github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5,762 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

5762 Commits (b892133d516d1389a647a287a1a3b58e2eece65f)

Author SHA1 Message Date
Sergey G. Brester e74baae666
Merge pull request #3135 from sylvestre/patch-2 
Add the Debian path to roundcube error logs
 2021-10-25 12:11:42 +02:00
Sergey G. Brester cb042dda7d
Merge pull request #3133 from sylvestre/master 
Fix typo found by lintian (Debian static analyzer)
 2021-10-25 12:10:28 +02:00
Sylvestre Ledru 3245b8018b
Add the Debian path to roundcube error logs 2021-10-23 17:38:20 +02:00
Sylvestre Ledru 1cd3118da3 Fix typo found by lintian (Debian static analyzer) 2021-10-23 17:06:13 +02:00
Sergey G. Brester 98c7dd04a4
Merge pull request #3037 from floppym/bug794931 
tests: improve detection of readable systemd journal
 2021-10-22 15:34:47 +02:00
Mike Gilbert d91d949e95 tests: improve detection of readable systemd journal 
Look for system.journal in journal sub-directory.
Add -readable to the find command.

Bug: https://bugs.gentoo.org/794931
 2021-10-19 11:08:04 -04:00
Viktor Szépe 1e8ce20b32
Display ChangeLog as a Markdown document 2021-10-17 19:53:10 +02:00
Sergey G. Brester 8e3a26bdeb
Merge pull request #3117 from fail2ban/gh-3116 
filter.d/lighttpd-auth.conf: adjust to the current source code, avoid catch-all's, etc
 2021-10-01 15:09:09 +02:00
Sergey G. Brester ba839af8ad
filter.d/lighttpd-auth.conf: adjusted to the current source code + avoiding catch-all's, etc (gh-3116) 2021-10-01 15:03:24 +02:00
Sergey G. Brester f8f59dd31a
added test cases covering different messages adjusted to new log-format (gh-3116) 2021-10-01 14:58:25 +02:00
Sergey G. Brester 5ee482bc9a
Merge pull request #3053 from db48x/fix-grammar-of-timestamp-warnings 
Improve grammar and readability of timestamp warnings
 2021-09-21 16:16:52 +02:00
Sergey G. Brester d086317cc8
Update filter.py 2021-09-21 16:05:53 +02:00
Sergey G. Brester 17eed32e03
Update filtertestcase.py 2021-09-21 16:00:37 +02:00
sebres 621d8cae17 restore backwards compatibility for date None 2021-09-20 02:20:22 +02:00
sebres ec043cd202 simplifying logic and shortening messages (delta in minutes; removed clock synchronization, because it is rarely an issue on fail2ban side, e. g. for remote logs only, etc) 2021-09-19 21:58:42 +02:00
Daniel Brooks d7afcde2e1 add a warning message for dates in the future 
and a test that checks which message was output for which time deltas.
 2021-09-19 19:39:52 +02:00
Daniel Brooks 1929e7a76b include more specific information in the warning 2021-09-19 19:39:49 +02:00
Daniel Brooks 320a3dcdd5 remove old warnings from filtertestcase.py 
assertLogged only checks that at least one listed message is found, so
it isn’t necessary to repeat them in the test.
 2021-09-19 19:39:45 +02:00
Daniel Brooks a98cc08b31 Updated the warning messages created when fail2ban sees unexpected timestamps 
to improve their grammar and to remove jargon.

