github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5,159 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

5159 Commits (b9facb80d25e4e7d7bdc46ab36426f23042237a7)

Author SHA1 Message Date
Sander Hoentjen 2a4dafce5b don't call setLogTarget from setSyslogSocket when holding the lock 
If we do, setLogTarget will wait for the lock, but it will never be released
 2017-05-08 14:11:07 +02:00
sebres b13d9d4e22 Merge branch 'master' into 0.10 2017-05-07 21:29:12 +02:00
sebres bea3a62a37 update ChangeLog 2017-05-07 14:02:45 +02:00
sebres 0600d51511 filter.d/exim.conf: added new reason for "rejected RCPT" regex: Unrouteable address 2017-05-07 14:02:38 +02:00
sebres 49e237209e Merge branch 'master' into 0.10 2017-05-07 13:32:12 +02:00
sebres 3d64d705f3 try to fix travis integration of pypy3: setuptools recently dropped support for Python 3.0 - 3.2, but old pypy3 based on Python 3.2.5 2017-05-07 13:28:35 +02:00
sebres c546f85207 filter.d/exim.conf: cherry-picked from 0.10, match complex time like `D=2m42s` (closes gh-1766) 2017-05-07 13:02:32 +02:00
Serg G. Brester b5d59e8883 small fix of changelog entry 2017-05-02 16:59:05 +02:00
Viktor Szépe eb5c75e4b5 Add test to Courier auth 2017-04-29 17:12:15 +02:00
Viktor Szépe 1ed958521c Courier auth changelog 2017-04-28 17:08:36 +02:00
Viktor Szépe ac256a822b Make courier-auth regexp a non-captured group 2017-04-28 16:58:24 +02:00
Viktor Szépe 4bb8a58dcf Courier may complain about the method only 
> Mar 30 22:29:18 szerver imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:1.2.3.4]
 2017-04-28 15:49:59 +02:00
Seth Reeser c3426ba5f6 Update botsearch-common.conf (#1759) 
* Update botsearch-common.conf, apache-modsecurity.conf: typo and missing new-line
 2017-04-26 20:14:39 +02:00
sebres 8839bcbb09 Merge remote-tracking branch master into 0.10 2017-04-25 10:07:19 +02:00
Serg G. Brester fafe11d326 Merge pull request #1757 from sebres/0.9-fix-gh-1751 
filter.d/exim.conf: optional part `(...)` by authenticator failed for ...
 2017-04-25 10:05:27 +02:00
sebres 462442a517 Update ChangeLog #1757 2017-04-25 10:04:45 +02:00
Serg G. Brester e7d51d1969 Merge pull request #1758 from sebres/0.10-new-hostname-tags 
0.10 new action tags: <fq-hostname>, <sh-hostname>
 2017-04-25 09:59:26 +02:00
sebres e4ccbe7286 code review: getHostname can return '' 2017-04-24 21:32:40 +02:00
sebres f75c3d8a02 code review and ChangeLog entry 2017-04-24 21:18:16 +02:00
sebres db16b4c22a testComplexMailActionMultiLog: better echo mock-up replacement for "...) | mail -s ..." 2017-04-24 21:18:14 +02:00
sebres 99344d28c8 Introduces new tags with hostname: 
- `<fq-hostname>` - fully-qualified name of host (the same as `$(hostname -f)`)
- `<sh-hostname>` - short hostname (the same as `$(uname -n)`)

