d03872fbbf
bulk unban: add new command `actionflush` default for several iptables/iptables-ipset actions (and common include):
...
iptables-common
iptables
iptables-allports
iptables-multiport-log
iptables-multiport
iptables-new
iptables-ipset-proto4
iptables-ipset-proto6
iptables-ipset-proto6-allports
executing `actionflush` command covered for this actions now
2017-03-29 23:24:11 +02:00
8bf79fa483
implemented execution of `actionstart` on demand, if action depends on `family` (closes gh-1741);
...
new action parameter "actionstart_on_demand" (bool) can be set to prevent/allow starting action on demand (default retrieved automatically, if some conditional parameter `param?family=...` presents in action properties);
2017-03-29 17:44:15 +02:00
d79267c424
Updated xarf-specification repo URL in xarf action
2017-03-14 20:47:31 +01:00
d042981954
Merge pull request #1655 from ajcollett/0.10
...
Added config for AbuseIPDB
2017-03-09 15:15:26 +01:00
b1f5ac9484
Update abuseipdb.conf
2017-03-09 13:33:11 +01:00
6a2c95da95
`action.d/sendmail-geoip-lines.conf` fixed using new tag `<ip-host>` (dns-cache and without external command execution);
...
changelog updated;
2017-03-08 16:51:08 +01:00
d2a3d093c6
rewritten CallingMap: performance optimized, immutable, self-referencing, template possibility (used in new ActionInfo objects);
...
new ActionInfo handling: saves content between actions, without interim copying (save original on demand, recoverable via reset);
test cases extended
2017-02-24 11:54:24 +01:00
2fa18a74c4
Merge branch 'master' into master
2017-02-17 09:06:09 +01:00
4bf09bf297
provides new tag `<ip-rev>` for PTR reversed representation of IP address;
...
[action.d/complain.conf] fixed using this new tag;
2017-02-16 13:38:20 +01:00
861ce4177c
#1689 : Make lowest rule number in action.d/bsd-ipfw.conf configurable
2017-02-14 18:31:42 +01:00
58c68b75f0
Remove double-quotes from email addresses
2017-02-08 14:16:13 +01:00
1bcf0de7c1
Update complain.conf
2017-02-07 21:39:46 +01:00
901eeff53d
Make Abusix lookup compatible with Dash
2017-02-06 22:04:36 +01:00
e8a1556562
Merge remote-tracking branch 'master' into 0.10
...
# Conflicts:
# fail2ban/tests/samplestestcase.py
2017-01-21 16:59:41 +01:00
1fe554dd25
Introduced Citrix Netscaler action
2017-01-19 14:30:25 +01:00
74a6afadd5
Mail-actions switched to use new option "norestored" instead of checking of variable `restored` during shell execution (prevents executing of such actions at all).
2017-01-16 09:40:48 +01:00
ee3c787cc6
Recognize restored (from database) tickets after restart (tell action restored state of the ticket);
...
Prevent executing of several actions (e.g. mail, send-mail etc) on restart (bans were already notified).
Test cases extended (smtp and by restart in ServerReloadTest).
Closes gh-1141
Closes gh-921
2017-01-13 19:06:17 +01:00
c9f32f75e6
Merge branch '0.9-fix-regex-using-journal' into 0.10-fix-regex-using-journal (merge point against 0.9 after back-porting gh-1660 from 0.10)
2017-01-10 11:25:41 +01:00
1c41390f7c
Restructured the way the catagories work.
...
Jail.conf is cleaner and abuseipdb.conf is more flexible.
2017-01-08 09:26:11 +02:00
55e107310f
Added config for AbuseIPDB, ony tested on Ubuntu 16.04
2017-01-07 14:24:54 +02:00
81c1810f10
Introduce Cloudflare API v4
...
In the cloudflare action everyone is suggested to use API v4.
And I don't dare to contribute any actual change.
2016-12-31 21:30:57 +01:00
3adc16d266
Shorewall IPv6 suggested changes.
...
Change files as suggested by sebres.
2016-12-12 20:53:58 +01:00
31a1560eaa
minor typos (thanks Vincent Lefevre, Debian #847785 )
2016-12-11 15:13:11 -05:00
6e18508a07
Add shorewall IPv6 support
...
