jim
a7f3ba87f6
filter.d/sogo-auth.conf: fixes gh-2289 - matching auth-failures when behind a proxy;
...
(broken by commit 72b06479a5
), replacement for gh-2290.
2019-03-12 16:50:04 +01:00
Sergey G. Brester
415818d803
Merge pull request #2356 from sebres/0.10-th-stack-size
...
default thread stack size
2019-03-01 12:33:03 +01:00
Sergey G. Brester
6c14f1987f
Update ChangeLog
2019-03-01 12:31:17 +01:00
sebres
32ba74463f
coverage - move to another tests (directly covering server)
2019-02-24 18:43:23 +01:00
sebres
f6468e753b
resolves py3.x compat issues in tests
2019-02-24 17:14:53 +01:00
sebres
fffeb7785c
code review
2019-02-24 16:56:13 +01:00
sebres
3c70fe298a
closes gh-969: introduces new section `[Thread]` and option `stacksize` to configure default stack-size of the threads running in fail2ban. Example:
...
```ini
[Thread]
stacksize = 32
```
2019-02-24 16:45:14 +01:00
Sergey G. Brester
af18993ba2
Merge pull request #2245 from benrubson/loglevel
...
badips.py: extended option `loglevel` to supply different log-level to the summary
2019-02-22 14:25:03 +01:00
Sergey G. Brester
410a9804b1
Update ChangeLog
2019-02-22 14:23:05 +01:00
sebres
3fcb0a868d
test-cases: availability of badips-service - avoid sporadic errors (like "The handshake operation timed out") during setup of tests
2019-02-22 14:07:11 +01:00
sebres
5126068099
loglevel and shortloglevel combined to single parameter loglevel, below an example logging summary with NOTICE and rest with DEBUG log-levels:
...
action = badips.py[... , loglevel="debug, notice"]
2019-02-22 14:05:19 +01:00
Ben RUBSON
34edec297b
Add changelog entry
2019-02-22 13:33:08 +01:00
benrubson
689938ee99
Add a shortloglevel badips.py option
2019-02-22 13:32:46 +01:00
sebres
140243328f
coverage: try to avoid sporadic "coverage decreased" in CI
2019-02-22 13:20:40 +01:00
Sergey G. Brester
7e46ceed7e
Merge pull request #2353 from Yannik/patch-3
...
Add asterisk ipv6 test cases with and without port (related to #2317 )
2019-02-22 13:09:21 +01:00
sebres
3d7b072a15
covering short form of IPv6 (written-out full form of IPv6 is safe, no matter with or without square brackets)
2019-02-22 12:50:34 +01:00
Yannik Sembritzki
62acaae327
Add asterisk ipv6 test cases with and without port (related to #2317 )
2019-02-22 12:43:07 +01:00
Sergey G. Brester
d3f6d6ffdd
Merge pull request #2286 from crazy-max/0.10
...
New filter `traefik-auth`
2019-02-21 22:27:04 +01:00
Sergey G. Brester
dcede9b3f1
comment rewritten (belongs to the filter)
2019-02-21 22:26:28 +01:00
Sergey G. Brester
d84fb8a4b1
regex rewritten (more secure now, resolves catch-all vulni)
2019-02-21 22:19:04 +01:00
sebres
9ed35c423a
Merge branch '0.9' into 0.10 (gh-2317)
2019-02-21 20:13:54 +01:00
Sergey G. Brester
5c44ca714f
Merge pull request #2317 from Yannik/patch-2
...
Fix asterisk filter not catching attackers when port is logged (in pjsip module)
2019-02-21 20:09:05 +01:00
sebres
883864c774
optimizes processing of server-configuration stream by start and reload (no interim outputs produced, several calls of get-functions avoided also).
