994fe77e59
ENH: make oracleims failregex better anchored (more explicit)
2014-06-10 03:52:16 -04:00
2a51a0176a
BF: minor type for delignoreregex in bash completions
2014-06-10 03:42:07 -04:00
5165d2f6ea
Update oracleims.conf to be 'less greedy'
...
This assumes that the protocol is always a string, which it always is, and that the other four fields in the "tr" are always numeric (which they always are). See port_access documentation at http://docs.oracle.com/cd/E19563-01/819-4428/bgaur/index.html
2014-06-09 18:44:27 -07:00
c325e88634
Update THANKS
...
Per Steven.
2014-06-09 18:38:22 -07:00
70ed93d8cc
Update jail.conf for oracleims filter.
...
This is the jail.conf update. Hopefully this will go into pull request #734 .
2014-06-09 18:37:31 -07:00
f7da091437
ENH: Log unhandled exceptions to Fail2Ban log
2014-06-09 22:27:51 +01:00
e8131475cd
ENH: Realign and harmonise log messages with getF2BLogger helper
2014-06-09 22:17:00 +01:00
db023be09b
BF: Fix bad syntax in badips.py action
...
Taken from https://bugzilla.redhat.com/attachment.cgi?id=895966&action=diff
2014-06-07 20:51:53 +01:00
bb0a181056
testcases extended and observer optimized to run test cases faster;
...
code review
2014-06-07 04:37:06 +02:00
e7bd8ed619
not used import removed
2014-06-06 19:52:42 +02:00
70080b112a
Merge branch 'master' of https://github.com/fail2ban/fail2ban into ban-time-incr
2014-06-06 19:46:38 +02:00
681bc2ef07
observer functionality introduced (asynchronous events in separate service thread);
...
ban time increment feature nearly completely moved into observer;
purge database will be called hourly in observer;
bug fixing and code review;
2014-06-06 18:44:59 +02:00
02055ba4eb
ignore already known tickets (from filter after restart);
...
bug fixing and optimizing;
2014-06-05 14:09:43 +02:00
54317d7c3b
Create test for oracleims filter
...
This test file shows configuration information for the application, three log lines that DO match the pattern, and one log line that does NOT match the pattern (the first one).
2014-06-02 22:58:39 -07:00
9b7c35810a
Create oracleims.conf in filter.d for new filter
...
Created oracleims.conf to catch messages from Sun/Oracle Communications Messaging Server v6.3 and above (including v7)
2014-06-02 22:55:59 -07:00
98daa9d301
Merge pull request #723 from kwirk/decode-warning
...
ENH: Clearer warning with lines which failed to decode correctly
2014-05-30 12:15:51 -04:00
96918acee4
more explicit match for sshd filter & added test
2014-05-19 20:47:16 -07:00
46d6e93800
adjusted sshd filter regex to catch more verbose lines
2014-05-18 22:12:54 -07:00
eb2487986c
ENH: minor -- print time which was used to process lines
2014-05-15 21:17:43 -04:00
0ca97431a0
ENH: Clearer warning with lines which failed to decode correctly
2014-05-15 22:48:03 +01:00
1fa8f9fa70
DOC: Tweak ChangeLog and THANKS
2014-05-15 22:18:07 +01:00
fc4b69a282
DOC: Update ChangeLog fix for ip{,jail}failures action tags
2014-05-15 22:15:12 +01:00
213c4315c3
fix a TypeError bugs like "Failed to execute ban jail 'pam-generic' action 'iptables-allports'"
...
getAttempt returns not a list (numeric), so by call of both lambda we have a TypeError except;
simplifying code;
2014-05-15 19:41:00 +02:00
8fd083a1ea
Merge remote-tracking branch 'remotes/kwirk/sebres-strptime-bug' into ban-time-incr
2014-05-15 17:12:11 +02:00
addfea6614
static method forgotten;
2014-05-15 15:16:53 +02:00
1c20fd88d4
DOC: Update docs in reference to time zone related fix
2014-05-14 23:04:48 +01:00
8843423c8f
TST: Fix tests due to @sebres fix and based from gh-349 reverts
2014-05-14 23:01:14 +01:00
2bf0b4a50c
strptime bug fix: if gmtoff is None we have 1 hour increment of time (through utctimetuple), compare:
...
