github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
2,134 Commits
33 Branches
229 Tags
20 MiB
Commit Graph

637 Commits (776b65f73e38ff9b9b53dfa3393cb98e2dd43e51)

Author SHA1 Message Date
Steven Hiscocks 5b2b59d752 ENH: python actions use initOpts as **kwargs 
Adds an easy way to handle case where mandatory arguments are missed, or
not valid arguments are passed
 2014-01-01 23:18:11 +00:00
Steven Hiscocks 6ef911185d ENH: Add matches to smtp.py action 2014-01-01 12:27:49 +00:00
Steven Hiscocks f37c90cdba ENH: Python based actions 
Python actions are imported from action.d config folder, which have .py
file extension. This imports and creates an instance of the Action class
(Action can be a variable that points to a class of another name).
fail2ban.server.action.ActionBase is a base class which can be inherited
from or as a minimum has a subclass hook which is used to ensure any
imported actions implements the methods required.
All calls to the execAction are also wrapped in a try except such that
any errors won't cripple the jail.
Action is renamed CommandAction, to clearly distinguish it from other
actions.

Include is an example smtp.py python action for sending emails via smtp.
This is work in progress, as looking to add the <matches> and whois
elements, and also SSL/TLS support.
 2013-12-31 18:54:34 +00:00
Daniel Black ea2a13946e TST: more test of filters 2013-12-29 05:29:59 +00:00
Daniel Black c9cfdca396 ENH: add filter for apache-modsecurity 2013-12-28 22:28:11 +00:00
Daniel Black a1a219189f Merge pull request #493 from grooverdan/xarf-ipmatch 
ENH: use ipmatches for action xarf-login-attack
 2013-12-19 01:28:49 -08:00
Daniel Black ed2f46759c MRG: restore accidently deleted pam comment in jail.conf 2013-12-19 09:21:12 +00:00
Daniel Black 44a0981495 MRG: fix recidive filter 2013-12-19 09:18:18 +00:00
Daniel Black 7c0efc8ec8 MRG: merge so far - flushLogs not working yet 2013-12-16 15:08:34 +00:00
Daniel Black 4eedf9d4e1 ENH: use ipmatches for action xarf-login-attack 2013-12-15 23:49:38 +00:00
Daniel Black a398c51d6c ENH: simplify actioncheck on firewallcmd-new a little more 2013-12-15 22:36:47 +00:00
Daniel Black 772def1095 Merge pull request #491 from kwirk/ipmatches 
ENH: Add <ipmatches> and <ipjailmatches> tags + sendmail implementations
 2013-12-15 14:29:02 -08:00
Steven Hiscocks 40007abc1d ENH: Refactor and add database matches and failures for sendmail actions 2013-12-15 21:41:43 +00:00
Steven Hiscocks 2deb76e3f9 Merge pull request #492 from grooverdan/abusix-disclaimer 
ENH: full abusix disclaimer in action xarf-login-attack
 2013-12-14 13:35:43 -08:00
Daniel Black 1c6c011154 EHH missed trailing . 2013-12-14 21:22:46 +00:00
Daniel Black 868a4ea470 ENH: full abusix disclaimer in action xarf-login-attack 2013-12-14 21:18:20 +00:00
Daniel Black 4ffc57e14f ENH: simplify firewallcmd-new actioncheck and provide output samples 2013-12-14 07:11:29 +00:00
Daniel Black 13ccebe78f BF: fix actioncheck in firewallcmd 2013-12-13 23:40:51 +00:00
Steven Hiscocks 0bcff771b8 ENH: Add <ipmatches> and <ipjailmatches> tags 
Example use filter also added for sendmail-whois with ipmatches rather
than grepped lines
 2013-12-13 22:40:11 +00:00
Steven Hiscocks 2c3dbc8046 BF: In 0.9 recidive bans come from fail2ban.server.actions 
Also changed journalmatch to limit to WARNING priority to avoid the
recidive + DEBUG combo issue
 2013-12-13 21:55:43 +00:00
Steven Hiscocks b7d1579c9d MRG: branch 'kwirk/database' into 0.9 - gh-480 
