Commit Graph

869 Commits (d4362859ef6ac1142340c19473c5fa1f9117b58b)

Author SHA1 Message Date
Steven Hiscocks d4362859ef Added testcase for csocket and asyncserver 2013-03-11 17:22:57 +00:00
Yaroslav Halchenko b03e046370 Merge pull request #133 from grooverdan/development-code-coverage
coverage pragma comments, improved documentation for the developers
2013-03-09 21:30:05 -08:00
Daniel Black 3665e6dc44 Add development documentation and framework for code coverage measurement 2013-03-10 15:18:42 +11:00
Daniel Black 00ad4d56a7 FSF address changes missing from previous 2013-03-10 15:18:09 +11:00
Yaroslav Halchenko 6e77427516 refresh generated manpages (since 0.8.2 state) 2013-03-07 13:03:49 -05:00
Yaroslav Halchenko 59c35bc44a Downgrade log rotation detection message to DEBUG level from INFO. Closes: gh-129
This message useful only when debugging problems so it is more reasonable
to have it suppressed otherwise
2013-03-01 19:57:56 -05:00
Yaroslav Halchenko c7ab71ae1f Merge pull request #124 from kwirk/servertestcase
Rewrite and enable server testcases + fixed few bugs along the way (logging, missing assignment)
2013-02-22 06:32:11 -08:00
Steven Hiscocks 6aadd6b7dc Merge pull request #1 from yarikoptic/servertestcase
Servertestcase -- resolving issues with logging while running on python 2.4 and 2.5
2013-02-22 00:20:15 -08:00
Yaroslav Halchenko 154aa38e3f BF: do not shutdown logging until all jails stop -- so move into Server.quit()
Together with previous commit it should resolve failures with the server tests on python < 2.6
2013-02-21 20:59:46 -05:00
Yaroslav Halchenko 012264dce1 BF: safeguard closing of log handlers + close in reverse order
otherwise there might be "stuck" handler in the queue. and closing
exceptions can occur -- even stock logging guards in recent versions
2013-02-21 20:58:27 -05:00
Steven Hiscocks b36835f6f0 Added transmitter get cinfo option for action 2013-02-20 23:33:39 +00:00
Steven Hiscocks b6a68f5138 Fix for missing value in transmitter delaction 2013-02-20 23:24:46 +00:00
Steven Hiscocks 088e40c481 Rewrite and enable server testcase for Transmitter 2013-02-20 23:14:42 +00:00
Yaroslav Halchenko a8bd9c20a0 Merge branch 'master' of git://github.com/fail2ban/fail2ban
* 'master' of git://github.com/fail2ban/fail2ban:
  add blocking type
  add example jail.conf for blocking through blackhole routes for ssh
  add support for blocking through blackhole routes
2013-02-18 23:12:06 -05:00
Yaroslav Halchenko 40c5a2d996 ENH: adding more of diagnostic messages into -client while starting the daemon 2013-02-18 23:08:44 -05:00
Yaroslav Halchenko d5ae28facf Merge pull request #104 from gebi/t/route
add support for blocking through blackhole routes
2013-02-18 08:01:34 -08:00
Michael Gebetsroither a37ed388e7 Merge pull request #1 from grooverdan/route
add blocking types
2013-02-18 03:14:33 -08:00
Steven Hiscocks ce3ab34dd8 Added ability to specify PID file 2013-02-17 22:14:01 +00:00
Daniel Black 47b1ee39d8 add blocking type 2013-02-17 12:44:15 +11:00
Yaroslav Halchenko 8cf006827e BF: remove path from grep call in sendmail-whois-lines.conf Closes: gh-118 2013-02-12 08:48:05 -05:00
Yaroslav Halchenko 6004fe7a94 just trailing spaces in setup.py 2013-02-11 16:17:52 -05:00
Yaroslav Halchenko f8983872ad BF: return str(host) to avoid spurious characters in the logs (Close gh-113)
thanks to opoplawski@github
2013-02-01 16:24:04 -05:00
Yaroslav Halchenko 5f2d3832f7 NF: roundcube-auth filter (to close Debian #699442, needing debian/jail.conf section) 2013-01-31 14:41:34 -05:00
Yaroslav Halchenko d561a4c2bb BF: do not rely on scripts being under /usr -- might differ eg on Fedora -- rely on import of common.version (Closes gh-112)
This is also not ideal, since if there happens to be some systemwide common.version -- we are doomed

