github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5,106 Commits
33 Branches
229 Tags
20 MiB
Commit Graph

5106 Commits (7eac4ac06fb03b8fce9b5d8bd368493482a1efe7)

Author SHA1 Message Date
sebres 7eac4ac06f fail2ban-regex: accepts filter parameters with new-line 2022-03-03 14:46:16 +01:00
László Károlyi f380d6202d cherry pick #3210 from master 2022-02-09 15:43:21 +01:00
sebres cdb6a46945 systemd backend: better avoidance of landing in dead space by seeks over journals; 
increase verbosity and stability of few systemd tests (fixes sporadic timing issues);
seekToTime doesn't need to convert float to datetime, because seek_realtime accepts it as unix time (we need to convert integers only, since it means microseconds and deprecated);
 2022-02-09 14:47:40 +01:00
sebres 498e473a10 filter.d/courier-auth.conf: consider optional port after IP, regex is rewritten without catch-all's and right anchor, so it is more stable against further modifications now; 
closes #3211
 2022-02-09 12:18:23 +01:00
sebres 8013cf0b90 python actions have no attribute 'consistencyCheck' by default; 
closes gh-3214
 2022-02-08 19:57:40 +01:00
sebres 810386a265 filter.d/dovecot.conf: parse everything in parenthesis by auth-worker info, e. g. can match (pid=...,uid=...) too 
(amend to 92f90038fa)
 2022-02-08 19:21:37 +01:00
sebres c7ae74ce17 amend to a147a8b0e1b2f32b6f191932afd3c2db9765e2e3: systemd journal test-cases - additional check appropriate default settings (if testing as not root/sudoer) 2022-02-08 19:10:22 +01:00
sebres bf689c27b8 filter.d/sshd.conf: `ddos` mode extended - recognizes messages "kex_exchange_identification: Connection closed / reset by pear" (fixed possible regression of f77398c49d); 
closes gh-3086
 2022-01-18 15:42:35 +01:00
sebres 8bf15db688 filter.d/sshd.conf: `ddos` mode extended - recognizes new message "banner exchange: invalid format" generated by port scanner, https payload on ssh port; 
closes gh-3169
 2022-01-18 15:41:27 +01:00
Sergey G. Brester 8f83242c25
suppress unneeded info (moved to debug level) 
see #3186
 2021-12-20 15:39:57 +01:00
sebres 25a61ce632 Merge branch 'gh-actions--test-systemd' into 0.10 + several revisions cherry-picked from 0.11/master 2021-12-02 18:48:59 +01:00
sebres 21d94ff178 amend to fix gh-3098: no option `--disable-2to3` anymore 2021-12-02 18:44:24 +01:00
sebres 196c55e931 fix gh-3098: build fails with error in fail2ban setup command: use_2to3 is invalid (setuptools 58+) 2021-12-02 18:44:22 +01:00
sebres 0fa76ef75a gh-actions: temporary ignore tests of systemd backend for python >= v.3.10 (otherwise it fails with "PY_SSIZE_T_CLEAN macro must be defined for '#' formats") 2021-12-02 18:33:10 +01:00
sebres a147a8b0e1 gh-actions: coverage for systemd backend (to monitor journals in test-suite in GHA-env we need to use 0 as default flags, because otherwise it cannot be found using SYSTEM_ONLY(4)) 2021-12-02 18:33:08 +01:00
sebres 1bcb62e31c gh-actions: python releases upgrade + debug/test systemd backend availability in GHA 2021-12-02 18:33:05 +01:00
sebres a57643404c mytime.seconds2str: small amend with speed-up, code simplification and few tests 2021-11-04 14:34:04 +01:00
sebres ebf5784b8c Merge branch 'fix-gh-2882' into 0.10 
closes gh-2882
 2021-11-03 15:47:45 +01:00
sebres 3b02098817 several backends optimizations (in file and journal filters): 
- don't need to wait if we still had log-entries from last iteration (which got interrupted for servicing)
- rewritten update log/journal position, it is more stable and faster now (fewer DB access and surely up-to-date at end)
 2021-11-03 15:41:50 +01:00
sebres 96661f25ab filtersystemd.py: fixes wrong time point of "in operation" mode 
todo: need more tests to cover any step of switch to inOperationMode (all branches)
 2021-11-03 15:41:40 +01:00
sebres 7678f59827 better format of time delta (using seconds2str); increase stability for systemd test-cases 2021-11-03 12:57:57 +01:00
sebres 4b54a07d71 Revert "`action.d/firewallcmd-*.conf` (multiport only): fixed port range selector, replacing `:` with `-`;" 
This reverts the incompatibility #3047 introduced by commit a038fd5dfe (#2821).
 2021-11-01 11:45:40 +01:00
Sergey G. Brester 98c7dd04a4
Merge pull request #3037 from floppym/bug794931 
tests: improve detection of readable systemd journal
 2021-10-22 15:34:47 +02:00
Mike Gilbert d91d949e95 tests: improve detection of readable systemd journal 
Look for system.journal in journal sub-directory.
Add -readable to the find command.

