614fb8505e
BF: globally make HEAVYDEBUG logging level when importing fail2ban
2013-07-17 21:12:48 +01:00
674e1d82f4
TST: vsftpd fail data update due to recent date pattern changes
2013-07-17 21:12:16 +01:00
bf86edb3ae
BF: ISO8601 format now returns time in local time zone
2013-07-17 21:11:29 +01:00
d661b8c046
BF: Apache regex and sample fail data update due to date pattern changes
2013-07-17 21:09:30 +01:00
72430e805d
Merge branch 'datepatterns' into datepatterns-dateregex
...
Conflicts:
bin/fail2ban-regex
fail2ban/client/beautifier.py
fail2ban/server/datedetector.py
2013-07-17 21:07:09 +01:00
05fac65a50
BF: fail2ban-regex multiline regex matches no longer in missed lines
...
Closes #263
Closes #282
2013-07-17 00:08:43 +01:00
c61ba9f0de
ENH+BF: Allow multi lines regex to be tested with samples test case
...
Multi line regex currently only flags on last line, and other lines must
be labelled as not matched.
TODO: Create extension to fail JSON data to allow tying together of
multiple lines
2013-07-16 23:47:28 +01:00
774c9ce4fd
BF: setup.py build now includes sample log files for tests
2013-07-16 23:37:44 +01:00
1eea0dcec8
Merge branch 'master' into 0.9
...
Conflicts:
ChangeLog
bin/fail2ban-regex
bin/fail2ban-testcases
config/jail.conf
fail2ban/server/failregex.py
fail2ban/server/filter.py
fail2ban/tests/files/logs/lighttpd
fail2ban/tests/files/logs/mysqld.log
fail2ban/tests/files/logs/wu-ftpd
fail2ban/tests/filtertestcase.py
fail2ban/tests/utils.py
testcases/files/logs/lighttpd
testcases/files/logs/lighttpd-auth
testcases/files/logs/mysqld-auth
testcases/files/logs/mysqld.log
testcases/files/logs/wu-ftpd
testcases/files/logs/wuftpd
2013-07-16 23:16:22 +01:00
bf05f2ac95
Merge branch 'filter-failregex-return'
...
Conflicts:
server/filter.py
2013-07-16 21:17:18 +01:00
ba29f6bef3
DOC: Update doc in reference to changes for sample testcases
2013-07-16 21:11:10 +01:00
c2bdfefb62
DOC: Comment to fail2ban-regex - flagging lines matched multiple regexs
2013-07-16 20:58:44 +01:00
e4d759ac94
Merge pull request #283 from yarikoptic/master
...
Roundcube failregex -- anchor at the beginning as well + mandate <HOST> to end with alphanumeric
2013-07-16 12:49:25 -07:00
90ec82669c
DOC: changelog entries for preceeding changes
2013-07-16 15:10:41 -04:00
f6a8a04cf3
ENH: roundcube-auth - adopt for current format with trailing error message. thanks @kwirk for the review/feedback
...
I also used non-greedy .*? for the login portion since not sure if space could
be there and trying to minimize possibility of reacting on injected "from
<HOST>" somewhere within the trailing .*
2013-07-16 15:07:32 -04:00
0a02cfe9e8
ENH: <HOST> must end with alphanumeric \w (not a dot or a dash etc)
...
Otherwise <HOST> regexp might swallow period in the sentence right after the address.
I have decided to enforce alphanumeric instead of switching to non-greedy +? ... because
I think it is closer to what we actually want here
2013-07-16 15:03:06 -04:00
8add63c733
ENH: anchor roundcube-auth at the beginning as well
2013-07-16 14:16:23 -04:00
148cbd8d2a
ENH: heavier debugging -- log split date/log line even for no match. Log matching regex upon match
2013-07-16 14:16:23 -04:00
1a2b6442a0
ENH+BF+TST: Filter now returns reference to failregex and ignoreregex
...
This avoids duplication of code across fail2ban-regex and samples test
cases. This also now more neatly resolves the issue of double counting
date templates matches in fail2ban-regex.
In addition, the samples test cases now also print a warning message
that not all regexs have samples for them, with future plan to change
this to an assertion.
2013-07-15 22:22:13 +01:00
5bd186b854
ENH(minor): fail2ban-regex comment line doesn't have to have a space after leading #
2013-07-15 13:52:42 -04:00
2c8747cc76
BF: fail2ban-regex date detector template hits count now correct
...
closes #295
2013-07-15 18:40:32 +01:00
4855cae487
Merge branch 'sample-log-meta-data'
...
Conflicts:
testcases/files/logs/dovecot
2013-07-14 18:29:36 +01:00
1116f23151
TST: Sample log regex test now warns if no log for a filter
...