2019-02-21 15:54:56 +01:00
sebres
34dba44816
MANIFEST: forgotten test file
2019-02-21 15:50:12 +01:00
Sergey G. Brester
487e19420e
Merge pull request #2351 from sebres/0.10-multi-ban-unban-in-jail
...
fail2ban-client: multi ban/unban and attempt for set jail
2019-02-21 15:42:00 +01:00
Sergey G. Brester
a48d50efc0
Update ChangeLog
2019-02-21 14:37:07 +01:00
sebres
fc92021211
coverage and few enhancements
2019-02-21 14:36:18 +01:00
sebres
2dd3c546dd
small code review (normalization and duplicated codes removal)
2019-02-20 16:48:11 +01:00
sebres
00a6717953
fail2ban-client: extended with new feature which allows to inform fail2ban about single or multiple attempts (failure) for IP (failure-ID), syntax:
...
set <JAIL> attempt <IP> [<failure1> ... <failureN>]
2019-02-20 16:47:53 +01:00
sebres
84cec5e861
implements gh-2349: `fail2ban-client set jain banip/unbanip ip1 .. ipN` extended to ban/unban multiple tickets;
...
reorganized banning facilities (addBannedIP moved from filter to actions in order to ban directly without implication of fail-manager in between.
2019-02-20 14:56:00 +01:00
sebres
e30ebb1f3b
closes gh-2277: fixed and optimized cache facilities (operations on OrderedDict are not atomic); increased max-size of IPAddr cache; don't cache raw objects (it is fast enough).
2019-02-18 17:05:11 +01:00
sebres
14f997231d
add test case to cover gh-2277, testOverflowedIPCache testing overflow of IP-cache multi-threaded (2 "parasite" threads flooding cache)
2019-02-18 16:56:43 +01:00
Viktor Szépe
824afbf52d
Fix whitespaces
2019-02-17 09:12:30 +00:00
Viktor Szépe
24b0e048d1
Normalizing quote usage in initd
2019-02-17 09:08:59 +00:00
Yaroslav Halchenko
c545315192
ENH: travis - run shellcheck on files/debian-initd
2019-02-17 09:08:43 +00:00
Yaroslav Halchenko
62f957973d
ENH: disable shell check for $DAEMON_ARGS expansion
2019-02-17 09:08:32 +00:00
Viktor Szépe
dfd2a2063d
Safer, nicer, uniform Debian initd script
2019-02-17 09:08:29 +00:00
Cool Fire
27526e431b
Changes static logfile string to variable
...
Since we don't want to re-declare a log file name we already
have a varialbe for, use the existing variable to set dovecot_log.
2019-02-13 10:10:24 +01:00
Cool Fire
b31a018e7c
Add override for dovecot failed logins on debian
2019-02-13 10:01:14 +01:00
sebres
5a54a44559
provide more meaningful error-message if invalid `datepattern` set;
...
fail2ban-regex: catch errors/exceptions by set of parameter, more verbose output if needed (`-v` or log-level `debug` would produce output of call-stack additionally).
2019-02-12 14:36:40 +01:00
Sergey G. Brester
c819a18a0a
Update ChangeLog
2019-02-11 19:15:11 +01:00
sebres
e651bc7866
amend to #1622 : jail-reader supports now multi-line option for multi-line action parameter:
...
logpath = a.log
b.log
c.log
action = ban[...]
= log[logpath="%(logpath)s"]
closes gh-2341, ultimate fix for gh-976
2019-02-11 11:54:58 +01:00
sebres
89c611064d
test-cases: be sure the test-files always written with new-line at end
2019-01-14 19:00:42 +01:00
Sergey G. Brester
4108e04ab4
Update ChangeLog
2019-01-07 01:50:44 +01:00
sebres
a13fdcf4f7
closes gh-2314: extended regex for mysql 8.0.13 if used logging with details (e. g. log-error-verbosity = 3, so log output has few additional words enclosed in brackets after "[Note]").
2019-01-07 01:34:12 +01:00
Sergey G. Brester
67247999ff
closes #2313 : missing dependency to nftables.service
2019-01-06 17:03:09 +01:00
Yannik Sembritzki
547504873e
Add test case for new asterisk pjsip log syntax which includes the port
2019-01-03 23:59:38 +01:00
Yannik Sembritzki
6b4404b1bc
Fix asterisk filter not catching attackers when port is logged ( Fixes #2316 )
2019-01-03 23:55:42 +01:00
sebres
c9ba695ba3
minor, no cover for 3.x (2.6 only)
2018-12-28 00:04:15 +01:00
sebres
4a4780be04
test-cases: prevent sporadic timing errors (unban if ban still not occurred)
2018-12-27 18:10:09 +01:00