github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
2,621 Commits
34 Branches
229 Tags
21 MiB
Commit Graph

2621 Commits (addfea6614ddffe8e1e3b64fd673ec93f90bd8a7)

Author SHA1 Message Date
sebres addfea6614 static method forgotten; 2014-05-15 15:16:53 +02:00
sebres ec3ed0e4ae introduced string to seconds (str2seconds) for configuration entries with time; 
todo: expands it for all time config entries;
 2014-05-14 16:01:35 +02:00
sebres f492aa7ac9 remove affected check, to delete jails always (pass testPurge) 2014-05-14 12:32:30 +02:00
sebres 99c9cbf470 code review, manually ban uses by addFailure the count "maxRetry" directly; 
log ticket time (found in line)
 2014-05-14 12:17:28 +02:00
sebres d22ab320e2 "magic" formula for auto increasing of retry count for known (bad) ip, corresponding banCount of it 
(one try will count than 2, 3, 5, 9 ...)
 2014-05-14 11:21:31 +02:00
sebres 0121e09907 default formula faster and more readable, comparable with "multipliers", like 2**N, default factor for both solutions is 1 now 2014-05-07 13:28:04 +02:00
sebres 7d17fb5c6c python >= 3.x, local variable 'lastBanTime' reference bug fixed 2014-05-06 20:55:41 +02:00
sebres a4837da899 Merge branch 'ban-time-incr' of https://github.com/sebres/fail2ban into ban-time-incr 2014-05-06 20:32:23 +02:00
sebres 3a75c8a752 ban time incr: 2st test case added (code optimized for test cases), to test both stand-alone: 
python ./bin/fail2ban-testcases -l debug 'BanTimeIncr'
 2014-05-06 20:30:12 +02:00
sebres 6c8327e39f indentation level fix 2014-05-06 20:24:49 +02:00
sebres 14167ed778 ban time incr: 2st test case added (code optimized for test cases), to test both stand-alone: 
python ./bin/fail2ban-testcases -l debug 'BanTimeIncr'
 2014-05-06 20:14:23 +02:00
sebres 237706e39f ban time incr: 1st test case added, to test it stand-alone: 
python ./bin/fail2ban-testcases -l debug 'BanTimeIncr'
 2014-05-06 17:57:11 +02:00
sebres c48e404e63 option "multipliers" added, how proposed from @yarikoptic; 
the calculate formula is rewritten to lambda / compiled solution (up to 10 million times per seconds);
code review;
 2014-05-06 16:07:16 +02:00
sebres ccacfc1047 code review 2014-05-05 15:17:22 +02:00
sebres ccf07c4b21 - some bug fixed to pass all test cases; 
- database_v1.db/bans/jail-name bug fixed - cause of different jail name in jails and bans, in test case (by updateDb): FOREIGN KEY constraint failed:
  $ sqlite3 fail2ban/tests/files/database_v1.db
  sqlite> select distinct jail from bans;
  DummyJail #16244880 with 0 tickets
  sqlite> select distinct name from jails;
  DummyJail #29162448 with 0 tickets
  sqlite> update bans set jail = (select distinct name from jails);
 2014-05-05 14:47:50 +02:00
sebres 6f7c9b7d0f introduced new feature "ban time exponential increasing": 
"bantimeextra.enabled" in jail.conf allows to use database for searching of previously banned ip's to increase a default ban time using special formula,
   by default, each next ban it will be original banTime * 1, 2, 4, 8, 16, 32...
see "jail.conf" for some other options of "bantimeextra";
additional we can configure a little randomization of ban time, to prevent "clever" botnets calculate exact time IP can be unbanned.
WARNING: by first start the server upgrades sqlite database (table "bans" will recreated with another schema);
 2014-05-05 12:38:54 +02:00
Steven Hiscocks 7cc64a14e0 BF: fail2ban-regex assertion error caused by miscounted "missed" lines 
Caused when removing lines as part of multiline regex, which had been
previously considered missed.
 2014-04-27 13:27:11 +01:00
Yaroslav Halchenko 596b819bdc DOC: minor -- tabify docstring in badips.py action 2014-04-23 10:04:17 -04:00
Yaroslav Halchenko 64866995b7 Merge pull request #703 from kwirk/journal-match-notice 
Add notice message for systemd backend when no journal match
 2014-04-20 22:32:00 -04:00
Steven Hiscocks a7766d3316 DOC: Add notice message for systemd backend when no journal match 2014-04-20 17:59:41 +01:00
Steven Hiscocks 233aa043f3 Revert "TST: Add Python 3.4 for TravisCI" 
This reverts commit a3f8b943a3.

