fail2ban

Commit Graph

Author	SHA1	Message	Date
sebres	e4a265c75f	test coverage	8 years ago
sebres	d2a3d093c6	rewritten CallingMap: performance optimized, immutable, self-referencing, template possibility (used in new ActionInfo objects); new ActionInfo handling: saves content between actions, without interim copying (save original on demand, recoverable via reset); test cases extended	8 years ago
sebres	4efcc29384	coverage of new multi-line handling within fail2ban-regex	8 years ago
sebres	35efca5941	Better multi-line handling introduced: single-line parsing with caching of needed failure information to process in further lines. Many times faster and fewer CPU-hungry because of parsing with `maxlines=1`, so without line buffering (scrolling of the buffer-window). Combination of tags `<F-MLFID>` and `<F-NOFAIL>` can be used now to process multi-line logs using single-line expressions: - tag `<F-MLFID>`: used to identify resp. store failure info for groups of log-lines with the same identifier (e. g. combined failure-info for the same conn-id by `<F-MLFID>(?:conn-id)</F-MLFID>`, see sshd.conf for example) - tag `<F-NOFAIL>`: used as mark for no-failure (helper to accumulate common failure-info); filter.d/sshd.conf: [sshd], [sshd-ddos], [sshd-aggressive] optimized with pre-filtering using new option `prefregex` and new multi-line handling.	8 years ago
sebres	8bcaeb9022	amend to 4ff8d051f49808ac769709c5aff8591fcd79040a: fixed fail2ban-regex with journalmatch using systemd-journal	8 years ago
sebres	22afdbd536	Several filters optimized with pre-filtering using new option `prefregex`	8 years ago
sebres	2fad50b6e8	Precedence of `prefregex` higher as `failregex` should be in head of the convert-stream; Allow using failure-id (`<HOST>`) within `prefregex` (by common prefix for all expressions specified with `failregex`)	8 years ago
sebres	4ff8d051f4	Introduced new filter option `prefregex` for pre-filtering using single regular expression; Some filters extended with user name; [filter.d/pam-generic.conf]: grave fix injection on user name to host fixed; test-cases in testSampleRegexsFactory can now check the captured groups (using additionally fields in failJSON structure)	8 years ago
sebres	9d15a792a5	amend to fe06ffca71e9054b21b93237c40c0c53478a19df: small optimization using already known IP family	8 years ago
sebres	fe06ffca71	Fix retrieving of IPv6 address with dnsToIp on some systems (default returns AF_INET family only), fix network test-cases.	8 years ago
sebres	61c8cd11b8	Exposes filter group captures in actions (non-recursive interpolation of tags `<F-...>`); Closes gh-1110	8 years ago
sebres	6d878f3a43	try to provide filter captures (already in ticket data) to the actions as interpolation options (closes gh-1110)	8 years ago
sebres	a8c0cec4ac	small amend with several fixes and test coverage	8 years ago
sebres	9ebf70cd6a	Safer, more stable and faster replaceTag interpolation (switched from cycle over all tags to re.sub with callable)	8 years ago
sebres	a6318b159b	substituteRecursiveTags optimization + moved in helpers facilities (because currently used commonly in server and in client)	8 years ago
sebres	3fae8a7e43	amend to fc315be4ea88c3619f984542b21c95820f53d87b: parse and interpolate all options in section "Definition" (section "Init" no more needed), because of better performance with this solution;	8 years ago
sebres	4bf09bf297	provides new tag `<ip-rev>` for PTR reversed representation of IP address; [action.d/complain.conf] fixed using this new tag;	8 years ago
sebres	fc315be4ea	try to parse and interpolate all options in section "Definition" (section "Init" no more needed)	8 years ago
Serg G. Brester	7f63809afb	Merge branch '0.10' into patch-1	8 years ago
Serg G. Brester	2d12349eac	Update servertestcase.py Make the test-case gh-1685 compliant	8 years ago