Small patch which allow fail2ban to use shorewall for IPv6 bans.
2016-12-11 20:44:54 +01:00
a2af19c9f0
fixed several actions, that could not work with jails using multiple logpath; additionally repaired execution in default shell (bad substitution by `${x//...}` executing in `/bin/sh`);
...
added helper "action.d/helpers-common.conf", and `_grep_logs` part-command for actions needed grep logs from multiple log-files
test cases: executing of some complex actions covered
2016-11-25 19:27:26 +01:00
c809c3e61e
Merge branch 'master' into 0.10
2016-10-13 19:01:13 +02:00
d08db22b92
Create npf.conf for the NPF packet filter
...
This file adds support for the NPF packet filter, available on NetBSD since version 6.0
2016-10-13 18:50:54 +02:00
8b0f6c5413
badips test cases check availability of badips service (and skip this tests if it not available)
2016-09-30 12:03:27 +02:00
d71a525a85
Merge branch 'master' into 0.10 (resolve conflicts and cleaning tree points after back-porting gh-1508 0.10 -> 0.9)
2016-08-12 18:51:56 +02:00
c0994b0c6c
DOC: minor typo (thanks John Bernard) Closes #1496
2016-08-04 10:23:05 -04:00
af8b650a37
badip timeout option introduced, set to 30 seconds in our test cases ( #1463 )
...
cherry-picked from 0.10 (little bit modified in test_badips.py, because no --fast option in test cases)
2016-06-13 12:56:53 +02:00
e39126f630
badip timeout option introduced, set to 30 seconds in our test cases
2016-06-10 13:15:46 +02:00
0fdc56546f
Fixed misunderstanding of port in (ban)action: port will be always specified in jail config ([DEFAULT] or jail)
2016-05-19 17:45:41 +02:00
1ebc3facb1
BF: maintain previous default beh for pf -- ban a port (ssh) only
2016-05-19 17:14:33 +02:00
4d51c591c1
pf.conf: warranted consistently echoing for the pf actiontype if actiontype or multiport tags will be customized;
2016-05-19 14:50:41 +02:00
b5e031f3c3
some documentation for multiport use in pf.conf
2016-05-17 21:32:21 +02:00
1e7fd26f5f
rename `actionoptions` to `actiontype` in pf-action (multiport) + fixed test cases
2016-05-17 20:51:12 +02:00
e74047ae49
revert to common config for PF covering multi and allports
2016-05-17 18:19:40 +02:00
3e1328c83b
split PF config files between all- and multi port
2016-05-17 18:19:27 +02:00
0c44ecfc77
action.d/firewallcmd-ipset.conf: different name of the match set's for IPv4/IPv6, using conditional <ipmset>, analog to the iptables-ipset;
...
test cases for 3 firewallcmd extended;
2016-05-14 15:01:35 +02:00
ffebde68e0
Update firewallcmd-multiport.conf
2016-05-13 22:38:36 -04:00
07de83e04a
Update firewallcmd-common.conf
2016-05-13 22:38:10 -04:00
810d5996b5
Update firewallcmd-rich-logging.conf
2016-05-13 22:10:25 -04:00
7e54cee8d6
updated firewallcmd actions
2016-05-13 21:36:27 -04:00
504e5ba6f2
actions support IPv6 now:
...
- introduced "conditional" sections, see for example `[Init?family=inet6]`;
- iptables-common and other iptables config(s) made IPv6 capable;
- several small code optimizations;
* all test cases passed (py3.x compatible);
2016-05-11 16:54:28 +02:00
75028585c0
test cases extended for verifying ipv4/ipv6, normalized pf-action with test case
2016-05-11 16:54:25 +02:00
ed2f3ef77d
improve PF action and make IPv6 aware
2016-05-11 16:54:22 +02:00
3d239215cd
Two new firewalld actions with rich rules for firewalld-0.3.1+ (gh-1367)
...
closes #1367
2016-03-25 17:28:30 +01:00
fe14c8fa05
Merge pull request #1292 from albel727/master
...
