j-marz
5d8f500471
updated formatting to pass tests
2021-03-29 08:36:53 +11:00
j-marz
2686811593
Updated zoneminder filter
...
Support new log format, ERR instead of WAR. Add detection of non-existent user login attempts
2021-03-28 21:19:10 +11:00
sebres
80a33b1dee
Merge branch '0.11'
2021-03-25 12:14:11 +01:00
sebres
b259e81911
test-suite: skip testFQDN if no network
2021-03-25 12:13:46 +01:00
sebres
d8e450cf12
Merge branch 'fix-readline-multibyte'
2021-03-25 12:13:18 +01:00
sebres
4b17dddc23
update ChangeLog
2021-03-25 12:07:34 +01:00
sebres
ccf4f3a07d
amend with common log-file iterator in fail2ban-regex and test-suite (in sample regex factory also)
2021-03-25 12:07:31 +01:00
sebres
9659033523
fail2ban-regex: reimplemented log-file iterator - uses FileContainer facilities now instead of direct read from file and decode;
...
fail2banregextestcase.py extended to cover proper line-ending handling by interim NL char as part of multi-byte encodings (utf-16be, utf-16le)
2021-03-25 12:07:29 +01:00
sebres
cbac7c176a
readline fixed to consider interim new-line character as part of code point in multi-byte logs (e. g. unicode: utf-16be, utf-16le);
...
suppress warning "Error decoding line" for incomplete line (produced by not fully read multi-byte new-line character at end of data);
added test coverage for such logs
2021-03-25 12:07:26 +01:00
sebres
6cf4669dee
Merge branch '0.10' into 0.11
2021-03-24 14:18:22 +01:00
sebres
d135aeea16
fixes restore of original logging withing tests (`LogCaptureTestCase.tearDown`) - python 3 seemed still to log wordy after tear down (setting of log.level does not restore the level for related log objects - e. g. for logger of `fail2ban.jail` etc, so `fail2ban-testcases '(testVersion|testLongName).*servertest'` generating messages in stdout handler in testLongName)
2021-03-24 14:14:47 +01:00
sebres
8757563be1
close fork
2021-03-23 14:20:10 +01:00
sebres
996920cdaa
in operation mode the filter reads only complete lines (ended with new-line) now, otherwise it would wait for end of line (for its completion)
2021-03-22 01:17:26 +01:00
sebres
061fab898a
Merge branch '0.10' into 0.11
2021-03-22 00:58:03 +01:00
sebres
e587526ede
tests: add missing constraint (causing incomplete comparison in below cycle if fewer lines as expected was found)
2021-03-22 00:56:40 +01:00
sebres
343ccd7e8a
small optimization
2021-03-21 23:35:38 +01:00
sebres
9bdc4be6cc
stability: better recognition of rotation (e. g. on hash collision, consider current size and last known position now), no hash of empty file (or not fulfilled line), etc;
...
performance: avoid unnecessary seek to start of file and hash calculation - now it occurs only if file really rotated (ino changing or size shrinking), otherwise not earlier than in 30 seconds;
avoid unneeded log-rotation in tests
2021-03-21 23:35:09 +01:00
sebres
725354c793
action info extended with new members for jail info (usable as tags in command actions):
...
`jail.found`, `jail.found_total` - current and total found failures
`jail.banned`, `jail.banned_total` - current and total bans
closes #10
2021-03-20 22:33:31 +01:00
Sergey G. Brester
08393f9d82
Update filter_request.md
2021-03-03 20:28:27 +01:00
sebres
df5e024fb8
new issue templates
2021-03-03 20:16:34 +01:00
sebres
fb08534ed7
Merge branch '0.11'
2021-03-03 18:17:35 +01:00
sebres
3eaefe8da0
Merge branch '0.10' into 0.11
2021-03-03 18:16:47 +01:00
sebres
04aba6168c
fixed typo, `--` is not expected in options declaration, so `--dump-pretty` did never work (only `--dp` is working)
2021-03-03 13:02:00 +01:00
sebres
a45b1c974c
filter.d/ignorecommands/apache-fakegooglebot: added timeout parameter (default 55 seconds) - avoid fail with timeout (default 1 minute) by reverse lookup on some slow DNS services (googlebots must be resolved fast);
...
