github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
4,201 Commits
34 Branches
229 Tags
22 MiB
Commit Graph

113 Commits (6724de54e63de0fd0e4f08a36d3f0e890721b4c6)

Author SHA1 Message Date
sebres 6724de54e6 Merge branch '0.10' into 0.10-full 2017-05-17 11:35:33 +02:00
Sander Hoentjen 2a4dafce5b don't call setLogTarget from setSyslogSocket when holding the lock 
If we do, setLogTarget will wait for the lock, but it will never be released
 2017-05-08 14:11:07 +02:00
sebres 5e93bf9bd3 Introduced new option "ignoreself", specifies whether the local resp. own IP addresses should be ignored (default is true). 
Fail2ban will not ban a host which matches such addresses.

Option "ignoreip" affects additionally to "ignoreself" and don't need to include the DNS resp. IPs of the host self.
 2017-03-23 15:52:31 +01:00
sebres 28b5262976 Merge branch '0.10' into 0.10-full 2017-02-28 15:14:51 +01:00
sebres 4ff8d051f4 Introduced new filter option `prefregex` for pre-filtering using single regular expression; 
Some filters extended with user name;
[filter.d/pam-generic.conf]: grave fix injection on user name to host fixed;
test-cases in testSampleRegexsFactory can now check the captured groups (using additionally fields in failJSON structure)
 2017-02-20 16:54:17 +01:00
sebres 8c54675750 fix sporadic time related errors after fail2ban restart resp. reload jail: 
- ValueError: need more than N values to unpack
- empty banip from restoreCurrentBans, etc.
 2017-01-23 11:45:29 +01:00
sebres 0636b3247d observer fix: wait it becomes idle in reload test case (complete writing of failures to database); 2017-01-23 09:52:04 +01:00
sebres 99634638ba Merge branch '0.10' into 0.10-full 2017-01-23 09:51:36 +01:00
sebres 45174c5eaf if fail2ban running as systemd-service, for logging to the systemd-journal, the `logtarget` could be set to STDOUT 
small fixes by logging in stdout (+ system targets also allowed in lowercase now)
 2016-11-24 12:13:47 +01:00
sebres cbfecea112 Merge remote-tracking branch 'remotes/gh-upstream/0.10' into 0.10-full 2016-10-15 19:19:58 +02:00
sebres 7f8c48d59e code review (e. g. remove code duplication) and coverage 2016-10-15 00:39:25 +02:00
sebres 1ef367e77a fixes log format by starting server with `--loglevel=debug` without specifying of verbosity level 2016-10-14 23:30:12 +02:00
sebres 98f87a1a52 better server-ready event: notify waiting thread if server really ready (communication ready) or failed to start 2016-10-14 22:50:30 +02:00
sebres 53adc9d84a Merge branch 0.10-full with 0.10 
Resolved several conflicts and code review after merge
 2016-10-14 19:55:20 +02:00
sebres 2cfaf845ca standardize and normalize logging and verbosity formats, logging level etc between command lines (server, client, test-cases); 
test cases could pass (so increase) verbosity to the client (and furthermore client to the server also), usable for debug purposes resp. simplifying read of the log-file;
custom and precise numeric log-levels can be given in test cases now;
 2016-09-29 21:23:37 +02:00
sebres ab0c28260b switch down log level for some annoying messages to tracedebug or heavydebug (to 7 or even 5); 
added verification of specified log-level before transmitting to the server;
numeric log-level allowed now in server (resp. fail2ban.conf);
 2016-09-22 22:44:46 +02:00
sebres d153555a07 increase default wait operation (sleep time, threshold interval) - avowedly greater inertance, but fewer system load by many jails resp. log files; 
waiting with `wait_for` extended with verifying of active flag;
implemented better error handling in some multi-threaded routines;
shutdown of jails rewritten (faster and safer, does not breaks shutdown process if some error occurred);
 2016-09-22 18:10:42 +02:00
sebres 8c4eebc3e3 reload actions amend, code review and test cases extended for update/start/stop of actions by reloading 2016-09-09 10:45:09 +02:00
sebres 4fb511294e temp commit: reload now supported actions and action reloading (parameters, unban obsolete removed actions, etc.) 2016-09-08 23:56:32 +02:00
sebres b12a3acb06 temp commit: reload not ready... 2016-09-07 21:07:50 +02:00
sebres ae38b626d1 Merge branch '_0.9/fix-systemd-convert-gh-1341' into 0.10 2016-09-06 15:30:08 +02:00
sebres 57458a462e allow to set default or preferred encoding for other filters (e.g. to decode bytes from journal) 
# Conflicts:
#	fail2ban/server/filter.py
 2016-09-06 15:26:10 +02:00
Yaroslav Halchenko 87acd7a0fc RF: Replace old fashioned "except E , e" with "except E as e" (Closes #1537) 
0.10 specific
supplement to b875e51cd7 in master AKA 0.9
 2016-09-06 08:18:34 -04:00
Yaroslav Halchenko b875e51cd7 RF: Replace old fashioned "except E , e" with "except E as e" (Closes #1537) 2016-09-04 23:25:09 -04:00
sebres 922213f3d9 Merge tag '0.10.0a1' into 0.10-full 2016-07-15 10:32:42 +02:00
Yaroslav Halchenko dfcf6f1963 BF+TST: isStarted was not checking __asyncServer for exist before checking it 2016-07-12 22:53:37 -04:00
Yaroslav Halchenko 52cd8a9a96 RF: _rebindSignal helper to centralize assignment of new signal handlers + minor PEP8ing 2016-07-12 22:24:56 -04:00
sebres 4180cc362e code review 2016-07-11 13:22:58 +02:00
sebres 4c1bcac0c7 Merge branch '0.10' into f2b-perfom-prepare-716-cs-0.10 2016-07-11 11:28:34 +02:00
sebres 12ff119841 Merge branch 'ban-time-incr' into 0.10-full 2016-06-09 22:50:31 +02:00
sebres e3ab10196e Merge remote-tracking branch 'remotes/gh-origin/f2b-perfom-prepare-716-cs-0.10' into 0.10-full 2016-06-09 22:13:48 +02:00
sebres cb280b817f csocket multi-set fix: prevent to convert `list`, `dict`, `set` during transfer (send), this offers a sending of 'multi-set' arrays 
(missed by cherry-picking from multi-set branch)
 2016-05-13 22:43:02 +02:00
sebres 53956501da increase readability and details level by increased verbosity 2016-05-12 11:53:12 +02:00
sebres 0b4143730d some compatibility fixes (prevent forking of testcase-process, code review), wait 4 server ready, test cases fixed (py2/py3) 2016-05-12 11:52:02 +02:00
sebres 2fcb6358ff several bug fixed: fork in client-server test cases prohibited, all worker threads daemonized (to prevent hanging on exit). 2016-05-12 11:51:59 +02:00
sebres afa1cdc3ae client/server (bin) test cases introduced, ultimate closes #1121, closes #1139 
small code review and fixing of some bugs during client-server communication process (in the test cases);
 2016-05-12 11:51:56 +02:00
sebres 5a053f4b74 starting of the server (and client/server communication behavior during start and daemonize) completely rewritten: 
- client/server functionality moved away from bin and using now the common interface (introduced in fail2bancmdline);
  - start in foreground fixed;
  - server can act as client corresponding command line;
  - command "restart" added: in opposite to "reload" in reality restarts the server (new process);
  - several client/server bugs during starting process fixed.
 2016-05-12 11:51:53 +02:00
sebres 4ce240ed40 try to start server in foreground 
# Conflicts:
#	fail2ban/server/server.py
 2016-05-12 11:51:47 +02:00
sebres 1a6450643d partially cherry pick from branch 'multi-set', prepare for conditional config parameters logic: 
- new readers logic (group some by multiple parameters 'set' -> 'multi-set';
- prevent to add 'known/' parameters twice (by merge section etc);
- test cases fixed;

