github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
1,989 Commits
34 Branches
229 Tags
21 MiB
Commit Graph

1989 Commits (9db44059fd12dcc5cc0b4707837924525676cd9d)

Author SHA1 Message Date
Steven Hiscocks 9db44059fd DOC: Add ip(jail)matches/failures to man page 2013-12-16 23:29:59 +00:00
Daniel Black 772def1095 Merge pull request #491 from kwirk/ipmatches 
ENH: Add <ipmatches> and <ipjailmatches> tags + sendmail implementations
 2013-12-15 14:29:02 -08:00
Steven Hiscocks 802029d83a BF: Database test keep ticket present in memory so address is reused 
This bug only seemed to effect python2.6 which seemed hasty to reuse the
memory id that was assigned to the ticket which was being used for
reference
 2013-12-15 22:20:48 +00:00
Steven Hiscocks fb7511fdea ENH: Add cache for database getBansMerged 
This is avoids duplicate queries when using the ip(jail)matches and
ip(jail)failures in actions
 2013-12-15 21:52:50 +00:00
Steven Hiscocks 40007abc1d ENH: Refactor and add database matches and failures for sendmail actions 2013-12-15 21:41:43 +00:00
Steven Hiscocks d6cbc05e35 ENH: Make use of functools.wraps for server.database decorators 2013-12-15 21:10:11 +00:00
Steven Hiscocks 2deb76e3f9 Merge pull request #492 from grooverdan/abusix-disclaimer 
ENH: full abusix disclaimer in action xarf-login-attack
 2013-12-14 13:35:43 -08:00
Daniel Black 1c6c011154 EHH missed trailing . 2013-12-14 21:22:46 +00:00
Daniel Black 868a4ea470 ENH: full abusix disclaimer in action xarf-login-attack 2013-12-14 21:18:20 +00:00
Steven Hiscocks 66e9f06feb DOC: ChangeLog moved python3 support to refactoring 2013-12-14 17:46:13 +00:00
Steven Hiscocks 06a7b6534e DOC: Correct use of tab to spaces in fail2ban-regex help message 2013-12-14 17:21:56 +00:00
Steven Hiscocks 401d8aba1f DOC: Update ChangeLog with systemd backend and persistent database 2013-12-14 17:20:21 +00:00
Steven Hiscocks 0bcff771b8 ENH: Add <ipmatches> and <ipjailmatches> tags 
Example use filter also added for sendmail-whois with ipmatches rather
than grepped lines
 2013-12-13 22:40:11 +00:00
Steven Hiscocks 6dde1d5429 TST: Fix test for recidive samples broken is last commit 2013-12-13 22:06:58 +00:00
Steven Hiscocks 2c3dbc8046 BF: In 0.9 recidive bans come from fail2ban.server.actions 
Also changed journalmatch to limit to WARNING priority to avoid the
recidive + DEBUG combo issue
 2013-12-13 21:55:43 +00:00
Steven Hiscocks bff170ec43 BF: In line comments need to specifically enabled in python3.2+ 2013-12-13 21:11:45 +00:00
Steven Hiscocks 1df634b68b BF: Database wasn't being passed to jails 2013-12-13 18:25:55 +00:00
Steven Hiscocks f227e4549d DOC: Update MANIFEST with database elements 2013-12-13 17:35:38 +00:00
Steven Hiscocks b7d1579c9d MRG: branch 'kwirk/database' into 0.9 - gh-480 
Conflicts:
	fail2ban/tests/utils.py
        - Another test suite added in separate commit e09b700
 2013-12-13 17:15:19 +00:00
Steven Hiscocks 43689d6470 TST: Appropriately mark JournalMatch transmitter test as skipped 2013-12-13 17:10:42 +00:00
Steven Hiscocks a60fbcc116 Merge pull request #476 from kwirk/multiline-matches 
Capture multiline matched lines into fail ticket
 2013-12-13 08:47:08 -08:00
Steven Hiscocks d9afcc178a MINOR: PEP-8 tweaks for multiline-matches change set 2013-12-13 16:38:26 +00:00
Steven Hiscocks 00ecd22851 ENH: Add getBansMerged method to Fail2BanDb 
Creates a single ticket for an IP, made up of all previous bans
 2013-12-12 22:22:30 +00:00
Steven Hiscocks e18af48e34 ENH: Database now optional, by setting dbfile to "None" 2013-12-10 21:16:36 +00:00
Daniel Black 80df01bf15 Merge pull request #468 from grooverdan/xarf 
ENH: action.d/Xarf reporting of messages
 2013-12-08 14:26:37 -08:00
Steven Hiscocks 174f9a243a ENH: Remove thread locks from Fail2BanDb 2013-12-08 22:03:57 +00:00
Steven Hiscocks 7f063b46f9 BF: Improve handling of clearing old jails in database 2013-12-08 11:40:40 +00:00
Steven Hiscocks d8c7bca9b0 BF: Fix dbpurgeage default value, and change default dbfile extension 2013-12-08 11:35:12 +00:00
Daniel Black 051c2a5f50 Merge pull request #479 from grooverdan/tst-CustomDateFormatsTest 
TST: missed including testcases CustomDateFormatsTest
 2013-12-08 02:40:39 -08:00
Daniel Black b64478c512 TST: iso8601 tests 2013-12-08 20:14:00 +11:00
Daniel Black a37590b3eb BF: Fix ISO8601 regex to handle [+-]XX timezone offsets 2013-12-08 19:36:21 +11:00
Steven Hiscocks d6fe80ba50 TST: Fix test for fail2ban.conf with new database options 2013-12-07 23:37:14 +00:00
Steven Hiscocks bbadef847b ENH: Add fail2ban persistent data storage 2013-12-07 23:23:28 +00:00
Daniel Black e09b7002e0 TST: missed including testcases CustomDateFormatsTest 2013-12-07 12:11:04 +11:00
Steven Hiscocks 60d298d898 BF: fail2ban-regex erroneously reporting multiple regexs had matched 2013-12-04 23:36:45 +00:00
Steven Hiscocks c03a50b44b BF: Allow handle case when SKIPLINES lines is not matched 
Example is when one or more SKIPLINES is optional in a regex
 2013-12-04 23:13:27 +00:00
Steven Hiscocks c886414e2e ENH+BF: Capture multiline matched lines into fail ticket 
Previously only the last line of the match was being saved, not all
lines involved in matching.

