Commit Graph

44 Commits (b39729a2ab1abea9835fb4f5377c60d56308df9b)

Author SHA1 Message Date
Daniel Black b147270be7 BF: allow processing with empty filter 2013-12-13 11:36:00 +00:00
Daniel Black d74dd31d23 BF: corrected tests for missing jail
Previously tests relied on the missing filter to trigger the conditions
required for a missing jail. We now handle this explicitly.
2013-12-13 10:00:34 +00:00
Daniel Black 3ddf8da76e ENH: ensure filter is defined in jail before its read 2013-12-13 08:45:10 +00:00
Daniel Black c6d14dcf0e TST: complete coverage of splitAction 2013-12-12 20:35:30 +00:00
Daniel Black b18ce122dd BF/ENH: fix error when action doesn't match regex. Document unreachable code. Simplify regex 2013-12-12 20:07:09 +00:00
Daniel Black f84a03d6b5 BF: remove nonreachable parts of code
Glob ensures the file exists so only a check that a missing dangling
symlink needs to be done.

$ ls -la /tmp/f2b-tempq0ipGY/f2
lrwxrwxrwx. 1 dan dan 11 Dec 12 08:42 /tmp/f2b-tempq0ipGY/f2 ->
xisting

In [3]: os.path.exists('/tmp/f2b-tempq0ipGY/f2')
Out[3]: False

In [4]: os.path.lexists('/tmp/f2b-tempq0ipGY/f2')
Out[4]: True
2013-12-12 09:08:42 +00:00
Daniel Black 970fd5d289 BF: ensure dangling symlink error message is reachable
$ ls -la /tmp/f2b-tempq0ipGY/f2
lrwxrwxrwx. 1 dan dan 11 Dec 12 08:42 /tmp/f2b-tempq0ipGY/f2 -> nonexisting

In [3]: os.path.exists('/tmp/f2b-tempq0ipGY/f2')
Out[3]: False

In [4]: os.path.lexists('/tmp/f2b-tempq0ipGY/f2')
Out[4]: True
2013-12-12 08:52:01 +00:00
Yaroslav Halchenko dcaacad7e3 BF: do not pass dangling symlinks to the server to be monitored
This is more of a workaround I guess than a "solution".  Ideally server
should be more clever and allow adding symlinks which eventually might
point to existing file.  But that is probably would be too much complication
for a rare use case.  User on the mailing list informed that then server
does not monitor even other files, thus as a quick workaround -- do not even add dangling links
2013-09-28 22:16:34 -04:00
Yaroslav Halchenko 057f0ad135 ENH: allow_no_files option for jail's convert to allow testing of stock jail.conf 2013-06-21 12:44:37 -04:00
Yaroslav Halchenko 27947407bc ENH: raise an exception if not a single file was found for the jail. Close #63 2013-06-21 11:12:44 -04:00
Yaroslav Halchenko 582d1c5ea5 ENH: remove use of $Revision and $Date SVN tags 2013-05-08 13:59:09 -04:00
Daniel Black 495f2dd877 DOC: purge of svn tags 2013-05-03 16:03:38 +10:00
Yaroslav Halchenko 8fe4e11b67 ENH: allow to force enable all jails (for testing), do not crash for jails without actions (just warn)
also a bit more explicit handling of regexp groups in splitAction
2013-03-26 00:01:12 -04:00
Yaroslav Halchenko 9ba27353b6 NF: allow customization configuration under corresponding .d directories (Closes gh-114)
Additional changes:
  ENH: make basedir for Config's a kwarg to the constructor
  ENH: improved analysis/reporting on presence/accessibility of config
       files.  Got carried away and forgot about existing  work done by
	   Steven Hiscocks in the gh-115 -- will merge it in the next
       commit for the fair ack of his work

Now for any X.conf configuration file we have following ways to
provide customizations

  X.local -- read after .conf (kept for backward compatibility)
  X.d/ -- directory to contain additional .conf files, sorted
               alphabetically, e.g
  X.d/01_enable.conf       - to enable the jail
  X.d/02_custom_port.conf  - to change the port

X could be a 'jail' or 'fail2ban' or any other configuration file in
fail2ban.

