ac1729e473
Merge pull request #1620 from fail2ban/close-gh-1120
...
jail.conf: added `knocking_url` filter-parameter of `pass2allow-ftp`...
2016-11-25 19:29:10 +01:00
4f5389fee5
Update jail.conf
2016-11-24 19:30:10 +01:00
f46ada023e
Use Fedora's backend-settings for openSUSE
...
Those settings are ok for newer openSUSE versions
2016-11-22 09:03:54 +01:00
b5433f48b7
amend after code review of merge gh-1581
2016-11-11 11:09:46 +01:00
bee6e7376b
Merge branch 'aclindsa:master'
2016-11-11 10:58:40 +01:00
dab5f56609
Merge branch 'fix-gh-1477'
2016-11-11 10:17:07 +01:00
4e252be76f
Update FILTERS
...
closes #1591
2016-10-25 11:01:32 +02:00
7805f9972d
filter.d/sshd.conf: Match 'Invalid user' with 'port \d*'
2016-10-15 15:52:19 -04:00
5502e47486
Merge pull request #1579 from sebres/fix-gh-1578
...
filter.d/sendmail-reject.conf: double space (should be by missing dns-host only)
2016-10-15 13:18:52 -04:00
519e355bf2
ChangeLog entry added
2016-10-15 14:59:36 +02:00
84c3eb3e0e
filter.d/sendmail-reject.conf: double space (should be by missing dns-host only)
...
Closes #1578
2016-10-15 14:53:45 +02:00
15dc2db8bb
Merge pull request #1498 from ahpnils:npf to master:
...
This new action files adds support for the NPF packet filter, available on NetBSD since version 6.0.
Closes #1498
2016-10-13 19:00:54 +02:00
f7df6026a3
Update Changelog to reflect the new np.conf action
2016-10-13 18:53:16 +02:00
d08db22b92
Create npf.conf for the NPF packet filter
...
This file adds support for the NPF packet filter, available on NetBSD since version 6.0
2016-10-13 18:50:54 +02:00
8e3e333d54
Update ChangeLog
2016-09-27 14:17:45 +02:00
d9e1a4f547
Merge pull request #1556 from szepeviktor/master
...
Monit config: scripting is not supported in path
2016-09-27 14:16:52 +02:00
a406c6eb3a
By the author:
...
> Yes, scripting is not supported in path.
https://bitbucket.org/tildeslash/monit/issues/372/webadmin-shows-only-the-first-part-of#comment-27946048
2016-09-22 20:29:26 +00:00
28e286cd2d
Merge pull request #1551 from fail2ban/sebres-patch-fips-gh-1540
...
filter.py: FIPS compliant fix (use sha1 instead of md5 if not allowed)
2016-09-21 09:35:25 +02:00
0f1d1a0d4d
ChangeLog: FIPS compliant
2016-09-21 09:22:18 +02:00
1071db2256
filter.py: easy-fix to use sha1 instead of md5 if its usage prohibited by some systems following strict standards (like FIPS)
...
closes gh-1540
2016-09-20 00:00:26 +02:00
fad953ade6
Merge pull request #1544 from sebres/fix/vsftpd-gh-1543
...
filter.d/vsftpd.conf: optional reason part in message after FAIL LOGIN
2016-09-09 20:39:51 +02:00
9fb167b5e1
filter.d/vsftpd.conf: optional reason message after FAIL LOGIN, closes #1543
2016-09-09 09:20:15 +02:00
7ac9890bf6
forgotten obsolete code removed
2016-09-06 16:51:06 +02:00
51fd9a1027
amend to activate performance-fix (respect findtime before search of match) + code coverage
2016-09-06 16:33:16 +02:00
57458a462e
allow to set default or preferred encoding for other filters (e.g. to decode bytes from journal)
...
# Conflicts:
# fail2ban/server/filter.py
2016-09-06 15:26:10 +02:00
3119f81705
fixed journal systemd ascii/utf-8 default converting (see gh-1341, gh-1344)
2016-09-06 15:25:59 +02:00
f6258c7b69
Merge branch 'rf-exc'
...
