fail2ban

Commit Graph

Author	SHA1	Message	Date
Daniel Black	21914d155e	TST: add failJSON data	11 years ago
Daniel Black	1d9702be32	TST: datetime mismatch to show error line	11 years ago
Daniel Black	0204cec5ce	TST: www.example.com DNS changed	11 years ago
Daniel Black	a9eb8a76c6	merge of change log and apache-auth differences	11 years ago
Steven Hiscocks	53d8a46e8a	Merge pull request #7 from grooverdan/gh-303-merge Gh 303 merge	11 years ago
Daniel Black	ed42b08789	TST: merge dropbear log samples	11 years ago
Daniel Black	61d43608ae	ENH: filter.d/postfix - add filter for VRFY. Closes gh-322	11 years ago
Daniel Black	4f39d2b1fd	TST: fix failJson year	11 years ago
Daniel Black	444e989dd5	TST: another zone transfer refused example for file named-refused	11 years ago
Daniel Black	5d451bc4d6	ENH: add refused zone tranfer to named-refused filter. closes #323	11 years ago
Yaroslav Halchenko	2aa8ddea4d	BF: fixed up conditioning of tests under cygwin (still 3 fail)	11 years ago
Yaroslav Halchenko	511e0ace2e	TST: Even more of conditioning of tests for cygwin	11 years ago
Yaroslav Halchenko	e4dad8dfc9	TST: SYSLOG present only on Linuxes thus do not test if not Linux	11 years ago
Yaroslav Halchenko	e7d5e466b9	Merge branch 'enh/asterisk_and_dropbear_filters' * enh/asterisk_and_dropbear_filters: ENH: hardened added dropbear failregex to avoid trailing .* and enclose username in '' minor: consistent indentation in dropbear.conf https://github.com/fail2ban/fail2ban/issues/306 fail2ban-users: Sebastian Arcus - Detect device auth failures on Asterisk 11	11 years ago
Yaroslav Halchenko	547c123cfb	BF: example.com is pointing to another IP now. Closes #313 This is a permanent change according to private correspondence with David Closson @ IANN, thus replaced 192.0.43.10 with updated IP 93.184.216.119, while leaving 192.0.43.10 as is in the sample log files (it is still within IANN dedicated testing network).	11 years ago
Daniel Black	c0a2e50559	TST: apache auth - opaque value	11 years ago
Daniel Black	7b2773889d	TST: apache-auth filter - nonce timetravel tests + other expression fixes	12 years ago
Daniel Black	52aaa1c9bb	TST: bad include of vim swap files	12 years ago
Daniel Black	0fb04cb2f0	ENH: filter enhancements on mod-digest (with test cases) for apache-auth (httpd-2.4.4)	12 years ago
Steven Hiscocks	1e270078b4	TST: Warn if date templates overlap in default detectors	12 years ago
Jamyn Shanley	a355fab91b	https://github.com/fail2ban/fail2ban/issues/306 Fix regex for latest dropbear (keep backwards compatibility). Add test case logfiles. Signed-off-by: Jamyn Shanley <jshanley@gmail.com>	12 years ago
Jamyn Shanley	8936f2cd02	fail2ban-users: Sebastian Arcus - Detect device auth failures on Asterisk 11	12 years ago
Steven Hiscocks	bf021ebd97	TST: Mandate that all filters and each regex has sample log entry	12 years ago
Steven Hiscocks	1c7d28d1ea	TST: Add qmail sample log	12 years ago
Steven Hiscocks	5437f5fe90	TST: Add gssftpd sample log	12 years ago
Steven Hiscocks	f7d8e68738	TST: Add apache-badbots sample log	12 years ago
Yaroslav Halchenko	1721991755	Merge pull request #304 from yarikoptic/master RF(ENH): JailsReader.getOptions -- avoid code duplication when asking for 1 jail or all upon @kwirk blessing ;)	12 years ago
Yaroslav Halchenko	3b52eca608	ENH+TST: Ticket -- drop unused/bogus get\|setFile + enh __str__ + basic testing	12 years ago
Yaroslav Halchenko	149a83545f	TST: basic test for reading of a bogus jail	12 years ago
Steven Hiscocks	37f240bef0	TST: Add sample log for php-url-fopen filter	12 years ago
Steven Hiscocks	cf1e5bdbc2	ENH: Tweak proftpd regex and add sample logs Needed to add optional ":" post __pid_re, and for consistency, decided to make use of __prefix_line instead which includes this.	12 years ago