closes gh-2951
2021-03-02 19:35:27 +01:00
sebres
63acc862b1
`action.d/nginx-block-map.conf`: reload nginx only if it is running (also avoid error in nginx-errorlog, gh-2949) and better test coverage for the action
2021-02-24 18:21:42 +01:00
sebres
fb6315ea5e
Merge branch '0.10' into 0.11
2021-02-24 13:16:36 +01:00
sebres
6f4b6ec8cc
action.d/badips.* removed (badips.com is no longer active, gh-2889)
2021-02-24 13:05:04 +01:00
sebres
e3d43d1241
Merge branch 'fix-rc-on-too-many-failures' into 0.10: resolves RC with uncontrolled growth of failure list (jail with too many matches that did not cause ban, gh-2945)
2021-02-24 12:45:15 +01:00
sebres
92a2242174
amend fixing journal tests (systemd backend only)
2021-02-23 15:54:48 +01:00
sebres
e353fb8024
fixed test cases (ban ASAP also followed in test suite now, so failure reached maxretry causes immediate ban now)
2021-02-23 02:46:44 +01:00
sebres
55d7d9e214
*WiP* try to solve RC on jails with too many failures without ban, gh-2945 ...
2021-02-22 18:39:58 +01:00
sebres
884cbbd6e1
Merge branch '0.11'
2021-02-17 19:04:23 +01:00
sebres
abc5a4e062
ChangeLog ( #2742 )
2021-02-17 19:02:22 +01:00
sebres
a0352182e8
Merge branch '0.10' into 0.11
2021-02-17 18:57:38 +01:00
sebres
294ec73f62
Merge branch 'py-3-10-alpha-5' into 0.10
2021-02-17 18:49:06 +01:00
Sergey G. Brester
9f1d1f4fbd
amend for `Mapping` (jails)
2021-02-17 18:47:42 +01:00
Sergey G. Brester
42dee38ad2
amend for `Mapping`
2021-02-17 18:47:40 +01:00
Sergey G. Brester
2b6bb2c1be
follow bpo-37324: :ref:`collections-abstract-base-classes` moved to the :mod:`collections.abc` module
...
(since 3.10-alpha.5 `MutableMapping` is missing in collections module)
2021-02-17 18:47:38 +01:00
Sergey G. Brester
8ae9208454
try to provide coverage for 3.10-alpha.5 ( #2931 )
2021-02-17 18:47:32 +01:00
Sergey G. Brester
a2f0dbad87
Merge pull request #2742 from aresxc/patch-1
...
Update drupal-auth.conf
2021-02-11 19:10:55 +01:00
Sergey G. Brester
f4f92aa72d
more tests covering different cases, injections attempt etc
2021-02-11 18:56:53 +01:00
Sergey G. Brester
d678440658
more precise RE (avoids weakness with catch-all's and is injection safe)
2021-02-11 18:32:32 +01:00
sebres
ea26509594
Merge branch '0.11'
2021-02-03 14:59:00 +01:00
sebres
6198b4566c
Merge branch '0.10' into 0.11
2021-02-03 14:47:56 +01:00
sebres
366c64cb9d
extractOptions: ensure options are parsed completely - avoids unexpected skip or truncate of parameters, produces more verbose error message in case of incorrect syntax; added more tests covering several cases
...
WARN: potential incompatibility (since it doesn't silently ignore wrong syntax anymore)
2021-02-03 14:45:30 +01:00
sebres
409348394e
Merge pull request #2913
...
Add transport to asterisk RE
2021-02-03 12:41:29 +01:00
Brian J. Murrell
7f185a828e
Update date in failJSON
...
The date format in failJSON is specific, so convert the date to use that format.
2021-01-31 15:22:16 +01:00
Brian J. Murrell
69c96c00c0
Log entries for updated failregex
...
Add a sample failregex.
Signed-off-by: Brian J. Murrell <brian@interlinx.bc.ca>
2021-01-31 15:22:16 +01:00
Brian J. Murrell
dc4ee5aa47
Add transport to asterisk RE
...
Call rejection messages from Asterisk can have the transport prefixed to the IP address.
Signed-off-by: Brian J. Murrell <brian@interlinx.bc.ca>
2021-01-31 15:22:16 +01:00
sebres
c75748c5d3
fail2ban.conf: added new fail2ban configuration option "allowipv6" (default auto), can be used to allow or disallow IPv6 interface in fail2ban immediately by start (e. g. if fail2ban starts before network interfaces).
...
closes gh-2804
2021-01-27 17:06:14 +01:00