* rf-exc:
RF: Replace old fashioned "except E , e" with "except E as e" (Closes #1537 )
2016-09-06 08:16:40 -04:00
b875e51cd7
RF: Replace old fashioned "except E , e" with "except E as e" ( Closes #1537 )
2016-09-04 23:25:09 -04:00
564b696530
Merge branch '_0.9/systemd-journal-path-gh-1408'
2016-09-01 16:18:53 +02:00
5f35b52b9a
test cases extended
...
several test-case functionality cherry picked from 0.10 (SkipTest, with_tmpdir)
2016-09-01 16:17:06 +02:00
35b5fea038
backend "systemd" can be used as prefix now - `backend = systemd[...]`
2016-09-01 16:17:04 +02:00
7ed6cab120
jail configuration extended with new syntax to pass options to the backend (see gh-1408),
...
examples:
- `backend = systemd[journalpath=/run/log/journal/machine-1]`
- `backend = systemd[journalfiles="/run/log/journal/machine-1/system.journal, /run/log/journal/machine-1/user.journal"]`
- `backend = systemd[journalflags=2]`
2016-09-01 16:17:02 +02:00
1c4733ef89
[systemd] added new constructor parameters like journalpath, journalfiles and journalflags for systemd backup
...
optimized FilterSystemd method `run`: better wait in idle (no busy-loop), better poll handling, the ban will executed anywhere (at least at 100th log-entry), also if we have never ending logging in this jail (e.g. extremely logging or too many failures)
systemd test cases extended
2016-08-24 20:55:06 +02:00
0ab042fcce
Merge pull request #1522 from sebres/fix-asterisk-log-prefix
...
filter.d/asterisk.conf: another part ` chan_sip.c:28468 handle_request_register:` (without `in`) in log prefix
2016-08-23 11:18:59 +02:00
4a1d720344
filter.d/asterisk.conf: another part ` chan_sip.c:28468 handle_request_register:` in log prefix
2016-08-22 14:10:50 +02:00
2c54f90469
sshd-filter: better universal regexp, that matches more complex different injects, using conditional expressions (on username and auth-info section), see new test cases also.
2016-08-19 10:19:12 +02:00
a544c5abac
sshd-filter: recognized "Failed publickey for" now (gh-1477) + improved regexp (not anchored now to recognize all "Failed anything for ... from <HOST>"
...
ChangeLog entry added
2016-08-18 21:38:55 +02:00
f61aa3225c
Merge pull request #1512 from sebres/_fix/datepattern-right-word-boundary
...
Fix ambiguous wrong recognized date pattern resp. its optional parts
2016-08-15 20:04:33 +02:00
9935cf19c1
description provided, ChangeLog entries added
2016-08-15 19:54:11 +02:00
0bdee2556f
testAmbiguousDatePattern rewritten with DateDetector/DatePatternRegex directly (moved to misctestcase.py)
2016-08-15 19:35:11 +02:00
8e09be5fc8
test cases for boundaries for date-pattern extended (negative/positive, left/right)
2016-08-15 18:53:35 +02:00
7f55be3fad
amend to b6bb2f88c1dbb111647269590d80d95f72c81c3e: datepattern right word boundary - prevents confusions if end of date-pattern (e.g. optional year part) misleadingly match not date values (see gh-1507)
...
test cases extended to check ambiguous "unbound" patterns in log lines (match/miss resp. positive/negative cases)
2016-08-15 16:51:55 +02:00
c49fe12f70
fix fail2banregextestcase using setUpMyTime/tearDownMyTime: always use correct static time as base-time (using mock up MyTime), correct datetimes inside test
2016-08-15 12:57:39 +02:00
42b5a10f5d
Back-port pull request #1508 from sebres/_fix/python-executable-gh-1506 to master (0.10 -> 0.9)
2016-08-12 18:42:54 +02:00
cb340db220
ChangeLog entry for gh-1508
2016-08-12 18:37:46 +02:00
db30b7ce06
BF: prefer sys.argv[0] by retrieving of root resp. bin path: __file__ seems to be overwritten sometimes on some python versions (e.g. bug of 2.6 by running under cProfile, etc.)
2016-08-12 17:59:27 +02:00
6cdc1ce685
compatibility fix (virtualenv, running test cases in py3)
...
# Conflicts:
# MANIFEST
2016-08-12 17:59:24 +02:00
38d53a72fd
introduces new command "fail2ban-python", as automatically created symlink to python executable, where fail2ban currently installed (resp. its modules are located);
...
fixed pythonic filters and test scripts (running via "fail2ban-python" now);
fixed test case "testSetupInstallRoot" not for default python (also using direct call, out of virtualenv);
# Conflicts:
# config/filter.d/ignorecommands/apache-fakegooglebot
# fail2ban/tests/files/config/apache-auth/digest.py
# fail2ban/tests/files/ignorecommand.py
# fail2ban/tests/misctestcase.py
2016-08-12 17:58:37 +02:00
9d70c49ea8
BF: install doc files only under Linuxes and other GNU systems ( Closes #1233 ) ( #1503 )
2016-08-09 12:49:40 +02:00
123f4ceaee
Changelog for postfix-sasl fix
2016-08-08 17:11:07 -04:00
Serg G. Brester