Add nftables actions
2016-01-24 23:55:50 +01:00
985e8938a4
Refactor nftables actionstop into smaller parts
2016-01-06 17:39:54 +06:00
9779eeb986
Add nftables_type/family/table parameters
2016-01-06 17:33:14 +06:00
260c30535d
Escape curly braces in nftables actions
2016-01-06 17:13:30 +06:00
1983e15580
Add empty line between parameters in nftables-common.conf
2016-01-06 16:55:29 +06:00
f7f91a8bd4
Refactor common code out of nftables-multiport/allports.conf
2016-01-05 19:03:47 +06:00
69f5623f83
code simplifying (remove duplication): agent will be always supplied as parameter from jail.conf
2016-01-04 09:30:32 +01:00
618e97bce8
Add nftables actions
2016-01-04 01:36:28 +06:00
ac31121432
amend to fix fail2ban-version: correct user-agent for badips.py "Fail2Ban/ver", changeable within jail/config now;
2015-12-31 02:32:17 +01:00
cf334421bd
Provides fail2ban version to jail (as interpolation variable during parse of jail.conf);
...
BF: use `fail2ban_agent` as user-agent in actions badips, blocklist_de, etc. (closes #1271 , closes #1272 )
2015-12-31 01:38:25 +01:00
617302fcc2
Updated route.conf to clear warnings
...
Does not throw warnings when starting/restarting by adding three lines of code.
2015-10-09 18:16:36 -07:00
0d8968daa9
Added CloudFlare API error codes URL
2015-09-30 16:07:45 +02:00
2895d981fa
Set Timeout at urlopen to 3 seconds
2015-09-26 21:26:55 +02:00
c37009aec7
Merge branch 'grep-m1k' of github.com:szepeviktor/fail2ban
...
* 'grep-m1k' of github.com:szepeviktor/fail2ban:
Limit the number of log lines in *-lines.conf actions
Conflicts:
ChangeLog -- took both versions and adjusted the new one
for -n 1000 change
2015-07-27 22:37:46 -04:00
38c320798d
Merge pull request #1127 from yarikoptic/enh-iptables-w-close-1122
...
WIP ENH Add <lockingopt> (Close : #1122 ) and <iptables> to define the iptables call
2015-07-27 22:30:54 -04:00
0041bc3770
DOC: Changelog for shorewall-ipset-proto6.conf + adjusted its description
2015-07-26 23:10:08 -04:00
de2f9504c0
Merge pull request #978 from ediazrod/patch-2
...
shorewall-ipset-proto6.conf for shorewall
2015-07-26 23:00:58 -04:00
65cd218e10
Merge remote-tracking branch 'origin/master'
...
* origin/master:
ipjailmatches is on one line with its description in man jail.conf
Added a space between IP address and the following colon
2015-07-26 22:47:43 -04:00
c8b3ee10a0
Limit the number of log lines in *-lines.conf actions
2015-07-27 02:35:21 +02:00
a19cb1b2b9
Merge 923d807ef8 into cf2feea987
2015-07-25 01:23:39 +00:00
3c0d7f5a4c
BF: do not wrap iptables into itself. Thanks Lee
2015-07-24 11:59:53 -04:00
ebdfbae559
Added a space between IP address and the following colon
2015-07-24 09:33:47 +02:00
749d3c160c
BF: symbiosis-blacklist-allports now also requires iptables-common.conf
2015-07-23 21:53:37 -04:00
916937bb6a
RF: use <iptables> to take effect of it being a parameter
2015-07-23 21:38:10 -04:00
31dc4e2263
ENH: added lockingopt option for iptables actions, made iptables cmd itself a parameter
2015-07-23 21:34:20 -04:00
5b7e1de2f4
Instead of allow-iptables-multiport actions swap blocktype and (new) returntype
2015-07-11 18:20:09 +02:00
5d60700c0c
Added pass2allow (knocking with fail2ban)
2015-07-10 16:22:43 +02:00
8c4c17a880
Merge pull request #1004 from tsabi/fix-lc_time
...
Fix of LC_TIME usage, it should be LC_ALL
2015-07-05 21:36:37 -04:00
fdc3172aec
Fix PEP8 E302 expected 2 blank lines, found X
2015-07-04 13:47:40 -04:00
b65a8b065d
Other actions do not dive into this gory descriptions, but we do.
