fail2ban

Commit Graph

Author	SHA1	Message	Date
sebres	004879b5b1	code review: switch MAX_TIME to 0X7FFFFFFFFFFF (is enough, because 4461763-th year, but better performance)	8 years ago
sebres	e00be5f308	Fixed sporadically error in testCymruInfoNxdomain, because of unsorted values: ``` AssertionError: Dictionaries differ: {'country': ['unknown', 'nxdomain'], 'asn': ['4565', 'nxdomain'], 'rir': ['other', 'nxdomain']} != {'country': ['nxdomain', 'unknown'], 'asn': ['nxdomain', '4565'], 'rir': ['nxdomain', 'other']} ``` Added assertDictEqual for compatibility to early python versions (< 2.7);	8 years ago
sebres	e7fa74b989	smaller inertance inside test-cases (amend to `d153555a07` with decreasing default wait operation that litle bit speedup test-cases)	8 years ago
sebres	ab0c28260b	switch down log level for some annoying messages to tracedebug or heavydebug (to 7 or even 5); added verification of specified log-level before transmitting to the server; numeric log-level allowed now in server (resp. fail2ban.conf);	8 years ago
Viktor Szépe	a406c6eb3a	By the author: > Yes, scripting is not supported in path. https://bitbucket.org/tildeslash/monit/issues/372/webadmin-shows-only-the-first-part-of#comment-27946048	8 years ago
sebres	48ebe3e735	FilterPyinotify: high cpu load fix - timeout for pyinotify must be set in milliseconds (our time values are floats contain seconds);	8 years ago
sebres	c0373a7158	repair typo bug in reloading for systemd-filter; JailThread get method `join` for safe usage of it, also for not started threads (test-cases or in case of error), that will be used for cleanup resp. wait purposes also (see join of pyinotify-filter);	8 years ago
sebres	d153555a07	increase default wait operation (sleep time, threshold interval) - avowedly greater inertance, but fewer system load by many jails resp. log files; waiting with `wait_for` extended with verifying of active flag; implemented better error handling in some multi-threaded routines; shutdown of jails rewritten (faster and safer, does not breaks shutdown process if some error occurred);	8 years ago
sebres	35ce1166b6	allows to update some configuration options (read with config-readers) with command line option, e. g.: ```bash ## start server with DEBUG log-level (ignore level read from fail2ban.conf): fail2ban-client --loglevel DEBUG start ## or fail2ban-server -c /cfg/path --loglevel DEBUG start ## keep server log-level by reload (without restart it) fail2ban-client --loglevel DEBUG reload ## switch log-level back to INFO: fail2ban-client set loglevel INFO ```	8 years ago
Serg G. Brester	28e286cd2d	Merge pull request #1551 from fail2ban/sebres-patch-fips-gh-1540 filter.py: FIPS compliant fix (use sha1 instead of md5 if not allowed)	8 years ago
sebres	0f1d1a0d4d	ChangeLog: FIPS compliant	8 years ago
Serg G. Brester	1071db2256	filter.py: easy-fix to use sha1 instead of md5 if its usage prohibited by some systems following strict standards (like FIPS) closes gh-1540	8 years ago
Serg G. Brester	fad953ade6	Merge pull request #1544 from sebres/fix/vsftpd-gh-1543 filter.d/vsftpd.conf: optional reason part in message after FAIL LOGIN	8 years ago
sebres	20b92f3ead	fail2ban-regex: build replacement of `<HOST>` substitution corresponding parameter `usedns` - now also in fail2ban-regex (amend)	8 years ago
sebres	ebd864660a	normalize usage of preferred encoding (and decode any to string); python 3.x compatibility (used uni_decode for string representation of stdout/stderr, unified test cases) amend for #1542	8 years ago
sebres	e0347bb3a0	assertLogged extended with parameter wait (to wait up to specified timeout, before we throw assert exception) + test cases rewritten using that	8 years ago
sebres	a20f325f80	database: stability fix - repack cursor iterator as long as locked	8 years ago
sebres	f6197200a9	introduced new flag "banned" as property, used to recognize the ticket was really banned; get/set restored flag functions rewritten to property "restored" similar to "banned"; several code optimizations and tests extensions;	8 years ago
sebres	2108216d33	file filter-backends: stability fix for sporadically errors - always close file handle, otherwise may be locked (prevent log-rotate, etc.)	8 years ago
sebres	4404642fa3	pyinotify-backend: stability fix for sporadically errors in multi-threaded environment (without lock)	8 years ago
sebres	8c4eebc3e3	reload actions amend, code review and test cases extended for update/start/stop of actions by reloading	8 years ago
sebres	9fb167b5e1	filter.d/vsftpd.conf: optional reason message after FAIL LOGIN, closes #1543	8 years ago
