
Daniel Black e9752d8d29 ENH: fix test case imports to relative 2014-01-10 10:04:05 +11:00
Steven Hiscocks 62cfad3c2d Merge pull request #575 from grooverdan/no-dot-filters 
ENH: dont run samples on filter filenames beginning with .
 2014-01-09 14:49:47 -08:00
Daniel Black 8e8c80d980 ENH: dont run samples on filter filenames beginning with . 2014-01-10 09:44:30 +11:00
Daniel Black 8333abe420 Merge pull request #557 from grooverdan/apache-botsearch 
ENH: Apache botsearch + BF: tag substition
 2014-01-09 14:11:00 -08:00
Daniel Black b0baab3a0e ENH: more test cases and wider regex 2014-01-10 08:40:24 +11:00
Daniel Black 9e358541b7 BF: fix multiple tag substitutions on the same line 2014-01-10 08:39:39 +11:00
Steven Hiscocks 7e8da15fc6 Merge pull request #572 from grooverdan/counterstrike 
ENH: Counter Strike filter
 2014-01-08 12:47:10 -08:00
Yaroslav Halchenko 6532a2e2f7 Merge pull request #548 from grooverdan/exim-honeypot 
Exim honeypot
 2014-01-07 06:14:42 -08:00
Daniel Black 0fb6bc7188 ENH: add filter for Counter Strike 1.6. Closes gh-347 2014-01-07 20:33:57 +11:00
Daniel Black a115297ebd TST: add datepattern for samplestestcases 2014-01-07 20:32:55 +11:00
Daniel Black 9e087b508d MRG: from 0.9 2014-01-07 16:11:40 +11:00
Daniel Black 58ebf659e4 MRG: from 0.9 to make history cleaner 2014-01-07 16:07:58 +11:00
Daniel Black ed9ed6d0cb TST/ENH: fix test case for ReadStockJailFilterComplete and add missing jails 2014-01-07 11:27:54 +11:00
Daniel Black ad41b2d198 TST: correct name. Still dont know why it isnt called 2014-01-07 11:12:59 +11:00
Daniel Black 76468942f9 MRG: complete merge from master 2014-01-07 10:24:23 +11:00
Daniel Black 51d4263358 TST: test for filter coverage in jail.conf 2014-01-07 10:00:08 +11:00
Steven Hiscocks bc5809ead0 DOC: Remove encoding descriptive tag from protocol "get" command 2014-01-06 21:19:22 +00:00
Daniel Black fecb07f36d MRG: filter substition 2014-01-06 22:07:49 +11:00
Daniel Black ab3ded2205 Merge pull request #549 from kwirk/python-actions 
ENH: Python actions
 2014-01-06 02:58:45 -08:00
Daniel Black 981ded4da9 TST: add JSON data 2014-01-06 09:52:39 +11:00
Daniel Black b963d17009 TST: datepattern needed in testSampleRegexsFactory 2014-01-06 09:07:25 +11:00
Daniel Black 03aba92238 ENH: add kerio filter 2014-01-05 23:41:49 +11:00
Steven Hiscocks cfcf841ae4 TST: Added some more tests for Python actions 2014-01-04 23:07:59 +00:00
Steven Hiscocks 69a850d226 DOC: Update docstrings for smtp.py action 2014-01-04 22:46:57 +00:00
Steven Hiscocks 41ed2ea8cd DOC: Update docstrings in action 2014-01-04 22:16:40 +00:00
Steven Hiscocks 6e63f0ea5a RF: Change Jails and Actions to Mapping types 2014-01-04 16:57:08 +00:00
Steven Hiscocks a070284a18 ENH: Change all imports to "." style relative imports 2014-01-04 13:19:09 +00:00
Daniel Black 20f41849a2 BF: default for logpath is head. "false" is not valid 2014-01-04 16:37:29 +11:00
Daniel Black 05b159c74b Merge pull request #464 from grooverdan/increase-jail-name-length 
ENH: Actions to have f2b- as prefix instead of fail2ban- as per #462
 2014-01-03 14:48:56 -08:00
Daniel Black 3d1a1afca4 MRG: to more recent 0.9 2014-01-04 09:31:05 +11:00
Daniel Black c1535a43c7 BF: Fix failJSON for stunnel 2014-01-04 07:57:47 +11:00
Steven Hiscocks cd5c57c8dd TST: Fix sorting of properties and methods in servertestcase in python3 2014-01-03 17:24:12 +00:00
Steven Hiscocks 80d6f74ee8 RF: Refactor actions further, include removing server proxy interface 
This allows direct setting of action properties and calling of methods
from the fail2ban-client if so required.
 2014-01-03 17:04:49 +00:00
Daniel Black 7c09a61ca5 ENH: add apache-botsearch. Closes gh-544 2014-01-03 23:12:58 +11:00
Daniel Black b8536490ef ENH: filter for stunnel from fail2ban wiki 2014-01-03 19:32:29 +11:00
Daniel Black 117d3b0466 MRG: horde filter from master 2014-01-03 10:34:59 +11:00
Steven Hiscocks 414c5e1146 BF: Stop actName being passed to python actions 2014-01-02 15:51:30 +00:00
Daniel Black daf2816f6b MRG: with 0.9 again 2014-01-02 11:35:39 +11:00
Daniel Black e6a329210f correct overprune on imports to filterreader.py 2014-01-02 10:59:18 +11:00
Daniel Black d61734b9ac MRG: from python-actions 2014-01-02 10:54:14 +11:00
Steven Hiscocks 776b65f73e TST: Add non-callable values to CallableMap test 2014-01-01 23:27:36 +00:00
Steven Hiscocks 5b2b59d752 ENH: python actions use initOpts as **kwargs 
Adds an easy way to handle case where mandatory arguments are missed, or
not valid arguments are passed
 2014-01-01 23:18:11 +00:00
Daniel Black 58a5983367 ENH: fix fail2ban-regex for filter arguement substition 2014-01-02 10:03:14 +11:00
Steven Hiscocks 6ef911185d ENH: Add matches to smtp.py action 2014-01-01 12:27:49 +00:00
Daniel Black 1365a7781b TST: log files to cinlude only the #541 test case 2014-01-01 22:41:48 +11:00
Ivo Truxa 67436078f7 TST: test case for honeypot exim-spam 2014-01-01 21:02:16 +11:00
Daniel Black 391b5fc883 MRG: from master again 2014-01-01 2014-01-01 19:28:38 +11:00
Steven Hiscocks f37c90cdba ENH: Python based actions 
Python actions are imported from action.d config folder, which have .py
file extension. This imports and creates an instance of the Action class
(Action can be a variable that points to a class of another name).
fail2ban.server.action.ActionBase is a base class which can be inherited
from or as a minimum has a subclass hook which is used to ensure any
imported actions implements the methods required.
All calls to the execAction are also wrapped in a try except such that
any errors won't cripple the jail.
Action is renamed CommandAction, to clearly distinguish it from other
actions.

