github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
1,038 Commits
32 Branches
229 Tags
17 MiB
Commit Graph

1038 Commits (7c409dd24fbbef88e0d972e20d5f4223a06dce5d)

Author SHA1 Message Date
Steven Hiscocks 4bbbc07872 Added additional Transmitter tests, and some associated fixes 
This includes some tweaks such that errors are raised for certain
commands
 2013-03-10 14:55:39 +00:00
Yaroslav Halchenko a6cf3246d0 Merge pull request #135 from grooverdan/dev-doco-2 
Dev doco 2
 2013-03-10 06:31:29 -07:00
Daniel Black d0d89b4321 TODO: test filters/examples files 2013-03-10 17:47:52 +11:00
Daniel Black 8b91b58e2d add corresponding ChangeLog entry 2013-03-10 17:47:41 +11:00
Daniel Black 23bbc60b1c do catch all exception 2013-03-10 17:10:40 +11:00
Yaroslav Halchenko b03e046370 Merge pull request #133 from grooverdan/development-code-coverage 
coverage pragma comments, improved documentation for the developers
 2013-03-09 21:30:05 -08:00
Daniel Black a0f088be25 ENH: typo + head -1 has been deprecated for 10+ years. 2013-03-10 16:28:45 +11:00
Daniel Black 7cd6dab7f0 ENH: add help command 2013-03-10 15:45:54 +11:00
Daniel Black f0610c01d5 BF: allow more than single word for command action[start,stop,ban,unban,check] and for setcinfo too 2013-03-10 15:29:48 +11:00
Daniel Black c8c7b0b984 BF: general Exception catch was excessive. Only IOError and OSError are possible and has different meanings 2013-03-10 15:29:27 +11:00
Daniel Black 3665e6dc44 Add development documentation and framework for code coverage measurement 2013-03-10 15:18:42 +11:00
Daniel Black 00ad4d56a7 FSF address changes missing from previous 2013-03-10 15:18:09 +11:00
Yaroslav Halchenko 6e77427516 refresh generated manpages (since 0.8.2 state) 2013-03-07 13:03:49 -05:00
sebres d17b415371 invalid date recognition, irregular because of sorting template list (sometimes not reproducible by fail2ban-regex, cause will be not sorted) 
date in following log line (from nginx) will be wrong detected:
2012/10/11 02:37:17 [error] 18434#0: *947 user "test" was not found in "/www/...", client: 192.168.1.5, ...

sometimes it is [correct] - 2012/10/11 (%Y/%m/%d) = 1349919861.71
sometimes it is [invalid] -   12/10/11 (%d/%m/%y) = 1349915838.06
and older as now - 1800 seconds (therefore will be not found)

solution: regular expression fixed, cause date in log used always after non symbol (\W) character, so r"\d{2}/\d{2}/\d{2}" will be r"(?<!\w)\d{2}/\d{2}/\d{2}".
 2013-03-05 00:02:39 +01:00
Yaroslav Halchenko 59c35bc44a Downgrade log rotation detection message to DEBUG level from INFO. Closes: gh-129 
This message useful only when debugging problems so it is more reasonable
to have it suppressed otherwise
 2013-03-01 19:57:56 -05:00
Yaroslav Halchenko c7ab71ae1f Merge pull request #124 from kwirk/servertestcase 
Rewrite and enable server testcases + fixed few bugs along the way (logging, missing assignment)
 2013-02-22 06:32:11 -08:00
Steven Hiscocks 6aadd6b7dc Merge pull request #1 from yarikoptic/servertestcase 
Servertestcase -- resolving issues with logging while running on python 2.4 and 2.5
 2013-02-22 00:20:15 -08:00
Yaroslav Halchenko 154aa38e3f BF: do not shutdown logging until all jails stop -- so move into Server.quit() 
Together with previous commit it should resolve failures with the server tests on python < 2.6
 2013-02-21 20:59:46 -05:00
Yaroslav Halchenko 012264dce1 BF: safeguard closing of log handlers + close in reverse order 
otherwise there might be "stuck" handler in the queue. and closing
exceptions can occur -- even stock logging guards in recent versions
 2013-02-21 20:58:27 -05:00
Steven Hiscocks b36835f6f0 Added transmitter get cinfo option for action 2013-02-20 23:33:39 +00:00
Steven Hiscocks b6a68f5138 Fix for missing value in transmitter delaction 2013-02-20 23:24:46 +00:00
Steven Hiscocks 088e40c481 Rewrite and enable server testcase for Transmitter 2013-02-20 23:14:42 +00:00
Yaroslav Halchenko a8bd9c20a0 Merge branch 'master' of git://github.com/fail2ban/fail2ban 
* 'master' of git://github.com/fail2ban/fail2ban:
  add blocking type
  add example jail.conf for blocking through blackhole routes for ssh
  add support for blocking through blackhole routes
 2013-02-18 23:12:06 -05:00
Yaroslav Halchenko 40c5a2d996 ENH: adding more of diagnostic messages into -client while starting the daemon 2013-02-18 23:08:44 -05:00
Yaroslav Halchenko d5ae28facf Merge pull request #104 from gebi/t/route 
add support for blocking through blackhole routes
 2013-02-18 08:01:34 -08:00
Michael Gebetsroither a37ed388e7 Merge pull request #1 from grooverdan/route 
add blocking types
 2013-02-18 03:14:33 -08:00
Steven Hiscocks 294f073741 Typo in default pidfile in fail2ban.conf 2013-02-17 22:42:24 +00:00
Yaroslav Halchenko ec3080cba5 Reincarnated removed (by mistake) test for SplitAction 2013-02-17 17:21:03 -05:00
Yaroslav Halchenko 2312b1d950 ENH: made log messages while parsing files more informative + test for inaccessible file (Closes: gh-24) 2013-02-17 17:19:09 -05:00
Steven Hiscocks ce3ab34dd8 Added ability to specify PID file 2013-02-17 22:14:01 +00:00
Yaroslav Halchenko 5c9a9b1129 Merge remote-tracking branch 'github_kwirk_fail2ban/upstream#24' into _tent/conf_d 
Merge is done with -X ours -- since I have implemented more generic handling
for config files, including now the ones under .d/ subdirectories.

