github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
4,814 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

4814 Commits (654fda8a50f65c6b329d75cbac91a50aa5a8a8f5)

Author SHA1 Message Date
sebres 70c329e235 increase verbosity for travis/py3 (currently "debug", use "heavydebug" for more details if needed) 2016-02-15 20:44:35 +01:00
sebres 95af3c63ac increase readability and details level by increased verbosity 2016-02-15 20:42:12 +01:00
sebres 0fef5022f0 reader bug fix: prevent to silent "load" of not existing jail; 
coverage of test cases increased;
 2016-02-15 20:41:20 +01:00
sebres 4ec70d7851 code review, timeout fix, better tracing (and test coverage) by start of server/client (with or without fork) 2016-02-15 19:19:31 +01:00
sebres 6cd19894e9 some compatibility fixes (prevent forking of testcase-process, code review), wait 4 server ready, test cases fixed (py2/py3) 2016-02-15 14:41:12 +01:00
sebres 0e11d81adb several bug fixed: fork in client-server test cases prohibited, all worker threads daemonized (to prevent hanging on exit). 2016-02-11 21:39:06 +01:00
sebres f120877756 client/server (bin) test cases introduced, ultimate closes #1121, closes #1139 
small code review and fixing of some bugs during client-server communication process (in the test cases);
 2016-02-11 17:57:23 +01:00
Yaroslav Halchenko 905c87ca4a Merge pull request #1310 from yarikoptic/pr-1288 
NF: HAProxy HTTP Auth filter
 2016-02-11 08:35:48 -05:00
sebres 4d696d69a0 starting of the server (and client/server communication behavior during start and daemonize) completely rewritten: 
- client/server functionality moved away from bin and using now the common interface (introduced in fail2bancmdline);
  - start in foreground fixed;
  - server can act as client corresponding command line;
  - command "restart" added: in opposite to "reload" in reality restarts the server (new process);
  - several client/server bugs during starting process fixed.
 2016-02-11 08:56:12 +01:00
sebres 3fda77227e temporary commit (move client/server from bin) 2016-02-11 08:52:41 +01:00
Yaroslav Halchenko 3dc57af19c Merge branch 'logrotate' of https://github.com/sbraz/fail2ban 
* 'logrotate' of https://github.com/sbraz/fail2ban:
  Remove compression and count from logrotate
 2016-02-10 18:41:01 -05:00
sebres 44490664f5 try to start server in foreground 
# Conflicts:
#	fail2ban/server/server.py
 2016-02-10 22:00:42 +01:00
Yaroslav Halchenko 09bc2e978d Merge pull request #1319 from sebres/asterisk-gh1309 
Asterisk regexp fix to catch phone # and relax trailing anchoring

 (replacement for Update asterisk.conf gh-1309)
 2016-02-08 10:58:53 -05:00
sebres d8e81eb417 regexp rewritten (few vulnerable as previous) + test case added 2016-02-08 12:01:25 +01:00
3eBoP 257b7049d8 Update asterisk filter: changed regex for "Call from ...". Sometimes extension can have a plus symbol (+) because they can be phone number. 
Closes #1309
 2016-02-08 11:51:37 +01:00
Pierre GINDRAUD b5a07741c8 Add new regex into postfix filter. The new regexp is able to detect bad formatted SMTP EHLO command 2016-02-08 11:11:59 +01:00
Yaroslav Halchenko b435e1e4c8 Merge pull request #1311 from sbraz/gentoo-init 
gentoo-initd: do not hide useful output
 2016-01-29 09:54:35 -05:00
Louis Sautier 869d99dd37
Remove compression and count from logrotate 
Initially reported at https://bugs.gentoo.org/show_bug.cgi?id=549856
 2016-01-29 00:15:48 +01:00
Louis Sautier 294a7790a9
gentoo-initd: do not hide useful output 
Gentoo applies a patch for this: https://bugs.gentoo.org/show_bug.cgi?id=536320
 2016-01-28 23:40:36 +01:00
Yaroslav Halchenko 3f437b32db Merge remote-tracking branch 'pr/1288/head' 
* pr/1288/head:
  Update haproxy-http-auth.conf
  Added HAProxy HTTP Auth filter