Include is an example smtp.py python action for sending emails via smtp.
This is work in progress, as looking to add the <matches> and whois
elements, and also SSL/TLS support.
 2013-12-31 18:54:34 +00:00
Daniel Black a4c38439df ENH: add substition tags to filter definitions. Closes gh-539 2013-12-31 19:01:21 +11:00
Daniel Black e4a215ca50 BF: fix infinite recursion case in Action.substituteRecursiveTags 2013-12-31 19:00:26 +11:00
Steven Hiscocks 6f104638cf BF: Ensure all imports for fail2ban modules are not relative 2013-12-30 22:31:06 +00:00
Daniel Black 92e2747034 Merge pull request #531 from grooverdan/master_to_0.9_merge 
MRG: current master to 0.9 20131228
 2013-12-29 15:57:59 -08:00
Daniel Black 671ca8bbca BF: ignorecommand is a jail option not a filter option 2013-12-29 21:58:35 +00:00
Daniel Black d1ea8e85f8 BF: Fix FailRegex.search test case for 0.9 2013-12-29 21:18:01 +00:00
Daniel Black ef47c33082 Merge pull request #530 from kwirk/logpath-tail 
ENH: Add option to addlogpath for tail option
 2013-12-29 12:42:39 -08:00
Steven Hiscocks 6a395f4cf7 ENH: add option to addlogpath for tail option 2013-12-29 18:37:21 +00:00
Daniel Black ea2a13946e TST: more test of filters 2013-12-29 05:29:59 +00:00
Daniel Black 8617898f00 TST: additional apache-modsecurity sample log entry 2013-12-29 02:42:42 +00:00
Daniel Black c9cfdca396 ENH: add filter for apache-modsecurity 2013-12-28 22:28:11 +00:00
Daniel Black 1dfb4e3374 Merge pull request #527 from kwirk/systemd-backend-datetime 
ENH: Pass date time straight from systemd backend
 2013-12-28 13:40:17 -08:00
Steven Hiscocks f460bde73c BF: Duplicate ip addresses returned from socket.gethostbyname_ex 2013-12-28 18:15:56 +00:00
Steven Hiscocks c80297045e ENH: Pass date time straight from systemd backend 
Removes need to reparse the date time back from the ISO format
 2013-12-28 18:02:16 +00:00
Steven Hiscocks 087af27c65 Merge pull request #523 from grooverdan/more-0.9-tests 
TST: more test of filters
 2013-12-27 14:02:59 -08:00
Steven Hiscocks d129321e7b Merge pull request #519 from grooverdan/db-migration 
addLog to single SQL statement
 2013-12-27 13:45:52 -08:00
Daniel Black 18fbfed91f ENH: error handling on re.group KeyError exception only for PyPy 2013-12-27 20:01:43 +00:00
Daniel Black 1f1fe254a6 DOC: document PyPy version that use KeyError instead of IndexError 2013-12-27 12:59:37 +00:00
Daniel Black 8df9112487 TST: get StartStop test case closer to something usable (not there yet however) 2013-12-27 12:54:59 +00:00
Daniel Black 6aae276d2b TST: add #pragma: no cover for python version branches 
Remove unused code.
 2013-12-27 11:07:11 +00:00
Daniel Black a3b758cdd3 TST: more test of filters 2013-12-27 09:08:13 +00:00
Daniel Black d3c065bf76 ENH: add PyPy compatibility 2013-12-27 05:15:33 +00:00
Daniel Black 41bd0470bd TST: table create definitations to end in ; for py26 compatibility 2013-12-26 21:28:46 +00:00
Daniel Black ec31e6a702 TST: restore Ticket testcase coverage to 100% after addition of exception test in Ticket.__eq__ 2013-12-26 10:13:14 +00:00
Daniel Black 37ab4147d1 TST: for db.getFilename 2013-12-26 10:09:12 +00:00
Daniel Black fed593e689 TST: for database.getBans with bantime argument 2013-12-26 10:03:51 +00:00
Daniel Black 1990eeae64 BF: Ticket compared to non-Ticket type returns False 2013-12-26 09:31:45 +00:00
Daniel Black 5d2a03e852 TST: remove deprecated warn method of logging and use warning() instead 2013-12-26 09:22:02 +00:00
Daniel Black 4ee018a84b TST: repr test for Ticket 2013-12-26 09:06:54 +00:00
Daniel Black de22c49b4d TST: (another) py26 compatible test fix 2013-12-26 09:05:45 +00:00
Daniel Black 74567d64b6 TST: py26 compatible test 2013-12-26 09:01:29 +00:00
Daniel Black 8a25dd2dad ENH: change addLog to use single SQL statement 
ENH: separate out the database creation defination to make updates
easier

