github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
1,399 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

1399 Commits (e484ef0a26a47ed2d5714476d053bf981c82ce46)

Author SHA1 Message Date
Yaroslav Halchenko e484ef0a26 Primarily a bugfix release 0.8.8 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iEYEABECAAYFAlDAFpkACgkQjRFFY3XAJMgAgQCg1ZQHPpU7S6EQxM4sxELuJepl
 KV4AnRw/G7RX33ezTvdzAEYutKf+QJVB
 =PFlG
 -----END PGP SIGNATURE-----

Merge tag '0.8.8' into debian

Primarily a bugfix release 0.8.8

* tag '0.8.8': (31 commits)
  Getting ready for 0.8.8 release (changelog, version boost)
  BF: guarantee that IP is stored as a base, non-unicode str (Closes gh-91)
  ENH: BF (forgotten import) for prev commit + removed duplicate Author, adjusted __ fields for that in fail2ban-* scripts
  ENH: until we make it proper module -- adjust sys.path only if system-wide run
  ENH: fail2ban-testcases-all -- pass cmdline options to fail2ban-testcases
  ENH: To help with gh-87 added hints into the log on some failure return codes (e.g. 0x7f00 for this one)
  ENH: trying to go native travis-ci python way to take advantage of virtualenv's with older pythons
  BF: typo
  BF: added a little shell script to excercise tests against all available Python versions
  ENH: travis -- try to run tests against all available python versions
  NF: rudimentary .travis.yml for travis-ci.org service
  BF: do not enable pyinotify backend if pyinotify is too old (Closes gh-80)
  DOC: forgotten --help entry for " unban "
  ENH: downgrade "already banned" from WARN to INFO level (Closes gh-79)
  minor: added a note on now "negative" log entries on "POSSIBLE BREAK-IN ATTEMPT"
  DOC: minor "fixes" in DEVELOP
  Added in while loop to process the Fail Manager after the requested banned IP was added to its queue.  This solves the issue of needing to touch the log file that is being monitored to get the IP to be banned accordingly.  Added in import of FailManagerEmpty exception class.
  ENH: refactored previous commit to make it more Pythonic (With prev commit closes gh-86, gh-81)
  Added in command option to unban and IP, just like using 'banip'.  Command looks like: fail2ban-client set <jail name> unbanip <ip>
  BF: in code we should use MyTime wrapper instead of time module directly
  ...
 2012-12-05 22:53:04 -05:00
Yaroslav Halchenko 51a3be2d79 Getting ready for 0.8.8 release (changelog, version boost) 2012-12-05 22:51:29 -05:00
Yaroslav Halchenko 37a2e59d69 BF: guarantee that IP is stored as a base, non-unicode str (Closes gh-91) 
Otherwise it might lead to spurious characters dumped into the
terminal at few places, unless casted upon every use in the logs.  To
prevent those issues in the source, store IP as a basic string if it
is a string at all
 2012-11-26 12:01:42 -05:00
Yaroslav Halchenko 03b31398aa ENH: BF (forgotten import) for prev commit + removed duplicate Author, adjusted __ fields for that in fail2ban-* scripts 2012-11-09 08:58:19 -05:00
Yaroslav Halchenko 9e7a3b7a04 ENH: until we make it proper module -- adjust sys.path only if system-wide run 2012-11-09 08:57:33 -05:00
Yaroslav Halchenko 348239cf14 ENH: fail2ban-testcases-all -- pass cmdline options to fail2ban-testcases 2012-11-07 11:34:20 -05:00
Yaroslav Halchenko f10537941b ENH: To help with gh-87 added hints into the log on some failure return codes (e.g. 0x7f00 for this one) 2012-11-07 11:33:17 -05:00
Yaroslav Halchenko efc4fd5f0b ENH: trying to go native travis-ci python way to take advantage of virtualenv's with older pythons 2012-11-06 22:05:41 -05:00
Yaroslav Halchenko 29aef9381a BF: typo 2012-11-06 21:48:44 -05:00
Yaroslav Halchenko 39172a99c5 BF: added a little shell script to excercise tests against all available Python versions 
also report Python version inside fail2ban-testcases
 2012-11-06 21:45:55 -05:00
Yaroslav Halchenko ef2ea965c8 ENH: travis -- try to run tests against all available python versions 2012-11-06 14:12:35 -05:00
Yaroslav Halchenko da626b51cc NF: rudimentary .travis.yml for travis-ci.org service 2012-11-06 14:00:27 -05:00
Yaroslav Halchenko b159eabb51 BF: do not enable pyinotify backend if pyinotify is too old (Closes gh-80) 2012-11-06 13:14:42 -05:00
Yaroslav Halchenko 63237a785e DOC: forgotten --help entry for " unban " 2012-11-05 21:50:49 -05:00
Yaroslav Halchenko f52ba9923a ENH: downgrade "already banned" from WARN to INFO level (Closes gh-79) 
Most of the time it is a benign latency effect so nothing to warn about.
 2012-11-05 21:30:07 -05:00
Yaroslav Halchenko 1e12c220e6 minor: added a note on now "negative" log entries on "POSSIBLE BREAK-IN ATTEMPT" 2012-11-05 21:22:33 -05:00
Yaroslav Halchenko 6ecf4fd80a Merge pull request #64 from sourcejedi/remove_sshd_rdns 
Misconfigured DNS should not ban *successful* ssh logins

