Commit Graph

3898 Commits (ce2b4fe634bea9e4d629ba27bf4f7de47472c52c)

Author SHA1 Message Date
sebres 6a2b70f11d os.path.join instead of "/" - concatenation 2016-07-11 13:26:10 +02:00
sebres 4180cc362e code review 2016-07-11 13:22:58 +02:00
sebres 4c1bcac0c7 Merge branch '0.10' into f2b-perfom-prepare-716-cs-0.10 2016-07-11 11:28:34 +02:00
Yaroslav Halchenko 33ed71b3de DOC: Reformatted ChangeLog into legit Markdown (Closes #962) 2016-07-10 19:53:54 -04:00
Yaroslav Halchenko ec9c4a27f3 DOC: tuned up ChangeLog entries for 0.9.5
unified capitalized beginning of each entry
no trailing spaces or dots etc
2016-07-10 18:40:20 -04:00
Andrii Melnyk 2c5a489bc7 add PR id to ChangeLog 2016-07-08 13:55:58 +03:00
Andrii Melnyk 48c094f612 improved failregex according to @sebres recomendations 2016-07-08 13:45:10 +03:00
sebres de5d911fd5 Merge branch 'asterisk_pjsip_2' 2016-07-08 11:47:29 +02:00
sebres f5f204ca7c Improved changes of gh-1458:
`[^']*` after callid was wrong, changed to `[^\)]*`;
  regexp anchored at the end;
  almost the same regex grouped to one;

Closes #1458
2016-07-08 11:45:25 +02:00
nturcksin 72a157b8f2 Improve PJSIP log support for asterisk 13+ with different callID (Squash gh-1458)
Change the asterisk pjsip filter to don't take the callId part
Add optional part between "Request" and "from"
Listed all log message from asterisk
2016-07-08 11:45:22 +02:00
Andrii Melnyk dcb69b0242 * add `__prefix_line` to regex
* fix time in log file
2016-07-08 05:29:51 +03:00
Andrii Melnyk c335663395 add info to log file 2016-07-08 05:12:25 +03:00
Andrii Melnyk c9ab669851 added sample log lines for slapd 2016-07-08 04:56:29 +03:00
Andrii Melnyk b2e3affaa0 adding openldap slapd filter 2016-07-08 04:50:57 +03:00
Yaroslav Halchenko 7582f13003 Merge pull request #1461 from yarikoptic/0.10
0.10: Freshly merged master
2016-06-20 09:44:31 -04:00
Yaroslav Halchenko 593b1210c0 Merge master (commit '0.9.4-79-gaf8b650') into 0.10
* commit '0.9.4-79-gaf8b650':
  badip timeout option introduced, set to 30 seconds in our test cases (#1463)
  DOC: changelog for recent exim filters tune up
  Asterisk pjsip (#1456)
  BF: finalize that sample log line for exim4
  RF: for consistency use (?:XXX)? instead of (?:|XXX)
  ENH: use non-capturing regex groups in exim-common and exim filters
  ENH: exim filters -- make more use of %(host_info)s which in turn made more flexible
  BF: make :port and I=[ip]:port optional for a "AUTH command used when not advertised"
2016-06-19 20:06:16 -04:00
Serg G. Brester af8b650a37 badip timeout option introduced, set to 30 seconds in our test cases (#1463)
cherry-picked from 0.10 (little bit modified in test_badips.py, because no --fast option in test cases)
2016-06-13 12:56:53 +02:00
sebres 334bfd50ff Merge branch '0.10' into 0.10-full 2016-06-12 15:12:50 +02:00
sebres fd0c661a44 Merge pull request #1459 from sebres/0.10-fid-host-ip-tags 2016-06-12 15:10:24 +02:00
sebres 2efcf3c17b increase of test coverage (+ test_IPAddr moved to one place), small bugs fixed 2016-06-10 13:17:18 +02:00
sebres e39126f630 badip timeout option introduced, set to 30 seconds in our test cases 2016-06-10 13:15:46 +02:00
sebres 8893473d82 pypy fix: KeyError instead of IndexError by missing group 2016-06-10 11:47:24 +02:00
sebres e40a8c8ae8 small code review 2016-06-10 11:22:14 +02:00
sebres facda17945 Prevent travis failure with "The log length has exceeded the limit of 4 MB. The job has been terminated" 2016-06-10 02:12:11 +02:00
sebres 12ff119841 Merge branch 'ban-time-incr' into 0.10-full 2016-06-09 22:50:31 +02:00
sebres e3ab10196e Merge remote-tracking branch 'remotes/gh-origin/f2b-perfom-prepare-716-cs-0.10' into 0.10-full 2016-06-09 22:13:48 +02:00
Yaroslav Halchenko 11f7cf5ad8 DOC: changelog for recent exim filters tune up 2016-06-07 21:38:39 -04:00
Yaroslav Halchenko 636a93f58b Merge pull request #1438 from yarikoptic/bf-exim
exim filters -- make wider use of host_info helper str susbstitution + fix for #1430
2016-06-07 21:35:52 -04:00
Ludovic Gasc f85fb45b29 Asterisk pjsip (#1456)
* Improve PJSIP log support for Asterisk 13+