>>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().timetuple())).strftime("%Y-%m-%d %H:%M:%S")
'2014-04-29 17:26:31'
>>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().utctimetuple())).strftime("%Y-%m-%d %H:%M:%S")
'2014-04-29 18:26:37'
2014-05-14 22:29:06 +01:00
ec3ed0e4ae
introduced string to seconds (str2seconds) for configuration entries with time;
...
todo: expands it for all time config entries;
2014-05-14 16:01:35 +02:00
f492aa7ac9
remove affected check, to delete jails always (pass testPurge)
2014-05-14 12:32:30 +02:00
99c9cbf470
code review, manually ban uses by addFailure the count "maxRetry" directly;
...
log ticket time (found in line)
2014-05-14 12:17:28 +02:00
d22ab320e2
"magic" formula for auto increasing of retry count for known (bad) ip, corresponding banCount of it
...
(one try will count than 2, 3, 5, 9 ...)
2014-05-14 11:21:31 +02:00
2526dbae92
Merge branch 'recursive-tag-fix' of https://github.com/kwirk/fail2ban
...
* 'recursive-tag-fix' of https://github.com/kwirk/fail2ban :
ENH: explicitly define tags which should be escaped
DOC: ChangeLog update for recursive tag bug fix
BF: Tags not fully recursively substituted
Conflicts:
ChangeLog -- kept all as is
2014-05-13 11:23:30 -04:00
1e586fb0e9
ENH: explicitly define tags which should be escaped
2014-05-11 14:49:49 +01:00
c619202d6f
Merge branch 'master' of github.com:fail2ban/fail2ban
...
* 'master' of github.com:fail2ban/fail2ban:
ENH: Match non "Bye Bye" for sshd locked accounts failregex
Even stricter monit regex, now covers entire line
Tidy up filter.d/monit.conf, make regex more complete. Add ChangeLog / THANKS entry. Add test cases.
ENH: Move traceback formatter to from tests.utils to helpers
Block brute-force attempts against the Monit gui
2014-05-10 20:02:47 -04:00
904b362215
DOC: ChangeLog update for recursive tag bug fix
...
Also minor typo fixes in comments
2014-05-09 20:25:44 +01:00
77ba065571
Merge pull request #697 from jhmartin/monit_admin_hack
...
Block brute-force attempts against the Monit gui
2014-05-07 22:23:01 +01:00
3471f13a84
Merge pull request #700 from kwirk/format-traceback-to-helpers
...
ENH: Move traceback formatter to from tests.utils to helpers
2014-05-07 09:09:01 -04:00
0121e09907
default formula faster and more readable, comparable with "multipliers", like 2**N, default factor for both solutions is 1 now
2014-05-07 13:28:04 +02:00
7d17fb5c6c
python >= 3.x, local variable 'lastBanTime' reference bug fixed
2014-05-06 20:55:41 +02:00
a4837da899
Merge branch 'ban-time-incr' of https://github.com/sebres/fail2ban into ban-time-incr
2014-05-06 20:32:23 +02:00
3a75c8a752
ban time incr: 2st test case added (code optimized for test cases), to test both stand-alone:
...
python ./bin/fail2ban-testcases -l debug 'BanTimeIncr'
2014-05-06 20:30:12 +02:00
6c8327e39f
indentation level fix
2014-05-06 20:24:49 +02:00
14167ed778
ban time incr: 2st test case added (code optimized for test cases), to test both stand-alone:
...
python ./bin/fail2ban-testcases -l debug 'BanTimeIncr'
2014-05-06 20:14:23 +02:00
237706e39f
ban time incr: 1st test case added, to test it stand-alone:
...
python ./bin/fail2ban-testcases -l debug 'BanTimeIncr'
2014-05-06 17:57:11 +02:00
c48e404e63
option "multipliers" added, how proposed from @yarikoptic;
...
the calculate formula is rewritten to lambda / compiled solution (up to 10 million times per seconds);
code review;
2014-05-06 16:07:16 +02:00
1f8b554d31
Merge branch 'database-persistent-bans' of https://github.com/kwirk/fail2ban
...
* 'database-persistent-bans' of https://github.com/kwirk/fail2ban :
BF: bantime < 0 database should return all bans, as they are persistent
Conflicts:
ChangeLog - kept all ;)
2014-05-05 23:29:35 -04:00
3eabf4a7bd
Merge pull request #708 from kwirk/ssh-bye-bye
...
ENH: Match non "Bye Bye" for sshd locked accounts failregex
2014-05-05 23:22:57 -04:00
65269365ee
minor
2014-05-05 23:16:18 -04:00
91eb75098b
Merge pull request #714 from kwirk/urandom-persistent
...
BF: Avoid closing "/dev/urandom" for Python 3.4.0
2014-05-05 23:13:34 -04:00
Yaroslav Halchenko