github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
1,283 Commits
34 Branches
229 Tags
21 MiB
Commit Graph

1283 Commits (b5ffbced37b3000aae229f0bcac88029646be4b2)

Author SHA1 Message Date
Steven Hiscocks b5ffbced37 TST: Sample test cases now handle ignoreregex and add recidive samples 2013-07-21 15:31:32 +01:00
Steven Hiscocks e7b7815de3 TST: Add additional sshd sample logs 2013-07-21 15:22:44 +01:00
Steven Hiscocks a11f91b835 ENH: Improve cyrus-imap regex and add extra sample line 2013-07-20 17:28:28 +01:00
Steven Hiscocks 534be189dc ENH: Improve sieve regex and add sample line 2013-07-20 17:26:09 +01:00
Steven Hiscocks d791ba12ba TST: Add sample log for dropbear filter 2013-07-20 16:54:28 +01:00
Steven Hiscocks ab671b0b1a ENH: Improve wuftpd failregex, drop duplicate pam regex and add sample 
For wu-ftpd configured to use pam, the pam filter used be used, as regex
is more robust.
 2013-07-20 16:34:24 +01:00
Steven Hiscocks 57a6c11260 ENH: Improve courierlogin regex and add sample logs 2013-07-20 15:53:18 +01:00
Steven Hiscocks bd175f0267 ENH: Improve cyrus-imap regex and add sample log file 2013-07-20 15:38:29 +01:00
Steven Hiscocks 83a80a29ea ENH: Improve couriersmtp and add sample logs 2013-07-20 15:34:00 +01:00
Steven Hiscocks eb2f0c9272 ENH: Improve postfix regex and add more samples 2013-07-20 15:31:21 +01:00
Steven Hiscocks a012b54117 TST: Add additional postfix filter sample 2013-07-18 22:17:31 +01:00
Steven Hiscocks 2a3a627322 TST: Add sample for sieve regex 2013-07-18 22:17:14 +01:00
Yaroslav Halchenko 60aa44f42d DOC: added a note on commit comments for merges with Conflicts 2013-07-18 14:43:41 -04:00
Steven Hiscocks bf05f2ac95 Merge branch 'filter-failregex-return' 
Conflicts:
	server/filter.py
 2013-07-16 21:17:18 +01:00
Steven Hiscocks ba29f6bef3 DOC: Update doc in reference to changes for sample testcases 2013-07-16 21:11:10 +01:00
Steven Hiscocks c2bdfefb62 DOC: Comment to fail2ban-regex - flagging lines matched multiple regexs 2013-07-16 20:58:44 +01:00
Yaroslav Halchenko e4d759ac94 Merge pull request #283 from yarikoptic/master 
Roundcube failregex -- anchor at the beginning as well + mandate <HOST> to end with alphanumeric
 2013-07-16 12:49:25 -07:00
Yaroslav Halchenko 90ec82669c DOC: changelog entries for preceeding changes 2013-07-16 15:10:41 -04:00
Yaroslav Halchenko f6a8a04cf3 ENH: roundcube-auth - adopt for current format with trailing error message. thanks @kwirk for the review/feedback 
I also used non-greedy .*? for the login portion since not sure if space could
be there and trying to minimize possibility of reacting on injected "from
<HOST>" somewhere within the trailing .*
 2013-07-16 15:07:32 -04:00
Yaroslav Halchenko 0a02cfe9e8 ENH: <HOST> must end with alphanumeric \w (not a dot or a dash etc) 
Otherwise <HOST> regexp might swallow period in the sentence right after the address.
I have decided to enforce alphanumeric instead of switching to non-greedy +? ... because
I think it is closer to what we actually want here
 2013-07-16 15:03:06 -04:00
Yaroslav Halchenko 8add63c733 ENH: anchor roundcube-auth at the beginning as well 2013-07-16 14:16:23 -04:00
Yaroslav Halchenko 148cbd8d2a ENH: heavier debugging -- log split date/log line even for no match. Log matching regex upon match 2013-07-16 14:16:23 -04:00
Steven Hiscocks 1a2b6442a0 ENH+BF+TST: Filter now returns reference to failregex and ignoreregex 
This avoids duplication of code across fail2ban-regex and samples test
cases. This also now more neatly resolves the issue of double counting
date templates matches in fail2ban-regex.
In addition, the samples test cases now also print a warning message
that not all regexs have samples for them, with future plan to change
this to an assertion.
 2013-07-15 22:22:13 +01:00
Yaroslav Halchenko 5bd186b854 ENH(minor): fail2ban-regex comment line doesn't have to have a space after leading # 2013-07-15 13:52:42 -04:00
Steven Hiscocks 2c8747cc76 BF: fail2ban-regex date detector template hits count now correct 
