github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
4,034 Commits
32 Branches
229 Tags
17 MiB
Commit Graph

4034 Commits (a1e9cc552c1f8c2afaed42954b58dc4afc12b70f)

Author SHA1 Message Date
Andrew James Collett 55e107310f Added config for AbuseIPDB, ony tested on Ubuntu 16.04 2017-01-07 14:24:54 +02:00
Yaroslav Halchenko 31a1560eaa minor typos (thanks Vincent Lefevre, Debian #847785) 2016-12-11 15:13:11 -05:00
Yaroslav Halchenko 4a1fd888f0 Carry on development 2016-12-11 00:49:09 -05:00
Yaroslav Halchenko 3605155978 updated man pages 2016-12-09 09:36:08 -05:00
Yaroslav Halchenko 482252dbd4 ENH: prep for 0.9.6 release (as of tomorrow) 2016-12-09 09:35:03 -05:00
Yaroslav Halchenko e550850b9c BF: added missing entires into MANIFEST 2016-12-09 09:34:44 -05:00
Serg G. Brester 556a9373ce Update ChangeLog 2016-11-28 23:40:33 +01:00
Serg G. Brester feae7370ce Update THANKS 2016-11-28 23:19:24 +01:00
sebres 45f1d811c9 Merge branch 'alex1702-1586' 2016-11-28 18:54:02 +01:00
sebres 67c14afd8e ChangeLog entry added + jail.conf review 2016-11-28 18:51:23 +01:00
sebres 425170cef3 code review, makes the test cases workable, added dev-notes 2016-11-28 18:39:07 +01:00
Serg G. Brester 8d9fe5d3da Merge pull request #1583 from sebres/_0.10/fix-datedetector-grave-fix-v2 
0.10/datedetector grave fix
 2016-11-28 17:37:36 +01:00
sebres 8018796b45 wrong indentation (important code-piece in if log-level only) 2016-11-28 17:17:48 +01:00
sebres 39c343bd06 better reorder templates handling, code coverage increase (a small part of _reorderTemplate was not covered at all) 2016-11-28 15:18:31 +01:00
sebres 5d5ab27435 small amend: removed unreachable code + coverage increase 2016-11-28 13:17:36 +01:00
Serg G. Brester f827675822 Merge pull request #1627 from sebres/fix-gh-1626 
Fix gh-1626: one space after ModSecurity
 2016-11-28 12:00:53 +01:00
sebres b8c41dcb49 ChangeLog update 2016-11-28 11:31:51 +01:00
sebres 931eab84b5 `filter.d/apache-modsecurity.conf` 
- fixed for newer version (one space, closes gh-1626)
reviewed and optimized:
  - non-greedy catch-all replaced for safer match
  - unneeded catch-all anchoring removed
  - non-capturing groups
 2016-11-28 11:28:27 +01:00
sebres c06084d7d9 _start_params - fix: symlinks should be absolute paths 2016-11-28 11:04:37 +01:00
sebres 40cbe96352 Merge remote-tracking branch 0.10 into _0.10/fix-datedetector-grave-fix-v2 2016-11-28 11:03:11 +01:00
Serg G. Brester 389ad10344 Merge pull request #1622 from sebres/_0.10/configreader-and-more 
0.10/configreader and more:  substitution `%(param)s` from init block
 2016-11-28 10:08:30 +01:00
Serg G. Brester b8b5907706 Merge pull request #1624 from sebres/fix-gh-1623 
filter.d/dovecot.conf update: ignore additionally irrelevant info in anchored regex before "auth failed"
 2016-11-26 17:07:39 +01:00
sebres 5678d08a79 filter.d/dovecot.conf update: 
- fixes failregex, that ignores failures through some irrelevant info (closes #1623);
- ignores whole additionally irrelevant info in anchored regex before fixed failure data `\((?:auth failed, \d+ attempts( in \d+ secs)?|tried to use (disabled|disallowed) \S+ auth)\)`
- review, IPv6 compatibility fix, non-capturing groups
 2016-11-26 16:50:37 +01:00
sebres ce540554c5 Merge configreader-py3-compat branch into _0.10/configreader-and-more 2016-11-25 20:14:45 +01:00
sebres ec7bb0d6c9 python 3x compatibility fix (positional arguments vs named arguments) 2016-11-25 20:12:49 +01:00
Serg G. Brester ac1729e473 Merge pull request #1620 from fail2ban/close-gh-1120 
jail.conf: added  `knocking_url` filter-parameter of `pass2allow-ftp`...