# Conflicts:
#	fail2ban/client/actionreader.py
 2016-05-11 16:54:20 +02:00
sebres bf0adc1fdf Merge remote-tracking branch 'f2b-perfom-prepare-716-cs' into ban-time-incr (+ conflicts resolved) 2016-03-06 15:12:48 +01:00
sebres 95af3c63ac increase readability and details level by increased verbosity 2016-02-15 20:42:12 +01:00
sebres 6cd19894e9 some compatibility fixes (prevent forking of testcase-process, code review), wait 4 server ready, test cases fixed (py2/py3) 2016-02-15 14:41:12 +01:00
sebres 0e11d81adb several bug fixed: fork in client-server test cases prohibited, all worker threads daemonized (to prevent hanging on exit). 2016-02-11 21:39:06 +01:00
sebres f120877756 client/server (bin) test cases introduced, ultimate closes #1121, closes #1139 
small code review and fixing of some bugs during client-server communication process (in the test cases);
 2016-02-11 17:57:23 +01:00
sebres 4d696d69a0 starting of the server (and client/server communication behavior during start and daemonize) completely rewritten: 
- client/server functionality moved away from bin and using now the common interface (introduced in fail2bancmdline);
  - start in foreground fixed;
  - server can act as client corresponding command line;
  - command "restart" added: in opposite to "reload" in reality restarts the server (new process);
  - several client/server bugs during starting process fixed.
 2016-02-11 08:56:12 +01:00
sebres 44490664f5 try to start server in foreground 
# Conflicts:
#	fail2ban/server/server.py
 2016-02-10 22:00:42 +01:00
sebres b3d4ce291e start observer together with the server (parametrized to prevent constantly start/stop of observer by addJail in test cases) 2015-12-29 19:52:16 +01:00
sebres 21f058a9f7 Merge remote-tracking branch 'remotes/gh-origin/f2b-perfom-prepare-716' into ban-time-incr 2015-12-29 14:04:41 +01:00
sebres f143ae479c code and config review after rebase to current master 2015-12-29 12:49:37 +01:00
sebres 6faffe3201 test cases extended, code review (+ python 3.x compatibility); 
database test cases extended - enable deleted (disabled) jail in addJail;
 2015-12-29 12:49:27 +01:00