Steven Hiscocks	e59a4960a3	TST: Add additional sample log line for apache-noscript	12 years ago
Steven Hiscocks	8b9bafda79	ENH: Change lighttpd-fastcgi to suhosin, and improve regex and samples suhosin is hardened php implmentation, which will log the alerts (as seen in samples) to stderr, which is picked up by fastcgi webserver (e.g. lighttpd, apache, nginx)	12 years ago
Steven Hiscocks	4033857f63	ENH: Improve xinetd-fail regex and add sample logs	12 years ago
Steven Hiscocks	b5ffbced37	TST: Sample test cases now handle ignoreregex and add recidive samples	12 years ago
Steven Hiscocks	e7b7815de3	TST: Add additional sshd sample logs	12 years ago
Steven Hiscocks	a11f91b835	ENH: Improve cyrus-imap regex and add extra sample line	12 years ago
Steven Hiscocks	534be189dc	ENH: Improve sieve regex and add sample line	12 years ago
Steven Hiscocks	d791ba12ba	TST: Add sample log for dropbear filter	12 years ago
Steven Hiscocks	ab671b0b1a	ENH: Improve wuftpd failregex, drop duplicate pam regex and add sample For wu-ftpd configured to use pam, the pam filter used be used, as regex is more robust.	12 years ago
Steven Hiscocks	57a6c11260	ENH: Improve courierlogin regex and add sample logs	12 years ago
Steven Hiscocks	bd175f0267	ENH: Improve cyrus-imap regex and add sample log file	12 years ago
Steven Hiscocks	83a80a29ea	ENH: Improve couriersmtp and add sample logs	12 years ago
Steven Hiscocks	eb2f0c9272	ENH: Improve postfix regex and add more samples	12 years ago
Daniel Black	5cfe108186	ENH: filter enhancements (with test cases) for apache-auth (httpd-2.4.4)	12 years ago
Daniel Black	bdcde678d1	TST: fix year	12 years ago
Daniel Black	fcf79b475f	ENH: new filter perdition.conf	12 years ago
Steven Hiscocks	a012b54117	TST: Add additional postfix filter sample	12 years ago
Steven Hiscocks	2a3a627322	TST: Add sample for sieve regex	12 years ago
Daniel Black	fa85be2eea	DOC/TST: fix configuration path for apache-auth test cases	12 years ago
Daniel Black	8ce9c78474	TST: apache-auth digest logs	12 years ago
Daniel Black	4eca2c0bd5	TST: apache-auth client denied by server configuration	12 years ago
Daniel Black	e0292913eb	ENH/TST: filter, testcase and log entry for apache-auth authorization scheme mod_authz_owner	12 years ago
Daniel Black	40cc336cd5	TST: testcases and logs for apache-auth basic	12 years ago
Steven Hiscocks	bf05f2ac95	Merge branch 'filter-failregex-return' Conflicts: server/filter.py	12 years ago
Yaroslav Halchenko	f6a8a04cf3	ENH: roundcube-auth - adopt for current format with trailing error message. thanks @kwirk for the review/feedback I also used non-greedy .? for the login portion since not sure if space could be there and trying to minimize possibility of reacting on injected "from <HOST>" somewhere within the trailing .	12 years ago
Yaroslav Halchenko	0a02cfe9e8	ENH: <HOST> must end with alphanumeric \w (not a dot or a dash etc) Otherwise <HOST> regexp might swallow period in the sentence right after the address. I have decided to enforce alphanumeric instead of switching to non-greedy +? ... because I think it is closer to what we actually want here	12 years ago
Steven Hiscocks	1a2b6442a0	ENH+BF+TST: Filter now returns reference to failregex and ignoreregex This avoids duplication of code across fail2ban-regex and samples test cases. This also now more neatly resolves the issue of double counting date templates matches in fail2ban-regex. In addition, the samples test cases now also print a warning message that not all regexs have samples for them, with future plan to change this to an assertion.	12 years ago
