fail2ban

Commit Graph

Author	SHA1	Message	Date
sebres	cb280b817f	csocket multi-set fix: prevent to convert `list`, `dict`, `set` during transfer (send), this offers a sending of 'multi-set' arrays (missed by cherry-picking from multi-set branch)	2016-05-13 22:43:02 +02:00
sebres	e0924e0d1b	test case fix (always sort result of `DNSUtils.textToIp`, because order of result from `socket.getaddrinfo` is undefined (system depended)	2016-05-13 21:44:07 +02:00
sebres	3d3735706b	invalid recursion check in substituteRecursiveTags: for example action `bsd-ipfw` produced ValueError('properties contain self referencing definitions and cannot be resolved...') test cases extended for exactly this case and for all stock actions; closes gh-1417	2016-05-13 13:53:29 +02:00
Serg G. Brester	1791fd59f2	Merge pull request #1418 from yarikoptic/pr-1415 DOC: minor PEP8ing and comments enhancements	2016-05-13 12:49:35 +02:00
Yaroslav Halchenko	a9c563fed2	Merge pull request #1415 from sebres/0.10-fixes 0.10 fixes	2016-05-12 18:54:33 -04:00
Yaroslav Halchenko	14c31d8c58	DOC: minor PEP8ing and comments enhancements	2016-05-12 18:52:20 -04:00
sebres	ec6032d934	prevent to fail stock configs test case, if any jail custom config does not have own test log-file (perhaps not clean copy)	2016-05-12 18:15:22 +02:00
sebres	4b5b16cd9f	allow using of IPv6 address style mask (analog to the IPv4), for example: `2606:28ff::/ffff:ff80::` -> `2606:2880::/25` fast calculating of maskplen using map table MAP_ADDR2MASKPLEN, with pre-calculated addr->maskplen values; test cases extended;	2016-05-12 18:15:05 +02:00
sebres	0c2eeee8c7	BF: fail2ban-client can't unserialize IPAddr objects - added IPAddr pickle-handler, that simple wrap IPAddr to the str	2016-05-12 12:54:25 +02:00
sebres	9b72522a01	todo fix: not necessary in 0.10 branch	2016-05-11 18:47:55 +02:00
sebres	3df97beaa6	changelog entries from sebres:f2b-perfom-prepare-716 (gh-1346)	2016-05-11 18:03:22 +02:00
sebres	c22ba5413d	changes from ipv6-support-0.10 after merge	2016-05-11 16:58:13 +02:00
sebres	f9ea845595	Merge branch 'ipv6-support-0.10' into 0.10	2016-05-11 16:57:16 +02:00
sebres	23ad50dbaa	correct <HOST> expression in failregex (now IPv6 will be really found from filter); respect standard spelling of IPv6 (with port) enclosed in brackets ([ipv6]:port), to prevent the necessarily changing of many filter definitions, comparison: #IPv4: 127.0.0.1:55555 #IPv6: [a🅱️c:d::1]:55555 some small fixes (in test cases also) and code review and few optimizations;	2016-05-11 16:55:29 +02:00
sebres	f47fdf8918	code coverage: extend conditional test with direct replacement inside replaceTag (besides recursive sub tags)	2016-05-11 16:55:26 +02:00
sebres	e8203dabba	python 2.6 compatible test cases	2016-05-11 16:55:24 +02:00
sebres	9da7bb1068	meantime commit: code review, simplification, pythonization, etc. (test cases passed)	2016-05-11 16:55:21 +02:00
Alexander Koeppe	50e5a7e538	More beautifier tests	2016-05-11 16:55:17 +02:00
sebres	d65e37e93d	CIDR splitting functionality moved from filter to IPAddr; meantime commit: code review, simplification, pythonization, etc. + test cases extended	2016-05-11 16:54:36 +02:00
Alexander Koeppe	1b21f21c22	CIDR represenation if IPAddr object is a network prefix	2016-05-11 16:54:33 +02:00
sebres	941a2b6c82	clean up unnecessarily resp. directly unused action properties, because they are ambiguous now; implemented caching functionality for same substitutions inside replaceTag: very actual and extreme performance growth (up to 1000 times) for ban/unban because too slow substituteRecursiveTags by several tags and many includes, but totally unnecessary as long as parameters are not changing;	2016-05-11 16:54:31 +02:00
sebres	504e5ba6f2	actions support IPv6 now: - introduced "conditional" sections, see for example `[Init?family=inet6]`; - iptables-common and other iptables config(s) made IPv6 capable; - several small code optimizations; * all test cases passed (py3.x compatible);	2016-05-11 16:54:28 +02:00