sebres	abd80696ab	Merge branch 'py-3.6-compat' into 0.10	8 years ago
sebres	cf53a834f7	python-3.6 compatibility: - dynamical string replacement within call of regexp.sub fixed with lambda-replacement (otherwise "sre_constants.error: bad escape \s at position"); - optional arguments (3.6 has more agrs by calling of SMTPServer.process_message); - implicit convert byte to string, because python3.6 fails on binary data (test_smtp).	8 years ago
sebres	01db0b5028	small performance fix after merge with 0.10 (cherry picked from commit `8e2711681c`)	8 years ago
sebres	63f7916886	fix test cases by testing with multi-threaded execution (wait for threaded execution done) (cherry picked from commit `1ec6782f32`) # Conflicts: # fail2ban/tests/observertestcase.py (not yet available in 0.10)	8 years ago
sebres	f35aa6d258	coverage: added python3.6	8 years ago
sebres	40837754c9	python3.6 compatibility fix	8 years ago
Jan Grewe	58c68b75f0	Remove double-quotes from email addresses	8 years ago
Jan Grewe	1bcf0de7c1	Update complain.conf	8 years ago
Serg G. Brester	ac7be38dbe	Merge pull request #1686 from Slamdunk/postfix-rbl-554-SMTP Postfix RBL: 554 & SMTP	8 years ago
Filippo Tessarotto	607568f5da	Postfix RBL: 554 & SMTP	8 years ago
Jan Grewe	901eeff53d	Make Abusix lookup compatible with Dash	8 years ago
sebres	96d404f0fb	Merge branch 'master' into 0.10	8 years ago
sebres	c4dc698d98	evil symlink removed: does not supported by some file systems (e. g. development over net share)	8 years ago
sebres	1823571e0f	Merge branch 'ssh-filter-new-regexp' into 0.10	8 years ago
sebres	c4d56ea84a	Merge branch 'ssh-filter-new-regexp'	8 years ago
sebres	9d06f0ee40	sshd-amend: optional space after port part	8 years ago
sebres	e8a1556562	Merge remote-tracking branch 'master' into 0.10 # Conflicts: # fail2ban/tests/samplestestcase.py	8 years ago
Serg G. Brester	3ccb026840	Merge pull request #1209 from sebres/ssh-filter-new-regexp sshd-aggressive (new ssh rules added (gh-864) and code review...)	8 years ago
sebres	54a8c681ce	suhosin.conf: removed greedy match	8 years ago
sebres	8aa9516d50	sshd.conf: fixed expression "received disconnect ... auth fail" - optional space after port part (gh-1652)	8 years ago
sebres	c8f473110c	change log update after rebase	8 years ago
sebres	3276bd6d54	sshd: additionally aggressive filter rules - no matching cipher resp. no matching key exchange method (gh-1545, gh-1117)	8 years ago
sebres	628789f9a9	sshd: conditional parameter "mode" for sshd jail (normal, ddos, aggressive) filter sshd-ddos and new filter sshd-aggressive are both derivation of sshd-filter	8 years ago
sebres	dd373dba9f	test all config-regexp, that contains greedy catch-all before <HOST>, that is hard-anchored at end or precise sub expression after <HOST>; new ssh rule(s) added: - Connection reset by peer (multi-line rule during authorization process); - No supported authentication methods available; Single line and multi-line expression optimized, added optional prefixes and suffix (logged from several ssh versions); closes gh-864	8 years ago
Serg G. Brester	5e08298b6b	Update ChangeLog	8 years ago
Christian Brandlehner	a4d8426401	Support for IBM Domino SMTP task (#1603 ) filter.d/domino-smtp.conf	8 years ago
Serg G. Brester	40f294e6bf	Merge pull request #1663 from jjeziorny/netscaler-action Introduced citrix netscaler action	8 years ago
Serg G. Brester	75b252e47f	Update ChangeLog	8 years ago
Juliano Jeziorny	1fe554dd25	Introduced Citrix Netscaler action	8 years ago
Serg G. Brester	063a11564b	Merge pull request #1673 from chtheis/master Wrong paths for apache and nginx under FreeBSD	8 years ago

1 2 3 4 5 ...

3952 Commits (e4a265c75f59b45fdfa3c47e7e7ab21ef366cd3d) All Branches Search

3952 Commits (e4a265c75f59b45fdfa3c47e7e7ab21ef366cd3d)

All Branches