TST: add test framework for updates
 2013-12-26 05:46:38 +00:00
Daniel Black e9f5f9b86f Add ticket equality test and representation. 2013-12-26 05:27:41 +00:00
Daniel Black 7247a6841a Merge pull request #495 from grooverdan/0.9_merge 
MRG: 0.9 merge
 2013-12-19 01:27:51 -08:00
Steven Hiscocks 49f9143535 ENH: Set date to "today" when neither month nor day is time match 2013-12-18 21:06:03 +00:00
Daniel Black 62e54424a7 TST: flushLog to run correctly regardless of user/travis instigated logging level 2013-12-16 23:12:00 +00:00
Daniel Black a4d4f7b8f8 TST: fix testIgnoreInProcessLine to occur at MyTime 2013-12-16 22:35:27 +00:00
Daniel Black e57175f604 TST: fix flushLogs test case 2013-12-16 22:23:14 +00:00
Daniel Black d4b58119b8 ENH: extra logging around log rotate 2013-12-16 22:22:53 +00:00
Daniel Black 7c0efc8ec8 MRG: merge so far - flushLogs not working yet 2013-12-16 15:08:34 +00:00
Steven Hiscocks 802029d83a BF: Database test keep ticket present in memory so address is reused 
This bug only seemed to effect python2.6 which seemed hasty to reuse the
memory id that was assigned to the ticket which was being used for
reference
 2013-12-15 22:20:48 +00:00
Steven Hiscocks fb7511fdea ENH: Add cache for database getBansMerged 
This is avoids duplicate queries when using the ip(jail)matches and
ip(jail)failures in actions
 2013-12-15 21:52:50 +00:00
Steven Hiscocks 40007abc1d ENH: Refactor and add database matches and failures for sendmail actions 2013-12-15 21:41:43 +00:00
Steven Hiscocks d6cbc05e35 ENH: Make use of functools.wraps for server.database decorators 2013-12-15 21:10:11 +00:00
Steven Hiscocks 0bcff771b8 ENH: Add <ipmatches> and <ipjailmatches> tags 
Example use filter also added for sendmail-whois with ipmatches rather
than grepped lines
 2013-12-13 22:40:11 +00:00
Steven Hiscocks 6dde1d5429 TST: Fix test for recidive samples broken is last commit 2013-12-13 22:06:58 +00:00
Steven Hiscocks bff170ec43 BF: In line comments need to specifically enabled in python3.2+ 2013-12-13 21:11:45 +00:00
Steven Hiscocks 1df634b68b BF: Database wasn't being passed to jails 2013-12-13 18:25:55 +00:00
Steven Hiscocks b7d1579c9d MRG: branch 'kwirk/database' into 0.9 - gh-480 
Conflicts:
	fail2ban/tests/utils.py
        - Another test suite added in separate commit e09b700
 2013-12-13 17:15:19 +00:00
Steven Hiscocks 43689d6470 TST: Appropriately mark JournalMatch transmitter test as skipped 2013-12-13 17:10:42 +00:00
Steven Hiscocks a60fbcc116 Merge pull request #476 from kwirk/multiline-matches 
Capture multiline matched lines into fail ticket
 2013-12-13 08:47:08 -08:00
Steven Hiscocks d9afcc178a MINOR: PEP-8 tweaks for multiline-matches change set 2013-12-13 16:38:26 +00:00
Steven Hiscocks 00ecd22851 ENH: Add getBansMerged method to Fail2BanDb 
Creates a single ticket for an IP, made up of all previous bans
 2013-12-12 22:22:30 +00:00
Steven Hiscocks e18af48e34 ENH: Database now optional, by setting dbfile to "None" 2013-12-10 21:16:36 +00:00
Steven Hiscocks 174f9a243a ENH: Remove thread locks from Fail2BanDb 2013-12-08 22:03:57 +00:00
Steven Hiscocks 7f063b46f9 BF: Improve handling of clearing old jails in database 2013-12-08 11:40:40 +00:00
Steven Hiscocks d8c7bca9b0 BF: Fix dbpurgeage default value, and change default dbfile extension 2013-12-08 11:35:12 +00:00
Daniel Black b64478c512 TST: iso8601 tests 2013-12-08 20:14:00 +11:00
Daniel Black a37590b3eb BF: Fix ISO8601 regex to handle [+-]XX timezone offsets 2013-12-08 19:36:21 +11:00
Steven Hiscocks d6fe80ba50 TST: Fix test for fail2ban.conf with new database options 2013-12-07 23:37:14 +00:00
Steven Hiscocks bbadef847b ENH: Add fail2ban persistent data storage 2013-12-07 23:23:28 +00:00
Daniel Black e09b7002e0 TST: missed including testcases CustomDateFormatsTest 2013-12-07 12:11:04 +11:00
Steven Hiscocks c03a50b44b BF: Allow handle case when SKIPLINES lines is not matched 
Example is when one or more SKIPLINES is optional in a regex
 2013-12-04 23:13:27 +00:00
Steven Hiscocks c886414e2e ENH+BF: Capture multiline matched lines into fail ticket 
Previously only the last line of the match was being saved, not all
lines involved in matching.

Log lines are now broken into 3 part tuple, with the line pre-datetime,
the datetime, and post-datetime. Allows reformation of full line, but
also use of the line without the datetime present.
Attempting to use the term "tupleLine(s)" where possible, to avoid
confusion with normal read lines.

May also wish to consider that regexs could be made to capture more
lines of interest if some form of unique reference is available. This
may allow more lines of interest to be captured, which may not be picked
up by the traditional "grep <ip>" approach i.e. ones which do not have
the ip address in.