sebres	4fb511294e	temp commit: reload now supported actions and action reloading (parameters, unban obsolete removed actions, etc.)	8 years ago
sebres	d1ef33cc45	New command action parameter `actionrepair` - command executed in order to restore sane environment in error case of `actioncheck`. # [WARNING] TODO: be sure all banactions get a repair command, because otherwise stop/start will theoretically remove all the bans, but the tickets are still in BanManager, so in case of new failures it will not be banned, because "already banned" will happen.	8 years ago
sebres	8cba537f6c	code review and use new logger-signals for waiting; + regenerated man-files	8 years ago
sebres	27f6fc083a	optimized BanManager: increase performance, fewer system load, try to prevent memory leakage: - better ban/unban handling within actions (e.g. used dict instead of list) - don't copy bans resp. its list on some operations; - added new unbantime handling to relieve unBanList (prevent permanent searching for tickets to unban) - prefer failure-ID as identifier of the ticket to its IP (most of the time the same, but it can be something else e.g. user name in some complex jails, as introduced in 0.10)	8 years ago
sebres	d2ddc59c40	build replacement of `<HOST>` substitution corresponding parameter `usedns` - dns-part will be added only if `usedns` is not `no`; new replacement for `<ADDR>` in opposition to `<HOST>`, for separate usage of 2 address groups only (regardless of `usedns`), `ip4` and `ip6` together, without host (dns)	8 years ago
sebres	8c26cada27	temp commit: partially cherry picked from ban-time-incr branch	8 years ago
sebres	b12a3acb06	temp commit: reload not ready...	8 years ago
sebres	f512628af2	make with_foreground_server_thread decorator to test several client/server commands	8 years ago
sebres	0a7374dec6	Merge branch '_0.9/fix-systemd-convert-gh-1341' into _0.10/fix-systemd-convert-gh-1341	8 years ago
sebres	7ac9890bf6	forgotten obsolete code removed	8 years ago
sebres	ad61f0f381	Merge branch '_0.9/fix-systemd-convert-gh-1341' into _0.10/fix-systemd-convert-gh-1341	8 years ago
sebres	51fd9a1027	amend to activate performance-fix (respect findtime before search of match) + code coverage	8 years ago
sebres	e3a75b4f1e	optimize test cases after merge (using 0.10-features)	8 years ago
sebres	ae38b626d1	Merge branch '_0.9/fix-systemd-convert-gh-1341' into 0.10	8 years ago
sebres	57458a462e	allow to set default or preferred encoding for other filters (e.g. to decode bytes from journal) # Conflicts: # fail2ban/server/filter.py	8 years ago
sebres	3119f81705	fixed journal systemd ascii/utf-8 default converting (see gh-1341, gh-1344)	8 years ago
Yaroslav Halchenko	aff680eb43	Merge branch 'master' into 0.10 (strategy ours) * master: RF: Replace old fashioned "except E , e" with "except E as e" (Closes #1537)	8 years ago
Yaroslav Halchenko	87acd7a0fc	RF: Replace old fashioned "except E , e" with "except E as e" (Closes #1537 ) 0.10 specific supplement to `b875e51cd7` in master AKA 0.9	8 years ago
Yaroslav Halchenko	f6258c7b69	Merge branch 'rf-exc' * rf-exc: RF: Replace old fashioned "except E , e" with "except E as e" (Closes #1537)	8 years ago
Yaroslav Halchenko	adeb6e94a5	Merge remote-tracking branch 'origin/master' into 0.10 * origin/master:	8 years ago
sebres	00c08f0cfa	Merge pull request #1523 from sebres/_0.10/systemd-journal-path-gh-1408 with 0.10	8 years ago
Serg G. Brester	0f942aba17	Merge pull request #1539 from sebres/_0.10/fix-gh-1529 0.10/fix-gh-1529	8 years ago
sebres	1d6b546658	sleep a little bit in error case (to get around time-related errors, e.g. something like log-rotate, etc.)	8 years ago
sebres	6454d0cd75	prevents to stop processing after first unhandled exception inside processLineAndAdd (filter going idle after 100th error);	8 years ago
sebres	90f9009959	fixes wrong date (invalid format or value) recognition if template available (+ test cases extended)	8 years ago
sebres	d974ebd581	rewritten idle handling for all filters, test cases extended to work in idle mode also (should not find/process failures)	8 years ago
Yaroslav Halchenko	b875e51cd7	RF: Replace old fashioned "except E , e" with "except E as e" (Closes #1537 )	8 years ago
sebres	23c14acec0	update `_0.10/systemd-journal-path-gh-1408` (after merge `_0.9/systemd-journal-path-gh-1408` to 0.10)	8 years ago

1 2 3 4 5 ...

3814 Commits (bd1eb70c52f078fea65d1688915487a5dea1f3c7) All Branches Search

3814 Commits (bd1eb70c52f078fea65d1688915487a5dea1f3c7)

All Branches