* github_kwirk_fail2ban/upstream#24:
  Fix up for warning/error for inaccessible config files
  Warn if config file present but unreadable
 2013-02-17 17:05:30 -05:00
Yaroslav Halchenko 9ba27353b6 NF: allow customization configuration under corresponding .d directories (Closes gh-114) 
Additional changes:
  ENH: make basedir for Config's a kwarg to the constructor
  ENH: improved analysis/reporting on presence/accessibility of config
       files.  Got carried away and forgot about existing  work done by
	   Steven Hiscocks in the gh-115 -- will merge it in the next
       commit for the fair ack of his work

Now for any X.conf configuration file we have following ways to
provide customizations

  X.local -- read after .conf (kept for backward compatibility)
  X.d/ -- directory to contain additional .conf files, sorted
               alphabetically, e.g
  X.d/01_enable.conf       - to enable the jail
  X.d/02_custom_port.conf  - to change the port

X could be a 'jail' or 'fail2ban' or any other configuration file in
fail2ban.

Mention that all files still must contain the corresponding sections
(most of the time duplicating it across all of them).
 2013-02-17 17:03:23 -05:00
Daniel Black 47b1ee39d8 add blocking type 2013-02-17 12:44:15 +11:00
Yaroslav Halchenko 8cf006827e BF: remove path from grep call in sendmail-whois-lines.conf Closes: gh-118 2013-02-12 08:48:05 -05:00
ArndRa 6cd358ee95 Update config/filter.d/sogo-auth.conf 
Comment line in the top altered to fit file name. My local file was named differently...
 2013-02-12 10:45:37 +01:00
Yaroslav Halchenko 6004fe7a94 just trailing spaces in setup.py 2013-02-11 16:17:52 -05:00
ArndRa 35bf84abad Create sogo-auth.conf 
Regexp works with SOGo 2.0.5 or newer, following new feature implemented here: http://www.sogo.nu/bugs/view.php?id=2229
 2013-02-11 08:19:48 -08:00
ArndRa 52f952e645 Update config/jail.conf 
Update to use the new sogo-auth filter
 2013-02-11 17:14:29 +01:00
Yaroslav Halchenko f8983872ad BF: return str(host) to avoid spurious characters in the logs (Close gh-113) 
thanks to opoplawski@github
 2013-02-01 16:24:04 -05:00
Yaroslav Halchenko 5f2d3832f7 NF: roundcube-auth filter (to close Debian #699442, needing debian/jail.conf section) 2013-01-31 14:41:34 -05:00
Steven Hiscocks 9c2e0cbbc8 Fix up for warning/error for inaccessible config files 2013-01-31 18:36:23 +00:00
Steven Hiscocks bf5f46c3d5 Warn if config file present but unreadable 2013-01-30 19:57:03 +00:00
Yaroslav Halchenko d561a4c2bb BF: do not rely on scripts being under /usr -- might differ eg on Fedora -- rely on import of common.version (Closes gh-112) 
This is also not ideal, since if there happens to be some systemwide common.version -- we are doomed

but otherwise, we cannot keep extending comparison check to /bin, /sbin whatelse
 2013-01-28 09:54:12 -05:00
Yaroslav Halchenko acab23bdfe RF: move exceptions used by both client and server into common/exceptions.py 
this prevents importing of server while operating with client only
 2013-01-28 09:46:50 -05:00
Yaroslav Halchenko f8c8a5583e Merge remote-tracking branch 'gh-yarikoptic/master' 
* gh-yarikoptic/master:
  BF: pyinotify - use bitwise op on masks and do not try tracking newly created directories
 2013-01-26 12:36:49 -05:00
Yaroslav Halchenko c900c08eed Merge pull request #111 from opoplawski/nonettest 
Initial support for --no-network option for fail2ban-testcases (Closes gh-110)
 2013-01-25 16:45:01 -08:00
Orion Poplawski 431489c9b9 Remove unneeded setting of opts.no_network 2013-01-25 14:19:10 -07:00
Yaroslav Halchenko 6b2e76ba7f BF: pyinotify - use bitwise op on masks and do not try tracking newly created directories 2013-01-25 16:06:41 -05:00
Orion Poplawski fdd9dfb4b5 Initial support for --no-network option for fail2ban-testcases 2013-01-25 12:56:00 -07:00
Yaroslav Halchenko b8a861d012 Merge remote-tracking branch 'gh-yarikoptic/master' 
* gh-yarikoptic/master:
  ENH: Added login authenticator failed regexp for exim filter
  DOC: Mention that logrotate configuration needs to be adjusted if logtarget is changed (Closes: #697333)
 2013-01-25 13:27:30 -05:00