github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
2,821 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

2821 Commits (effdb450fc42ddf1169312b104e6f3678802442a)

Author SHA1 Message Date
pigsyn 38dd1506cc Sample Webmin logs 2012-12-12 23:25:31 -08:00
pigsyn f336d9f876 Update config/filter.d/webmin-auth.conf 
Added '\s*$' to the regular expression to match the space written by webmin logs at line-endings
 2012-12-13 08:14:49 +01:00
pigsyn dc67b24270 Update config/filter.d/webmin-auth.conf 
Added a trailing '.*$' to each regex so they can find expressions in targeted log files.
 2012-12-12 23:07:39 +01:00
Yaroslav Halchenko 3969e3f77b ENH: dovecot.conf - require space(s) before rip/rhost log entry 2012-12-12 09:16:52 -05:00
Yaroslav Halchenko 68c1defb76 ENH: added dovecot example from Daniel Black + example with DoS attempt via injected rhost 2012-12-12 09:16:27 -05:00
Yaroslav Halchenko 6d804df504 Merge branch 'patch-2' of https://github.com/hamilton5/fail2ban (dovecot log examples) 
* 'patch-2' of https://github.com/hamilton5/fail2ban:
  Update testcases/files/logs/dovecot
  Update testcases/files/logs/dovecot
 2012-12-12 09:11:34 -05:00
Yaroslav Halchenko d7b7d7d491 Merge branch 'patch-1' of https://github.com/hamilton5/fail2ban 
* 'patch-1' of https://github.com/hamilton5/fail2ban:
  Update config/filter.d/dovecot.conf
  Update config/filter.d/dovecot.conf
  Update config/filter.d/dovecot.conf
 2012-12-12 09:10:44 -05:00
Yaroslav Halchenko 46e2de98ff Merge pull request #97 from grooverdan/simplefix 
name -> IP is a normal DNS lookup not a reverse
 2012-12-12 06:08:14 -08:00
Yaroslav Halchenko 620d6015ac Merge pull request #98 from grooverdan/gitignore 
ignore build directory and compiled python bits
 2012-12-12 06:07:09 -08:00
Daniel Black fd7929863b name -> IP is a normal DNS lookup not a reverse 2012-12-12 21:59:01 +11:00
Daniel Black b95dc592b9 ignore build directory and compiled python bits 2012-12-12 21:43:27 +11:00
hamilton5 266cdc29a6 Update config/filter.d/dovecot.conf 
even tho not on the fail2ban site..
suggested to not be greedy by yarikoptic
 2012-12-11 12:09:28 -05:00
hamilton5 ccc62ddbf3 Update testcases/files/logs/dovecot 2012-12-11 12:05:01 -05:00
Yaroslav Halchenko 67145d8b78 ENH: assure that all date templates have unique names 2012-12-11 11:18:52 -05:00
Yaroslav Halchenko d1625253eb ENH: debug msgs on which template was taken (+ use "is" for None comparisons) 2012-12-11 11:18:52 -05:00
Yaroslav Halchenko 2b6366656f BF: make sorting of date templates stable 
Before, it would first do stable sort followed with explicit reverse.
Now reverse is given as an argument to sort, and it results in actually
preserving the order in case of e.g. no sorting needed
 2012-12-11 11:18:52 -05:00
Yaroslav Halchenko 7bd977e2df ENH: fail2ban-testscases -- allow to specify regexps for tests to be ran 
Eventually we will switch to use nose or py.test -- for now this
homebrew solution could be used to run selected suites only
 2012-12-11 11:18:52 -05:00
hamilton5 c534c1d03d Update testcases/files/logs/dovecot 2012-12-11 11:05:22 -05:00
hamilton5 e040c6d8a3 Update config/filter.d/dovecot.conf 
site actually needs updated because of <HOST> alias 
per Notes above.
 2012-12-11 03:26:14 -05:00
hamilton5 7ede1e8518 Update config/filter.d/dovecot.conf 
added failregex line for debian and centos per 
http://www.fail2ban.org/wiki/index.php/Talk:Dovecot
 2012-12-10 19:17:04 -05:00
Yaroslav Halchenko fc27e00290 ENH: tune up sshd-ddos to use common.conf and allow training spaces 2012-12-07 15:24:34 -05:00
Yaroslav Halchenko 51a3be2d79 Getting ready for 0.8.8 release (changelog, version boost) 2012-12-05 22:51:29 -05:00
Yaroslav Halchenko 37a2e59d69 BF: guarantee that IP is stored as a base, non-unicode str (Closes gh-91) 
Otherwise it might lead to spurious characters dumped into the
terminal at few places, unless casted upon every use in the logs.  To
prevent those issues in the source, store IP as a basic string if it
is a string at all
 2012-11-26 12:01:42 -05:00
Yaroslav Halchenko 03b31398aa ENH: BF (forgotten import) for prev commit + removed duplicate Author, adjusted __ fields for that in fail2ban-* scripts 2012-11-09 08:58:19 -05:00
Yaroslav Halchenko 9e7a3b7a04 ENH: until we make it proper module -- adjust sys.path only if system-wide run 2012-11-09 08:57:33 -05:00
Yaroslav Halchenko 348239cf14 ENH: fail2ban-testcases-all -- pass cmdline options to fail2ban-testcases 2012-11-07 11:34:20 -05:00
Yaroslav Halchenko f10537941b ENH: To help with gh-87 added hints into the log on some failure return codes (e.g. 0x7f00 for this one) 2012-11-07 11:33:17 -05:00
Yaroslav Halchenko efc4fd5f0b ENH: trying to go native travis-ci python way to take advantage of virtualenv's with older pythons 2012-11-06 22:05:41 -05:00
Yaroslav Halchenko 29aef9381a BF: typo 2012-11-06 21:48:44 -05:00
Yaroslav Halchenko 39172a99c5 BF: added a little shell script to excercise tests against all available Python versions 
also report Python version inside fail2ban-testcases
 2012-11-06 21:45:55 -05:00
Yaroslav Halchenko ef2ea965c8 ENH: travis -- try to run tests against all available python versions 2012-11-06 14:12:35 -05:00
Yaroslav Halchenko da626b51cc NF: rudimentary .travis.yml for travis-ci.org service 2012-11-06 14:00:27 -05:00
Yaroslav Halchenko b159eabb51 BF: do not enable pyinotify backend if pyinotify is too old (Closes gh-80) 2012-11-06 13:14:42 -05:00
Yaroslav Halchenko 63237a785e DOC: forgotten --help entry for " unban " 2012-11-05 21:50:49 -05:00
Yaroslav Halchenko f52ba9923a ENH: downgrade "already banned" from WARN to INFO level (Closes gh-79) 
Most of the time it is a benign latency effect so nothing to warn about.
 2012-11-05 21:30:07 -05:00
Yaroslav Halchenko 1e12c220e6 minor: added a note on now "negative" log entries on "POSSIBLE BREAK-IN ATTEMPT" 2012-11-05 21:22:33 -05:00
Yaroslav Halchenko 6ecf4fd80a Merge pull request #64 from sourcejedi/remove_sshd_rdns 
Misconfigured DNS should not ban *successful* ssh logins

