Commit Graph

1263 Commits (809873f3592840659df6386020b3a9b45696036c)

Author SHA1 Message Date
Yaroslav Halchenko 46e2de98ff Merge pull request #97 from grooverdan/simplefix
name -> IP is a normal DNS lookup not a reverse
2012-12-12 06:08:14 -08:00
Yaroslav Halchenko 620d6015ac Merge pull request #98 from grooverdan/gitignore
ignore build directory and compiled python bits
2012-12-12 06:07:09 -08:00
Daniel Black fd7929863b name -> IP is a normal DNS lookup not a reverse 2012-12-12 21:59:01 +11:00
Daniel Black b95dc592b9 ignore build directory and compiled python bits 2012-12-12 21:43:27 +11:00
hamilton5 266cdc29a6 Update config/filter.d/dovecot.conf
even tho not on the fail2ban site..
suggested to not be greedy by yarikoptic
2012-12-11 12:09:28 -05:00
hamilton5 ccc62ddbf3 Update testcases/files/logs/dovecot 2012-12-11 12:05:01 -05:00
Yaroslav Halchenko 67145d8b78 ENH: assure that all date templates have unique names 2012-12-11 11:18:52 -05:00
Yaroslav Halchenko d1625253eb ENH: debug msgs on which template was taken (+ use "is" for None comparisons) 2012-12-11 11:18:52 -05:00
Yaroslav Halchenko 2b6366656f BF: make sorting of date templates stable
Before, it would first do stable sort followed with explicit reverse.
Now reverse is given as an argument to sort, and it results in actually
preserving the order in case of e.g. no sorting needed
2012-12-11 11:18:52 -05:00
Yaroslav Halchenko 7bd977e2df ENH: fail2ban-testscases -- allow to specify regexps for tests to be ran
Eventually we will switch to use nose or py.test -- for now this
homebrew solution could be used to run selected suites only
2012-12-11 11:18:52 -05:00
hamilton5 c534c1d03d Update testcases/files/logs/dovecot 2012-12-11 11:05:22 -05:00
hamilton5 e040c6d8a3 Update config/filter.d/dovecot.conf
site actually needs updated because of <HOST> alias 
per Notes above.
2012-12-11 03:26:14 -05:00
hamilton5 7ede1e8518 Update config/filter.d/dovecot.conf
added failregex line for debian and centos per 
http://www.fail2ban.org/wiki/index.php/Talk:Dovecot
2012-12-10 19:17:04 -05:00
Yaroslav Halchenko fc27e00290 ENH: tune up sshd-ddos to use common.conf and allow training spaces 2012-12-07 15:24:34 -05:00
Yaroslav Halchenko 51a3be2d79 Getting ready for 0.8.8 release (changelog, version boost) 2012-12-05 22:51:29 -05:00
Yaroslav Halchenko 37a2e59d69 BF: guarantee that IP is stored as a base, non-unicode str (Closes gh-91)
Otherwise it might lead to spurious characters dumped into the
terminal at few places, unless casted upon every use in the logs.  To
prevent those issues in the source, store IP as a basic string if it
is a string at all
2012-11-26 12:01:42 -05:00
Yaroslav Halchenko 03b31398aa ENH: BF (forgotten import) for prev commit + removed duplicate Author, adjusted __ fields for that in fail2ban-* scripts 2012-11-09 08:58:19 -05:00
Yaroslav Halchenko 9e7a3b7a04 ENH: until we make it proper module -- adjust sys.path only if system-wide run 2012-11-09 08:57:33 -05:00
Yaroslav Halchenko 348239cf14 ENH: fail2ban-testcases-all -- pass cmdline options to fail2ban-testcases 2012-11-07 11:34:20 -05:00
Yaroslav Halchenko f10537941b ENH: To help with gh-87 added hints into the log on some failure return codes (e.g. 0x7f00 for this one) 2012-11-07 11:33:17 -05:00
Yaroslav Halchenko efc4fd5f0b ENH: trying to go native travis-ci python way to take advantage of virtualenv's with older pythons 2012-11-06 22:05:41 -05:00
Yaroslav Halchenko 29aef9381a BF: typo 2012-11-06 21:48:44 -05:00
Yaroslav Halchenko 39172a99c5 BF: added a little shell script to excercise tests against all available Python versions
also report Python version inside fail2ban-testcases
2012-11-06 21:45:55 -05:00
Yaroslav Halchenko ef2ea965c8 ENH: travis -- try to run tests against all available python versions 2012-11-06 14:12:35 -05:00
Yaroslav Halchenko da626b51cc NF: rudimentary .travis.yml for travis-ci.org service 2012-11-06 14:00:27 -05:00
Yaroslav Halchenko b159eabb51 BF: do not enable pyinotify backend if pyinotify is too old (Closes gh-80) 2012-11-06 13:14:42 -05:00
Yaroslav Halchenko 63237a785e DOC: forgotten --help entry for " unban " 2012-11-05 21:50:49 -05:00
Yaroslav Halchenko f52ba9923a ENH: downgrade "already banned" from WARN to INFO level (Closes gh-79)
Most of the time it is a benign latency effect so nothing to warn about.
2012-11-05 21:30:07 -05:00
Yaroslav Halchenko 1e12c220e6 minor: added a note on now "negative" log entries on "POSSIBLE BREAK-IN ATTEMPT" 2012-11-05 21:22:33 -05:00
Yaroslav Halchenko 6ecf4fd80a Merge pull request #64 from sourcejedi/remove_sshd_rdns
Misconfigured DNS should not ban *successful* ssh logins

