github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
4,833 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

4833 Commits (a462966cf6fe8a55f8af4c4250a939d635f41011)

Author SHA1 Message Date
sebres a462966cf6 Merge branch '0.10' into 0.11 2018-09-27 13:13:28 +02:00
sebres 6067579464 Fixed action parameter `timeout`: it is a time (integer), so avoid to convert it to string (for replacement); fix substituteRecursiveTags using auto-convert to string. 
Closes gh-2241.
 2018-09-27 12:51:57 +02:00
sebres 17da4943df use short log-names for special pure numeric log-level (e.g. "Level 25" could be truncated by short formats) 2018-09-26 21:00:51 +02:00
sebres 6b52f90ad6 Merge branch '0.10' into 0.11 2018-09-21 15:54:16 +02:00
sebres 2a4c47ea32 .travis.yml: coveralls doesn't support python 2.6 now 2018-09-21 15:31:37 +02:00
sebres 58b510a5be filter.d/domino-smtp.conf: 
- recognizes failures logged using another format (something like session-id, IP enclosed in square brackets);
  - failregex extended to catch connections rejected for policy reasons (gh-2228);
 2018-09-21 14:14:00 +02:00
sebres 8a0c06ba9e Merge branch '0.10' into 0.11 2018-09-14 11:01:40 +02:00
sebres 08f3f12f10 fix sporadic test-cases fails: change debug transmitter-message (sometimes confused with expected "Server ready" of server), better syntax for internal subst _use_flush; 2018-09-14 10:59:59 +02:00
sebres d01fe9d22a action.d/*.conf: correct comments for actionstart/actionstop 2018-09-12 16:01:57 +02:00
Sergey G. Brester 5b0c3e75d3
Merge pull request #2189 from yarikoptic/bf-initd-exit 
debian-initd: exit with non-0 if fail, account that 255 is "Ok" exit code, use 255 explicitly instead of -1
 2018-09-06 13:54:16 +02:00
sebres 714fd8c915 Merge branch '0.10' into 0.11 2018-08-14 16:01:00 +02:00
sebres e392f510e2 fix sporadic time-related (multi-threaded) assertion errors (message was not found in the log). 2018-08-14 15:37:23 +02:00
Sergey G. Brester ee207d8c31
Merge pull request #2151 from benrubson/merge 
Apache SNI error / misredirect attempts rules are combined in one regex
 2018-08-14 14:56:49 +02:00
Ben RUBSON 77b35b8db7
Improvement 2018-08-14 14:07:32 +02:00
sebres addd26ae55 Merge branch '0.10' into 0.11 2018-08-14 11:13:15 +02:00
sebres e2a255d104 fixed typo in comments by "ignoreself" parameter 2018-08-14 11:11:19 +02:00
sebres 606761b3c7 Merge branch '0.10' into 0.11 2018-08-03 12:06:13 +02:00
sebres 6ad9bb56a0 Update ChangeLog 2018-08-03 12:05:40 +02:00
sebres e995d5a0b6 filter.d/freeswitch.conf: provide mode parameter, allows to avoid matching of messages like `auth challenge (REGISTER)` (see gh-2163) (currently `extra` as default to be backwards-compatible), see comments in filter how to set it to mode `normal`. 2018-08-03 11:42:15 +02:00
sebres bc2dbacc9a filter.d/freeswitch.conf: provide compatibility for log-format from gh-2193: 
- extended with new default date-pattern `^(?:%%Y-)?%%m-%%d[ T]%%H:%%M:%%S(?:\.%%f)?` to cover
    `YYYY-mm-dd HH:MM::SS.ms` as well as `mm-dd HH:MM::SS.ms` (so year is optional);
  - more optional arguments in log-line (so accept [WARN] as well as [WARNING] and optional [SOFIA] hereafter);
 2018-08-03 11:22:30 +02:00
Yaroslav Halchenko ae359f6f05 BF: $value not $code 2018-07-24 14:29:43 -04:00
Yaroslav Halchenko 298f2c066a BF: account that now code 255 is the one to say "it is Ok, we are already running/stopped" 2018-07-24 13:24:29 -04:00
Yaroslav Halchenko f323eceec7 BF: debian-initd, exit with exit code in logend_msg_wrapper 
and do it unconditionally on the verbosity level
 2018-07-24 13:24:29 -04:00
Yaroslav Halchenko d9b9b6ba22 RF: exit codes are positive, so exit(255) instead of exit(-1) 2018-07-24 13:24:24 -04:00
sebres eb1156b099 Merge branch '0.10' into 0.11 2018-07-18 15:57:39 +02:00
sebres 22d37cdce2 sshd: fixed failregex for ddos (resp. aggressive) mode, to cover "authenticating user" case in log-message: 