sebres	75028585c0	test cases extended for verifying ipv4/ipv6, normalized pf-action with test case	2016-05-11 16:54:25 +02:00
Alexander Koeppe	ed2f3ef77d	improve PF action and make IPv6 aware	2016-05-11 16:54:22 +02:00
sebres	1a6450643d	partially cherry pick from branch 'multi-set', prepare for conditional config parameters logic: - new readers logic (group some by multiple parameters 'set' -> 'multi-set'; - prevent to add 'known/' parameters twice (by merge section etc); - test cases fixed; # Conflicts: # fail2ban/client/actionreader.py	2016-05-11 16:54:20 +02:00
sebres	43c0f3cdc4	test cases extended	2016-05-11 16:54:17 +02:00
sebres	2497b05abc	test cases preliminary extended;	2016-05-11 16:54:14 +02:00
sebres	25d6cf8dd2	fix suhosin_log in common paths - log files should be separated using "\n": prevents to throw an error "File option must be 'head' or 'tail'", if jail suhosin will be enabled.	2016-05-11 16:54:11 +02:00
sebres	9b06c325e1	2nd wave: code review, simplification, pythonization, etc. (test cases passed)	2016-05-11 16:53:26 +02:00
Yaroslav Halchenko	c1a54974e9	RF/ENH: 1st wave of IPAddr pythonization - properties, logical statements, etc # Conflicts: # fail2ban/server/ipdns.py	2016-05-11 16:48:42 +02:00
Yaroslav Halchenko	5040c95bdb	DOC: stub for 0.10.0 release changelog	2016-05-10 21:17:09 -04:00
Alexander Koeppe	dbd7e347b1	new testcase to test beautifier code	2016-05-09 17:08:35 +02:00
Alexander Koeppe	4274ae89c6	Quite little adjustments on tests and return value # Conflicts: # fail2ban/server/ipdns.py	2016-05-09 17:07:53 +02:00
sebres	8cb4a3f59e	move DNTUtils, IPAddr related code to dedicated source file ipdns.py (also resolves some cyclic import references)	2016-05-09 17:06:25 +02:00
sebres	6985531e91	meantime commit: code review, simplification, pythonization, etc. (test cases passed)	2016-05-09 16:35:48 +02:00
Alexander Koeppe	9ede535a61	remove obsolete IP related code from DNSUtils class # Conflicts: # fail2ban/server/filter.py	2016-05-09 15:36:15 +02:00
Alexander Koeppe	ce196744d1	Update ChangeLog / THANKS entries	2016-05-09 15:34:15 +02:00
Alexander Koeppe	db9f3f738f	add ip6-loopback to default ignoreip statement	2016-05-09 15:32:42 +02:00
Alexander Koeppe	d125f882d4	explicitely treat join arguments as string in beautifier	2016-05-09 15:29:05 +02:00
sebres	afe1f73af2	meantime commit: code review, simplification, pythonization, etc. (test cases passed) unnecessarily code aggravation with explicit converting reverted - implicit converting inside internal functions if not IPAddr object;	2016-05-09 15:28:21 +02:00
Alexander Koeppe	85b895178b	change IP address string to object handling part 1 # Conflicts: # fail2ban/server/filter.py	2016-05-04 14:07:12 +02:00
sebres	07c9f38e45	meantime commit: code review, simplification, pythonization, etc. (test cases passed)	2016-05-04 14:02:03 +02:00
Alexander Koeppe	a757037671	Make DNS resolution IP address family idependent	2016-05-04 13:51:15 +02:00
sebres	3893a6b780	meantime commit: code review, simplification, pythonization, etc.	2016-05-04 13:50:37 +02:00
Alexander Koeppe	a093828602	Make ignoreip checking address family idependent	2016-05-04 12:53:56 +02:00
sebres	1308744348	meantime commit: code review, simplification, pythonization, etc.	2016-05-04 12:53:34 +02:00
Alexander Koeppe	01e1383c9b	New class IPAddr for handling IPv4 and IPv6 addresses	2016-05-04 12:21:48 +02:00
sebres	05f38285f1	Merge remote-tracking branch 'remotes/gh-upstream/master' into f2b-perfom-prepare-716	2016-05-02 15:40:05 +02:00
Yaroslav Halchenko	9664406719	Merge pull request #1404 from Aeyoun/patch-1 Assert https not http	2016-04-30 12:23:47 -04:00
Daniel Aleksandersen	75eb240846	Assert https not http Resolves test regression from issue #1395.	2016-04-30 16:18:56 +02:00

1 2 3 4 5 ...

3502 Commits (cb280b817f89386546c58109f2138fea6e0cfc08) All Branches Search

3502 Commits (cb280b817f89386546c58109f2138fea6e0cfc08)

All Branches