This also simplified the fail2ban-regex statistics for missed lines.
Also resolved bug with missed lines time extracted for debuggex having
some lines present which were captured in a multiline regex.
Also resolved independent issue with ignored line check including the
datetime, which raised assertion error in the rare case the datetime
matched the ignore regex, and the rest of line only matched a failregex
 2013-12-04 22:26:22 +00:00
Yaroslav Halchenko 2c1199cce0 Let's progress and mark a2 release toward 0.9.0 2013-11-30 12:25:17 -05:00
Daniel Black f7504d5b64 MRG: conflict in THANKS 2013-11-30 10:39:19 +11:00
Daniel Black af4feb0c92 Actions to have f2b- as prefix instead of fail2ban- as per #462 2013-11-29 19:08:38 +11:00
Daniel Black b157be22d2 TST: pids don't match test case for sshd filter 2013-11-29 16:02:28 +11:00
Daniel Black 227f27ce6b ENH: added multiline filter for sshd filter 2013-11-25 14:55:41 +11:00
Daniel Black 98eacdf333 MRG/BF: merge from master. Fix bugs in iso8601 2013-11-24 16:36:06 +11:00
Daniel Black 84f915c1f7 fix nginx-http-auth lof file location and MANIFEST 2013-11-13 09:57:13 +11:00
Daniel Black 1ac7b53cad MRG: merge from master 2013-11-13 09:16:45 +11:00
Daniel Black cb982ef921 ENH: multiline filter for sendmail-spam. Closes gh-418 2013-11-08 08:55:45 +11:00
Daniel Black 2f79e7cd49 TST: fix test case for testVariousTimes 2013-11-06 11:01:35 +11:00
Daniel Black 47d35c9d80 MRG: 0.8.11 to 0.9 
Epnoc of selinux is now true UTC

Merge multiline support and date detection in filter
 2013-11-02 15:59:05 +11:00
Daniel Black 359210f224 ENH: filter.d/squirrelmail added 2013-10-08 20:37:33 +11:00
Daniel Black b8d9c07280 Merge pull request #368 from grooverdan/0.9_datedetmerge 
MRG: general merge from master + date time zone
 2013-09-28 15:18:20 -07:00
Daniel Black 7b52a578bd BF: group _f for %f in strptime for py2.5 compatibility 2013-09-28 21:29:39 +10:00
Daniel Black 6fd2179725 BF: timefix 2013-09-28 21:15:01 +10:00
Daniel Black 30d1f003e1 BF: add multiline support 2013-09-28 20:56:48 +10:00
Steven Hiscocks 011ccbc675 TST+BF: Fix bug in Filter.{get,set}DatePattern and improve tests 2013-09-24 22:25:17 +01:00
Steven Hiscocks 9c61adcad7 ENH+DOC: Allow setting of Epoch and TAI64N date pattern 
Also add this to jail.conf man page
 2013-09-24 22:11:04 +01:00
Steven Hiscocks badf9d03b9 ENH: Allow setting of ISO8601 via datepattern (default for systemd) 2013-09-22 18:12:16 +01:00
Daniel Black b3cd5ca807 BF: correct scope for datetime.now 2013-09-22 21:51:51 +10:00
Daniel Black 37de5462be ENH: iso8601 - remove default_timezone set to UTC, isn't valid any more - calculate from local timezone. Enforce T date/time separator in iso8601 regex. Make minutes in timezone optional as per ISO8601. Use consistant regex for ISO8601 2013-09-21 11:47:24 +10:00
Daniel Black a0676cdd1e ENH: add date format 2005-01-23 21:59:59 (%Y-%m-%d %H:%M:%S) so ISO8601 doesnt handle it 2013-09-21 11:44:50 +10:00
Daniel Black 855d802ba8 ENH: more detail in debug messages in date/time detection 2013-09-21 10:31:26 +10:00
Daniel Black 0035c99d07 BF: remove unused function DateDetector.getUnixTime 2013-09-21 10:22:15 +10:00
Daniel Black ec0670f6d5 BF: fix MyTime imports 2013-09-21 09:44:24 +10:00
Daniel Black 33aee14fcc DOC: comment examples of date formats 2013-09-21 09:16:31 +10:00
Daniel Black cfd9778f3c TST: fix unicode on test strings 2013-09-20 21:43:27 +10:00
Daniel Black d9f0438a8d MRG: remerge in %z and %f datetime format 2013-09-20 21:18:44 +10:00
Daniel Black 0f283f8b6f BF: wrong variable name in previous merge 2013-09-20 21:16:39 +10:00
Daniel Black 9805d39b60 MRG: merge date changes to support timezones 2013-09-20 18:22:32 +10:00
Daniel Black 1f1a56174f MRG: merge from master 2013-09-08 21:02:35 +10:00
Daniel Black d5291517a7 MISC: merge from master 2013-07-28 19:43:54 +10:00
Steven Hiscocks 3392190924 DOC: Point to jail.conf(5) manpage when date not matched by datedetector 2013-07-26 18:14:31 +01:00
Steven Hiscocks 27feb57e80 Merge pull request #299 from kwirk/datepatterns-dateregex 
Custom date templates and date detector changes
 2013-07-26 03:53:40 -07:00
Steven Hiscocks 26b472f70f ENH: Add ejabberd-auth filter and sample log lines 2013-07-18 21:31:51 +01:00
Steven Hiscocks 2b6ecfe56a TST: More verbose when multiple regexs matched in sample test case 2013-07-17 22:25:27 +01:00
Steven Hiscocks 7c3a2a0223 ENH: Allow setting of date pattern as part of filter config Init section 2013-07-17 21:27:19 +01:00
Steven Hiscocks 614fb8505e BF: globally make HEAVYDEBUG logging level when importing fail2ban 2013-07-17 21:12:48 +01:00
Steven Hiscocks 674e1d82f4 TST: vsftpd fail data update due to recent date pattern changes 2013-07-17 21:12:16 +01:00
Steven Hiscocks bf86edb3ae BF: ISO8601 format now returns time in local time zone 2013-07-17 21:11:29 +01:00
Steven Hiscocks d661b8c046 BF: Apache regex and sample fail data update due to date pattern changes 2013-07-17 21:09:30 +01:00
Steven Hiscocks 72430e805d Merge branch 'datepatterns' into datepatterns-dateregex 
Conflicts:
	bin/fail2ban-regex
	fail2ban/client/beautifier.py
	fail2ban/server/datedetector.py
 2013-07-17 21:07:09 +01:00
Steven Hiscocks 05fac65a50 BF: fail2ban-regex multiline regex matches no longer in missed lines 
Closes #263
Closes #282
 2013-07-17 00:08:43 +01:00
Steven Hiscocks c61ba9f0de ENH+BF: Allow multi lines regex to be tested with samples test case 
Multi line regex currently only flags on last line, and other lines must
be labelled as not matched.
TODO: Create extension to fail JSON data to allow tying together of
multiple lines
 2013-07-16 23:47:28 +01:00
Steven Hiscocks 1eea0dcec8 Merge branch 'master' into 0.9 
Conflicts:
	ChangeLog
	bin/fail2ban-regex
	bin/fail2ban-testcases
	config/jail.conf
	fail2ban/server/failregex.py
	fail2ban/server/filter.py
	fail2ban/tests/files/logs/lighttpd
	fail2ban/tests/files/logs/mysqld.log
	fail2ban/tests/files/logs/wu-ftpd
	fail2ban/tests/filtertestcase.py
	fail2ban/tests/utils.py
	testcases/files/logs/lighttpd
	testcases/files/logs/lighttpd-auth
	testcases/files/logs/mysqld-auth
	testcases/files/logs/mysqld.log
	testcases/files/logs/wu-ftpd
	testcases/files/logs/wuftpd
 2013-07-16 23:16:22 +01:00
Steven Hiscocks acf9e51d98 BF+DOC: All fail2ban config files are UTF-8 decoded for python3 2013-07-10 22:18:53 +01:00
Steven Hiscocks 25f06f779d TST: Execute action timeout test almost equal assertion more forgiving 2013-07-05 18:56:47 +01:00
Steven Hiscocks 8513fde92a BF: Skip error in jail reader when no log files and with systemd backend 
Updated to avoid logpath elements entirely
 2013-06-30 00:50:15 +01:00
Steven Hiscocks 1aee817be2 BF: Skip error in jail reader when no log files and with systemd backend 2013-06-29 23:26:40 +01:00
Steven Hiscocks 379b4860a1 TST: Fix test for MultipleSameAction with no logs files 2013-06-29 20:36:09 +01:00
Steven Hiscocks 1dbba35cd9 Merge branch 'master' into 0.9 
Conflicts:
	fail2ban/client/jailreader.py
	fail2ban/tests/clientreadertestcase.py
	fail2ban/tests/files/logs/sshd
 2013-06-29 20:31:26 +01:00
Steven Hiscocks 5ca6a9aeb6 Merge branch 'systemd-journal' into 0.9 
Conflicts:
	bin/fail2ban-regex
	config/filter.d/sshd.conf