Bug: https://bugs.gentoo.org/794931
 2021-10-19 11:08:04 -04:00
Sergey G. Brester 8e3a26bdeb
Merge pull request #3117 from fail2ban/gh-3116 
filter.d/lighttpd-auth.conf: adjust to the current source code, avoid catch-all's, etc
 2021-10-01 15:09:09 +02:00
Sergey G. Brester ba839af8ad
filter.d/lighttpd-auth.conf: adjusted to the current source code + avoiding catch-all's, etc (gh-3116) 2021-10-01 15:03:24 +02:00
Sergey G. Brester f8f59dd31a
added test cases covering different messages adjusted to new log-format (gh-3116) 2021-10-01 14:58:25 +02:00
Sergey G. Brester 5ee482bc9a
Merge pull request #3053 from db48x/fix-grammar-of-timestamp-warnings 
Improve grammar and readability of timestamp warnings
 2021-09-21 16:16:52 +02:00
Sergey G. Brester d086317cc8
Update filter.py 2021-09-21 16:05:53 +02:00
Sergey G. Brester 17eed32e03
Update filtertestcase.py 2021-09-21 16:00:37 +02:00
sebres 621d8cae17 restore backwards compatibility for date None 2021-09-20 02:20:22 +02:00
sebres ec043cd202 simplifying logic and shortening messages (delta in minutes; removed clock synchronization, because it is rarely an issue on fail2ban side, e. g. for remote logs only, etc) 2021-09-19 21:58:42 +02:00
Daniel Brooks d7afcde2e1 add a warning message for dates in the future 
and a test that checks which message was output for which time deltas.
 2021-09-19 19:39:52 +02:00
Daniel Brooks 1929e7a76b include more specific information in the warning 2021-09-19 19:39:49 +02:00
Daniel Brooks 320a3dcdd5 remove old warnings from filtertestcase.py 
assertLogged only checks that at least one listed message is found, so
it isn’t necessary to repeat them in the test.
 2021-09-19 19:39:45 +02:00
Daniel Brooks a98cc08b31 Updated the warning messages created when fail2ban sees unexpected timestamps 
to improve their grammar and to remove jargon.

Partially fixes #2822
 2021-09-19 19:39:41 +02:00
sebres 974ba688d4 Merge branch 'patch-3098' into 0.10 2021-09-19 18:41:24 +02:00
Sergey G. Brester 7f22c4873a
remove 2to3 in setup (should be called outside before setup) 2021-09-19 18:36:02 +02:00
Sergey G. Brester 1414a44b8e
Update main.yml 
CI: try to install dependencies via apt, add build test
 2021-09-19 18:24:36 +02:00
sebres c0f9348db5 Merge branch 'sebres/gh-3097--fix-unh-except' into 0.10; 
closes #3097
 2021-09-08 20:08:30 +02:00
sebres d709ec8179 GH actions: use newest python version for 3.10 (3.10.0-rc.2) 2021-09-08 20:00:41 +02:00
sebres ba282b794c pyinotify: amend to 1e4a14fb25d88e32f3ca9c06fb1d6b8d3b4813ab: one fix more for sporadic runtime error "dictionary changed size during iteration" (watched files) 2021-09-08 19:56:02 +02:00
sebres e323c148e1 backend systemd: fixes error "local variable 'line' referenced before assignment", introduced in 55d7d9e214f72bbe4f39a2d17aa004d80bfc7299; 
don't update database too often (every 10 ticks or ~ 10 seconds in production);
closes gh-3097
 2021-09-08 19:44:49 +02:00
sebres 1e4a14fb25 pyinotify: fixes sporadic runtime error "dictionary changed size during iteration" (if something outside changes the pending dict during _checkPending evaluation) - simply deserialize to a list for iteration, without any lock, because unneeded here due to small and mostly empty dictionary (logrotate, etc), not to mention that pending check is normally called once per minute; 
don't call process file inside of server thread calling of addLogPath (always retard it as pending event);
ensure to wake-up as soon as possible to process pending events (e. g. if file gets added).
 2021-09-08 19:17:44 +02:00
sebres 2f99d5accb test coverage for unhandled exception in run of several filter (gh-3097) 2021-09-08 18:22:31 +02:00
sebres e3f2fcfab4 merge point (GHSA-m985-3f3v-cwmm 0.9/0.10) 2021-07-07 11:50:49 +02:00
sebres 2ed414ed09 fixed possible RCE vulnerability, unset escape variable (default tilde) stops consider "~" char after new-line as composing escape sequence 
closes GHSA-m985-3f3v-cwmm for 0.9
 2021-07-07 11:46:28 +02:00
sebres 410a6ce5c8 fixed possible RCE vulnerability, unset escape variable (default tilde) stops consider "~" char after new-line as composing escape sequence 2021-06-21 17:12:53 +02:00
sebres 92f90038fa filter.d/dovecot.conf: extended to match prefix like `conn unix:auth-worker (uid=143): auth-worker<13247>:` (authenticate from external service like exim), gh-2553 2021-05-29 21:12:34 +02:00
sebres 8b984a0135 filter.d\exim-common.conf: pid-prefix extended to match `mx1 exim[...]:` (gh-2553) 2021-05-29 20:47:56 +02:00