fail2ban

Commit Graph

Author	SHA1	Message	Date
Georges Racinet	7b93f111e1	test_smtp inconsistency for py3+IPv6 It appears that, under Python3, on an IPv6 enabled machine, the testing SMTP server on 'localhost' can turn out to listen on ::1 only, which makes those tests break if the SMTP client part uses 127.0.0.1 directly. Using 'localhost' there as well makes the tests pass.	8 years ago
sebres	873f97c6c5	Merge branch '0.9-log-level-msg' into 0.10	8 years ago
sebres	7982d1e627	Update ChangeLog	8 years ago
sebres	e8596cfce7	amend resp. restore of change from `59c35bc44a` (gh-129): - logging of "Log rotation detected" with new MSG level - introduces new log-level MSG (as INFO-2, 18)	8 years ago
Serg G. Brester	d26060ead0	Update ChangeLog belongs to #1733	8 years ago
Serg G. Brester	cea8ba7831	Merge pull request #1733 from sebres/0.10-repl-skiplines Normalizes replacement of `<SKIPLINES>` + no multiline failregex per default	8 years ago
Seth Reeser	c82495353f	Update mysqld-auth.conf (#1725 )	8 years ago
Serg G. Brester	52c1950371	Update mysqld-auth.conf small typo, closes gh-1725 (Thx @seth-reeser)	8 years ago
sebres	6ac5c55edc	the sequence in args-dict is currently undefined (so can be 1st argument with `?` instead of `&`)	8 years ago
sebres	990d9a66da	fail2ban-regex: fixed matched output by multi-line (buffered) parsing + and multi-line debuggex URL; test coverage extended;	8 years ago
sebres	bc888e0753	Regex compiled in multi-line parsing mode only if `maxlines` > 1 (buffering), if however expected - prefix `(?m)` could be used in regex to enable it; Removed warning "Mutliline regex set for jail ... but maxlines not greater than 1", because can be expected situation now: non multi-line entry from systemd-filter containing new-lines (that should be ignored by anchors resp. entry parsed as single string); small code review;	8 years ago
sebres	61c1bdfe79	Normalizes replacement of `<SKIPLINES>` (moved to _resolveHostTag, so will be replaced together with another tags); Regex will be compiled as MULTILINE only if needed (buffering with `maxlines` > 1), that enables: - improve performance by the single line parsing; - make regex more precise (because distinguish between anchors `^`/`$` for the begin/end of string and the new-line character '\n', e. g. if coming from filters (like systemd journal) that allow the parsing of log-entries contain new-line chars (as single entry);	8 years ago
Serg G. Brester	b650503f00	Merge pull request #1732 from sebres/0.10-ignoreself 0.10 `ignoreself` for ignore own IP addresses	8 years ago
sebres	e7052e9625	update man/jail.conf.5 (docu for the ignoreself)	8 years ago
sebres	30352c5f03	fix sporadic coverage changes (sometimes produces "no such process" in popen.poll after terminate/kill in timeout test cases)	8 years ago
sebres	663bc9903d	increase coverage (was decreased since "ignoreip" was set to default empty)	8 years ago
sebres	6c4b1c7204	Update ChangeLog	8 years ago
sebres	5e93bf9bd3	Introduced new option "ignoreself", specifies whether the local resp. own IP addresses should be ignored (default is true). Fail2ban will not ban a host which matches such addresses. Option "ignoreip" affects additionally to "ignoreself" and don't need to include the DNS resp. IPs of the host self.	8 years ago
Serg G. Brester	1e6787877a	Merge pull request #1726 from sebres/0.10-grave-fix-escape-tags-1st 0.10 fix escape tags	8 years ago
sebres	6ba0546824	code review and inline docu	8 years ago
Serg G. Brester	7a03c964c2	Update ChangeLog	8 years ago
sebres	bb9541b7a9	Merge pull request #1728 from sebres/_0.10/fix-gh-1719	8 years ago
sebres	43d2cae8da	small amend that correct log trace output by forget MLFID (outputs the reason why it was forgotten - close, disconnect, etc.)	8 years ago
sebres	b6886f2e51	SampleRegexsFactory extended with optional filter constraint, if testing the same log-file with multiple filters (no possibility to match by the old sshd-filter 'zzz-sshd-obsolete-multiline')	8 years ago
sebres	1971fd4bd3	don't remove MLFID from cache (can recognize multiple attempt within the same connection)	8 years ago
sebres	f13fac5ae9	amend to 5561423be3b2d4636f5484183c3ad470fd326d06: fixed incorrect failure counting despite the `<F-NOFAIL>` marked regex; extra: introduced new tag `<F-MLFFORGET>` as mark to forget current multi-line MLFID (e. g. connection closed); Closes gh-1727	8 years ago