Connection closed by authenticating user root 192.0.2.10 ... [preauth]
tests extended (also with few injection tries).
closes gh-2185.
 2018-07-18 15:31:04 +02:00
sebres 64d9e164cf extends samples test-case factory to see the matched regex number and expression in assert message (helps if some similar regexp's available in filter) 2018-07-18 15:30:06 +02:00
sebres d92381aaa9 fail2ban-regex: ignore lines having not empty match of `<F-NOFAIL>` from failregex (not a failure, so count as ignored and not as matched). 2018-07-18 15:23:56 +02:00
sebres 6a81cc9d8c Merge branch '0.10' into 0.11 2018-07-17 15:18:44 +02:00
sebres 8fe07e29ad filter.d/dovecot.conf: failregex enhancement to catch disconnected with "proxy dest auth failed"; 
closes gh-2184
 2018-07-17 15:06:42 +02:00
sebres 4c18a04439 Merge branch '0.10' into 0.11 2018-07-11 13:22:48 +02:00
sebres 94ffd00328 fixes initialization bug if sys.stdout.encoding is None (closes gh-2177). 2018-07-11 13:21:53 +02:00
sebres d65d7fd4d0 Merge branch '0.10' into 0.11 2018-07-10 20:04:48 +02:00
Sergey G. Brester cc321b78da
Merge pull request #2176 from sebres/ignore-cache 
Introduces cache for ignore-facilities (for `ignoreip`, `ignoreself` and `ignorecommand`)
 2018-07-10 19:31:50 +02:00
sebres f8f01d5ab7 introduced new option `ignorecache` to improve performance of ignore failure check (using caching of `ignoreip`, `ignoreself` and `ignorecommand`) 2018-07-09 14:58:39 +02:00
sebres 9b6d17d07e extend `ignorecommand` to use actions-similar replacement (ticket-based now, so capable to interpolate all possible tags) 2018-07-09 13:01:16 +02:00
sebres 57f2d9e31c Merge branch '0.10' into 0.11 2018-07-06 18:06:54 +02:00
Sergey G. Brester 11c1bf0149
Update ChangeLog 2018-07-06 18:05:59 +02:00
Daniel Dương a719ba81e9 Fix cymru reference link 2018-07-06 17:50:51 +02:00
sebres d9b9bb5f40 Merge pull request #2125 from jodlajodla/0.11 (rebased) 2018-07-06 17:43:30 +02:00
sebres 1e44b3f085 systemd no cover (currently unsupported by travis) 2018-07-06 17:42:28 +02:00
Jan Sušnik 54a04b3a6a Fixed data type of journal flags from str to int 2018-07-06 17:32:34 +02:00
Jan Sušnik df33322f9f Added test to prove bug when specifying journal flags to systemd backend 2018-07-06 17:32:32 +02:00
Sergey G. Brester 75330568d9
Merge pull request #2168 from dpavlin/dovecot-add-F-USER 
dovecot: collect F-USER and variants
 2018-07-06 17:16:43 +02:00
sebres f7962469a9 Merge pull request #2173 from mattsta/fix/findtime-backsearch-on-file-load (rebased) 2018-07-06 17:11:35 +02:00
sebres 1eb93e2556 filter.py: repair start-time of initial seek to time (regardless the position of `findtime` option in config); 
jailreader.py: additionally relocate the option `logpath` after all log-related data (backend, date-pattern, etc) that may be needed by the first usage (gh-2173).
Thanks to Matt Stancliff (mattsta)
 2018-07-06 17:04:10 +02:00
Matt Stancliff 00a0e98041 Load logpath only after findtime is configured 
When new log paths are configured, their start offset is immediately determined
by a filter searching for (now - findTime).
But, since findTime is configured *after* the log is loaded and
searched, logs are only searched back by the default 10 minute findTime,
regardless of user configuration of jail settings.

So, findTime must be configured before logpath or else the default findtime
is used, which ignores any findtime time defined by the user.

This fixes new reads on startup for actual log files. The systemd filter
always performed as expected due to being setup after the jail's
findtime config submission.
 2018-07-06 16:42:36 +02:00
sebres 6e40cb12ab fix ban-time correction of restored tickets, could be set to persistent (-1) if increment allowed and no maxtime was specified. 2018-07-06 15:53:42 +02:00
sebres 9de1657aab Merge branch '0.10' into 0.11 2018-07-06 11:43:56 +02:00
sebres 857d6954c4 Merge pull request #2171 from sebres/0.10-fix-decoding-issues 2018-07-06 11:42:48 +02:00