Steven Hiscocks	4855cae487	Merge branch 'sample-log-meta-data' Conflicts: testcases/files/logs/dovecot	12 years ago
Steven Hiscocks	1116f23151	TST: Sample log regex test now warns if no log for a filter Also checks that at least some tests are present	12 years ago
Steven Hiscocks	728399c39e	Merge pull request #281 from kwirk/dovecot-filter ENH: dovecot filter additions for session, time value and blank user	12 years ago
Steven Hiscocks	94376bfbe1	TST: Handle lack of `json` library in python2.5 for samples test case	12 years ago
Steven Hiscocks	40f67c64b8	TST: Test sample logs' entries are matched by filter regexs	12 years ago
Daniel Black	1bb427cc14	TST: remove dup test log entry	12 years ago
Daniel Black	6ce41a611d	BF: fix filter on apache-auth. Closes #286	12 years ago
Daniel Black	5412d7336f	DOC: ChangeLog confict	12 years ago
Yaroslav Halchenko	5f04b4954f	Merge pull request #280 from yarikoptic/master BF+ENHs: polling backend tracks ino and size now in addition to mtime, filters do not read file unless it has content + few other minor issues	12 years ago
Daniel Black	619603fe05	BF: match asterisk InvalidPassword correctly	12 years ago
Steven Hiscocks	bfa2b9dec3	ENH: dovecot filter additions for session, time value and blank user	12 years ago
Yaroslav Halchenko	47ac39fb34	TST: minor enhancement to test failure msg	12 years ago
Yaroslav Halchenko	052e7ff9da	ENH: deprecate sophisticated MTimeSleep in favor of no sleeping at all all invocations of mtimesleep() are left in the tests for now	12 years ago
Yaroslav Halchenko	8c125b6053	ENH: do not sleep 1 sec only on older Pythons while testing filters	12 years ago
Daniel Black	d6dece4900	ENH: Split log and provide jail examples	12 years ago
Yaroslav Halchenko	e9c8a51ce4	ENH: further tighten up detection of mtimesleep duration + log what was assigned	12 years ago
Yaroslav Halchenko	8f3671bc94	BF: figure out minimal sleep time needed for mtime changes to get detected. Close #223 , and probably #103	12 years ago
Yaroslav Halchenko	e6ebcf6687	Merge branch 'dovecot' of https://github.com/grooverdan/fail2ban * 'dovecot' of https://github.com/grooverdan/fail2ban: ENH: remove non-capturing groups for readibility BF: fix dovecot filter for when no TLS is enabled on pop/imap Conflicts: ChangeLog -- changelog entries. Also untabified few other spots	12 years ago
Yaroslav Halchenko	f0f237fa05	Merge pull request #269 from grooverdan/asterisk ENH: filter.d/asterisk - consolidate log prefix regex and add a few fail messages	12 years ago
Daniel Black	4777cfd4e7	ENH: split out exim-spam into speparate filter	12 years ago
Yaroslav Halchenko	54cce29b3e	Merge pull request #271 from yarikoptic/master BF: support apache 2.4 more detailed error log format. Close #268 Thanks @grooverdan for the review	12 years ago
Daniel Black	c7d64c3c7f	TST: url reference fix	12 years ago
Daniel Black	ca996ace5e	ENH: remove temporary failures from local_scan in line with comments in gh-258	12 years ago
Daniel Black	72f9e6a51e	ENH/TST: more samples and rejection types for sender verify fail and rejected RCPT	12 years ago
Daniel Black	3b76fc79f9	BF: fix dovecot filter for when no TLS is enabled on pop/imap	12 years ago
Steven Hiscocks	b670b5c792	TST: Change depreciated assertEquals to assertEqual in some tests	12 years ago
Yaroslav Halchenko	1b170b2aef	BF: support apache 2.4 more detailed error log format. Close #268	12 years ago
Yaroslav Halchenko	6d331bcbea	BF: make colon after [daemon] optional. Close #267	12 years ago
Daniel Black	fa7a105483	ENH: filter.d/asterisk - consolidate log prefix regex and add a few fail messages	12 years ago
