sebres
fa20b0aff2
Merge branch 'py-3.6-compat' into 0.10-full
2017-02-15 19:18:35 +01:00
sebres
cf53a834f7
python-3.6 compatibility:
...
- dynamical string replacement within call of regexp.sub fixed with lambda-replacement (otherwise "sre_constants.error: bad escape \s at position");
- optional arguments (3.6 has more agrs by calling of SMTPServer.process_message);
- implicit convert byte to string, because python3.6 fails on binary data (test_smtp).
2017-02-15 19:05:45 +01:00
sebres
01db0b5028
small performance fix after merge with 0.10
...
(cherry picked from commit 8e2711681c
)
2017-02-15 19:04:24 +01:00
sebres
63f7916886
fix test cases by testing with multi-threaded execution (wait for threaded execution done)
...
(cherry picked from commit 1ec6782f32
)
# Conflicts:
# fail2ban/tests/observertestcase.py (not yet available in 0.10)
2017-02-15 18:58:40 +01:00
sebres
a4ec017d1c
Merge branch '0.10' into 0.10-full
2017-02-15 09:26:01 +01:00
sebres
f35aa6d258
coverage: added python3.6
2017-02-15 08:46:27 +01:00
sebres
40837754c9
python3.6 compatibility fix
2017-02-15 08:45:15 +01:00
Serg G. Brester
ac7be38dbe
Merge pull request #1686 from Slamdunk/postfix-rbl-554-SMTP
...
Postfix RBL: 554 & SMTP
2017-02-07 15:37:18 +01:00
Filippo Tessarotto
607568f5da
Postfix RBL: 554 & SMTP
2017-02-07 15:26:06 +01:00
sebres
8c54675750
fix sporadic time related errors after fail2ban restart resp. reload jail:
...
- ValueError: need more than N values to unpack
- empty banip from restoreCurrentBans, etc.
2017-01-23 11:45:29 +01:00
sebres
0636b3247d
observer fix: wait it becomes idle in reload test case (complete writing of failures to database);
2017-01-23 09:52:04 +01:00
sebres
8e2711681c
small performance fix after merge with 0.10
2017-01-23 09:51:52 +01:00
sebres
99634638ba
Merge branch '0.10' into 0.10-full
2017-01-23 09:51:36 +01:00
sebres
96d404f0fb
Merge branch 'master' into 0.10
2017-01-23 09:27:40 +01:00
sebres
c4dc698d98
evil symlink removed: does not supported by some file systems (e. g. development over net share)
2017-01-23 09:26:05 +01:00
sebres
1823571e0f
Merge branch 'ssh-filter-new-regexp' into 0.10
2017-01-23 08:58:43 +01:00
sebres
c4d56ea84a
Merge branch 'ssh-filter-new-regexp'
2017-01-23 08:58:03 +01:00
sebres
9d06f0ee40
sshd-amend: optional space after port part
2017-01-23 08:56:47 +01:00
sebres
e8a1556562
Merge remote-tracking branch 'master' into 0.10
...
# Conflicts:
# fail2ban/tests/samplestestcase.py
2017-01-21 16:59:41 +01:00
Serg G. Brester
3ccb026840
Merge pull request #1209 from sebres/ssh-filter-new-regexp
...
sshd-aggressive (new ssh rules added (gh-864) and code review...)
2017-01-21 16:29:42 +01:00
sebres
54a8c681ce
suhosin.conf: removed greedy match
2017-01-21 16:26:07 +01:00
sebres
8aa9516d50
sshd.conf: fixed expression "received disconnect ... auth fail" - optional space after port part (gh-1652)
2017-01-21 16:18:03 +01:00
sebres
c8f473110c
change log update after rebase
2017-01-21 15:59:27 +01:00
sebres
3276bd6d54
sshd: additionally aggressive filter rules - no matching cipher resp. no matching key exchange method (gh-1545, gh-1117)
2017-01-21 15:57:05 +01:00
sebres
628789f9a9
sshd: conditional parameter "mode" for sshd jail (normal, ddos, aggressive)
...
filter sshd-ddos and new filter sshd-aggressive are both derivation of sshd-filter
2017-01-21 15:54:49 +01:00
sebres
dd373dba9f
test all config-regexp, that contains greedy catch-all before <HOST>, that is hard-anchored at end or precise sub expression after <HOST>;
...