 Conflicts:
	config/jail.conf - resolved + removed unnecessary filter/enabled (defaults should be as good)
 2016-01-28 08:51:45 -05:00
Yaroslav Halchenko 377ea32441 Merge pull request #1295 from obounaim/master 
The sender option is ignored by some actions
 2016-01-28 08:48:22 -05:00
Serg G. Brester fe14c8fa05 Merge pull request #1292 from albel727/master 
Add nftables actions
 2016-01-24 23:55:50 +01:00
Jordan Moeser d7b46509d8 Update haproxy-http-auth.conf 
Updated failregex to be more strict
 2016-01-12 08:37:33 +10:00
local 58a8736e0f Updating changelog. 2016-01-10 00:10:05 +01:00
local 40c0bed82c action_mw, action_mwl, action_cf_mwl ignore the "sender" option when sending a notification email. 
This commit adds "sender="%(sender)s"" to the three actions to correct this issue.
 2016-01-10 00:05:03 +01:00
Yaroslav Halchenko 5d0d96a5cb Merge pull request #1286 from yarikoptic/enh-jail 
ENH: harmonize jail.conf + 1 more test that passed bantime is non-degenerate and int
 2016-01-08 08:51:08 -05:00
Alexander Belykh 985e8938a4 Refactor nftables actionstop into smaller parts 2016-01-06 17:39:54 +06:00
Alexander Belykh 9779eeb986 Add nftables_type/family/table parameters 2016-01-06 17:33:14 +06:00
Alexander Belykh 260c30535d Escape curly braces in nftables actions 2016-01-06 17:13:30 +06:00
Alexander Belykh 1983e15580 Add empty line between parameters in nftables-common.conf 2016-01-06 16:55:29 +06:00
Alexander Belykh cb2d70d7a8 Add ChangeLog entry for new nftables actions 2016-01-05 19:04:44 +06:00
Alexander Belykh f7f91a8bd4 Refactor common code out of nftables-multiport/allports.conf 2016-01-05 19:03:47 +06:00
sebres 25a09352e4 + ChangeLog entry 2016-01-04 14:46:43 +01:00
sebres 69f5623f83 code simplifying (remove duplication): agent will be always supplied as parameter from jail.conf 2016-01-04 09:30:32 +01:00
Alexander Belykh 618e97bce8 Add nftables actions 2016-01-04 01:36:28 +06:00
sebres ac31121432 amend to fix fail2ban-version: correct user-agent for badips.py "Fail2Ban/ver", changeable within jail/config now; 2015-12-31 02:32:17 +01:00
Jordan Moeser e133762a28 Added HAProxy HTTP Auth filter 2015-12-31 11:16:23 +10:00
sebres cf334421bd Provides fail2ban version to jail (as interpolation variable during parse of jail.conf); 
BF: use `fail2ban_agent` as user-agent in actions badips, blocklist_de, etc. (closes #1271, closes #1272)
 2015-12-31 01:38:25 +01:00
Yaroslav Halchenko b76aede40d ENH(TST): verify that passed bantime is non-0 and int 2015-12-29 20:22:06 -05:00
Yaroslav Halchenko 28c9832293 RF: harmonize jail.conf (no explicit enabled=false in jails, match filter name for screesharingd, etc) 2015-12-29 19:43:52 -05:00
Yaroslav Halchenko 69aa1feac0 Merge "Mac OS Screen Sharing filter" PR 1232 
* pr/1232/head:
  removed system.log
  Removed old svn revision comment
  removed false matches
  Removed includes comment for screensharing jail
  Now using a literal logpath for screensharing jail
  Fixed blatant typo in regex
  clarified comments on sample log format
  Fixed name (again?)
  Made screensharing jail off by default
  Changed regex prequel
  added entry for new screensharingd filter
  name change & new sample data
  Added json metadata
  Sample log for test case
  Replaced .* with literal
  Update jail.conf
  Added new path variable for system.log
  Added in settings for screensharingd filter
  Created file

Conflicts:
	ChangeLog - moved to New Features
	config/jail.conf  - kept at the end
 2015-12-29 19:36:59 -05:00
Yaroslav Halchenko 16710237e3 Merge remote-tracking branch 'origin/master' 
* origin/master:
  Add 'Sender address rejected: Domain not found' Postfix failregex
 2015-12-29 19:31:04 -05:00
sebres 6daa152c0c Merge branch 'f2b-perfom-prepare-716' into ban-time-incr 2015-12-29 19:53:07 +01:00
sebres b3d4ce291e start observer together with the server (parametrized to prevent constantly start/stop of observer by addJail in test cases) 2015-12-29 19:52:16 +01:00
sebres 134c33cc6d fail2ban-testcases: added option "--ignore": negate [regexps] filter, to ignore tests matched specified regexps 2015-12-29 19:00:51 +01:00
sebres 8eca2ecd84 optimized version of "str2seconds" with pre-compiled regexp; 2015-12-29 19:00:49 +01:00
sebres 9d4f163e88 code review and minor repair after merge with performance branch (changed naming convention, wrong resolved conflicts, etc) 2015-12-29 17:36:00 +01:00
sebres 21f058a9f7 Merge remote-tracking branch 'remotes/gh-origin/f2b-perfom-prepare-716' into ban-time-incr 2015-12-29 14:04:41 +01:00
sebres da51fbf9c6 code review and performance optimization: 
- default date templates cache + regexp compiling on the fly (if required);
- better usage of shared config over all test cases;
- obsolete test cases removed (simple test of memleak/gc);
- skip some slow test cases in fast mode (setup test, etc.);
 2015-12-29 12:49:53 +01:00
sebres 3f2b58e973 datedetector: matchTime, template list etc. rewritten because of performance degradation (without sorting templates now) - in-place reordering using hits and last used time; 
todo: rewrite "reGroupDictStrptime" because may be too slow;
 2015-12-29 12:49:51 +01:00