Mention that all files still must contain the corresponding sections
(most of the time duplicating it across all of them).
2013-02-17 17:03:23 -05:00
Lee Clemens d73a71f5cf ENH: Add usedns parameter for the jails
following commits were squashed from feature branch use_dns

commit 068c105eb5
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 22:19:04 2012 -0500

    Prevent warning when IP is read from log

commit 635ed36a8c
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 22:17:08 2012 -0500

    Removed logDebug

commit 24656d2812
Merge: 7957fbe c429f5c
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 21:13:11 2012 -0500

    Merge branch 'enh/use_dns' of github:leeclemens/fail2ban into enh/use_dns

    Conflicts:
    	testcases/filtertestcase.py

commit 7957fbe821
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 21:09:58 2012 -0500

    filtertestcase fixes from yarikoptic

commit 6ce9d04640
Author: Yaroslav Halchenko <debian@onerussian.com>
Date:   Tue Jan 10 19:26:05 2012 -0500

    RF: for consistency use_dns -> usedns

    I guess it was might fault of inconsistency suggesting that name.
    Other options/commands do not have _ in the names, so let it be
    consistent with the rest for now

commit cfb2c75b49
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 19:18:41 2012 -0500

    Updated DNSUtilsTests to test use_dns and added positive test to testTextToIp

commit f6186eff14
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 19:02:04 2012 -0500

    Changed wording of 'DNS Reverse lookup used' message

commit 82c62d29dc
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 18:53:17 2012 -0500

    Removed extraneous "n"

commit dc0ae21932
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 23:07:59 2012 -0500

    ENH: use_dns - removed debugging statements

commit 594e25818c
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 22:53:39 2012 -0500

    Added use_dns protocol to set and get per jail during runtime

commit 48ff80ffac
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 22:41:18 2012 -0500

    Completed use_dns for initial startup - with debugging statements

commit 0bdab4c2d7
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 20:05:35 2012 -0500

    ENH: Added use_dns option

commit 6d6b734ea5
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 20:01:34 2012 -0500

    ENH: Added use_dns option

commit 11ad2b6125
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 19:17:30 2012 -0500

    Added useDns flag to testcase

commit b48fa9b6af
Author: Lee Clemens <java@leeclemens.net>
Date:   Sun Jan 8 15:13:27 2012 -0500

    Added use_dns option in jail.conf

commit c429f5c91a
Merge: 4b18afb 0021906
Author: leeclemens <java@leeclemens.net>
Date:   Tue Jan 10 16:32:22 2012 -0800

    Merge pull request #3 from yarikoptic/enh/use_dns

    let's be consistent ;-)

commit 0021906358
Author: Yaroslav Halchenko <debian@onerussian.com>
Date:   Tue Jan 10 19:26:05 2012 -0500

    RF: for consistency use_dns -> usedns

    I guess it was might fault of inconsistency suggesting that name.
    Other options/commands do not have _ in the names, so let it be
    consistent with the rest for now

commit 4b18afb28a
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 19:18:41 2012 -0500

    Updated DNSUtilsTests to test use_dns and added positive test to testTextToIp

commit 4fae37e46f
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 19:02:04 2012 -0500

    Changed wording of 'DNS Reverse lookup used' message

commit e94806ce48
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 18:53:17 2012 -0500

    Removed extraneous "n"

commit 4d30c52907
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 23:07:59 2012 -0500

    ENH: use_dns - removed debugging statements

commit 76696d452a
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 22:53:39 2012 -0500

    Added use_dns protocol to set and get per jail during runtime

commit 0631618087
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 22:41:18 2012 -0500

    Completed use_dns for initial startup - with debugging statements

commit d23d495547
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 20:05:35 2012 -0500

    ENH: Added use_dns option

commit 9538553bc5
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 20:01:34 2012 -0500

    ENH: Added use_dns option

commit ae1e857e53
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 19:17:30 2012 -0500

    Added useDns flag to testcase

commit ace43eb941
Author: Lee Clemens <java@leeclemens.net>
Date:   Sun Jan 8 15:13:27 2012 -0500

    Added use_dns option in jail.conf
2012-01-12 23:23:41 -05:00
Leonardo Chiquitto a7d47e8b36 Update Free Software Foundation's address
The address has changed from "59 Temple Place, Suite 330, Boston,
MA  02111-1307  USA" to "51 Franklin Street, Fifth Floor, Boston,
MA  02110-1301, USA" some time ago.
2011-12-30 12:41:46 -05:00
Yaroslav Halchenko ed6daa70bf ENH: modelines for emacs and vim to assure consistent indentation scheme (tabs) 2011-10-07 15:49:38 -04:00
Yaroslav Halchenko a35e586ac0 BF: use addfailregex instead of failregex while processing per-jail "failregex" parameter (Closes: #635830) (LP: #635036)
patch from Marat Khayrullin received in Ubuntu BTS.  Otherwise custom per-jail
failregex forbidded fail2ban from starting

