Commit Graph

3702 Commits (597a27576eae6294187c241854f7e813ef18ab38)

Author SHA1 Message Date
sebres 42b5a10f5d Back-port pull request #1508 from sebres/_fix/python-executable-gh-1506 to master (0.10 -> 0.9) 2016-08-12 18:42:54 +02:00
sebres cb340db220 ChangeLog entry for gh-1508 2016-08-12 18:37:46 +02:00
sebres db30b7ce06 BF: prefer sys.argv[0] by retrieving of root resp. bin path: __file__ seems to be overwritten sometimes on some python versions (e.g. bug of 2.6 by running under cProfile, etc.) 2016-08-12 17:59:27 +02:00
sebres 6cdc1ce685 compatibility fix (virtualenv, running test cases in py3)
# Conflicts:
#	MANIFEST
2016-08-12 17:59:24 +02:00
sebres 38d53a72fd introduces new command "fail2ban-python", as automatically created symlink to python executable, where fail2ban currently installed (resp. its modules are located);
fixed pythonic filters and test scripts (running via "fail2ban-python" now);
fixed test case "testSetupInstallRoot" not for default python (also using direct call, out of virtualenv);

# Conflicts:
#	config/filter.d/ignorecommands/apache-fakegooglebot
#	fail2ban/tests/files/config/apache-auth/digest.py
#	fail2ban/tests/files/ignorecommand.py
#	fail2ban/tests/misctestcase.py
2016-08-12 17:58:37 +02:00
Yaroslav Halchenko 9d70c49ea8 BF: install doc files only under Linuxes and other GNU systems (Closes #1233) (#1503) 2016-08-09 12:49:40 +02:00
Yaroslav Halchenko 123f4ceaee Changelog for postfix-sasl fix 2016-08-08 17:11:07 -04:00
maksyms 9ddbd642f7 Accept no space after "failed:" (#1501)
yoh: Squashed to ease cherry-picking into 0.9

* accept no space after "failed:"

fix issue #1497

* accept no space after "failed:"

* Update postfix-sasl

* Update postfix-sasl

* Update postfix-sasl
2016-08-08 17:09:47 -04:00
sebres c52aaa8b78 ASSP failregex minor fixes 2016-08-08 19:06:28 +02:00
sebres 70658d7a19 Merge pull request #1494 from rhardy613/master (branch 'sebres:pr-1494') 2016-08-08 18:49:32 +02:00
rhardy613 89f8999fe5 Add changelog entry for ASSP filter changes
Add changelog entry for ASSP filter changes
2016-08-06 01:07:04 -04:00
rhardy613 8265e3f0f9 Fix comments
For some reasons the comment changes weren't pickup in the last commit.
This fixes it.
2016-08-05 23:25:15 -04:00
rhardy613 66fe5a77ce Fix ASSP filter to work with both ASSP V1 and V2
ASSP V1 development stopped at the end of 2014 and it is now deprecated.
All users were urged to upgrade to ASSP V2 which is still actively
developed.
fail2ban 0.9.5 (and trunk) still have code which only understands ASSP
V1 logs.
This means the filter ignores brute force attacks against ASSP. This fix
adds V2 support.
2016-08-05 23:18:51 -04:00
rhardy613 890a3dcbb9 Fix ASSP filter to work with current release of ASSP
ASSP V1 development stopped at the end of 2014 and it is now deprecated.
All users were urged to upgrade to ASSP V2 which is still actively
developed. For some reason fail2ban 0.9.5 (and trunk) still have code
which only understands ASSP V1 logs. This means the filter ignores brute
force attacks against ASSP.
Now updated with anchored patterns tested against 6 months of log data.
2016-08-05 17:26:47 -04:00
Yaroslav Halchenko c0994b0c6c DOC: minor typo (thanks John Bernard) Closes #1496 2016-08-04 10:23:05 -04:00
sebres eb6e3c52ae ChangeLog entries for the last fix (cherry pick from 0.10) 2016-08-01 18:04:00 +02:00
sebres 0083036b5f Merge branch '0.9/gh-1492' 2016-08-01 14:45:05 +02:00
sebres 8b1225f177 several amend fixes after cherry pick from 10th branch 2016-08-01 14:07:37 +02:00
sebres 3e330604c7 several test cases rewritten using new assertIn, assertNotIn (better as own from unittest, because support generators beautifying, etc.)
+ new forward compatibility method assertRaisesRegexp;
+ methods assertIn, assertNotIn, assertRaisesRegexp are test covered now;
+ easy-fix for distributions compatible test cases (e.g. fedora default backend is 'systemd'), (closes gh-1353, closes gh-1490)