2015-07-03 19:17:50 +02:00
2063ce4b23
All the arguments must be listed in [Init]
2015-07-01 14:48:44 +02:00
79457112e9
Updated CF action
2015-07-01 09:38:36 +02:00
7ae0ef2408
Fix actions in ufw.conf
...
On Ubuntu 15.04 the ufw action was not working.
- With empty <application>, receiving errors:
2015-04-24 16:28:35,204 fail2ban.filter [8527]: INFO [sshd] Found 43.255.190.157
2015-04-24 16:28:35,695 fail2ban.actions [8527]: NOTICE [sshd] Ban 43.255.190.157
2015-04-24 16:28:35,802 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- stdout: b''
2015-04-24 16:28:35,803 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- stderr: b''
2015-04-24 16:28:35,803 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- returned 1
- With action = ufw[application=OpenSSH], it was silently not doing
anything (no errors after "Ban x.x.x.x", but no IP addresses in ufw
status).
Re-arranged the bash commands on two lines, and it works with or without
<application>.
2015-04-28 11:39:00 -07:00
923d807ef8
use human-readable variable names (issue #1003 )
2015-03-29 18:18:30 +02:00
675c3a7c95
use printf instead of echo for POSIX compatibility (issue #1003 )
2015-03-29 18:08:47 +02:00
ac1e41ea70
Revert "remove '-ne' option as it's not interpreted any way (issue #1003 )"
...
This reverts commit 4a598070c8
2015-03-29 17:54:25 +02:00
4a598070c8
remove '-ne' option as it's not interpreted any way (issue #1003 )
2015-03-28 06:58:01 +01:00
80f11a4d28
Add empty Init Section to pass tests (issue #1003 )
2015-03-27 18:36:09 +01:00
c9b24839e4
Character detection heuristics for whois output via optional setting in mail-whois*.conf ( Closes #1003 )
...
when set by user,
- detects character set of whois output (which is undefined by RFC 3912) via heuristics of the file command
- converts whois data to UTF-8 character set with iconv
- sends the whois output in UTF-8 character set to mail program
- avoids that heirloom mailx creates binary attachment for input with unknown character set
2015-03-27 14:27:41 +01:00
0720c831b7
Fix of LC_TIME usage, it should be LC_ALL
2015-03-26 03:02:02 +01:00
5fdd1d1ded
Update shorewall-ipset-proto6.conf
2015-03-23 00:56:37 +01:00
e26a1ad6b6
Update shorewall-ipset-proto6.conf
2015-03-23 00:55:06 +01:00
56aacf872c
Merge pull request #952 from ache/master
...
Update bsd-ipfw.conf
2015-03-21 21:46:54 -04:00
d0887f3234
This is a especific configuration for shorewall ipset proto6
...
Use ipset proto6 in shorewall. You must follow the rules to enable ipset in you blacklist
if you have a lot of spam (my case) is better use ipset rather than shorewall command line (is my firewall)
stop fail2ban with shorewall on one list of 1000 Ips takes 5 min with ipset in shorewall 10 sec.
2015-02-26 18:48:31 +01:00
e788e3823e
Merge pull request #965 from TorontoMedia/master
...
Split output of firewallcmd list into separate lines for grepping (Close #908 )
2015-02-14 16:06:10 -05:00
b4f1f613bb
Update firewallcmd-allports.conf
2015-02-14 12:32:36 -05:00
0fac7e40b6
Update firewallcmd-multiport.conf
2015-02-14 12:31:33 -05:00
07b0ab07ad
Merge branch 'master' of https://github.com/rumple010/fail2ban
...
* 'master' of https://github.com/rumple010/fail2ban :
Changed default TTL value to 60 seconds.
Added a reminder to create an nsupdate.local file to set required options.
Modified the ChangeLog and THANKS files to reflect the addition of action.d/nsupdate.conf.
add nsupdate action
Conflicts:
ChangeLog
2015-02-14 09:32:05 -05:00
d5e68abf95
ENH: check badips.com response on presence of "categories" in it
...
As https://travis-ci.org/fail2ban/fail2ban/jobs/50609529 query might fail in
that response would not contain "categories". With this change we will handle
it explicitly and will spit out ValueError, providing information about
the response so it could be troubleshooted
2015-02-13 08:55:35 -05:00
ae1451b29f
Update bsd-ipfw.conf
...