new ssh rule(s) added:
- Connection reset by peer (multi-line rule during authorization process);
- No supported authentication methods available;
Single line and multi-line expression optimized, added optional prefixes and suffix (logged from several ssh versions);
closes gh-864
2017-01-21 15:53:48 +01:00
Serg G. Brester
5e08298b6b
Update ChangeLog
2017-01-20 08:47:30 +01:00
Christian Brandlehner
a4d8426401
Support for IBM Domino SMTP task ( #1603 )
...
filter.d/domino-smtp.conf
2017-01-20 08:44:20 +01:00
Serg G. Brester
40f294e6bf
Merge pull request #1663 from jjeziorny/netscaler-action
...
Introduced citrix netscaler action
2017-01-19 16:25:23 +01:00
Serg G. Brester
75b252e47f
Update ChangeLog
2017-01-19 15:00:08 +01:00
Juliano Jeziorny
1fe554dd25
Introduced Citrix Netscaler action
2017-01-19 14:30:25 +01:00
Serg G. Brester
063a11564b
Merge pull request #1673 from chtheis/master
...
Wrong paths for apache and nginx under FreeBSD
2017-01-18 17:12:20 +01:00
Christoph Theis
fe76cd9b7d
#1667 : changelog entry
2017-01-17 14:05:20 +01:00
Christoph Theis
6187431629
#1667 : Wrong paths for apache and nginx under FreeBSD
2017-01-17 11:48:25 +01:00
Serg G. Brester
5bfdd521f0
Merge pull request #1669 from sebres/0.10-recognize-restored-tickets
...
Recognize state of restored tickets
2017-01-17 09:39:56 +01:00
sebres
f35da076df
ChangeLog entry
2017-01-16 09:55:01 +01:00
sebres
74a6afadd5
Mail-actions switched to use new option "norestored" instead of checking of variable `restored` during shell execution (prevents executing of such actions at all).
2017-01-16 09:40:48 +01:00
sebres
8b82c6669e
provide name of action to fail-message (e. g. if interpolation fails)
2017-01-16 09:34:10 +01:00
sebres
0aa241d303
Another way to recognize restored tickets - new option `norestored` of action introduced;
...
Complete prevents executing of ban/unban operations for actions where norestored = true.
2017-01-16 09:05:45 +01:00
sebres
2ed2e7810d
normalization of DefinitionInitConfigReader (action / filter): client-side interpolation, etc.
2017-01-16 09:03:06 +01:00
sebres
de49f0c27f
ChangeLog entry
2017-01-13 19:45:10 +01:00
sebres
ee3c787cc6
Recognize restored (from database) tickets after restart (tell action restored state of the ticket);
...
Prevent executing of several actions (e.g. mail, send-mail etc) on restart (bans were already notified).
Test cases extended (smtp and by restart in ServerReloadTest).
Closes gh-1141
Closes gh-921
2017-01-13 19:06:17 +01:00
oliverdorn
4a65e069e1
Solution for issue #1665
...
Solves the issue of authentic GoogleBots being banned by apache-fakegooglebots.
2017-01-13 08:59:45 +01:00
Serg G. Brester
6f190b6e61
readme.md: added IPv6 launch logo for 0.10th branch
...
Closes gh-1647
2017-01-12 12:41:08 +01:00
sebres
bf872213bd
amend for 7019640eb3
(fix-gh-1658): sshd test-cases extended with IPv6 to cover this fix
2017-01-10 13:48:17 +01:00
sebres
7019640eb3
Merge branch 'fix-gh-1658' into 0.10
2017-01-10 12:59:51 +01:00
sebres
a9523aefbb
sshd.conf: fixed non-anchored part of regex (misleading match of colon inside IPv6 address instead of `: ` in the reason-part by missing space).
2017-01-10 12:58:44 +01:00
sebres
c9f32f75e6
Merge branch '0.9-fix-regex-using-journal' into 0.10-fix-regex-using-journal (merge point against 0.9 after back-porting gh-1660 from 0.10)
2017-01-10 11:25:41 +01:00
sebres
f8d35a7c9c
changelog entry
2017-01-10 11:16:17 +01:00
sebres
2009f1c434
fail2ban-regex: fix for systemd-journal (see gh-1657)
2017-01-10 11:13:18 +01:00