Partially fixes #2822
 2021-09-19 19:39:41 +02:00
sebres 5093ff8956 Merge branch '0.11' into master 2021-09-19 18:54:23 +02:00
sebres d6b884f3b7 amend to fix gh-3098: no option `--disable-2to3` anymore 2021-09-19 18:52:34 +02:00
sebres 5ac303df8a fix gh-3098: build fails with error in fail2ban setup command: use_2to3 is invalid (setuptools 58+) 2021-09-19 18:49:18 +02:00
sebres 8d45deca86 Merge branch '0.10' into 0.11 2021-09-19 18:42:23 +02:00
sebres 974ba688d4 Merge branch 'patch-3098' into 0.10 2021-09-19 18:41:24 +02:00
Sergey G. Brester 7f22c4873a
remove 2to3 in setup (should be called outside before setup) 2021-09-19 18:36:02 +02:00
Sergey G. Brester 1414a44b8e
Update main.yml 
CI: try to install dependencies via apt, add build test
 2021-09-19 18:24:36 +02:00
sebres ad1f9dc4d0 Merge branch '0.11' 2021-09-08 20:12:48 +02:00
sebres 64217fe018 Merge branch '0.10' into 0.11 2021-09-08 20:09:48 +02:00
sebres c0f9348db5 Merge branch 'sebres/gh-3097--fix-unh-except' into 0.10; 
closes #3097
 2021-09-08 20:08:30 +02:00
sebres d709ec8179 GH actions: use newest python version for 3.10 (3.10.0-rc.2) 2021-09-08 20:00:41 +02:00
sebres ba282b794c pyinotify: amend to 1e4a14fb25d88e32f3ca9c06fb1d6b8d3b4813ab: one fix more for sporadic runtime error "dictionary changed size during iteration" (watched files) 2021-09-08 19:56:02 +02:00
sebres e323c148e1 backend systemd: fixes error "local variable 'line' referenced before assignment", introduced in 55d7d9e214f72bbe4f39a2d17aa004d80bfc7299; 
don't update database too often (every 10 ticks or ~ 10 seconds in production);
closes gh-3097
 2021-09-08 19:44:49 +02:00
sebres 1e4a14fb25 pyinotify: fixes sporadic runtime error "dictionary changed size during iteration" (if something outside changes the pending dict during _checkPending evaluation) - simply deserialize to a list for iteration, without any lock, because unneeded here due to small and mostly empty dictionary (logrotate, etc), not to mention that pending check is normally called once per minute; 
don't call process file inside of server thread calling of addLogPath (always retard it as pending event);
ensure to wake-up as soon as possible to process pending events (e. g. if file gets added).
 2021-09-08 19:17:44 +02:00
sebres 2f99d5accb test coverage for unhandled exception in run of several filter (gh-3097) 2021-09-08 18:22:31 +02:00
Sergey G. Brester cb667edf17
Merge pull request #3087 from alexporto2200/patch-3 
README: added dependencies to setuptools or distutils (if installing from source)
 2021-08-17 16:49:40 +02:00
Sergey G. Brester ade79635b2
distutils/setuptools only required if installing from source 2021-08-17 16:41:20 +02:00
Alex Porto dos Santos 39fe0bdce6
Update Readme 
Add python3-setuptools or python-setuptools for dependencies. On some distributions this doesn't come by default, it would be nice to let users know about this in the documentation.
 2021-08-17 10:39:04 -03:00
sebres 10cd815525 merge 0.11 to 1.0 (GHSA-m985-3f3v-cwmm) 2021-07-07 12:06:06 +02:00
sebres c03fe6682c merge 0.10 to 0.11 (GHSA-m985-3f3v-cwmm) 2021-07-07 12:04:46 +02:00
sebres e3f2fcfab4 merge point (GHSA-m985-3f3v-cwmm 0.9/0.10) 2021-07-07 11:50:49 +02:00
sebres 2ed414ed09 fixed possible RCE vulnerability, unset escape variable (default tilde) stops consider "~" char after new-line as composing escape sequence 
closes GHSA-m985-3f3v-cwmm for 0.9
 2021-07-07 11:46:28 +02:00
sebres 410a6ce5c8 fixed possible RCE vulnerability, unset escape variable (default tilde) stops consider "~" char after new-line as composing escape sequence 2021-06-21 17:12:53 +02:00
sebres 579c6a94af filter.d/postfix.conf: mode `ddos` (and `aggressive`) extended to consider abusive handling of clients hitting command limit (gh-3040) 2021-06-10 15:23:24 +02:00
sebres 43f2923fbd filter.d/postfix.conf: matches rejects with "undeliverable address" (sender/recipient verification, gh-3039) additionally to "Unknown user"; 
both are configurable now via extended parameter and can be disabled using `exre-user=` supplied in filter parameters
 2021-06-10 15:06:54 +02:00
Sergey G. Brester bbfff18280
action.d/ufw.conf: amend to #3018: parameter `kill-mode` extended with conntrack 2021-06-03 12:02:08 +02:00
sebres c7a86b4616 action.d/firewallcmd-ipset.conf: amend to #2620: 
- combines actions `firewallcmd-ipset` and `firewallcmd-ipset-native` (parameter `ipsettype=firewalld`);
- IPv6-capability for firewalld ipset;
- no internal timeout handling by default;
- no permanent rules yet
 2021-05-29 22:59:55 +02:00
Sergey G. Brester 2a508da5a0
Merge pull request #2620 from mspolitaev/master 
Using native firewalld ipset implementation
 2021-05-29 21:30:55 +02:00
sebres 38535b0cca Merge branch '0.11' into master 2021-05-29 21:25:24 +02:00
sebres d2f5c7de09 Merge branch '0.10' into 0.11 2021-05-29 21:24:11 +02:00
sebres 92f90038fa filter.d/dovecot.conf: extended to match prefix like `conn unix:auth-worker (uid=143): auth-worker<13247>:` (authenticate from external service like exim), gh-2553 2021-05-29 21:12:34 +02:00