Deleting not existent is not error.
Adding already present is not error.
Otherwise all those entries becomes stale forever, not removed and its number increases over time.
2015-02-08 15:55:32 +03:00
549ab24e70
Fixed grammatical error in emails sent
2015-02-06 11:47:03 -05:00
119a7bbb16
Merge pull request #939 from szepeviktor/geoip
...
Added sendmail-geoip-lines.conf
2015-02-06 11:32:41 -05:00
4c88a00c28
Line notes implemented
2015-02-06 17:22:30 +01:00
1619ab3145
Added sendmail-geoip-lines.conf
2015-02-01 00:06:56 +01:00
6bdfe756cf
Changed default TTL value to 60 seconds.
2015-01-28 22:46:43 -05:00
43732acae1
Added a reminder to create an nsupdate.local file to set required options.
2015-01-26 21:48:16 -05:00
085d0f72ed
ENH: use non-UTC date invocation (without -u) and report offset for localzone (%z)
2015-01-26 09:19:44 -05:00
eb76dcd5a0
add nsupdate action
...
Adds a new action file that uses nsupdate to dynamically update a BIND
zone file with a TXT resource record representing a banned IP address.
Resource record is deleted from the zone when the ban expires.
2015-01-25 23:15:07 -05:00
083031524d
BF: adding missing Definition section header to firewallcmd-allports
2015-01-08 21:14:50 -05:00
d7b7f4bc91
Update firewallcmd-allports.conf
2015-01-08 21:06:43 -05:00
7eed55266b
Created firewallcmd-multiport
2015-01-01 12:46:48 -05:00
9f91cb2fd8
Created firewallcmd-allports
2015-01-01 12:44:34 -05:00
50e5fd9ed7
Create firewallcmd-multiport.conf
2015-01-01 05:32:41 -05:00
591e444753
Create firewallcmd-allports.conf
2015-01-01 05:32:06 -05:00
967485c2d0
improving grepping
2014-10-29 23:14:47 -04:00
efbf5064a1
Merge pull request #807 from xslidian/patch-1
...
grep IP at the start of lines
2014-10-29 23:07:10 -04:00
01b2673e34
Use multiport for firewallcmd-new
2014-10-29 16:27:37 -06:00
ba44ff312b
grep IP at the start of lines
...
I'm not sure if this regex works best, so I'm patching this single file as a sample.
Don't forget to update `mail-whois-lines.conf` after this patch got merged.
For the following logs, `grep '[^0-9]199.48.161.87[^0-9]'` will output nothing, while `grep '\([^0-9]\|^\)199.48.161.87[^0-9]'` works:
<pre>199.48.161.87 - - [09/Sep/2014:13:38:54 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:38:56 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:38:58 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:00 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:05 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:05 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:13 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:21 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:32 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:34 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:34 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:34 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:35 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:35 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:35 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com</pre>
2014-09-09 14:55:34 +08:00
0d9cfb84e3
Merge pull request #778 from yarikoptic/enh/symbiosis
...
ENH: symbiosis-blacklist-allports action
2014-08-20 23:00:11 -04:00
93243e7d57
ENH: Ignore errors while unbaning in symbiosis firewall
...
Fail2Ban at times "interfers" with the firewall reflashing thus leading
to the sporadic errors. IMHO should be safe to ignore
2014-08-12 11:57:07 -04:00
818dd59d65
ENH: symbiosis-blacklist-allports action
2014-08-08 11:57:30 -04:00
7b76322898
Fix typos.
2014-08-02 12:21:59 +02:00
6dbd449f77
Changed to Cloudflare JSON API
2014-07-28 11:10:50 -04:00
cba570cabd
Updated comments
2014-07-17 23:49:35 -04:00
5471e99ebe
Added cloudflare action
2014-07-17 22:54:30 -04:00
0adb10f653
Merge branch 'ainfo-copy' of https://github.com/kwirk/fail2ban
...