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@780 a942ae1a-1317-0410-a47c-b1dcaea8d605
2011-07-29 02:08:31 +00:00
Cyril Jaquier 7f37df4a59 - Better (correct) fix for ignoreregex in jail.[conf|local].
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@690 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-05-12 08:34:42 +00:00
Cyril Jaquier 4bc6a93ce2 - Fixed ignoreregex processing in fail2ban-client. Thanks to René Berber.
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@689 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-05-12 08:25:17 +00:00
Cyril Jaquier 331ae7155a - Catch Exception instead of AttributeError.
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@659 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-03-04 23:09:30 +00:00
Cyril Jaquier ce6b8c959e - Removed Python 2.4. Minimum required version is now Python 2.3.
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@635 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-12-16 21:38:04 +00:00
Cyril Jaquier 7719c00d37 - Allow comma in action options. The value of the option must be escaped with " or '. Thanks to Yaroslav Halchenko
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@509 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-01-04 11:58:58 +00:00
Cyril Jaquier b8f0ce7155 - Do not accept empty regular expression
- Do not send an empty string if the option is not defined

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@505 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-12-23 23:20:16 +00:00
Cyril Jaquier 911b2b15fc - Merged "maxtime" with "findtime"
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@470 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-11-18 15:15:58 +00:00
Cyril Jaquier 90359ba523 - Added option "ignoreregex" in filter scripts and jail.conf. Feature Request #1283304
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@458 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-11-12 14:52:36 +00:00
Cyril Jaquier 1f5556981a - Fixed exception if wrong use of ','. Thanks to Yaroslav Halchenko
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@438 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-10-30 23:02:05 +00:00
Cyril Jaquier 71b9fe8fe8 - Fixed some Pylint warnings/errors
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@433 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-10-24 19:40:51 +00:00
Cyril Jaquier dad43027d3 - Fixed multiple IP in "ignoreip". Thanks to Nick Munger
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@420 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-10-19 19:51:59 +00:00
Cyril Jaquier 0fab1bbf01 - Added "backend" option
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@409 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-10-16 19:42:50 +00:00
Cyril Jaquier c5e8bcc7e6 - Allow multiple log paths
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@393 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-10-01 21:19:24 +00:00
Cyril Jaquier 126807dea8 - Made private fields prefixed with "__"
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@368 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-19 20:38:32 +00:00
Cyril Jaquier a618313206 - Added "ignoreip" feature
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@359 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-17 22:01:14 +00:00
Cyril Jaquier e146d07394 - Added wildcards support for "logpath"
- Added "set <jail> addlogpath <path>" and "set <jail> dellogpath <path>"
- Adapted pyunit test

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@354 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-13 21:31:22 +00:00
Cyril Jaquier 46dee1bd9a - Improved checking when parsing the configuration
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@336 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-07 21:00:44 +00:00
Cyril Jaquier f1f12518c8 - Moved "logpath" and "maxtime" to "jail.conf"
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@320 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-04 19:18:57 +00:00
Cyril Jaquier ca5b70cd24 - Fixed a bug with static class members
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@283 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-08-20 22:32:44 +00:00
Cyril Jaquier ad279c9f17 - Fixed bug when adding space between parameters
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@280 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-08-20 21:29:15 +00:00
Cyril Jaquier ec8f620f80 - Improved "action" option handling
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@273 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-08-20 20:38:08 +00:00
Cyril Jaquier 8af85f5c40 - Bug fix: '-', '_' and '.' are valid as action file
- Added a pyunit test

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@266 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-08-06 21:56:01 +00:00
Cyril Jaquier 6d2aa15aa7 - Added property 'svn:keywords'
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@253 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-07-16 22:21:58 +00:00
Cyril Jaquier 7048e19995 - 0.7.0 soon
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@251 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-07-16 21:35:08 +00:00
Cyril Jaquier 12c222bd1c - One step forward to 0.7.0
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@250 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-07-08 16:51:14 +00:00
Cyril Jaquier ea1948eff4 - Initial commit of the new development release 0.7
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@249 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-06-26 20:05:00 +00:00