Log lines are now broken into 3 part tuple, with the line pre-datetime,
the datetime, and post-datetime. Allows reformation of full line, but
also use of the line without the datetime present.
Attempting to use the term "tupleLine(s)" where possible, to avoid
confusion with normal read lines.

May also wish to consider that regexs could be made to capture more
lines of interest if some form of unique reference is available. This
may allow more lines of interest to be captured, which may not be picked
up by the traditional "grep <ip>" approach i.e. ones which do not have
the ip address in.

This also simplified the fail2ban-regex statistics for missed lines.
Also resolved bug with missed lines time extracted for debuggex having
some lines present which were captured in a multiline regex.
Also resolved independent issue with ignored line check including the
datetime, which raised assertion error in the rare case the datetime
matched the ignore regex, and the rest of line only matched a failregex
 2013-12-04 22:26:22 +00:00
Daniel Black 8aead9ab79 BF: escape quotes when splitting addresses for xarf 2013-12-04 08:19:05 +11:00
Daniel Black 1846056606 DOC: when to use xarf messages to network owner 2013-12-03 20:40:42 +11:00
Daniel Black 8c37d2e4de ENH: remove dependency on querycontacts 2013-12-03 20:34:21 +11:00
Daniel Black bfd435091d ENH: jail examples for xarf-login-attack 2013-12-01 20:29:43 +11:00
Daniel Black dd356c3cef BF: fixed for sendmail and tested the MTA aspects of this action 2013-12-01 19:08:28 +11:00
Daniel Black 9df5f4eec8 BF: remove debugging tee command on xarf-login-attack 2013-12-01 17:53:34 +11:00
Daniel Black 9c1a679b7f DOC: changelog for xarf-login-attack action 2013-12-01 17:51:31 +11:00
Daniel Black d015f7f4fc BF/ENH: fixed so xarf-login-attack works 2013-12-01 17:49:35 +11:00
Yaroslav Halchenko 2c1199cce0 Let's progress and mark a2 release toward 0.9.0 2013-11-30 12:25:17 -05:00
Daniel Black 5cc7173fd4 ENH: add xarf email sender for login-attack type 2013-11-30 14:16:26 +11:00
Daniel Black f7504d5b64 MRG: conflict in THANKS 2013-11-30 10:39:19 +11:00
Daniel Black 4d86a17641 Merge pull request #453 from grooverdan/master_to_0.9 
MRG: merge Master to 0.9
 2013-11-29 15:37:44 -08:00
Daniel Black 04438cd1a1 BF/ENH: mysql jail - rename to mysql-syslog to be consistent with 0.8.13. Add port to syslog defination. Document mysql configuration required for mysql jails 2013-11-30 10:00:59 +11:00