TravsCI doesn't support 3.4...yet
 2014-04-19 18:39:55 +01:00
Steven Hiscocks a3f8b943a3 TST: Add Python 3.4 for TravisCI 2014-04-19 18:25:59 +01:00
Steven Hiscocks 03d90c2f42 BF: recidive filter and samples at wrong log level: WARNING->NOTICE 2014-04-19 18:07:23 +01:00
Yaroslav Halchenko af07b2edf8 very minor 2014-04-18 23:59:24 -04:00
Yaroslav Halchenko 78c82b3da7 DOC: minor -- added a link to pull requests in CONTRIBUTING 2014-04-17 23:16:41 -04:00
Yaroslav Halchenko 5e179f5dcb TST: skip the test if a known problem with Python 2.6 is detected 
As was original "discovered" while running tests on OSX with python2.6:
http://nipy.bic.berkeley.edu/builders/fail2ban-py2.7-osx-10.6_master/builds/6/steps/shell_2/logs/stdio
 2014-04-17 22:23:20 -04:00
Yaroslav Halchenko 2bc509fcc7 DOC: minor changes just to trigger the build 2014-04-17 14:34:26 -04:00
Yaroslav Halchenko 16077a2771 add .dev to 0.9.0 version 2014-04-17 14:08:43 -04:00
Yaroslav Halchenko e66231f041 ENH(DOC): Move contributions related docs into CONTRIBUTING.md so it pops up when people file PR/issues 
pushing directly without PR to trigger buildbot for master -- please pardon the rush
 2014-04-17 13:19:03 -04:00
Yaroslav Halchenko 3c0d6a77d2 BF: testDatabase -- close and unlink the created test db file 2014-04-17 10:40:37 -04:00
Steven Hiscocks 9d6fc6eca2 ENH: For syslog use SYSLOG_PID over _PID in systemd journal log format 2014-04-16 23:58:00 +01:00
Yaroslav Halchenko c2289bc8fe ENH(TST): relax test of sleep to "1" places from "2" 
The reason is that internally it does round, so even 1.005 then would not
be equal to 1.  Making it spaces==1 should be sufficient for up to 1.05
i.e. we would allow 50ms "drift"
 2014-04-16 15:52:18 -04:00
Steven Hiscocks d4427e5a76 Merge pull request #683 from yarikoptic/fix/682 
Fix typos referencing  paths-common, provide empty defaults for syslog_ log files (Partial fix to #682)
 2014-04-15 17:14:28 +01:00
Steven Hiscocks 1369701f87 ENH: Log trace info for failed action events when in DEBUG 2014-04-12 11:27:05 +01:00
Steven Hiscocks 9fcb92524e BF: badips.py action logging of exc_info on debug typo 2014-04-12 11:21:52 +01:00
Daniel Black 83d0c9c530 Merge pull request #685 from CameronNemo/patch-1 
ENH: Create fail2ban.upstart
 2014-04-12 09:19:59 +10:00
Cameron Norman 5e3f5db8b7 Create fail2ban.upstart 
Add Upstart job.
 2014-04-11 08:50:55 -07:00
Yaroslav Halchenko 8bcb25c3a2 defining empty defaults for syslog_ log targets for common (Thanks @chtheis, partial fix to #682) 2014-04-10 23:17:39 -04:00
Yaroslav Halchenko 7dcea0d48d typos of paths-common (Thanks @chtheis, partial fix to #682) 2014-04-10 23:17:30 -04:00
Daniel Black 0c38e09d3d Merge pull request #681 from ddysher/clean-setup-file 
Clean up setup.py
 2014-04-04 14:58:47 +11:00
Deyuan Deng 5e9619d4a4 Clean up setup.py 2014-04-04 02:54:53 +00:00
Yaroslav Halchenko 5bccec61e4 ENH: adding pruned with previous merge trailing \s* in nginx filter 2014-04-03 21:31:46 -04:00
Yaroslav Halchenko b0a1435ae2 Merge pull request #680 from yungchin/fix_nginx_filter 
nginx-http-auth: match when "referrer" is present
 2014-04-03 21:22:13 -04:00
Yung-Chin Oei 941a38ea8e nginx-http-auth: match when "referrer" is present 
A sample log-line is provided.  The updated regex successfully matches
this line.

Signed-off-by: Yung-Chin Oei <yungchin@yungchin.nl>
 2014-04-04 01:27:39 +01:00
Steven Hiscocks abfa7fa7e3 DOC: Update ChangeLog 2014-04-03 18:47:38 +01:00
Steven Hiscocks 4190113e4b DOC: Fix jail.conf(5) man page which had duplicate {fail,ignore}regex 2014-04-03 18:41:40 +01:00
Steven Hiscocks 100b5e61f5 Merge 'kwirk/config-warnings' (early part) 2014-04-03 18:36:56 +01:00
Steven Hiscocks 629a62f981 Merge pull request #679 from ag4ve/patch-1 
Correct grammar
 2014-04-03 18:30:07 +01:00
shawn d7e888238c Correct grammar 2014-04-03 10:44:49 -04:00
Daniel Black ef186a9ba9 DOC: add thanks for last commit 2014-04-03 21:42:19 +11:00