Per our discussion indeed better (and still as "safe") to not punish users behind bad DNS
 2012-11-05 18:20:37 -08:00
Yaroslav Halchenko b773ed617b DOC: minor "fixes" in DEVELOP 2012-11-05 21:12:03 -05:00
David Engeset 2d672d1c81 Added in while loop to process the Fail Manager after the requested banned IP was added to its queue. This solves the issue of needing to touch the log file that is being monitored to get the IP to be banned accordingly. Added in import of FailManagerEmpty exception class. 2012-11-05 20:38:40 -05:00
Yaroslav Halchenko f14c7ae401 ENH: refactored previous commit to make it more Pythonic (With prev commit closes gh-86, gh-81) 2012-11-05 20:37:06 -05:00
David Engeset 6288ec2757 Added in command option to unban and IP, just like using 'banip'. Command looks like: fail2ban-client set <jail name> unbanip <ip> 2012-11-05 20:11:28 -05:00
Yaroslav Halchenko 8e64c281dd BF: in code we should use MyTime wrapper instead of time module directly 
to allow for some tests to work correctly
 2012-11-05 20:09:15 -05:00
Yaroslav Halchenko 09355663f7 BF: (python 2.4) -- access to staticmethod should go via Class 
TODO: get away from using all those staticmethods in f2b
 2012-11-05 16:54:19 -05:00
Yaroslav Halchenko 5becaf8ef2 BF: (python 2.[45]) store backends names in a list to use .index later on (Closes gh-83) 
.index() got into tuple's API only in 2.6
 2012-11-01 15:34:20 -04:00
Yaroslav Halchenko 9510619b7b ENH: minor -- print out why skipping a backend while testing 2012-11-01 15:24:32 -04:00
Mark McKinstry 95de9c1a97 add support for the APF firewall 2012-10-18 11:17:04 -04:00
Yaroslav Halchenko 652b5a77e0 BF: fixing current version string to contain the patch index, i.e. ".1" Thanks Fabian Fischer 2012-10-10 08:39:18 -04:00
Yaroslav Halchenko 83109bce14 BF: escape the content of <matches> since its value could contain arbitrary symbols 2012-10-08 22:14:51 -04:00
Yaroslav Halchenko 6ee2c0a014 DOC: untabified for proper formatting + trailing spaces 2012-10-03 09:12:37 -04:00
Yaroslav Halchenko 282724a7f9 ENH: join both failregex for lighttpd-auth into a single one 
they are close in meaning
should provide a slight run-time performance benefit
 2012-09-30 11:30:24 -04:00