Closes github #224
 2013-06-29 13:00:40 +01:00
Yaroslav Halchenko 8487cb2e90 Merge commit '0.8.10-31-g1ab0f0f' into 0.9 
* commit '0.8.10-31-g1ab0f0f': (24 commits)
  BF/ENH: Incorrect authentication data doesn't need tailier so that's optional. Also gained log entry for Unrouteable address
  ENH: readibility thanks to Yaroslav
  DOC: Changelog for fail2ban-regex RF
  DOC: Changelog for asterisk hardening
  ENH: fail2ban-regex -- add specification of loglevels to enable
  RF: reworked -regex cmdline tool to use optparse, some unification and enhancement of outputs
  ENH: 'heavydebug' level == 5 for even more debugging in tricky cases
  ENH: asterisk -- use \S instead of [^:] + prefix failregex with ^\[
  BF: missed a space
  BF: [SSL-out] is optional in assp
  ENH: regex hardening on assp
  ENH: anchor a bit mor. Use \d and \w where possible. Escape a literal .
  TST: attempts at injection with username=rhost=1.2.3.4 have no user= logged in dovecot-1.2.15
  ENH: proftpd chan accept usernames with spaces
  ENH: injection of fail data into USER field
  ENH: dovecot regexs rewritten and extra failures
  ENH: proftp regex hardening and log messages
  ENH/BF: exim improvements with sample
  BF: fix to proxy port in 3proxy example
  ENH: sample log + more specific regex
  ...

Conflicts: -- it was a messy merge/resolution.
	ChangeLog
	bin/fail2ban-regex
	fail2ban-testcases
	fail2ban/server/filter.py
 2013-06-18 20:21:23 -04:00
Steven Hiscocks 9b8eaa90ef ENH: Reorder date regex and remove duplicate ISO8601 format 2013-06-18 22:19:53 +01:00
Yaroslav Halchenko f6cb981fc0 Merge commit '0.8.10-1-g460e09a' into 0.9 
* commit '0.8.10-1-g460e09a':
  it was not the end of the world and we should continue
  DOC: add information on where to report vulnerabilities + pointer to HOWTO_Seek_Help
  Changes for 0.8.10 release (changelog, version, etc)
  BF: anchor apache- filters.  Close #248
  DOC: credits for gh-244
  Filter Asterisk: Add sample log entry to testcase.
  Filter Asterisk: Add AUTH_UNKNOWN_DOMAIN error to list
  ENH: purge a few more .*
  DOC: credits
  DOC: how to do filter enhancements
  TST: normalize logs to use example.com and 1.2.3.4 as IP
  ENH/BF: constrain regex. Fix ACL error regex
  ENH: port optional
  Update asterisk
  Update asterisk.conf