Per our discussion indeed better (and still as "safe") to not punish users behind bad DNS
2012-11-05 18:20:37 -08:00
Yaroslav Halchenko b773ed617b DOC: minor "fixes" in DEVELOP 2012-11-05 21:12:03 -05:00
David Engeset 2d672d1c81 Added in while loop to process the Fail Manager after the requested banned IP was added to its queue. This solves the issue of needing to touch the log file that is being monitored to get the IP to be banned accordingly. Added in import of FailManagerEmpty exception class. 2012-11-05 20:38:40 -05:00
Yaroslav Halchenko f14c7ae401 ENH: refactored previous commit to make it more Pythonic (With prev commit closes gh-86, gh-81) 2012-11-05 20:37:06 -05:00
David Engeset 6288ec2757 Added in command option to unban and IP, just like using 'banip'. Command looks like: fail2ban-client set <jail name> unbanip <ip> 2012-11-05 20:11:28 -05:00
Yaroslav Halchenko 8e64c281dd BF: in code we should use MyTime wrapper instead of time module directly
to allow for some tests to work correctly
2012-11-05 20:09:15 -05:00
Yaroslav Halchenko 09355663f7 BF: (python 2.4) -- access to staticmethod should go via Class
TODO: get away from using all those staticmethods in f2b
2012-11-05 16:54:19 -05:00
Yaroslav Halchenko 5becaf8ef2 BF: (python 2.[45]) store backends names in a list to use .index later on (Closes gh-83)
.index() got into tuple's API only in 2.6
2012-11-01 15:34:20 -04:00
Yaroslav Halchenko 9510619b7b ENH: minor -- print out why skipping a backend while testing 2012-11-01 15:24:32 -04:00
Yaroslav Halchenko 652b5a77e0 BF: fixing current version string to contain the patch index, i.e. ".1" Thanks Fabian Fischer 2012-10-10 08:39:18 -04:00
Yaroslav Halchenko 83109bce14 BF: escape the content of <matches> since its value could contain arbitrary symbols 2012-10-08 22:14:51 -04:00
Yaroslav Halchenko 6ee2c0a014 DOC: untabified for proper formatting + trailing spaces 2012-10-03 09:12:37 -04:00
Yaroslav Halchenko 282724a7f9 ENH: join both failregex for lighttpd-auth into a single one
they are close in meaning
should provide a slight run-time performance benefit
2012-09-30 11:30:24 -04:00
Yaroslav Halchenko cc5d410004 Merge pull request #77 from sciunto/lightty
Lighttpd: support auth.backend = "htdigest"
2012-09-30 08:28:12 -07:00
François Boulogne 958a1b0a40 Lighttpd: support auth.backend = "htdigest" 2012-09-30 13:27:21 +02:00
Yaroslav Halchenko 2a225aa6ee Added a warning within "complaint.conf" action about care with enabling it 2012-08-13 23:03:52 -04:00
Yaroslav Halchenko 2d66f31ef5 ENH: instead of "Invalid command" warning log exception why command failed 2012-08-02 19:48:59 -04:00
Yaroslav Halchenko 0b5c66fb59 Changelog for the fix -- will rerelease 0.8.7.1 2012-07-31 21:45:04 -04:00
Yaroslav Halchenko 6b7544a63a BF: removed sneaked a commented out sys.path.insert 2012-07-31 21:45:03 -04:00
Yaroslav Halchenko c06c504a8e Adjusted changelog to reflect the last change 2012-07-31 15:54:33 -04:00
Yaroslav Halchenko 2082fee7b1 ENH: match possibly present "pam_unix(sshd:auth):" portion for sshd (Closes: #648020) 2012-07-31 15:53:41 -04:00