Per our discussion indeed better (and still as "safe") to not punish users behind bad DNS
 2012-11-05 18:20:37 -08:00
Yaroslav Halchenko b773ed617b DOC: minor "fixes" in DEVELOP 2012-11-05 21:12:03 -05:00
David Engeset 2d672d1c81 Added in while loop to process the Fail Manager after the requested banned IP was added to its queue. This solves the issue of needing to touch the log file that is being monitored to get the IP to be banned accordingly. Added in import of FailManagerEmpty exception class. 2012-11-05 20:38:40 -05:00
Yaroslav Halchenko f14c7ae401 ENH: refactored previous commit to make it more Pythonic (With prev commit closes gh-86, gh-81) 2012-11-05 20:37:06 -05:00
David Engeset 6288ec2757 Added in command option to unban and IP, just like using 'banip'. Command looks like: fail2ban-client set <jail name> unbanip <ip> 2012-11-05 20:11:28 -05:00
Yaroslav Halchenko 8e64c281dd BF: in code we should use MyTime wrapper instead of time module directly 
to allow for some tests to work correctly
 2012-11-05 20:09:15 -05:00
Yaroslav Halchenko 09355663f7 BF: (python 2.4) -- access to staticmethod should go via Class 
TODO: get away from using all those staticmethods in f2b
 2012-11-05 16:54:19 -05:00
Yaroslav Halchenko 5becaf8ef2 BF: (python 2.[45]) store backends names in a list to use .index later on (Closes gh-83) 
.index() got into tuple's API only in 2.6
 2012-11-01 15:34:20 -04:00
Yaroslav Halchenko 9510619b7b ENH: minor -- print out why skipping a backend while testing 2012-11-01 15:24:32 -04:00
Yaroslav Halchenko 652b5a77e0 BF: fixing current version string to contain the patch index, i.e. ".1" Thanks Fabian Fischer 2012-10-10 08:39:18 -04:00
Yaroslav Halchenko 83109bce14 BF: escape the content of <matches> since its value could contain arbitrary symbols 2012-10-08 22:14:51 -04:00
Yaroslav Halchenko 6ee2c0a014 DOC: untabified for proper formatting + trailing spaces 2012-10-03 09:12:37 -04:00
Yaroslav Halchenko 282724a7f9 ENH: join both failregex for lighttpd-auth into a single one 
they are close in meaning
should provide a slight run-time performance benefit
 2012-09-30 11:30:24 -04:00
Yaroslav Halchenko cc5d410004 Merge pull request #77 from sciunto/lightty 
Lighttpd: support auth.backend = "htdigest"
 2012-09-30 08:28:12 -07:00
François Boulogne 958a1b0a40 Lighttpd: support auth.backend = "htdigest" 2012-09-30 13:27:21 +02:00
Yaroslav Halchenko 2a225aa6ee Added a warning within "complaint.conf" action about care with enabling it 2012-08-13 23:03:52 -04:00
Yaroslav Halchenko 2d66f31ef5 ENH: instead of "Invalid command" warning log exception why command failed 2012-08-02 19:48:59 -04:00
Yaroslav Halchenko 2a83cf2814 new changelog entry 2012-07-31 21:49:10 -04:00
Yaroslav Halchenko 020ac1b2e9 Minor bugfix release 0.8.7.1 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iEYEABECAAYFAlAYivoACgkQjRFFY3XAJMiwawCeOc+Kal5XsupZ3w/O7hrBbpx/
 +C8An39SrP+bc7vcWX5eFlkFBfGXsQ0/
 =ItkI
 -----END PGP SIGNATURE-----

Merge tag '0.8.7.1' into debian

Minor bugfix release 0.8.7.1

* tag '0.8.7.1':
  Changelog for the fix -- will rerelease 0.8.7.1
  BF: removed sneaked a commented out sys.path.insert
 2012-07-31 21:48:59 -04:00
Yaroslav Halchenko 0b5c66fb59 Changelog for the fix -- will rerelease 0.8.7.1 2012-07-31 21:45:04 -04:00
Yaroslav Halchenko 6b7544a63a BF: removed sneaked a commented out sys.path.insert 2012-07-31 21:45:03 -04:00
Yaroslav Halchenko b41a249161 recommend python-pyinotify and only suggest python-gamin 2012-07-31 18:02:24 -04:00
Yaroslav Halchenko 197edfc271 debian/control,rules: switch to use dh_python2, boost policy compliance to 3.9.3 2012-07-31 17:33:13 -04:00
Yaroslav Halchenko d969aef8f8 BF: specify full action for recidive jail since it needs allport action 2012-07-31 17:02:34 -04:00
Yaroslav Halchenko 235267b7ac debian/source: switch to 3.0 (quilt) format 2012-07-31 16:54:09 -04:00
Yaroslav Halchenko 9429655045 use unprefixed upstream release tags 2012-07-31 16:52:44 -04:00
Yaroslav Halchenko 475558056e Merged changelog with unreleased 0.8.6-4 to avoid possible confusions 2012-07-31 16:52:00 -04:00
Yaroslav Halchenko 29f108dbb1 Close also #653074 since fixed in 5cac32e038 2012-07-31 16:50:35 -04:00
Yaroslav Halchenko 86ae7d2f5e debian/fail2ban.init: Should-(start|stop): iptables-persistent (Closes: #598109), ferm (Closes: #604843) 2012-07-31 16:21:03 -04:00
Yaroslav Halchenko 59e95b053e debian/jail.conf: adopted few jails from "upstreams" jail.conf: asterisk, recidive, lighttpd, php-url-open 2012-07-31 16:16:55 -04:00
Yaroslav Halchenko 1163450227 added usedns option into debian/jail.conf 2012-07-31 16:08:00 -04:00
Yaroslav Halchenko c4acaf8bd0 Refreshed the patch 2012-07-31 16:06:01 -04:00
Yaroslav Halchenko d8d950dcc6 ENH: adopted description about backends from upstream's jail.conf 2012-07-31 16:02:31 -04:00
Yaroslav Halchenko 14d609941b monitor syslog not auth.log for wuftpd 2012-07-31 15:59:44 -04:00