Also checks that at least some tests are present
2013-07-14 18:19:16 +01:00
6ee2323fa1
Merge pull request #285 from kwirk/python3-config-unicode
...
BF+DOC: All fail2ban config files are UTF-8 decoded for python3
2013-07-14 07:31:57 -07:00
e562515df7
Merge pull request #292 from grooverdan/solaris-doc
...
DOC: shorten example and provide clarification and spelling fix
2013-07-14 07:13:20 -07:00
728399c39e
Merge pull request #281 from kwirk/dovecot-filter
...
ENH: dovecot filter additions for session, time value and blank user
2013-07-14 05:18:04 -07:00
94376bfbe1
TST: Handle lack of `json` library in python2.5 for samples test case
2013-07-14 11:15:45 +01:00
09850d6ba5
DOC: shorten example and provide clarifcation and spelling fixes
2013-07-14 10:25:06 +10:00
40f67c64b8
TST: Test sample logs' entries are matched by filter regexs
2013-07-13 23:03:01 +01:00
606e97683b
BF: jail.conf multiport actions previously using single port iptables
2013-07-12 23:34:04 +01:00
acf9e51d98
BF+DOC: All fail2ban config files are UTF-8 decoded for python3
2013-07-10 22:18:53 +01:00
e433a5c633
Merge pull request #260 from grooverdan/develop
...
DOC: developing filters without DoS + close/fix/resolves messages in commits
2013-07-08 15:52:26 -07:00
424da92601
DOC: close message for commits.
2013-07-09 08:51:11 +10:00
1d6d5a7aae
DOC: ChangeLog merge confict
2013-07-09 08:41:28 +10:00
174e3dba6d
DOC: Note on new dependency - ed for hosts_deny
2013-07-09 08:36:53 +10:00
5412d7336f
DOC: ChangeLog confict
2013-07-09 08:23:44 +10:00
1f5097649c
DOC: ChangeLog for exim-spam.conf filter and tabs->spaces in changelog
2013-07-09 08:20:13 +10:00
5f04b4954f
Merge pull request #280 from yarikoptic/master
...
BF+ENHs: polling backend tracks ino and size now in addition to mtime, filters do not read file unless it has content + few other minor issues
2013-07-07 08:33:55 -07:00
619603fe05
BF: match asterisk InvalidPassword correctly
2013-07-07 17:48:20 +10:00
25f06f779d
TST: Execute action timeout test almost equal assertion more forgiving
2013-07-05 18:56:47 +01:00
3dbe2c04ca
BF: fail2ban now don't print maxlines twice when using ignoreregex
...
Also read failregex first, as more natural place to get maxlines value
from.
2013-07-05 18:47:08 +01:00
bfa2b9dec3
ENH: dovecot filter additions for session, time value and blank user
2013-07-05 18:36:02 +01:00
04b8069cee
ENH: adjust sendmail-whois 'active' example to have also sendername in it
2013-07-05 10:12:29 -04:00
e332efb7cd
Merge pull request #279 from 7adietri/feature/configurable-sender-name
...
Move sendmail settings to common file, make sender name configurable
2013-07-05 07:09:20 -07:00
2155f6bfa5
Update ChangeLog and jail.conf example
2013-07-04 08:57:52 +02:00
e282d6b1c7
ENH: Remove unused any longer _ctime helper
2013-07-03 00:09:39 -04:00
404574499d
BF: fail2ban-testcases -- use full "warning" instead of warn for the verbosity dictionary
2013-07-02 23:52:37 -04:00
5df6796e69
ENH: DNS resolution -- catch parent exception
...
IMHO there is no good reason to capture only gaierror.
on my network it was consistent to error out with
======================================================================
ERROR: testIgnoreIPNOK (testcases.filtertestcase.IgnoreIP)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/yoh/deb/gits/fail2ban/testcases/filtertestcase.py", line 166, in testIgnoreIPNOK
self.assertFalse(self.filter.inIgnoreIPList(ip))
File "/home/yoh/deb/gits/fail2ban/server/filter.py", line 277, in inIgnoreIPList
ips = DNSUtils.dnsToIp(i)
File "/home/yoh/deb/gits/fail2ban/server/filter.py", line 625, in dnsToIp
return socket.gethostbyname_ex(dns)[2]
error: [Errno 11] Resource temporarily unavailable
with this commit tests would pass normally as they should
2013-07-02 23:51:09 -04:00
5d7ab9e7fb
DOC: Changelog for preceding changes
2013-07-02 23:38:27 -04:00
47ac39fb34
TST: minor enhancement to test failure msg
2013-07-02 23:37:41 -04:00
Steven Hiscocks