Yaroslav Halchenko	b9e971c25d	Merge branch 'exim' of https://github.com/grooverdan/fail2ban * 'exim' of https://github.com/grooverdan/fail2ban: DOC: credits/blame to me for changes to exim ENH: new exim filter regexs. Also note a begining PID in this format. Thanks to ftoppi for the log entries TST/ENH: Improve regex around exim	12 years ago
Yaroslav Halchenko	057f0ad135	ENH: allow_no_files option for jail's convert to allow testing of stock jail.conf	12 years ago
Daniel Black	b8cfda68b8	ENH: new exim filter regexs. Also note a begining PID in this format. Thanks to ftoppi for the log entries	12 years ago
Daniel Black	d441d61a1e	TST/ENH: Improve regex around exim rejected by local_scan now has test cases. Unrouteable address error messages now normalised after looking into exim code.	12 years ago
Yaroslav Halchenko	9d4b613ee4	Merge branch '3proxy' of https://github.com/grooverdan/fail2ban * '3proxy' of https://github.com/grooverdan/fail2ban: BF: fix to proxy port in 3proxy example ENH: sample log + more specific regex BF: authentication errors end in 01-09 but the beginning part indicates the service as per https://github.com/fail2ban/fail2ban/issues/246#issuecomment-19327955 thanks to ykimon BF: need to anchor the start to avoid another repeat of DoS injection like Apache ENH: stricter regex thanks to Steven Hiscocks (kwirk) DOC: credits Conflicts: ChangeLog	12 years ago
Yaroslav Halchenko	173fe48e77	Merge branch 'exim' of https://github.com/grooverdan/fail2ban * 'exim' of https://github.com/grooverdan/fail2ban: BF/ENH: Incorrect authentication data doesn't need tailier so that's optional. Also gained log entry for Unrouteable address ENH: readibility thanks to Yaroslav ENH/BF: exim improvements with sample Conflicts: ChangeLog	12 years ago
Yaroslav Halchenko	ec629ab4e8	Merge branch 'proftpd' of https://github.com/grooverdan/fail2ban * 'proftpd' of https://github.com/grooverdan/fail2ban: ENH: proftpd chan accept usernames with spaces ENH: injection of fail data into USER field ENH: proftp regex hardening and log messages Conflicts: ChangeLog	12 years ago
Daniel Black	8cc13b5b40	BF/ENH: Incorrect authentication data doesn't need tailier so that's optional. Also gained log entry for Unrouteable address	12 years ago
Daniel Black	e8b6acfa65	TST: attempts at injection with username=rhost=1.2.3.4 have no user= logged in dovecot-1.2.15	12 years ago
Daniel Black	2e2ec5d1f5	ENH: injection of fail data into USER field	12 years ago
Daniel Black	dbe7ffe050	ENH: dovecot regexs rewritten and extra failures	12 years ago
Daniel Black	4c67a269bf	ENH: proftp regex hardening and log messages	12 years ago
Daniel Black	3e3802512a	ENH/BF: exim improvements with sample	12 years ago
Daniel Black	9dbaec0894	ENH: sample log + more specific regex	12 years ago
Yaroslav Halchenko	6ccd57813c	BF: anchor apache- filters. Close #248 See https://vndh.net/note:fail2ban-089-denial-service for more information	12 years ago
Daniel Black	16d63434ef	DOC: credits	12 years ago
Carlos Alberto Lopez Perez	7248ef4564	Filter Asterisk: Add sample log entry to testcase. * Sample log entry for AUTH_UNKNOWN_DOMAIN (Not a local domain)	12 years ago
Daniel Black	916b5a7c23	TST: normalize logs to use example.com and 1.2.3.4 as IP	12 years ago
Daniel Black	eceede175a	Merge branch 'patch-4' of https://github.com/silviogarbes/fail2ban into asterisk-227	12 years ago
Yaroslav Halchenko	fae2d5c0ce	Merge branch 'patch-3' extending roundcube failregex to support v0.9+ (from https://github.com/teroz/fail2ban ) * 'patch-3' of https://github.com/teroz/fail2ban: failregex when roundcube log driver is set to 'syslog' fixed failregex line for roundcube 0.9+	12 years ago
Steven Hiscocks	7a4db4b4b9	TST: Fix fail2ban.conf reader test for unreliable dictionary order	12 years ago
