Yaroslav Halchenko
6004fe7a94
just trailing spaces in setup.py
2013-02-11 16:17:52 -05:00
Yaroslav Halchenko
4d4c2d7e02
Brief changelog entry for multiline failregex. With this Close gh-54
2013-02-11 16:04:44 -05:00
Yaroslav Halchenko
c7ae460b8a
Merge remote-tracking branch 'github_kwirk_fail2ban/multi-line' into 0.9
...
* github_kwirk_fail2ban/multi-line:
Revert changes to man/fail2ban-client.1
Removed "common.local" include for FilterReader test
Added 'maxlines' option to fail2ban-regex
Regex get(Un)MatchedLines now returns whole lines only
Added FilterReader test
Added multiregex test for multi-line filter
ignoreregex now functions correctly with multiline
Minor typo in server/failregex.py
Added <SKIPLINES> regex applicable for multi-line
Sanitise testcase log 04
Changed multi-line test to provided example
Filter for multi-line now stores last time match
Simplify and change some filter line buffer
Initial changes and test for multi-line filtering
2013-02-11 16:01:11 -05:00
Yaroslav Halchenko
9dc662af27
Introducing 0.9.x series with 0.9.0a0
...
0.9.0a0 is chosen so that StrictVersion works within python 2.x
2013-02-11 16:00:05 -05:00
ArndRa
35bf84abad
Create sogo-auth.conf
...
Regexp works with SOGo 2.0.5 or newer, following new feature implemented here: http://www.sogo.nu/bugs/view.php?id=2229
2013-02-11 08:19:48 -08:00
ArndRa
52f952e645
Update config/jail.conf
...
Update to use the new sogo-auth filter
2013-02-11 17:14:29 +01:00
Yaroslav Halchenko
f8983872ad
BF: return str(host) to avoid spurious characters in the logs (Close gh-113)
...
thanks to opoplawski@github
2013-02-01 16:24:04 -05:00
Yaroslav Halchenko
5f2d3832f7
NF: roundcube-auth filter (to close Debian #699442 , needing debian/jail.conf section)
2013-01-31 14:41:34 -05:00
Steven Hiscocks
9c2e0cbbc8
Fix up for warning/error for inaccessible config files
2013-01-31 18:36:23 +00:00
Steven Hiscocks
bf5f46c3d5
Warn if config file present but unreadable
2013-01-30 19:57:03 +00:00
Steven Hiscocks
efea62e03f
Revert changes to man/fail2ban-client.1
2013-01-28 20:47:32 +00:00
Steven Hiscocks
02218294bc
Removed "common.local" include for FilterReader test
2013-01-28 18:41:12 +00:00
Yaroslav Halchenko
d561a4c2bb
BF: do not rely on scripts being under /usr -- might differ eg on Fedora -- rely on import of common.version (Closes gh-112)
...
This is also not ideal, since if there happens to be some systemwide common.version -- we are doomed
but otherwise, we cannot keep extending comparison check to /bin, /sbin whatelse
2013-01-28 09:54:12 -05:00
Yaroslav Halchenko
acab23bdfe
RF: move exceptions used by both client and server into common/exceptions.py
...
this prevents importing of server while operating with client only
2013-01-28 09:46:50 -05:00
Steven Hiscocks
b48c17b8c4
Added 'maxlines' option to fail2ban-regex
...
This allows multi-line regex to be tested
2013-01-27 10:47:13 +00:00
Steven Hiscocks
99914ac0f3
Regex get(Un)MatchedLines now returns whole lines only
...
Fix issue where for regexs not anchored at start/end of line, that
getMatchedLines and getUnmatchedLines returned partial lines
2013-01-27 09:17:48 +00:00
Yaroslav Halchenko
f8c8a5583e
Merge remote-tracking branch 'gh-yarikoptic/master'
...
* gh-yarikoptic/master:
BF: pyinotify - use bitwise op on masks and do not try tracking newly created directories
2013-01-26 12:36:49 -05:00
Yaroslav Halchenko
c900c08eed
Merge pull request #111 from opoplawski/nonettest
...
Initial support for --no-network option for fail2ban-testcases (Closes gh-110)
2013-01-25 16:45:01 -08:00
Orion Poplawski
431489c9b9
Remove unneeded setting of opts.no_network
2013-01-25 14:19:10 -07:00
Yaroslav Halchenko
6b2e76ba7f
BF: pyinotify - use bitwise op on masks and do not try tracking newly created directories
2013-01-25 16:06:41 -05:00
Orion Poplawski
fdd9dfb4b5
Initial support for --no-network option for fail2ban-testcases
2013-01-25 12:56:00 -07:00
Steven Hiscocks
d05f420758
Added FilterReader test
2013-01-25 18:28:48 +00:00
Yaroslav Halchenko
b8a861d012
Merge remote-tracking branch 'gh-yarikoptic/master'
...
