github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
1,744 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

1744 Commits (8332f6a3afb104da3025a264a6d11b10ebb04bf2)

Author SHA1 Message Date
Yaroslav Halchenko 5e5eaaf838 Merge pull request #134 from grooverdan/misc-fixes 
BF: fail2ban client can't handle multi word setcinfo or action[*] values
 2013-03-10 18:01:17 -07:00
Yaroslav Halchenko 5163f02e92 Merge pull request #138 from pborreli/typos 
Those were not the typos but an alternative self-expression ;-)   Thanks @pborreli
 2013-03-10 17:58:51 -07:00
Pascal Borreli a2b29b4875 Fixed typos 2013-03-10 22:05:33 +00:00
Steven Hiscocks 4bbbc07872 Added additional Transmitter tests, and some associated fixes 
This includes some tweaks such that errors are raised for certain
commands
 2013-03-10 14:55:39 +00:00
Yaroslav Halchenko a6cf3246d0 Merge pull request #135 from grooverdan/dev-doco-2 
Dev doco 2
 2013-03-10 06:31:29 -07:00
Daniel Black d0d89b4321 TODO: test filters/examples files 2013-03-10 17:47:52 +11:00
Daniel Black 8b91b58e2d add corresponding ChangeLog entry 2013-03-10 17:47:41 +11:00
Daniel Black 23bbc60b1c do catch all exception 2013-03-10 17:10:40 +11:00
Yaroslav Halchenko b03e046370 Merge pull request #133 from grooverdan/development-code-coverage 
coverage pragma comments, improved documentation for the developers
 2013-03-09 21:30:05 -08:00
Daniel Black a0f088be25 ENH: typo + head -1 has been deprecated for 10+ years. 2013-03-10 16:28:45 +11:00
Daniel Black 7cd6dab7f0 ENH: add help command 2013-03-10 15:45:54 +11:00
Daniel Black f0610c01d5 BF: allow more than single word for command action[start,stop,ban,unban,check] and for setcinfo too 2013-03-10 15:29:48 +11:00
Daniel Black c8c7b0b984 BF: general Exception catch was excessive. Only IOError and OSError are possible and has different meanings 2013-03-10 15:29:27 +11:00
Daniel Black 3665e6dc44 Add development documentation and framework for code coverage measurement 2013-03-10 15:18:42 +11:00
Daniel Black 00ad4d56a7 FSF address changes missing from previous 2013-03-10 15:18:09 +11:00
Yaroslav Halchenko 6e77427516 refresh generated manpages (since 0.8.2 state) 2013-03-07 13:03:49 -05:00
sebres d17b415371 invalid date recognition, irregular because of sorting template list (sometimes not reproducible by fail2ban-regex, cause will be not sorted) 
date in following log line (from nginx) will be wrong detected:
2012/10/11 02:37:17 [error] 18434#0: *947 user "test" was not found in "/www/...", client: 192.168.1.5, ...

sometimes it is [correct] - 2012/10/11 (%Y/%m/%d) = 1349919861.71
sometimes it is [invalid] -   12/10/11 (%d/%m/%y) = 1349915838.06
and older as now - 1800 seconds (therefore will be not found)

solution: regular expression fixed, cause date in log used always after non symbol (\W) character, so r"\d{2}/\d{2}/\d{2}" will be r"(?<!\w)\d{2}/\d{2}/\d{2}".
 2013-03-05 00:02:39 +01:00
Yaroslav Halchenko 59c35bc44a Downgrade log rotation detection message to DEBUG level from INFO. Closes: gh-129 
This message useful only when debugging problems so it is more reasonable
to have it suppressed otherwise
 2013-03-01 19:57:56 -05:00
Yaroslav Halchenko c7ab71ae1f Merge pull request #124 from kwirk/servertestcase 
Rewrite and enable server testcases + fixed few bugs along the way (logging, missing assignment)
 2013-02-22 06:32:11 -08:00
Steven Hiscocks 6aadd6b7dc Merge pull request #1 from yarikoptic/servertestcase 
Servertestcase -- resolving issues with logging while running on python 2.4 and 2.5
 2013-02-22 00:20:15 -08:00
Yaroslav Halchenko 154aa38e3f BF: do not shutdown logging until all jails stop -- so move into Server.quit() 
Together with previous commit it should resolve failures with the server tests on python < 2.6
 2013-02-21 20:59:46 -05:00
Yaroslav Halchenko 012264dce1 BF: safeguard closing of log handlers + close in reverse order 
otherwise there might be "stuck" handler in the queue. and closing
exceptions can occur -- even stock logging guards in recent versions
 2013-02-21 20:58:27 -05:00
Steven Hiscocks b36835f6f0 Added transmitter get cinfo option for action 2013-02-20 23:33:39 +00:00
Steven Hiscocks b6a68f5138 Fix for missing value in transmitter delaction 2013-02-20 23:24:46 +00:00
Steven Hiscocks 088e40c481 Rewrite and enable server testcase for Transmitter 2013-02-20 23:14:42 +00:00
Yaroslav Halchenko a8bd9c20a0 Merge branch 'master' of git://github.com/fail2ban/fail2ban 
* 'master' of git://github.com/fail2ban/fail2ban:
  add blocking type
  add example jail.conf for blocking through blackhole routes for ssh
  add support for blocking through blackhole routes
 2013-02-18 23:12:06 -05:00
Yaroslav Halchenko 40c5a2d996 ENH: adding more of diagnostic messages into -client while starting the daemon 2013-02-18 23:08:44 -05:00
Yaroslav Halchenko b951ad78c4 debian/jail.conf: added findtime and documentation on those basic options from jail.conf 2013-02-18 18:51:15 -05:00
Yaroslav Halchenko d5ae28facf Merge pull request #104 from gebi/t/route 
add support for blocking through blackhole routes
 2013-02-18 08:01:34 -08:00
Michael Gebetsroither a37ed388e7 Merge pull request #1 from grooverdan/route 
add blocking types
 2013-02-18 03:14:33 -08:00
Steven Hiscocks 294f073741 Typo in default pidfile in fail2ban.conf 2013-02-17 22:42:24 +00:00
Yaroslav Halchenko ec3080cba5 Reincarnated removed (by mistake) test for SplitAction 2013-02-17 17:21:03 -05:00
Yaroslav Halchenko 2312b1d950 ENH: made log messages while parsing files more informative + test for inaccessible file (Closes: gh-24) 2013-02-17 17:19:09 -05:00
Steven Hiscocks ce3ab34dd8 Added ability to specify PID file 2013-02-17 22:14:01 +00:00
Yaroslav Halchenko 5c9a9b1129 Merge remote-tracking branch 'github_kwirk_fail2ban/upstream#24' into _tent/conf_d 
Merge is done with -X ours -- since I have implemented more generic handling
for config files, including now the ones under .d/ subdirectories.