Conflicts:
	fail2ban/tests/utils.py
        - Another test suite added in separate commit e09b700
 2013-12-13 17:15:19 +00:00
Steven Hiscocks e18af48e34 ENH: Database now optional, by setting dbfile to "None" 2013-12-10 21:16:36 +00:00
Daniel Black 9d532828fc BF: multiple _ separated values according to http://wiki.squid-cache.org/SquidFaq/SquidLogs#Squid_result_codes. Thanks Steven 2013-12-11 07:44:41 +11:00
Daniel Black 66374913ec ENH: add squid filter 2013-12-10 21:24:37 +11:00
Daniel Black db4c21acde BF/DOC: fix filename in documentation for filter.d/proftpd 2013-12-09 14:46:01 +11:00
Daniel Black e8eab11615 DOC: proftp - turn off ReverseDNS 2013-12-09 14:45:09 +11:00
Daniel Black f385439a41 MRG: ChangeLog merge 2013-12-09 09:28:42 +11:00
Daniel Black 36917d7517 BF: action.d/complain - match IP at beginning and end of lines 2013-12-09 09:21:55 +11:00
Steven Hiscocks d8c7bca9b0 BF: Fix dbpurgeage default value, and change default dbfile extension 2013-12-08 11:35:12 +00:00
Steven Hiscocks bbadef847b ENH: Add fail2ban persistent data storage 2013-12-07 23:23:28 +00:00
Daniel Black 135c759dbb Merge pull request #477 from kwirk/blocklist.de 
ENH: Added blocklist.de reporting API action
 2013-12-06 16:16:39 -08:00
Steven Hiscocks 630dd91dcd BF: Add [Init] section to blocklist.de action 2013-12-07 00:09:31 +00:00
Steven Hiscocks b3c173795e ENH: blocklist.de action error on HTTP response code 4xx 2013-12-06 08:22:21 +00:00
Daniel Black 51f2619878 Merge pull request #473 from grooverdan/whois-missing 
ENH: Whois missing in actions? Include output to say so
 2013-12-05 12:44:35 -08:00
Daniel Black e07ba41870 Merge pull request #463 from grooverdan/firewall-cmd-direct-new-length-too-long 
BF: firewall-cmd-direct-new was too long. Thanks Joel.
 2013-12-05 12:42:55 -08:00
Steven Hiscocks a19b33cc72 ENH: blocklist.de action added fail2ban version as user agent 2013-12-05 18:12:15 +00:00
Steven Hiscocks f742ed0e4b DOC: when to use blocklist.de reporting 
Taken from commit 1846056606
 2013-12-05 18:06:53 +00:00
Steven Hiscocks e810ec009d ENH: Added blocklist.de reporting API action 2013-12-05 08:22:20 +00:00
Daniel Black 4dc51e5def BF: put notice in email if whois program could not provide more information. Closes gh-471 2013-12-04 22:43:06 +11:00
Daniel Black 97d7f46bb7 DOC: correct grammar - s/Here are more information/Here is more information/ 2013-12-04 22:40:48 +11:00
Daniel Black 8aead9ab79 BF: escape quotes when splitting addresses for xarf 2013-12-04 08:19:05 +11:00
Daniel Black 1846056606 DOC: when to use xarf messages to network owner 2013-12-03 20:40:42 +11:00
Daniel Black 8c37d2e4de ENH: remove dependency on querycontacts 2013-12-03 20:34:21 +11:00
Daniel Black bfd435091d ENH: jail examples for xarf-login-attack 2013-12-01 20:29:43 +11:00
Daniel Black dd356c3cef BF: fixed for sendmail and tested the MTA aspects of this action 2013-12-01 19:08:28 +11:00
Daniel Black 9df5f4eec8 BF: remove debugging tee command on xarf-login-attack 2013-12-01 17:53:34 +11:00
Daniel Black d015f7f4fc BF/ENH: fixed so xarf-login-attack works 2013-12-01 17:49:35 +11:00
Daniel Black 0495aa098e BF: grep matches on <ip> shouldn't include other IPs 2013-11-30 18:01:45 +11:00
Daniel Black 95845b7b65 BF: complain action could match too many IP addresses 2013-11-30 17:47:10 +11:00
Daniel Black 5cc7173fd4 ENH: add xarf email sender for login-attack type 2013-11-30 14:16:26 +11:00