Conflicts:
	ChangeLog
	DEVELOP
	README.md
	fail2ban/version.py
 2013-06-12 21:30:47 -04:00
Yaroslav Halchenko 9f9e9a33c6 BF: in 0.9 it is allowed to have multiple same actions with different names -- so use action_name 
+ address RF action._ActionReader__cInfo -> action._initOpts
 2013-05-29 12:38:03 -04:00
Yaroslav Halchenko ea6f3bedb0 BF: DefinitionInitConfigReader has _file, not __file 2013-05-29 12:36:40 -04:00
Yaroslav Halchenko a3161f59fa Merge commit '0.8.9-13-g39d32e0' into 0.9 
* commit '0.8.9-13-g39d32e0':
  Changelog for previous PR
  DOC: Changelog entry fro preceeding merge from Terence
  TST: Fix fail2ban.conf reader test for unreliable dictionary order
  failregex when roundcube log driver is set to 'syslog'
  fixed failregex line for roundcube 0.9+
  TST: test all stock jails to have actions and correctly specifying blocktype
  CFG: assure actions for all the jails
  BF: blocktype must be defined within [Init] -- adding [Init] section.  Close #232
  ENH: since it seems the default is to use file based logging, $syslog is in Should-{Start|Stop} like Debian https://github.com/fail2ban/fail2ban/blob/debian/debian/fail2ban.init
  ENH: opensuse script from opensuse: https://build.opensuse.org/package/view_file?expand=1&file=fail2ban.init&package=fail2ban&project=openSUSE%3AFactory

Conflicts:
	ChangeLog
	config/jail.conf
	testcases/clientreadertestcase.py -- had to "git show XXX | patch -p2" under tests/ 2 commits: 8a57ffd 7a4db4b
 2013-05-29 11:32:35 -04:00
Yaroslav Halchenko d379c0c06d Merge branch 'sshd-locked' of https://github.com/kwirk/fail2ban into 0.9 
* 'sshd-locked' of https://github.com/kwirk/fail2ban:
  DOC: Update man page for <SKIPLINES> usage
  ENH: Add new regex for locked accounts for sshd
  BF: fail2ban-regex adding duplicate lines with each regex
 2013-05-28 00:27:34 -04:00
Yaroslav Halchenko 84e8ba698a BF: remedy traceback testing case -- just check if called from fail2ban-testcases 2013-05-28 00:26:54 -04:00
Steven Hiscocks 49261925d7 ENH: Add new regex for locked accounts for sshd 2013-05-27 22:06:49 +01:00
Steven Hiscocks 01109e3a04 BF: Fix status of systemd filter backend 2013-05-26 14:05:11 +01:00
Steven Hiscocks 00e289e11b BF+TST: Fix handling of spaces and + char for journalmatch 
Previous fix attempted shlex split which whilst worked for reading from
config file, failed when using fail2ban-client, as the input is already
effectively shelx split by the executing shell.

FilterSystemd journal match methods now handle list structures which
should be shlex split when reading from config file, and simply pass all
the relevant arguments from the shell when using fail2ban-client
 2013-05-15 00:31:16 +01:00
Steven Hiscocks 09199095b4 BF: Allow journal matches with spaces and "+" in 2013-05-13 23:42:33 +01:00
Steven Hiscocks c1226afe92 TST: Add tests for transmitter journalmatch 2013-05-13 23:42:09 +01:00
Yaroslav Halchenko c21b7c3b9e Merge branch 'master' into 0.9 -- with that also progress into 0.9.0a1 
* master:
  Getting ready for further development

Conflicts:
	ChangeLog
	fail2ban/version.py
 2013-05-13 12:58:53 -04:00
Yaroslav Halchenko f5a8a8ac7c Release 0.8.9 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iEYEABECAAYFAlGRBZ8ACgkQjRFFY3XAJMhqzwCgvUsrv6cSjo1d8YCQUA8Na0Kk
 44QAoKk7X2sqFM+wvj2vK3stsHa/80qm
 =iBfR
 -----END PGP SIGNATURE-----

Merge tag '0.8.9' into 0.9 (quite a bit of conflicts "resolved")

Release 0.8.9

* tag '0.8.9':
  BF: add missing files to MANIFEST (I think we shoult not rely on sdist anyways -- 'git tag' tarballs are more thorough ;) )
  All the (version) updates for the release of 0.8.9
  BF: (travis) relax the test for needed to be presented installed directories -- allow new
  BF: (travis) if tests ran under coverage -- there is a traceback parts to report (thus > would be present)
  ENH: also print the failing traceback line in case of failure
  ENH: include explicit list of new files which should not be there upon "install --root"
  ENH: now we know that logging handlers closing was still buggy in 2.6.2
  ENH: issue a warning if jail name is longer than 19 symbols (Close #222)
  DOC: inline commends with ';' are in effect only if ';' follows as space
  BF: Fix for filterpoll incorrectly checking for jailless state
  ENH: strengthen detection of working pyinotify
  ENH: use the same python executable for setup.py test
  ENH: actually tune up TraceBack to determine "unittest" portions of the stack across all python  releases
  TST: Some primarily smoke tests for tests utils
  TST: cover few more lines in fail2banreader.py
  ENH: basic test for setup.py itself (when applicable, should greatly improve coverage ;) )
  ENH: consistent operation of formatExceptionInfo + unittest for it
  ENH: point to the status of master branch on travis