cherry picked from 9d56079756 (0.10 branch)
2016-08-01 13:52:05 +02:00
rhardy613 f73746d846 Fix ASSP filter to work with current release of ASSP
ASSP V1 development stopped at the end of 2014 and it is now deprecated.
All users were urged to upgrade to ASSP V2 which is still actively
developed. For some reason fail2ban 0.9.5 (and trunk) still have code
which only understands ASSP V1 logs. This means the filter ignores brute
force attacks against ASSP.
2016-07-31 13:50:52 -04:00
Yaroslav Halchenko d9f039df03 Merge branch 'master' of git://github.com/fail2ban/fail2ban
* 'master' of git://github.com/fail2ban/fail2ban:
  BF: do not rely on long relative path to upstairs config - symlink dereferenced copied during install (#1485)
2016-07-15 09:02:42 -04:00
Yaroslav Halchenko cee09e29ec BF: do not rely on long relative path to upstairs config - symlink dereferenced copied during install (#1485)
* BF: do not rely on long relative path to upstairs config - symlink common.conf
* Added missing files to MANIFEST
2016-07-15 09:19:45 +02:00
Yaroslav Halchenko dca5ff44c2 Merge branch 'bf-common-zzz'
* bf-common-zzz:
  BF: do not rely on long relative path to upstairs config - symlink common.conf
2016-07-14 22:25:07 -04:00
Yaroslav Halchenko 79616b76bf Added missing files to MANIFEST 2016-07-14 22:19:10 -04:00
Yaroslav Halchenko 687ea8d333 BF: do not rely on long relative path to upstairs config - symlink common.conf 2016-07-14 22:15:22 -04:00
Yaroslav Halchenko 5714ac201b DOC: preparations for 0.9.5 release 2016-07-14 21:35:49 -04:00
Yaroslav Halchenko 0f88e8a658 Added missing files to MANIFEST 2016-07-14 21:31:18 -04:00
Yaroslav Halchenko 72c4743666 Merge pull request #1481 from yarikoptic/doc-changelog
Doc changelog - reformatted for markdown and a bit less indentation
2016-07-14 21:23:09 -04:00
Yaroslav Halchenko 21056c995d Merge remote-tracking branch 'origin/master' into doc-changelog
* origin/master:
  another variant of regex
  add trailing anchor to failregex
  add PR id to ChangeLog
  improved failregex according to @sebres recomendations
  * add `__prefix_line` to regex * fix time in log file
  add info to log file
  added sample log lines for slapd
  adding openldap slapd filter
2016-07-14 21:21:35 -04:00
Yaroslav Halchenko 28a0605f69 Merge pull request #1478 from gips0n/master
adding openldap slapd filter
2016-07-14 08:30:42 -04:00
Andrii Melnyk 7433b353ee another variant of regex 2016-07-14 10:19:21 +03:00
Andrii Melnyk 7c5828dd2a add trailing anchor to failregex 2016-07-13 21:09:42 +03:00
Yaroslav Halchenko 33ed71b3de DOC: Reformatted ChangeLog into legit Markdown (Closes #962) 2016-07-10 19:53:54 -04:00
Yaroslav Halchenko ec9c4a27f3 DOC: tuned up ChangeLog entries for 0.9.5
unified capitalized beginning of each entry
no trailing spaces or dots etc
2016-07-10 18:40:20 -04:00
Andrii Melnyk 2c5a489bc7 add PR id to ChangeLog 2016-07-08 13:55:58 +03:00
Andrii Melnyk 48c094f612 improved failregex according to @sebres recomendations 2016-07-08 13:45:10 +03:00
sebres de5d911fd5 Merge branch 'asterisk_pjsip_2' 2016-07-08 11:47:29 +02:00
sebres f5f204ca7c Improved changes of gh-1458:
`[^']*` after callid was wrong, changed to `[^\)]*`;
  regexp anchored at the end;
  almost the same regex grouped to one;

Closes #1458
2016-07-08 11:45:25 +02:00
nturcksin 72a157b8f2 Improve PJSIP log support for asterisk 13+ with different callID (Squash gh-1458)
Change the asterisk pjsip filter to don't take the callId part
Add optional part between "Request" and "from"
Listed all log message from asterisk
2016-07-08 11:45:22 +02:00
Andrii Melnyk dcb69b0242 * add `__prefix_line` to regex
* fix time in log file
2016-07-08 05:29:51 +03:00
Andrii Melnyk c335663395 add info to log file 2016-07-08 05:12:25 +03:00
Andrii Melnyk c9ab669851 added sample log lines for slapd 2016-07-08 04:56:29 +03:00
Andrii Melnyk b2e3affaa0 adding openldap slapd filter 2016-07-08 04:50:57 +03:00
Serg G. Brester af8b650a37 badip timeout option introduced, set to 30 seconds in our test cases (#1463)
cherry-picked from 0.10 (little bit modified in test_badips.py, because no --fast option in test cases)
2016-06-13 12:56:53 +02:00
Yaroslav Halchenko 11f7cf5ad8 DOC: changelog for recent exim filters tune up 2016-06-07 21:38:39 -04:00
Yaroslav Halchenko 636a93f58b Merge pull request #1438 from yarikoptic/bf-exim
exim filters -- make wider use of host_info helper str susbstitution + fix for #1430
2016-06-07 21:35:52 -04:00
Ludovic Gasc f85fb45b29 Asterisk pjsip (#1456)
* Improve PJSIP log support for Asterisk 13+

* Update changelog: filter.d/asterisk.conf - fix security log support for PJSIP and Asterisk 13+

* Change pjsip regexp with sebres observation, thanks to @nturcksin
2016-06-07 11:40:35 +02:00
Yaroslav Halchenko ced6c8307b BF: finalize that sample log line for exim4
was intended in 743a531eb5 to be an entry without a port
after the [host]
2016-06-02 20:57:27 -04:00
sebres b85347477f Amend merge for pull request #1454 2016-05-31 17:47:12 +02:00
sebres b3bb8b20bf amend for new option of `usedns=raw` - forgotten validation fix inside setUseDns 2016-05-31 17:45:44 +02:00