Terence Namusonge	098c88a67b	failregex when roundcube log driver is set to 'syslog'	12 years ago
Yaroslav Halchenko	8a57ffd2fb	TST: test all stock jails to have actions and correctly specifying blocktype	12 years ago
silviogarbes	52fa5f19b0	Update asterisk	12 years ago
Yaroslav Halchenko	04bf9eceb6	BF: (travis) relax the test for needed to be presented installed directories -- allow new on travis scripts install into user's home by default	12 years ago
Yaroslav Halchenko	6aed705f3d	BF: (travis) if tests ran under coverage -- there is a traceback parts to report (thus > would be present)	12 years ago
Yaroslav Halchenko	1b301d723d	ENH: also print the failing traceback line in case of failure Also to troubleshoot https://travis-ci.org/fail2ban/fail2ban/jobs/7112324	12 years ago
Yaroslav Halchenko	f345c4d7dc	ENH: include explicit list of new files which should not be there upon "install --root" that is to figure out what gets there on failing travis tests: e.g. https://travis-ci.org/fail2ban/fail2ban/jobs/7112324	12 years ago
Yaroslav Halchenko	571ff33fde	ENH: issue a warning if jail name is longer than 19 symbols (Close #222 )	12 years ago
Yaroslav Halchenko	bdc86e5f1d	ENH: use the same python executable for setup.py test This doesn't anyhow resolve gh-161 which was revealed consistently on Debian sytem after adding this testSetupInstallRoot	12 years ago
Yaroslav Halchenko	281d310b7e	ENH: actually tune up TraceBack to determine "unittest" portions of the stack across all python releases before for 2.7 it would spit out "suite" and other components of unittest module	12 years ago
Yaroslav Halchenko	dc05eee0f5	TST: Some primarily smoke tests for tests utils	12 years ago
Yaroslav Halchenko	e70d01bc10	TST: cover few more lines in fail2banreader.py	12 years ago
Yaroslav Halchenko	26715d5e5e	ENH: basic test for setup.py itself (when applicable, should greatly improve coverage ;) )	12 years ago
Yaroslav Halchenko	90d6a4a6cd	ENH: consistent operation of formatExceptionInfo + unittest for it	12 years ago
Yaroslav Halchenko	7a6eecbe21	ENH: close open file in a test	12 years ago
Yaroslav Halchenko	0e5f7b5951	Merge branch '_enh/strip_crlf' * _enh/strip_crlf: Changelog for preceeding commit ENH: strip CR and LF while analyzing the lines (processLine) (Close #202)	12 years ago
Yaroslav Halchenko	28794d842d	ENH: close files in _test_move_into_file	12 years ago
Yaroslav Halchenko	582d1c5ea5	ENH: remove use of $Revision and $Date SVN tags	12 years ago
Yaroslav Halchenko	6fef85ff2d	ENH: strip CR and LF while analyzing the lines (processLine) (Close #202 ) This should allow to resolve issues with logs written in MS-DOS fashion, e.g. with daemontools See https://github.com/fail2ban/fail2ban/issues/202\#issuecomment-17393613	12 years ago
Yaroslav Halchenko	571cadd80c	ENH: Use real (resolving) example.com instead of test.example.com	12 years ago
Yaroslav Halchenko	976a65bb89	Merge branch 'bsd_logs' of https://github.com/grooverdan/fail2ban * 'bsd_logs' of https://github.com/grooverdan/fail2ban: ENH: separate out regex and escape a . BF: missed MANIFEST include DOC: credits for bsd log DOC: bsd syslog files thanks to Nick Hilliard BF: change common.conf to handle formats of syslog -v and syslog -vv in BSD Conflicts: config/filter.d/common.conf	12 years ago
Yaroslav Halchenko	5e1d8b07e8	ENH: logs/sshd -- have ":" after [daemon] (other uses are uncommon) See https://github.com/fail2ban/fail2ban/issues/216\#issuecomment-17535577 for the analysis	12 years ago
Yaroslav Halchenko	ffcac2ccee	ENH: logs/sshd -- use example.com as the resolved hostname in sample log lines	12 years ago