Conflicts:
	ChangeLog
	MANIFEST
	README.md
	fail2ban/version.py -- all of the above obvious version changes

   below files primarily  needed just a bit of help in resolution
	config/jail.conf
	fail2ban/server/filterpoll.py
	fail2ban/server/server.py
	fail2ban/tests/servertestcase.py

   and following were more difficult -- git wasn't able to track renames/moves of the code
    fail2ban-testcases -- needed to introduce those changes to tests/utils.py
	testcases/clientreadertestcase.py -- manually applied patch from master
	testcases/utils.py -- manually applied patch from master
 2013-05-13 12:29:41 -04:00
Steven Hiscocks 90de5aa568 TST: Update travis coverage config to exempt systemd related code 2013-05-12 13:40:25 +01:00
Steven Hiscocks 33a7763cfc RF+BF+ENH: Rewrite extract options, and now allow "=" char in options 2013-05-10 17:24:23 +01:00
Steven Hiscocks 970291867b TST: Improve tests for JailReader extract options 2013-05-10 17:14:13 +01:00
Steven Hiscocks 4b5d6b6940 ENH: systemd backend produce more reliable isoformat dates 2013-05-10 10:28:06 +01:00
Steven Hiscocks e584ab66ac BF: Avoid setting of log encoding for systemd backend 2013-05-10 10:27:26 +01:00
Steven Hiscocks f7d328195f NF: Add systemd journal backend 2013-05-10 00:15:07 +01:00
Yaroslav Halchenko 709b437b7d Merge commit '0.8.8-312-g7a6eecb' into 0.9 
* commit '0.8.8-312-g7a6eecb':
  ENH: close open file in a test
 2013-05-09 13:25:41 -04:00
Yaroslav Halchenko 7a86d30c6d ENH: unify appearance of log msgs in executeCmd -- separate additional information with "--" 2013-05-09 11:50:17 -04:00
Yaroslav Halchenko 810a28f136 Merge branch 'actionreader-timeout' of https://github.com/kwirk/fail2ban into 0.9 
* 'actionreader-timeout' of https://github.com/kwirk/fail2ban:
  BF: Fix for setting of timeout value via actionreader
 2013-05-09 11:39:12 -04:00
Steven Hiscocks 60d1dfebee BF: Fix for setting of timeout value via actionreader 2013-05-08 22:45:49 +01:00
Steven Hiscocks d4e5c174e2 BF: Multiline regex now works with log line strip of "\r\n" 2013-05-08 21:57:23 +01:00
Yaroslav Halchenko f5dfa610e6 Merge branch 'master' into 0.9 (propagating \r\n fix) 
* master:
  Previous coverage was 56% (without disregarding any pragma)
  Changelog for preceeding commit
  ENH: strip CR and LF while analyzing the lines (processLine) (Close #202)

Conflicts:
	fail2ban/server/filter.py
 2013-05-08 16:37:53 -04:00
Yaroslav Halchenko 2c21fe78a8 Merge branch 'master' into 0.9 
* master:
  ENH: close files in _test_move_into_file
  ENH: remove use of $Revision and $Date SVN tags
  Add README.Solaris into distribution

Conflicts:
	client/actionreader.py
 2013-05-08 15:16:13 -04:00
Yaroslav Halchenko b86d8e9565 BF: avoid circular imports -- import testcases right in gatherTests 2013-05-08 13:54:11 -04:00
Yaroslav Halchenko f1b6806eb4 Merge branch 'master' into 0.9 
* master: (51 commits)
  ENH: Use real (resolving) example.com instead of test.example.com
  DOC: Slight tune ups to ChangeLog -- we must release!
  Changelog entries for the latest merges
  BF: add bash-completion to MANIFEST
  DOC: ChangeLog for default action type change
  ENH: consolidate where blocktype is defined for iptables rules
  BF: default type to unreachable
  ENH: separate out regex and escape a .
  ENH: logs/sshd -- have ":" after [daemon] (other uses are uncommon)
  ENH: logs/sshd -- use example.com as the resolved hostname in sample log lines
  ENH: filter.d/sshd.conf -- allow for trailing "via IP" in logs
  DOC: Drop sudo from bash-completion
  DOC: Added bash-completion script
  ENH: add blocktype to all relevant actions. Also default the rejection to a ICMP reject rather than a drop
  ENH: Removed unused log line
  ENH: logrotate file
  BF: missed MANIFEST include
  BF: missed MANIFEST include
  BF: missed MANIFEST include
  ENH: some form of logrotate based on what distros are doing
  ...

Conflicts:
	ChangeLog
	MANIFEST
	client/actionreader.py
	config/jail.conf
	fail2ban/server/datedetector.py
	fail2ban/tests/datedetectortestcase.py
 2013-05-08 13:53:38 -04:00
Steven Hiscocks d5006f36c8 TST: Add test for transmitter datepattern 2013-05-04 18:26:25 +01:00
Steven Hiscocks 9d0f143a81 DOC: Update warning for undetectable date format 2013-05-04 17:25:19 +01:00
Steven Hiscocks 20049dd3a0 NF: Generate datetemplates from strptime format strings 
Can also set custom time format from fail2ban-client, replacing the
default detectors
 2013-05-04 16:59:01 +01:00
Yaroslav Halchenko b6059f4773 Merge branch 'cmd-timeout' (PR #190) of https://github.com/kwirk/fail2ban into 0.9 
* 'cmd-timeout' of https://github.com/kwirk/fail2ban:
  NF: For action execution, log stdout and stderr if debug or cmd error
  NF: Allow setting of timeout for execution of action commands