* gh-yarikoptic/master:
ENH: Added login authenticator failed regexp for exim filter
DOC: Mention that logrotate configuration needs to be adjusted if logtarget is changed (Closes : #697333 )
2013-01-25 13:27:30 -05:00
Steven Hiscocks
7234c2a3aa
Added multiregex test for multi-line filter
2013-01-25 18:16:55 +00:00
Steven Hiscocks
ea466d59f4
ignoreregex now functions correctly with multiline
...
Ignore regexs are now only compared to lines that match the failregex.
Supporting test also added for multiline regex and overlapping
multiline regex matches.
2013-01-25 18:11:40 +00:00
Yaroslav Halchenko
4a48844027
Merge pull request #107 from opoplawski/master
...
sshd filter - avoid banning on pam failures since might be too early. Close gh-106
If desired to ban on pam -- enable pam-generic filter, possibly even tuning in pam-generic.local the value for caught ttys in case of more detailed control needed
Provided example was:
Jan 18 12:47:34 host sshd[23755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.123.123.123 user=myuser
Jan 18 12:47:34 host sshd[23755]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.123.123.123 user=myuser
Jan 18 12:47:34 host sshd[23755]: Accepted password for myuser from 123.123.123.123 port 50615 ssh2
2013-01-25 08:24:44 -08:00
Yaroslav Halchenko
7d630cb0de
Merge pull request #109 from blotus/master
...
Escape ' and " in matches
2013-01-25 08:11:04 -08:00
blotus
96eb8986cc
Escape ' and " in matches tag
2013-01-25 13:37:22 +01:00
Steven Hiscocks
28f68a693f
Minor typo in server/failregex.py
2013-01-24 21:12:45 +00:00
Steven Hiscocks
9b4806bfd3
Added <SKIPLINES> regex applicable for multi-line
...
This allows lines captured by <SKIPLINES> regex to remain in the line
buffer in Filter
2013-01-24 18:20:43 +00:00
Steven Hiscocks
5952819a58
Sanitise testcase log 04
2013-01-23 19:32:55 +00:00
Steven Hiscocks
00ab425492
Changed multi-line test to provided example
2013-01-23 19:10:27 +00:00
Steven Hiscocks
055aeeb227
Filter for multi-line now stores last time match
...
This is useful for log files which dont contain a date/time on every
line
2013-01-23 18:42:25 +00:00
Steven Hiscocks
5c7e3841e0
Simplify and change some filter line buffer
...
Include change variable names to `fail2ban` style
2013-01-23 18:26:49 +00:00
Steven Hiscocks
aec709f4c1
Initial changes and test for multi-line filtering
2013-01-22 20:54:14 +00:00
Orion Poplawski
bb7628591c
Update config/filter.d/sshd.conf
...
Do not trigger sshd bans on pam_unix authentication failures, this will trigger on successful logins on systems that use non-pam_unix authentication (sssd, ldap, etc.).
2013-01-18 14:44:49 -07:00
Yaroslav Halchenko
9a39292813
ENH: Added login authenticator failed regexp for exim filter
2013-01-04 15:23:05 -05:00
Yaroslav Halchenko
b3d8ba146b
DOC: Mention that logrotate configuration needs to be adjusted if logtarget is changed ( Closes : #697333 )
2013-01-04 15:23:05 -05:00
Yaroslav Halchenko
3ce53e8798
ENH: Added login authenticator failed regexp for exim filter
2013-01-04 15:22:18 -05:00
Yaroslav Halchenko
8f0c533d64
DOC: Mention that logrotate configuration needs to be adjusted if logtarget is changed ( Closes : #697333 )
2013-01-04 10:55:14 -05:00
Michael Gebetsroither
03433f79cd
add example jail.conf for blocking through blackhole routes for ssh
2013-01-04 16:09:04 +01:00
Michael Gebetsroither
f9b78ba927
add support for blocking through blackhole routes
2013-01-03 18:46:31 +01:00
Yaroslav Halchenko
be06b1b914
Merge pull request #102 from grooverdan/ipset
...
Ipset
2012-12-30 19:51:15 -08:00
Daniel Black
da0ba8ab4c
ENH: add example jail for ipset
2012-12-31 14:38:51 +11:00
Daniel Black
9221886df6
more documentation and optimisations/fixes based on testing
2012-12-31 14:31:37 +11:00
Daniel Black
abd5984234
base ipset support
2012-12-31 14:31:37 +11:00
Yaroslav Halchenko
05af52e833
ENH: fail2ban-regex -- __str__ for RegexStat + modeline
2012-12-24 11:05:44 -05:00
Yaroslav Halchenko
21e966e4bb
example logs should carry the same name as the filter they are devised for
2012-12-13 08:24:02 -05:00
Yaroslav Halchenko
f96ea013bb
Merge pull request #99 from pigsyn/patch-2
...
Update config/filter.d/webmin-auth.conf for trailing spaces
2012-12-13 05:22:43 -08:00
pigsyn
123d457924
Update testcases/files/logs/Webmin
2012-12-13 08:33:07 +01:00