closes #295
 2013-07-15 18:40:32 +01:00
Steven Hiscocks 4855cae487 Merge branch 'sample-log-meta-data' 
Conflicts:
    testcases/files/logs/dovecot
 2013-07-14 18:29:36 +01:00
Steven Hiscocks 1116f23151 TST: Sample log regex test now warns if no log for a filter 
Also checks that at least some tests are present
 2013-07-14 18:19:16 +01:00
Yaroslav Halchenko e562515df7 Merge pull request #292 from grooverdan/solaris-doc 
DOC: shorten example and provide clarification and spelling fix
 2013-07-14 07:13:20 -07:00
Steven Hiscocks 728399c39e Merge pull request #281 from kwirk/dovecot-filter 
ENH: dovecot filter additions for session, time value and blank user
 2013-07-14 05:18:04 -07:00
Steven Hiscocks 94376bfbe1 TST: Handle lack of `json` library in python2.5 for samples test case 2013-07-14 11:15:45 +01:00
Daniel Black 09850d6ba5 DOC: shorten example and provide clarifcation and spelling fixes 2013-07-14 10:25:06 +10:00
Steven Hiscocks 40f67c64b8 TST: Test sample logs' entries are matched by filter regexs 2013-07-13 23:03:01 +01:00
Steven Hiscocks 606e97683b BF: jail.conf multiport actions previously using single port iptables 2013-07-12 23:34:04 +01:00
Daniel Black e433a5c633 Merge pull request #260 from grooverdan/develop 
DOC: developing filters without DoS + close/fix/resolves messages in commits
 2013-07-08 15:52:26 -07:00
Daniel Black 424da92601 DOC: close message for commits. 2013-07-09 08:51:11 +10:00
Daniel Black 1d6d5a7aae DOC: ChangeLog merge confict 2013-07-09 08:41:28 +10:00
Daniel Black 174e3dba6d DOC: Note on new dependency - ed for hosts_deny 2013-07-09 08:36:53 +10:00
Daniel Black 5412d7336f DOC: ChangeLog confict 2013-07-09 08:23:44 +10:00
Daniel Black 1f5097649c DOC: ChangeLog for exim-spam.conf filter and tabs->spaces in changelog 2013-07-09 08:20:13 +10:00
Yaroslav Halchenko 5f04b4954f Merge pull request #280 from yarikoptic/master 
BF+ENHs: polling backend tracks ino and size now in addition to mtime, filters do not read file unless it has content + few other minor issues
 2013-07-07 08:33:55 -07:00
Daniel Black 619603fe05 BF: match asterisk InvalidPassword correctly 2013-07-07 17:48:20 +10:00
Steven Hiscocks bfa2b9dec3 ENH: dovecot filter additions for session, time value and blank user 2013-07-05 18:36:02 +01:00
Yaroslav Halchenko 04b8069cee ENH: adjust sendmail-whois 'active' example to have also sendername in it 2013-07-05 10:12:29 -04:00
Yaroslav Halchenko e332efb7cd Merge pull request #279 from 7adietri/feature/configurable-sender-name 
Move sendmail settings to common file, make sender name configurable
 2013-07-05 07:09:20 -07:00
Alexander Dietrich 2155f6bfa5 Update ChangeLog and jail.conf example 2013-07-04 08:57:52 +02:00
Yaroslav Halchenko e282d6b1c7 ENH: Remove unused any longer _ctime helper 2013-07-03 00:09:39 -04:00
Yaroslav Halchenko 404574499d BF: fail2ban-testcases -- use full "warning" instead of warn for the verbosity dictionary 2013-07-02 23:52:37 -04:00
Yaroslav Halchenko 5df6796e69 ENH: DNS resolution -- catch parent exception 
IMHO there is no good reason to capture only gaierror.

on my network it was consistent to error out with

======================================================================
ERROR: testIgnoreIPNOK (testcases.filtertestcase.IgnoreIP)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/yoh/deb/gits/fail2ban/testcases/filtertestcase.py", line 166, in testIgnoreIPNOK
    self.assertFalse(self.filter.inIgnoreIPList(ip))
  File "/home/yoh/deb/gits/fail2ban/server/filter.py", line 277, in inIgnoreIPList
    ips = DNSUtils.dnsToIp(i)
  File "/home/yoh/deb/gits/fail2ban/server/filter.py", line 625, in dnsToIp
    return socket.gethostbyname_ex(dns)[2]
error: [Errno 11] Resource temporarily unavailable

with this commit tests would pass normally as they should
 2013-07-02 23:51:09 -04:00
Yaroslav Halchenko 5d7ab9e7fb DOC: Changelog for preceding changes 2013-07-02 23:38:27 -04:00
Yaroslav Halchenko 47ac39fb34 TST: minor enhancement to test failure msg 2013-07-02 23:37:41 -04:00