but otherwise, we cannot keep extending comparison check to /bin, /sbin whatelse
2013-01-28 09:54:12 -05:00
Yaroslav Halchenko acab23bdfe RF: move exceptions used by both client and server into common/exceptions.py
this prevents importing of server while operating with client only
2013-01-28 09:46:50 -05:00
Yaroslav Halchenko f8c8a5583e Merge remote-tracking branch 'gh-yarikoptic/master'
* gh-yarikoptic/master:
  BF: pyinotify - use bitwise op on masks and do not try tracking newly created directories
2013-01-26 12:36:49 -05:00
Yaroslav Halchenko c900c08eed Merge pull request #111 from opoplawski/nonettest
Initial support for --no-network option for fail2ban-testcases (Closes gh-110)
2013-01-25 16:45:01 -08:00
Orion Poplawski 431489c9b9 Remove unneeded setting of opts.no_network 2013-01-25 14:19:10 -07:00
Yaroslav Halchenko 6b2e76ba7f BF: pyinotify - use bitwise op on masks and do not try tracking newly created directories 2013-01-25 16:06:41 -05:00
Orion Poplawski fdd9dfb4b5 Initial support for --no-network option for fail2ban-testcases 2013-01-25 12:56:00 -07:00
Yaroslav Halchenko b8a861d012 Merge remote-tracking branch 'gh-yarikoptic/master'
* gh-yarikoptic/master:
  ENH: Added login authenticator failed regexp for exim filter
  DOC: Mention that logrotate configuration needs to be adjusted if logtarget is changed (Closes: #697333)
2013-01-25 13:27:30 -05:00
Yaroslav Halchenko 4a48844027 Merge pull request #107 from opoplawski/master
sshd filter - avoid banning on pam failures since might be too early. Close gh-106

If desired to ban on pam -- enable pam-generic filter, possibly even tuning in pam-generic.local the value for caught ttys in case of more detailed control needed

Provided example was:

 Jan 18 12:47:34 host sshd[23755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.123.123.123  user=myuser
 Jan 18 12:47:34 host sshd[23755]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.123.123.123 user=myuser
 Jan 18 12:47:34 host sshd[23755]: Accepted password for myuser from 123.123.123.123 port 50615 ssh2
2013-01-25 08:24:44 -08:00
Yaroslav Halchenko 7d630cb0de Merge pull request #109 from blotus/master
Escape ' and " in matches
2013-01-25 08:11:04 -08:00
blotus 96eb8986cc Escape ' and " in matches tag 2013-01-25 13:37:22 +01:00
Orion Poplawski bb7628591c Update config/filter.d/sshd.conf
Do not trigger sshd bans on pam_unix authentication failures, this will trigger on successful logins on systems that use non-pam_unix authentication (sssd, ldap, etc.).
2013-01-18 14:44:49 -07:00
Yaroslav Halchenko 9a39292813 ENH: Added login authenticator failed regexp for exim filter 2013-01-04 15:23:05 -05:00
Yaroslav Halchenko b3d8ba146b DOC: Mention that logrotate configuration needs to be adjusted if logtarget is changed (Closes: #697333) 2013-01-04 15:23:05 -05:00
Yaroslav Halchenko 3ce53e8798 ENH: Added login authenticator failed regexp for exim filter 2013-01-04 15:22:18 -05:00
Yaroslav Halchenko 8f0c533d64 DOC: Mention that logrotate configuration needs to be adjusted if logtarget is changed (Closes: #697333) 2013-01-04 10:55:14 -05:00
Michael Gebetsroither 03433f79cd add example jail.conf for blocking through blackhole routes for ssh 2013-01-04 16:09:04 +01:00
Michael Gebetsroither f9b78ba927 add support for blocking through blackhole routes 2013-01-03 18:46:31 +01:00
Yaroslav Halchenko be06b1b914 Merge pull request #102 from grooverdan/ipset
Ipset
2012-12-30 19:51:15 -08:00
Daniel Black da0ba8ab4c ENH: add example jail for ipset 2012-12-31 14:38:51 +11:00
Daniel Black 9221886df6 more documentation and optimisations/fixes based on testing 2012-12-31 14:31:37 +11:00
Daniel Black abd5984234 base ipset support 2012-12-31 14:31:37 +11:00
Yaroslav Halchenko 05af52e833 ENH: fail2ban-regex -- __str__ for RegexStat + modeline 2012-12-24 11:05:44 -05:00
Yaroslav Halchenko 21e966e4bb example logs should carry the same name as the filter they are devised for 2012-12-13 08:24:02 -05:00
Yaroslav Halchenko f96ea013bb Merge pull request #99 from pigsyn/patch-2
Update config/filter.d/webmin-auth.conf for trailing spaces
2012-12-13 05:22:43 -08:00
pigsyn 123d457924 Update testcases/files/logs/Webmin 2012-12-13 08:33:07 +01:00
pigsyn 38dd1506cc Sample Webmin logs 2012-12-12 23:25:31 -08:00