Execution of `uname -n` replaced in all mail actions with most interesting fully-qualified `<fq-hostname>`.
 2017-04-24 21:17:55 +02:00
sebres 3161bcf78b filter.d/exim.conf: optional part `(...)` after host-name before `[IP]`, normalized over whole config file. 
# Conflicts:
#	config/filter.d/exim.conf
 2017-04-24 19:21:26 +02:00
sebres 507034c5be filter.d/apache-auth.conf: joined some similar expressions 2017-04-24 15:32:44 +02:00
Serg G. Brester e35ed1cdf7 Update ChangeLog 
Changes of #1645
 2017-04-21 11:24:32 +02:00
Serg G. Brester 6dfd080e20 Update apache-auth.conf 
remove forgotten referer, that may prevent failure recognition (belongs to gh-1645)
 2017-04-21 11:17:13 +02:00
Serg G. Brester dffda63d59 Merge pull request #1645 from benrubson/issue1644 
Apache URIs can contain spaces
 2017-04-21 10:47:12 +02:00
Serg G. Brester 311f8fea83 Merge branch '0.10' into issue1644 2017-04-21 10:32:29 +02:00
sebres efd6fff7a0 Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10 
# Conflicts:
#	fail2ban/tests/utils.py
 2017-04-20 21:54:56 +02:00
Serg G. Brester 17922b621c Update ChangeLog 
replaced german in entry ;)
 2017-04-20 15:23:59 +02:00
Yaroslav Halchenko 7e0e9cda50 changelog for the patch 2017-04-17 10:28:43 -04:00
Yaroslav Halchenko 0f3217f352 "cherry-pick" a639f0b083 (BF: specify explicit time offset not a time zone name to avoid needing tzdata during testing) 2017-04-17 10:27:01 -04:00
Yaroslav Halchenko a0cf31903d Merge pull request #1754 from yarikoptic/bf-tzdata 
BF: specify explicit time offset not a time zone name to avoid needing tzdata during testing
 2017-04-17 10:26:37 -04:00
Paul Brook a639f0b083 BF: specify explicit time offset not a time zone name to avoid needing tzdata during testing 2017-04-16 12:11:05 -04:00
Serg G. Brester 36814c4274 Merge pull request #1749 from petervanderdoes/bugfix/problem_with_mail_command 
Parameter `-s` is already a part of `mailcmd` interpolation
 2017-04-11 20:57:42 +02:00
Peter van der Does bb79e7f413
Parameter not needed 
The parameter '-s' causes an error as the <mailcmd> already has the parameter.
 2017-04-11 11:13:58 -04:00
Serg G. Brester 61e73b9694 Merge pull request #1746 from gracinet/0.10-haproxy-ipv6 
haproxy-http-auth IPv6 (Closes #1745)
 2017-04-11 10:04:16 +02:00
Serg G. Brester 4f0f22702a Update haproxy-http-auth.conf 
little bit more precise expression
 2017-04-11 09:11:08 +02:00
Georges Racinet 07023436ac haproxy-http-auth: added a test for IPv4-mapped-in-IPv6 
This what one gets in logis if haproxy is binding to ::
on a dual-stack system.
 2017-04-07 14:04:13 +02:00
Georges Racinet 4fc6323ff0 haproxy-http-auth: avoid port number in IPv6 addresses 
The solution taken is to consume the port number explicitely in
the regexp.
 2017-04-07 13:59:22 +02:00
Serg G. Brester e7f1fc5cb3 Update ChangeLog 
enhancements of #1743
 2017-03-31 10:39:50 +02:00
Serg G. Brester e63af0aa4e Merge pull request #1743 from sebres/0.10-flush-bulk-unban 
0.10 - flush resp. bulk unban
 2017-03-31 10:36:05 +02:00
sebres 97e8b42d34 dummy action extended with more examples and test-covered now 2017-03-30 13:02:37 +02:00
sebres 042a060a54 additionally complex test-case coverage for `actionflush` inside server via actions-mechanism of fail2ban - reload with removing action, unban all, stopping of jails and actions, etc. 2017-03-29 23:24:13 +02:00
sebres d03872fbbf bulk unban: add new command `actionflush` default for several iptables/iptables-ipset actions (and common include): 
iptables-common
  iptables
  iptables-allports
  iptables-multiport-log
  iptables-multiport
  iptables-new
  iptables-ipset-proto4
  iptables-ipset-proto6
  iptables-ipset-proto6-allports

executing `actionflush` command covered for this actions now
 2017-03-29 23:24:11 +02:00
sebres a1e9cc552c bulk unban: introduced new command `actionflush`: executed in order to flush all bans at once (e. g. by unban all, reload with removing action, stop, shutdown the system); 
the actions having `actionflush` do not execute `actionunban` for each single ticket
 2017-03-29 23:24:09 +02:00
Serg G. Brester 44a26c6159 Update ChangeLog 
amend to gh-1742
 2017-03-29 23:14:33 +02:00
Serg G. Brester 4dcdcc3002 Merge pull request #1742 from sebres/0.10-actionstart-on-demand 
0.10 - Execution of `actionstart` on demand (fixes gh-1741)
 2017-03-29 23:07:03 +02:00
sebres daa13eb5dd no cover for unreachable and abstract 2017-03-29 18:33:33 +02:00
sebres ca18270beb fix artificial test cases ('family' becomes mandatory in the action info, but dict was supplied in the test case) 2017-03-29 18:02:21 +02:00
sebres 8bf79fa483 implemented execution of `actionstart` on demand, if action depends on `family` (closes gh-1741); 
new action parameter "actionstart_on_demand" (bool) can be set to prevent/allow starting action on demand (default retrieved automatically, if some conditional parameter `param?family=...` presents in action properties);
 2017-03-29 17:44:15 +02:00