* github_kwirk_fail2ban/upstream#24:
  Fix up for warning/error for inaccessible config files
  Warn if config file present but unreadable
 2013-02-17 17:05:30 -05:00
Yaroslav Halchenko 9ba27353b6 NF: allow customization configuration under corresponding .d directories (Closes gh-114) 
Additional changes:
  ENH: make basedir for Config's a kwarg to the constructor
  ENH: improved analysis/reporting on presence/accessibility of config
       files.  Got carried away and forgot about existing  work done by
	   Steven Hiscocks in the gh-115 -- will merge it in the next
       commit for the fair ack of his work

Now for any X.conf configuration file we have following ways to
provide customizations

  X.local -- read after .conf (kept for backward compatibility)
  X.d/ -- directory to contain additional .conf files, sorted
               alphabetically, e.g
  X.d/01_enable.conf       - to enable the jail
  X.d/02_custom_port.conf  - to change the port

X could be a 'jail' or 'fail2ban' or any other configuration file in
fail2ban.

Mention that all files still must contain the corresponding sections
(most of the time duplicating it across all of them).
 2013-02-17 17:03:23 -05:00
Daniel Black 47b1ee39d8 add blocking type 2013-02-17 12:44:15 +11:00
Yaroslav Halchenko 8cf006827e BF: remove path from grep call in sendmail-whois-lines.conf Closes: gh-118 2013-02-12 08:48:05 -05:00
ArndRa 6cd358ee95 Update config/filter.d/sogo-auth.conf 
Comment line in the top altered to fit file name. My local file was named differently...
 2013-02-12 10:45:37 +01:00
Yaroslav Halchenko 6004fe7a94 just trailing spaces in setup.py 2013-02-11 16:17:52 -05:00
ArndRa 35bf84abad Create sogo-auth.conf 
Regexp works with SOGo 2.0.5 or newer, following new feature implemented here: http://www.sogo.nu/bugs/view.php?id=2229
 2013-02-11 08:19:48 -08:00
ArndRa 52f952e645 Update config/jail.conf 
Update to use the new sogo-auth filter
 2013-02-11 17:14:29 +01:00
Yaroslav Halchenko f8983872ad BF: return str(host) to avoid spurious characters in the logs (Close gh-113) 
thanks to opoplawski@github
 2013-02-01 16:24:04 -05:00
Yaroslav Halchenko 5f2d3832f7 NF: roundcube-auth filter (to close Debian #699442, needing debian/jail.conf section) 2013-01-31 14:41:34 -05:00
Steven Hiscocks 9c2e0cbbc8 Fix up for warning/error for inaccessible config files 2013-01-31 18:36:23 +00:00
Steven Hiscocks bf5f46c3d5 Warn if config file present but unreadable 2013-01-30 19:57:03 +00:00
Yaroslav Halchenko d561a4c2bb BF: do not rely on scripts being under /usr -- might differ eg on Fedora -- rely on import of common.version (Closes gh-112) 
This is also not ideal, since if there happens to be some systemwide common.version -- we are doomed

but otherwise, we cannot keep extending comparison check to /bin, /sbin whatelse
 2013-01-28 09:54:12 -05:00
Yaroslav Halchenko acab23bdfe RF: move exceptions used by both client and server into common/exceptions.py 
this prevents importing of server while operating with client only
 2013-01-28 09:46:50 -05:00
Yaroslav Halchenko f8c8a5583e Merge remote-tracking branch 'gh-yarikoptic/master' 
* gh-yarikoptic/master:
  BF: pyinotify - use bitwise op on masks and do not try tracking newly created directories
 2013-01-26 12:36:49 -05:00
Yaroslav Halchenko c900c08eed Merge pull request #111 from opoplawski/nonettest 
Initial support for --no-network option for fail2ban-testcases (Closes gh-110)
 2013-01-25 16:45:01 -08:00