sebres	32f3c1dbf3	test coverage	8 years ago
sebres	57e9c25449	bug fix in the config readers: mixing with the init section should affect only own init options (from init section only bypass default section); the situation details: value of "_daemon" from default section "default" (with init section) falsely overwrites it from definition section "test" - the resulting value of "_daemon" should be "test" in all 3 resulting failregex's (as specified in test.local), fixed and covered now; additionally more complex cases covered also (all filter parameters in jail via "%(known/...)s", dynamical interpolation across all, etc);	8 years ago
sebres	4f1473724b	fixed grave vulnerability by wrong escape of tags by executing of shell actions	8 years ago
sebres	e5c9f9ec1c	[interim commit] try to fix possible escape vulnerability in actions	8 years ago
sebres	93ec9e01d4	fixes a small blemish by output in beautifier; command "unban" returns a count of tickets that were flushed	8 years ago
Serg G. Brester	da808fe67b	Merge pull request #1720 from sebres/_0.10/fix-gh-1719 fix gh-1719: sshd format changed	8 years ago
sebres	5561423be3	filter.d/sshd.conf: fixed failregex format - some parts are optional, new ddos more precise rule (Connection reset by with host entry); closes gh-1719	8 years ago
sebres	97d417926d	repairs testing of missing samples for all regex after filter settings (mode) changed	8 years ago
sebres	482e5265d7	output execution time of each test case if verbosity > 2	8 years ago
Serg G. Brester	77229a65b5	Merge pull request #1716 from sebres/fix-stop-replace-in-callable Prohibit recursive replacement of action info (calling map)	8 years ago
sebres	ccfd1ccb2d	code review, increase coverage, etc.	8 years ago
sebres	5030e3a122	[Important] Prohibit replacement of recursive "tags" in the action info resp. calling map (very bad idea to do this): - the calling map contains normally dynamic values only (no recursive tags); - recursive replacement can be vulnerable, because can contain foreign (user) input captured from log (will be replaced in the shell arguments);	8 years ago
sebres	c1da6611ec	[BF] prevents always converting of calling map items in replaceTag (without direct access of item): substituteRecursiveTags: ignore replacing callable items from calling map - should be converted on demand only (by get)	8 years ago
sebres	92d83274d9	fixes cache overload in the test cases (increase max count and max time of CACHE_ipToName - too many entries in mock-up preset, longer time testing)	8 years ago
Serg G. Brester	3fec546fc0	Merge pull request #1715 from sebres/fix-f2b-regex-debuggex-url fail2ban-regex debuggex url fix	8 years ago
sebres	295f7b88c9	increase coverage	8 years ago
sebres	3cba2310ff	Fixes debuggex URL (tag replacement) and missing line stat by matched lines (without time - `matched_lines_timeextracted`); Closes gh-1394	8 years ago
Serg G. Brester	1bcde678c6	Merge pull request #1710 from sebres/0.10-test-with-filter-options 0.10 filter options extension	8 years ago
sebres	30b53bb2ce	update ChangeLog and man/fail2ban-regex.1	8 years ago
sebres	eb3623e90c	configreader.py: correct reading real relative path (starting with "./"); fail2ban-regex: catch read exceptions by wrong config files (raise exception in verbose mode only);	8 years ago
sebres	6a26602ba8	allow to use filter options by fail2ban-regex, example: fail2ban-regex text.log "sshd[mode=aggressive]"	8 years ago
sebres	8af7a73bfc	update ChangeLog	8 years ago
sebres	0c1707afda	filter.d/sshd.conf: - optional parameter `mode` rewritten: normal (default), ddos, extra or aggressive (combines all), see sshd for regex details); test cases reformatted (since "filterOptions", we don't need multiple test log-files anymore);	8 years ago
sebres	7e442c5b27	filter.d/sendmail-reject.conf: - rewritten using `prefregex` and used MLFID-related multi-line parsing (by using tag `<F-MLFID>` instead of buffering with `maxlines`); - optional parameter `mode` introduced: normal (default), extra or aggressive (see sendmail-reject for regex details); test cases extended	8 years ago

1 2 3 4 5 ...

4023 Commits (7b93f111e1cd137a4d4935e276ae32b712d37008) All Branches Search

4023 Commits (7b93f111e1cd137a4d4935e276ae32b712d37008)

All Branches