Yaroslav Halchenko	2143cdff39	Merge: opensolaris docs/fixes, no 'sed -i' in hostsdeny, sshd regex tuneups Origin: from https://github.com/jamesstout/fail2ban * 'OpenSolaris' of https://github.com/jamesstout/fail2ban: ENH: Removed unused log line BF: fail2ban.local needs section headers ENH: Use .local config files for logtarget and jail ENH+TST: ssh failure messages for OpenSolaris and OS X ENH: fail message matching for OpenSolaris and OS X ENH: extra daemon info regex ENH: actionunban back to a sed command Readme for config on Solaris create socket/pid dir if needed Extra patterns for Solaris change sed to perl for Solaris Conflicts: config/filter.d/sshd.conf	12 years ago
Yaroslav Halchenko	bcecf085f1	Merge pull request #209 from grooverdan/tst_br TST: test case for <br> tags in action	12 years ago
jamesstout	932bd102fe	ENH: Removed unused log line removed #9 per https://github.com/fail2ban/fail2ban/pull/182#discussion_r4068885	12 years ago
Daniel Black	503602b332	TST: test case for <br> tags in action	12 years ago
Daniel Black	cde7108033	DOC: bsd syslog files thanks to Nick Hilliard	12 years ago
Daniel Black	495f2dd877	DOC: purge of svn tags	12 years ago
Yaroslav Halchenko	89adcd7ff7	Merge branch PR #193 ASSP SMTP Proxy support (with some manual squashing) Origin: https://github.com/lenrico/fail2ban Squashing was done via rebase -i `1524b076d6` to eliminate massive assp sample log file originally added fixed test date thx to steven tight control of the filter for ASSP as yaroslav wishes as daniel desires changed from DateASSPlike class to DateStrptime fixed little things added new date format support for ASSP SMTP Proxy	12 years ago
Enrico Labedzki	fd01649a61	fixed test date thx to steven	12 years ago
Enrico Labedzki	24a8d07c20	added new date format support for ASSP SMTP Proxy	12 years ago
Yaroslav Halchenko	7c409dd24f	Merge branch 'master' of git://github.com/fail2ban/fail2ban * 'master' of git://github.com/fail2ban/fail2ban: BF: log error only if there were missed config files that couldn't be read DOC: missing cinfo tags are ok. Log error for self referencing definitions DOC: s/defination/definition/g learn to spell ENH: remove stats of config files and use results of SafeConfigParserWithIncludes.read to facilitate meaningful error messages DOC: ChangeLog for recursive tag substition ENH: allow recursive tag substitution in action files.	12 years ago
jamesstout	018913db6a	ENH+TST: ssh failure messages for OpenSolaris and OS X	12 years ago
Yaroslav Halchenko	f21566049c	BF: pyinotify backend should also handle IN_MOVED_TO events	12 years ago
Daniel Black	1d9abd1b39	ENH: allow recursive tag substitution in action files.	12 years ago
Daniel Black	0ac8746d05	ENH: Account for views in named filter. By Romain Riviere in gentoo bug #259458	12 years ago
Steven Hiscocks	94956bee84	TST: test all valid loglevels in server testcases	12 years ago
Steven Hiscocks	4c4b60f4b4	TST: Add tag replace and escape test for actions	12 years ago
Yaroslav Halchenko	ffaa9697ee	Adjusting previous PR (MySQL logs) according to my comments	12 years ago
Yaroslav Halchenko	3e6be243bf	Merge branch 'Support_for_mysql_log_example' of https://github.com/arto-p/fail2ban * 'Support_for_mysql_log_example' of https://github.com/arto-p/fail2ban: Added testcase for MySQL date format to testcases/datedetectortestcase.py and example of MySQL log file. Added support for MySQL logfiles Conflicts: testcases/datedetectortestcase.py -- conflictde with other added test cases	12 years ago
Yaroslav Halchenko	33a31e096a	RF+TST: bring inBanList back from private to protected and enabled its rudimentary unittests	12 years ago

1 2 3 4 5 ...

354 Commits (db4c21acde6830eb8fbcdd34d1a5e71a11ed9e34)