* 'ainfo-copy' of https://github.com/kwirk/fail2ban :
TST: actions modifying aInfo test more robust
TST: Test for actions modifying (un)ban aInfo
BF: aInfo could be modified by actions, causing unexpected behaviour
2014-06-22 10:53:30 -04:00
65ff3e9604
ENH: Introduce iptables-common.conf.
2014-06-18 19:04:57 +09:00
8268c1641f
BF: aInfo could be modified by actions, causing unexpected behaviour
...
A separate copy of aInfo is passed to each action
2014-06-17 23:24:23 +01:00
1e1c4ac62a
ENH: Add <chain> to iptables-ipsets.
2014-06-16 21:30:13 +09:00
db023be09b
BF: Fix bad syntax in badips.py action
...
Taken from https://bugzilla.redhat.com/attachment.cgi?id=895966&action=diff
2014-06-07 20:51:53 +01:00
596b819bdc
DOC: minor -- tabify docstring in badips.py action
2014-04-23 10:04:17 -04:00
9fcb92524e
BF: badips.py action logging of exc_info on debug typo
2014-04-12 11:21:52 +01:00
3a155ed2e0
Update comments in shorewall.conf for new settings
2014-04-01 16:52:21 +01:00
1c36da9df9
Fix 2 more typos that codespell didn't catch
2014-03-25 10:57:20 +00:00
1695d5c076
Fix a few typos
...
Found with https://github.com/lucasdemarchi/codespell
Signed-off-by: Ruben Kerkhof <ruben@rubenkerkhof.com>
2014-03-24 13:16:52 +00:00
41cbbbc248
BF: Remove unused imports and variables.
...
All highlighted by using pyflakes.
2014-03-16 14:31:34 +00:00
16125ec81a
BF: badips.py action methods not static due to use of self._logSys
2014-03-16 14:18:19 +00:00
9e374b159e
ENH: Allow setting of badips.py key for reporting and blacklisting
2014-03-13 22:45:10 +00:00
de43d1d6d5
ENH: Change badips.py default score to "3"
...
As per recommendation from Amy from badips.com
2014-03-13 22:05:50 +00:00
0222ff4677
Merge branch 'badips-blacklist' into 0.9
...
Conflicts:
ChangeLog
- entires added in both branches.
Change:
config/action.d/badips.py
- jail.getName() changed to jail.name
2014-03-13 20:01:15 +00:00
0c63d0061a
DOC: Add documentation for badips.py action
2014-03-13 19:58:32 +00:00
dfb46cfda6
BF: Require Python 2.7+ for badips.py action
2014-03-12 21:54:15 +00:00
cc8ec826c5
MRG: from master 2014-03-02
2014-03-02 14:33:45 +11:00
df8d700d17
RF: Refactor Jail and JailThread
...
Includes:
- documentation to new format and use of properties
- change isActive->is_active as former no longer documented for
python3, and later introduction and documented in python2.6
- status formatter in beautifier somewhat more automatically
formatted; no changes are required for additional status elements
- JailThread now set to active within `start` method, complimenting
`stop` method
2014-02-23 17:41:14 +00:00
9be22a96a6
Merge pull request #614 from kwirk/complain-abusix
...
BF: Use abusix Abuse Contact DB to get more accurate abuse addresses
2014-02-20 09:17:23 +11:00
cc463aa60d
Merge pull request #620 from kwirk/xarf-tweaks
...
BF: Fix misplaced ";", and duplicate {ip,}matches
2014-02-20 09:16:11 +11:00
a044517cb7
MRG: from master to 0.9 2014-02-20
2014-02-20 08:35:24 +11:00
8c5525163b
BF: Fix misplaced ";", and duplicate {ip,}matches
2014-02-18 15:13:02 +00:00
997729e274
BF: Fix complain action for multiple recipients and misplaced ";"
2014-02-18 15:05:06 +00:00
7c76f7f204
BF: $EUID not avilable in all shells, replaced with `id -u` in xt_recent
2014-02-16 17:56:06 +00:00
2a37ee2fb7
ENH: Add root user check in xt_recent, and add missing actionstop
...
Thanks to Helmut Grohne on IRC for suggestion
2014-02-16 16:52:30 +00:00
5c7630c4be
ENH: Allow separate blacklist category for badips.py action
2014-02-14 17:45:08 +00:00
sebres