* Update changelog: filter.d/asterisk.conf - fix security log support for PJSIP and Asterisk 13+

* Change pjsip regexp with sebres observation, thanks to @nturcksin
2016-06-07 11:40:35 +02:00
Yaroslav Halchenko ced6c8307b BF: finalize that sample log line for exim4
was intended in 743a531eb5 to be an entry without a port
after the [host]
2016-06-02 20:57:27 -04:00
sebres d344274271 separated host match group and tags for ip4, ip6, dns, fid (failure-id):
- better recognition for usage of textToIp, expected or raw value should be used;
- separated failure id vs. host (if found use `fid` instead of `host` resp. `ip`);
- additional optional groups may be used in tags replacement by executing actions;
2016-05-31 21:55:26 +02:00
sebres 39366e703a Merge branch 'master' into 0.10
# Conflicts:
#	fail2ban/server/filter.py
2016-05-31 18:06:18 +02:00
sebres b85347477f Amend merge for pull request #1454 2016-05-31 17:47:12 +02:00
sebres b3bb8b20bf amend for new option of `usedns=raw` - forgotten validation fix inside setUseDns 2016-05-31 17:45:44 +02:00
Serg G. Brester f23ccbda35 Merge pull request #1454 from sebres/gh-67-ban-wo-host
[gh-67] no-host ban
2016-05-31 16:07:06 +02:00
Yaroslav Halchenko 6434661480 RF: for consistency use (?:XXX)? instead of (?:|XXX) 2016-05-30 12:12:53 -04:00
Yaroslav Halchenko 48a8324662 ENH: use non-capturing regex groups in exim-common and exim filters 2016-05-30 11:02:12 -04:00
sebres 8ec4e1189e use raw host (don't use textToIp) if usedns exactly `raw`, because `usedns = no` should ignore no ip failures 2016-05-30 15:34:21 +02:00
sebres c33e25bab6 fail2ban-regex: extended with option '--raw' (switch to raw host, prevent resolving of ip) 2016-05-30 14:08:37 +02:00
sebres b7787f4af4 use raw host (don't use textToIp) if usedns not yes or warn 2016-05-30 14:08:33 +02:00
Yaroslav Halchenko e01cd8ab03 Merge pull request #1444 from yarikoptic/enh-courier-username
ENH: courier-smtp -- allow for trailing username (no spaces) in the logline
2016-05-26 19:26:35 -04:00
sebres 16d646bbb6 Merge branch 'master' into 0.10
empty merge, resolving conflicts after amend with cyclic recursions
2016-05-26 11:23:53 +02:00
sebres 93f776d2ee amend for gh-1419: tags substitution bug - wrong recognition of cyclic recursion, new test cases covered this 2016-05-26 11:18:35 +02:00
sebres 858c5c0d00 Merge branch 'gh-1417' 2016-05-26 11:14:09 +02:00
sebres a80043ce80 amend for gh-1419: tags substitution bug - wrong recognition of cyclic recursion, new test cases covered this 2016-05-26 11:13:33 +02:00
sebres 4dcf68ca1f Merge branch 'master' into 0.10
# Conflicts:
#	fail2ban/client/jailreader.py
#	fail2ban/helpers.py
2016-05-23 15:48:46 +02:00
sebres 9df7973e95 Merge pull request #1439 from yarikoptic/enh-ignoreipsplit:
ENH: splitcommaspace -> splitwords allow to split ignoreip entries with new lines
2016-05-23 15:35:41 +02:00
sebres 156065e70d splitwords: prevent to split to empty values by multiple separator characters together 2016-05-23 15:33:45 +02:00
Serg G. Brester b6700f3e52 Merge pull request #1433 from yarikoptic/bf-0.10-pf-prevbeh
BF: maintain previous default beh for pf -- default ban type is multiport
2016-05-23 15:20:57 +02:00
Serg G. Brester dcab8ab309 Merge pull request #1445 from koeppea/0.10-redunant-IPAddr-import
remove redundant IPAddr import
2016-05-23 14:36:19 +02:00