sebres
fb27d9ce83
fail2ban-regex: fix for systemd-journal (see gh-1657)
2017-01-10 10:59:53 +01:00
Yaroslav Halchenko
31a1560eaa
minor typos (thanks Vincent Lefevre, Debian #847785 )
2016-12-11 15:13:11 -05:00
Yaroslav Halchenko
4a1fd888f0
Carry on development
2016-12-11 00:49:09 -05:00
Yaroslav Halchenko
3605155978
updated man pages
2016-12-09 09:36:08 -05:00
Yaroslav Halchenko
482252dbd4
ENH: prep for 0.9.6 release (as of tomorrow)
2016-12-09 09:35:03 -05:00
Yaroslav Halchenko
e550850b9c
BF: added missing entires into MANIFEST
2016-12-09 09:34:44 -05:00
Serg G. Brester
556a9373ce
Update ChangeLog
2016-11-28 23:40:33 +01:00
Serg G. Brester
feae7370ce
Update THANKS
2016-11-28 23:19:24 +01:00
sebres
45f1d811c9
Merge branch 'alex1702-1586'
2016-11-28 18:54:02 +01:00
sebres
67c14afd8e
ChangeLog entry added + jail.conf review
2016-11-28 18:51:23 +01:00
sebres
425170cef3
code review, makes the test cases workable, added dev-notes
2016-11-28 18:39:07 +01:00
Serg G. Brester
8d9fe5d3da
Merge pull request #1583 from sebres/_0.10/fix-datedetector-grave-fix-v2
...
0.10/datedetector grave fix
2016-11-28 17:37:36 +01:00
sebres
8018796b45
wrong indentation (important code-piece in if log-level only)
2016-11-28 17:17:48 +01:00
sebres
39c343bd06
better reorder templates handling, code coverage increase (a small part of _reorderTemplate was not covered at all)
2016-11-28 15:18:31 +01:00
sebres
5d5ab27435
small amend: removed unreachable code + coverage increase
2016-11-28 13:17:36 +01:00
Serg G. Brester
f827675822
Merge pull request #1627 from sebres/fix-gh-1626
...
Fix gh-1626: one space after ModSecurity
2016-11-28 12:00:53 +01:00
sebres
b8c41dcb49
ChangeLog update
2016-11-28 11:31:51 +01:00
sebres
931eab84b5
`filter.d/apache-modsecurity.conf`
...
- fixed for newer version (one space, closes gh-1626)
reviewed and optimized:
- non-greedy catch-all replaced for safer match
- unneeded catch-all anchoring removed
- non-capturing groups
2016-11-28 11:28:27 +01:00
sebres
c06084d7d9
_start_params - fix: symlinks should be absolute paths
2016-11-28 11:04:37 +01:00
sebres
40cbe96352
Merge remote-tracking branch 0.10 into _0.10/fix-datedetector-grave-fix-v2
2016-11-28 11:03:11 +01:00
Serg G. Brester
389ad10344
Merge pull request #1622 from sebres/_0.10/configreader-and-more
...
0.10/configreader and more: substitution `%(param)s` from init block
2016-11-28 10:08:30 +01:00
Serg G. Brester
b8b5907706
Merge pull request #1624 from sebres/fix-gh-1623
...
filter.d/dovecot.conf update: ignore additionally irrelevant info in anchored regex before "auth failed"
2016-11-26 17:07:39 +01:00
sebres
5678d08a79
filter.d/dovecot.conf update:
...
- fixes failregex, that ignores failures through some irrelevant info (closes #1623 );
- ignores whole additionally irrelevant info in anchored regex before fixed failure data `\((?:auth failed, \d+ attempts( in \d+ secs)?|tried to use (disabled|disallowed) \S+ auth)\)`
- review, IPv6 compatibility fix, non-capturing groups
2016-11-26 16:50:37 +01:00
sebres
ce540554c5
Merge configreader-py3-compat branch into _0.10/configreader-and-more
2016-11-25 20:14:45 +01:00
sebres
ec7bb0d6c9
python 3x compatibility fix (positional arguments vs named arguments)
2016-11-25 20:12:49 +01:00
Serg G. Brester
ac1729e473
Merge pull request #1620 from fail2ban/close-gh-1120
...
jail.conf: added `knocking_url` filter-parameter of `pass2allow-ftp`...
