github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
2,606 Commits
33 Branches
229 Tags
19 MiB
Commit Graph

2606 Commits (6f7c9b7d0f5c637672ed215e726e5d6ace29b664)

Author SHA1 Message Date
sebres 6f7c9b7d0f introduced new feature "ban time exponential increasing": 
"bantimeextra.enabled" in jail.conf allows to use database for searching of previously banned ip's to increase a default ban time using special formula,
   by default, each next ban it will be original banTime * 1, 2, 4, 8, 16, 32...
see "jail.conf" for some other options of "bantimeextra";
additional we can configure a little randomization of ban time, to prevent "clever" botnets calculate exact time IP can be unbanned.
WARNING: by first start the server upgrades sqlite database (table "bans" will recreated with another schema);
 2014-05-05 12:38:54 +02:00
Steven Hiscocks 7cc64a14e0 BF: fail2ban-regex assertion error caused by miscounted "missed" lines 
Caused when removing lines as part of multiline regex, which had been
previously considered missed.
 2014-04-27 13:27:11 +01:00
Yaroslav Halchenko 596b819bdc DOC: minor -- tabify docstring in badips.py action 2014-04-23 10:04:17 -04:00
Yaroslav Halchenko 64866995b7 Merge pull request #703 from kwirk/journal-match-notice 
Add notice message for systemd backend when no journal match
 2014-04-20 22:32:00 -04:00
Steven Hiscocks a7766d3316 DOC: Add notice message for systemd backend when no journal match 2014-04-20 17:59:41 +01:00
Steven Hiscocks 233aa043f3 Revert "TST: Add Python 3.4 for TravisCI" 
This reverts commit a3f8b943a3.

TravsCI doesn't support 3.4...yet
 2014-04-19 18:39:55 +01:00
Steven Hiscocks a3f8b943a3 TST: Add Python 3.4 for TravisCI 2014-04-19 18:25:59 +01:00
Steven Hiscocks 03d90c2f42 BF: recidive filter and samples at wrong log level: WARNING->NOTICE 2014-04-19 18:07:23 +01:00
Yaroslav Halchenko af07b2edf8 very minor 2014-04-18 23:59:24 -04:00
Yaroslav Halchenko 78c82b3da7 DOC: minor -- added a link to pull requests in CONTRIBUTING 2014-04-17 23:16:41 -04:00
Yaroslav Halchenko 5e179f5dcb TST: skip the test if a known problem with Python 2.6 is detected 
As was original "discovered" while running tests on OSX with python2.6:
http://nipy.bic.berkeley.edu/builders/fail2ban-py2.7-osx-10.6_master/builds/6/steps/shell_2/logs/stdio
 2014-04-17 22:23:20 -04:00
Yaroslav Halchenko 2bc509fcc7 DOC: minor changes just to trigger the build 2014-04-17 14:34:26 -04:00
Yaroslav Halchenko 16077a2771 add .dev to 0.9.0 version 2014-04-17 14:08:43 -04:00
Yaroslav Halchenko e66231f041 ENH(DOC): Move contributions related docs into CONTRIBUTING.md so it pops up when people file PR/issues 
pushing directly without PR to trigger buildbot for master -- please pardon the rush
 2014-04-17 13:19:03 -04:00
Yaroslav Halchenko 3c0d6a77d2 BF: testDatabase -- close and unlink the created test db file 2014-04-17 10:40:37 -04:00
Steven Hiscocks 9d6fc6eca2 ENH: For syslog use SYSLOG_PID over _PID in systemd journal log format 2014-04-16 23:58:00 +01:00
Yaroslav Halchenko c2289bc8fe ENH(TST): relax test of sleep to "1" places from "2" 
The reason is that internally it does round, so even 1.005 then would not
be equal to 1.  Making it spaces==1 should be sufficient for up to 1.05
i.e. we would allow 50ms "drift"
 2014-04-16 15:52:18 -04:00
Steven Hiscocks d4427e5a76 Merge pull request #683 from yarikoptic/fix/682 
Fix typos referencing  paths-common, provide empty defaults for syslog_ log files (Partial fix to #682)
 2014-04-15 17:14:28 +01:00
Steven Hiscocks 1369701f87 ENH: Log trace info for failed action events when in DEBUG 2014-04-12 11:27:05 +01:00
Steven Hiscocks 9fcb92524e BF: badips.py action logging of exc_info on debug typo 2014-04-12 11:21:52 +01:00
Daniel Black 83d0c9c530 Merge pull request #685 from CameronNemo/patch-1 
ENH: Create fail2ban.upstart
 2014-04-12 09:19:59 +10:00
Cameron Norman 5e3f5db8b7 Create fail2ban.upstart 
Add Upstart job.
 2014-04-11 08:50:55 -07:00
Yaroslav Halchenko 8bcb25c3a2 defining empty defaults for syslog_ log targets for common (Thanks @chtheis, partial fix to #682) 2014-04-10 23:17:39 -04:00
Yaroslav Halchenko 7dcea0d48d typos of paths-common (Thanks @chtheis, partial fix to #682) 2014-04-10 23:17:30 -04:00
Daniel Black 0c38e09d3d Merge pull request #681 from ddysher/clean-setup-file 
Clean up setup.py
 2014-04-04 14:58:47 +11:00
Deyuan Deng 5e9619d4a4 Clean up setup.py 2014-04-04 02:54:53 +00:00
Yaroslav Halchenko 5bccec61e4 ENH: adding pruned with previous merge trailing \s* in nginx filter 2014-04-03 21:31:46 -04:00
Yaroslav Halchenko b0a1435ae2 Merge pull request #680 from yungchin/fix_nginx_filter 
nginx-http-auth: match when "referrer" is present
 2014-04-03 21:22:13 -04:00
Yung-Chin Oei 941a38ea8e nginx-http-auth: match when "referrer" is present 
A sample log-line is provided.  The updated regex successfully matches
this line.