Conflicts:
	fail2ban/client/actionreader.py
	fail2ban/server/action.py
 2013-05-03 00:21:29 -04:00
Yaroslav Halchenko b65205d4ad Merge branch 'master' into 0.9 
* master:
  ENH: "is None" instead of "== None" + tune ups in headers
  BF: log error only if there were missed config files that couldn't be read
  DOC: missing cinfo tags are ok. Log error for self referencing definitions
  DOC: s/defination/definition/g learn to spell
  Changelog entry for the previous commit and some untabify
  BF: pyinotify backend should also handle IN_MOVED_TO events
  ENH: remove stats of config files and use results of SafeConfigParserWithIncludes.read to facilitate meaningful error messages
  DOC: credits for gh-70 fix
  BF: ensure dates in email are in the C locale. Thanks iGeorgeX
  DOC: ChangeLog for recursive tag substition
  ENH: allow recursive tag substitution in action files.
  DOC: document <br> tag
  DOC: ChangeLog for named-refused entry
  ENH: Account for views in named filter. By Romain Riviere in gentoo bug #259458
  DOC: release documentation and distributor contacts
  DOC: changelog entry for enhanced ssh filter
  BF: Rename mentioning of README to README.md (Fixes #187)
  updated README.md to hyperlink, add travis and coversall
  Moving README into a markup README.md for github's goodnesses

Conflicts:
	DEVELOP
	README.md
	fail2ban/client/configreader.py
	fail2ban/server/datedetector.py
 2013-05-02 23:55:26 -04:00
Steven Hiscocks c0e8ce5854 NF: For action execution, log stdout and stderr if debug or cmd error 2013-05-01 21:07:13 +01:00
Steven Hiscocks 219860ed8e BF: Raise ValueError for adding of duplicate named action 2013-04-28 13:23:57 +01:00
Steven Hiscocks 6d2ff47e71 NF: Allow return of list of actions from jail via fail2ban-client 2013-04-28 13:23:06 +01:00
Steven Hiscocks a3e216b0b2 BF: Change name->actname for multi action jails to avoid clash 
Primary examples is `name` is used in iptables actions for the chain.
Also changed pop->get so actname can be used as keyword
 2013-04-27 20:56:31 +01:00
Steven Hiscocks d07df66370 NF: Allow setting of timeout for execution of action commands 
This uses subprocess.Popen, polling until `timeout` seconds has passed
or the command has exit. If the command has not exited, fail2ban then
sends SIGTERM, and if this is unsuccessful, SIGKILL.

The timeout can be changed for an entire action via action [Init]
options, or via jail.conf override, or fail2ban-client. The default
timeout period is 60 seconds.
 2013-04-27 20:06:09 +01:00
Steven Hiscocks bec70cbe4b TST: Clean up after jails test for MultipleSameAction 2013-04-27 19:11:58 +01:00
Steven Hiscocks 45c9c45b41 BF+RF: Allow multiple of same action in a single jail 2013-04-25 22:36:08 +01:00
Steven Hiscocks 7a29a952c1 TST: Add test case for jails with multiple of the same action 2013-04-25 22:34:07 +01:00
Yaroslav Halchenko 62602a9ed0 Revert "ENH: by default enable a single jail -- sshd" 
This reverts commit 47a62b6072.

Enabling any jail by default should be a prerogative of particular
distributions (thanks Fabian Wenk for the discussion)

Conflicts:
	config/jail.conf
 2013-04-23 13:58:58 -04:00
Yaroslav Halchenko 203ddb370a PY3(BF): config reader -- handle __name__ interpolation 2013-04-23 10:10:49 -04:00
Yaroslav Halchenko d05e7a5746 TST: elaborate pass through the default jail.conf with basic checking of shipped filters and actions 2013-04-22 23:47:52 -04:00
Yaroslav Halchenko 47a62b6072 ENH: by default enable a single jail -- sshd 2013-04-22 22:35:01 -04:00
Yaroslav Halchenko 3ba540eca3 ENH+BF: use %(__name__) by default for filter, defined enabled = false by DEFAULT 
Now jail.conf is really neat.

BF: tests
 2013-04-22 22:23:23 -04:00
Yaroslav Halchenko 8a0ac30bd9 ENH: Throw exception if requested Jail is actually not defined at all 2013-04-22 16:59:00 -04:00
Yaroslav Halchenko a648cc29e8 Merge: 'github_kwirk_fail2ban/filter-init' into 0.9 -- allow options for filters (move maxlines into filters handling) 
* github_kwirk_fail2ban/filter-init:
  ENH: Renamed OptionConfigReader to DefinitionInitConfigReader
  ENH: Rename splitAction to extractOptions in jailreader
  ENH: Use os.path.join for filter/action config readers
  ENH: Remove redundant `maxlines` option from jail reader
  TST: Add test for FilterReader [Init] `maxlines` override
  ENH: Move jail `maxlines` to filter config
  NF: Filters now allow adding of [Init] section similar to actions

Conflicts:
	fail2ban/tests/clientreadertestcase.py
 2013-04-21 23:34:48 -04:00
Steven Hiscocks dadd6aed2f BF+TST: Correctly reset time in tearDownMyTime 2013-04-21 17:39:56 +01:00
Steven Hiscocks e57505e074 ENH: Renamed OptionConfigReader to DefinitionInitConfigReader 2013-04-21 11:27:32 +01:00
Steven Hiscocks 1a43a0bce1 ENH: Rename splitAction to extractOptions in jailreader 2013-04-21 11:26:46 +01:00
Steven Hiscocks c95b87c13c ENH: Use os.path.join for filter/action config readers 2013-04-21 11:21:06 +01:00
Steven Hiscocks b182c5b5d4 ENH: For python3.2+ use ConfigPaser which replaces SafeConfigParser 
Current SafeConfigParser alias to be dropped in future python versions
 2013-04-21 10:30:13 +01:00
Steven Hiscocks 3936793413 TST: Change depreciated unittest assertEquals method to assertEqual 2013-04-21 10:28:34 +01:00