2016-11-25 19:29:10 +01:00
sebres
a2af19c9f0
fixed several actions, that could not work with jails using multiple logpath; additionally repaired execution in default shell (bad substitution by `${x//...}` executing in `/bin/sh`);
...
added helper "action.d/helpers-common.conf", and `_grep_logs` part-command for actions needed grep logs from multiple log-files
test cases: executing of some complex actions covered
2016-11-25 19:27:26 +01:00
sebres
65abc639cc
allow newline in extra init-parameters of action/filter (or interpolation of it), e. g. action[..., logpath="%(logpath)s"]
2016-11-25 16:56:46 +01:00
sebres
097970781c
filter/action (and its includes): substitution `%(param)s` may be used now (instead of `<param>`) for init-values specified in jail-configs via `action[param1="...", param2=...]`;
...
substitution `<param>` should be used for dynamic interpolation only (todo: review configurations to replace it);
2016-11-25 16:53:46 +01:00
sebres
b856e1dadc
Merge pull request #1618 from sebres/_0.10/systemd-service
2016-11-24 20:45:17 +01:00
sebres
308bba448c
ChangeLog update
2016-11-24 20:43:55 +01:00
sebres
95dd76b7dd
Merge pull request #1619 from sebres/_0.10/skip-wrong-jails
2016-11-24 20:27:40 +01:00
sebres
d908688b56
ChangeLog update
2016-11-24 20:25:08 +01:00
Serg G. Brester
4f5389fee5
Update jail.conf
2016-11-24 19:30:10 +01:00
sebres
45174c5eaf
if fail2ban running as systemd-service, for logging to the systemd-journal, the `logtarget` could be set to STDOUT
...
small fixes by logging in stdout (+ system targets also allowed in lowercase now)
2016-11-24 12:13:47 +01:00
sebres
1cd67ecaa2
automatically creates /var/run/fail2ban before start fail2ban (systems which /var/run/ is virtual resp. memory mount device)
2016-11-24 11:37:18 +01:00
sebres
7256a5cb8e
code review: back to previous code - no skipping in testReadTestJailConf
2016-11-22 17:55:27 +01:00
sebres
8ed5b44bfd
no cover for sporadic executed (time-related) code pieces (just to prevent randomly increasing/decreasing of coverage)
2016-11-22 17:38:32 +01:00
sebres
fdac44ca58
introduced new option `-t` or `--test` to test configuration resp. start server only if configuration is clean (not skip wrong configured jails if option `-t` specified);
2016-11-22 17:08:44 +01:00
sebres
3e9852d4d2
code review, increase coverage
2016-11-22 14:56:54 +01:00
sebres
4882093a41
test cases extended: cover skipping invalid jail
2016-11-22 14:09:44 +01:00
sebres
e52b47d8f5
normalized log output (all jail parameters in filter are indented with 2 spaces)
2016-11-22 13:57:20 +01:00
sebres
c6e8c700f7
test cases fixed
2016-11-22 13:57:06 +01:00
sebres
77dc5a334c
really skips invalid jails (because of theirs wrong configuration) - server starts nevertheless, as long as one jail was successful configured;
...
message about wrong jail configuration logged in client log (stdout, systemd journal etc.) and in server log as error
2016-11-22 13:23:30 +01:00
sebres
528a7a5abb
systemd service update:
...
- starting service in normal mode (without forking)
- does not restart if service exited normally (exit-code 0, e.g. stopped via fail2ban-client)
- does not restart if service can not start (exit-code 255, e.g. wrong configuration, etc.)
- service can be additionally started/stopped with commands (fail2ban-client, fail2ban-server)
2016-11-22 11:14:27 +01:00
Johannes Weberhofer
f46ada023e
Use Fedora's backend-settings for openSUSE
...
Those settings are ok for newer openSUSE versions
2016-11-22 09:03:54 +01:00
sebres
261f875748
Fixed sporadic tab-replacement (`\n\t` instead of `\n ` by word wrapping) in mime content of smtp-message in test cases, see
...
https://github.com/fail2ban/fail2ban/pull/1410#issuecomment-262000804
2016-11-21 19:06:17 +01:00
Serg G. Brester
44fddc102d
Merge pull request #1616 from sebres/fix-1194
...
[fix-gh-1194] Fixed misleading errors logged from ignorecommand in success case on retcode 1
2016-11-21 17:15:16 +01:00
sebres
701abfd250
ChangeLog entry added
...
+ indentation fix (space-tab replacement)
2016-11-21 17:13:43 +01:00
sebres
c442569b63
executeCmd: added possibility to select success return codes
...
ignorecommand: both return codes (0, 1) are success codes now, so no errors will be logged + test cases extended to check this (and error case)
2016-11-21 16:35:33 +01:00