Signed-off-by: Yung-Chin Oei <yungchin@yungchin.nl>
 2014-04-04 01:27:39 +01:00
Steven Hiscocks abfa7fa7e3 DOC: Update ChangeLog 2014-04-03 18:47:38 +01:00
Steven Hiscocks 4190113e4b DOC: Fix jail.conf(5) man page which had duplicate {fail,ignore}regex 2014-04-03 18:41:40 +01:00
Steven Hiscocks 100b5e61f5 Merge 'kwirk/config-warnings' (early part) 2014-04-03 18:36:56 +01:00
Steven Hiscocks 629a62f981 Merge pull request #679 from ag4ve/patch-1 
Correct grammar
 2014-04-03 18:30:07 +01:00
shawn d7e888238c Correct grammar 2014-04-03 10:44:49 -04:00
Daniel Black ef186a9ba9 DOC: add thanks for last commit 2014-04-03 21:42:19 +11:00
Daniel Black e3be822245 DOC: nginx-http-auth filter 2014-04-03 21:30:45 +11:00
Daniel Black 524add2d44 Merge pull request #676 from yungchin/patch-2 
ENH: nginx-http-auth filter: match server_name = ""
 2014-04-03 21:27:07 +11:00
yungchin 6e8c1b2871 nginx-http-auth filter: match server_name = "" 
As documented at
http://nginx.org/en/docs/http/server_names.html#miscellaneous_names "If
no server_name is defined in a server block then nginx uses the empty
name as the server name."  This regex change allows us to match error
output for such a configuration.

The log line added to the tests was lifted from our logs verbatim; it
did not match without the patched regex.

Signed-off-by: Yung-Chin Oei <yungchin@yungchin.nl>
 2014-04-03 11:04:21 +01:00
Steven Hiscocks 638c013557 ENH: Suppress configuration warnings if non-critical options are not set 2014-04-02 18:30:21 +01:00
Yaroslav Halchenko 096702bfac Merge pull request #675 from yungchin/patch-1 
Update comments in shorewall.conf for new settings
 2014-04-01 12:05:58 -04:00
yungchin 3a155ed2e0 Update comments in shorewall.conf for new settings 2014-04-01 16:52:21 +01:00
Daniel Black ce982debae Merge pull request #670 from kwirk/reban-once-per-ip 
BF: On jail restart reinstatement of bans, fetch one ticket per IP
 2014-03-31 18:36:06 +11:00
Daniel Black 73fb716920 Merge pull request #671 from kwirk/sphinx 
DOC: sphinx documentation
 2014-03-31 18:32:37 +11:00
Daniel Black d99a663ad0 Merge pull request #673 from kwirk/jail-init-error 
DOC: Improve error logging when specific backend set and fails
 2014-03-31 18:31:16 +11:00
Steven Hiscocks 953ebd62c6 DOC: Improve error logging when specific backend set and fails 2014-03-29 23:08:37 +00:00
Steven Hiscocks 3781ff845a BF: Fix getting jail name from exceptions in beautifier for Python 3+ 2014-03-29 22:54:06 +00:00
Steven Hiscocks baeff6141e DOC: sphinx documentation 2014-03-29 22:07:33 +00:00
Steven Hiscocks dc24d3d494 BF: On jail restart reinstatement of bans, fetch one ticket per IP 
Closes gh-664
 2014-03-29 21:44:39 +00:00
Daniel Black 2c34fb0aec Merge pull request #667 from rubenk/master 
DOC: Add documentation link to systemd service file
 2014-03-26 07:11:13 +11:00
Ruben Kerkhof 1c36da9df9 Fix 2 more typos that codespell didn't catch 2014-03-25 10:57:20 +00:00