 2016-11-25 19:29:10 +01:00
sebres a2af19c9f0 fixed several actions, that could not work with jails using multiple logpath; additionally repaired execution in default shell (bad substitution by `${x//...}` executing in `/bin/sh`); 
added helper "action.d/helpers-common.conf", and `_grep_logs` part-command for actions needed grep logs from multiple log-files
test cases: executing of some complex actions covered
 2016-11-25 19:27:26 +01:00
sebres 65abc639cc allow newline in extra init-parameters of action/filter (or interpolation of it), e. g. action[..., logpath="%(logpath)s"] 2016-11-25 16:56:46 +01:00
sebres 097970781c filter/action (and its includes): substitution `%(param)s` may be used now (instead of `<param>`) for init-values specified in jail-configs via `action[param1="...", param2=...]`; 
substitution `<param>` should be used for dynamic interpolation only (todo: review configurations to replace it);
 2016-11-25 16:53:46 +01:00
sebres b856e1dadc Merge pull request #1618 from sebres/_0.10/systemd-service 2016-11-24 20:45:17 +01:00
sebres 308bba448c ChangeLog update 2016-11-24 20:43:55 +01:00
sebres 95dd76b7dd Merge pull request #1619 from sebres/_0.10/skip-wrong-jails 2016-11-24 20:27:40 +01:00
sebres d908688b56 ChangeLog update 2016-11-24 20:25:08 +01:00
Serg G. Brester 4f5389fee5 Update jail.conf 2016-11-24 19:30:10 +01:00
sebres 45174c5eaf if fail2ban running as systemd-service, for logging to the systemd-journal, the `logtarget` could be set to STDOUT 
small fixes by logging in stdout (+ system targets also allowed in lowercase now)
 2016-11-24 12:13:47 +01:00
sebres 1cd67ecaa2 automatically creates /var/run/fail2ban before start fail2ban (systems which /var/run/ is virtual resp. memory mount device) 2016-11-24 11:37:18 +01:00
sebres 7256a5cb8e code review: back to previous code - no skipping in testReadTestJailConf 2016-11-22 17:55:27 +01:00
sebres 8ed5b44bfd no cover for sporadic executed (time-related) code pieces (just to prevent randomly increasing/decreasing of coverage) 2016-11-22 17:38:32 +01:00
sebres fdac44ca58 introduced new option `-t` or `--test` to test configuration resp. start server only if configuration is clean (not skip wrong configured jails if option `-t` specified); 2016-11-22 17:08:44 +01:00
sebres 3e9852d4d2 code review, increase coverage 2016-11-22 14:56:54 +01:00
sebres 4882093a41 test cases extended: cover skipping invalid jail 2016-11-22 14:09:44 +01:00
sebres e52b47d8f5 normalized log output (all jail parameters in filter are indented with 2 spaces) 2016-11-22 13:57:20 +01:00
sebres c6e8c700f7 test cases fixed 2016-11-22 13:57:06 +01:00
sebres 77dc5a334c really skips invalid jails (because of theirs wrong configuration) - server starts nevertheless, as long as one jail was successful configured; 
message about wrong jail configuration logged in client log (stdout, systemd journal etc.) and in server log as error
 2016-11-22 13:23:30 +01:00
sebres 528a7a5abb systemd service update: 
- starting service in normal mode (without forking)
- does not restart if service exited normally (exit-code 0, e.g. stopped via fail2ban-client)
- does not restart if service can not start (exit-code 255, e.g. wrong configuration, etc.)
- service can be additionally started/stopped with commands (fail2ban-client, fail2ban-server)
 2016-11-22 11:14:27 +01:00
Johannes Weberhofer f46ada023e Use Fedora's backend-settings for openSUSE 
Those settings are ok for newer openSUSE versions
 2016-11-22 09:03:54 +01:00
sebres 261f875748 Fixed sporadic tab-replacement (`\n\t` instead of `\n ` by word wrapping) in mime content of smtp-message in test cases, see 
https://github.com/fail2ban/fail2ban/pull/1410#issuecomment-262000804
 2016-11-21 19:06:17 +01:00
Serg G. Brester 44fddc102d Merge pull request #1616 from sebres/fix-1194 
[fix-gh-1194] Fixed misleading errors logged from ignorecommand in success case on retcode 1
 2016-11-21 17:15:16 +01:00
sebres 701abfd250 ChangeLog entry added 
+ indentation fix (space-tab replacement)
 2016-11-21 17:13:43 +01:00
sebres c442569b63 executeCmd: added possibility to select success return codes 
ignorecommand: both return codes (0, 1) are success codes now, so no errors will be logged + test cases extended to check this (and error case)
 2016-11-21 16:35:33 +01:00