You can subscribe to this list here.
2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(1) |
Aug
(1) |
Sep
|
Oct
|
Nov
|
Dec
(24) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2007 |
Jan
(31) |
Feb
(17) |
Mar
(14) |
Apr
(5) |
May
(14) |
Jun
(8) |
Jul
(9) |
Aug
(14) |
Sep
(4) |
Oct
(5) |
Nov
(3) |
Dec
(14) |
2008 |
Jan
(6) |
Feb
(5) |
Mar
(29) |
Apr
(6) |
May
(12) |
Jun
|
Jul
(5) |
Aug
(7) |
Sep
|
Oct
(5) |
Nov
|
Dec
|
2009 |
Jan
(7) |
Feb
(8) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(17) |
Sep
(6) |
Oct
|
Nov
|
Dec
(2) |
2010 |
Jan
|
Feb
|
Mar
(1) |
Apr
|
May
(1) |
Jun
(3) |
Jul
|
Aug
|
Sep
(4) |
Oct
|
Nov
|
Dec
|
2011 |
Jan
|
Feb
|
Mar
(10) |
Apr
|
May
(1) |
Jun
(2) |
Jul
(3) |
Aug
(9) |
Sep
(1) |
Oct
|
Nov
|
Dec
|
From: <los...@us...> - 2006-12-18 22:30:32
|
Revision: 493 http://svn.sourceforge.net/fail2ban/?rev=493&view=rev Author: lostcontrol Date: 2006-12-18 14:30:30 -0800 (Mon, 18 Dec 2006) Log Message: ----------- - Reset logging handlers only if new handler succeeds Modified Paths: -------------- trunk/server/server.py Modified: trunk/server/server.py =================================================================== --- trunk/server/server.py 2006-12-18 21:49:10 UTC (rev 492) +++ trunk/server/server.py 2006-12-18 22:30:30 UTC (rev 493) @@ -300,14 +300,18 @@ finally: self.__loggingLock.release() + ## + # Sets the logging target. + # + # target can be a file, SYSLOG, STDOUT or STDERR. + # @param target the logging target + def setLogTarget(self, target): try: self.__loggingLock.acquire() - # Remove previous handler - logging.getLogger("fail2ban").handlers = [] if target == "SYSLOG": facility = logging.handlers.SysLogHandler.LOG_DAEMON - hdlr = logging.handlers.SysLogHandler("/dev/log", + hdlr = logging.handlers.SysLogHandler("/dev/log", facility = facility) elif target == "STDOUT": hdlr = logging.StreamHandler(sys.stdout) @@ -320,8 +324,11 @@ hdlr = logging.FileHandler(target) except IOError: logSys.error("Unable to log to " + target) + logSys.info("Logging to previous target " + self.__logTarget) return False self.__logTarget = target + # Remove previous handler + logging.getLogger("fail2ban").handlers = [] # set a format which is simpler for console use formatter = logging.Formatter("%(asctime)s %(name)-16s: %(levelname)-6s %(message)s") # tell the handler to use this format This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2006-12-18 21:49:25
|
Revision: 492 http://svn.sourceforge.net/fail2ban/?rev=492&view=rev Author: lostcontrol Date: 2006-12-18 13:49:10 -0800 (Mon, 18 Dec 2006) Log Message: ----------- - Send SIGTERM instead of SIGINT when using "-k" Modified Paths: -------------- branches/FAIL2BAN-0_6/CHANGELOG branches/FAIL2BAN-0_6/utils/process.py branches/FAIL2BAN-0_6/version.py Modified: branches/FAIL2BAN-0_6/CHANGELOG =================================================================== --- branches/FAIL2BAN-0_6/CHANGELOG 2006-12-17 22:32:40 UTC (rev 491) +++ branches/FAIL2BAN-0_6/CHANGELOG 2006-12-18 21:49:10 UTC (rev 492) @@ -4,9 +4,13 @@ |_| \__,_|_|_/___|_.__/\__,_|_||_| ============================================================= -Fail2Ban (version 0.6.2) 2006/12/11 +Fail2Ban (version 0.6.3) 200?/??/?? ============================================================= +ver. 0.6.3 (200?/??/??) - stable +---------- +- Send SIGTERM instead of SIGINT when using "-k" + ver. 0.6.2 (2006/12/11) - stable ---------- - Fixed UTF-8 log file parsing Modified: branches/FAIL2BAN-0_6/utils/process.py =================================================================== --- branches/FAIL2BAN-0_6/utils/process.py 2006-12-17 22:32:40 UTC (rev 491) +++ branches/FAIL2BAN-0_6/utils/process.py 2006-12-18 21:49:10 UTC (rev 492) @@ -112,7 +112,7 @@ INT signal (same effect as <ctrl>+<c>). """ try: - return os.kill(pid, 2) + return os.kill(pid, signal.SIGTERM) except OSError: logSys.error("Can not kill process " + `pid` + ". Please check that " + "Fail2Ban is not running and remove the file " + Modified: branches/FAIL2BAN-0_6/version.py =================================================================== --- branches/FAIL2BAN-0_6/version.py 2006-12-17 22:32:40 UTC (rev 491) +++ branches/FAIL2BAN-0_6/version.py 2006-12-18 21:49:10 UTC (rev 492) @@ -24,4 +24,4 @@ __copyright__ = "Copyright (c) 2004 Cyril Jaquier" __license__ = "GPL" -version = "0.6.2" +version = "0.6.2-SVN" This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2006-12-17 22:32:41
|
Revision: 491 http://svn.sourceforge.net/fail2ban/?rev=491&view=rev Author: lostcontrol Date: 2006-12-17 14:32:40 -0800 (Sun, 17 Dec 2006) Log Message: ----------- - Fixed restart. Wait for the server to shutdown Modified Paths: -------------- trunk/files/gentoo-initd Property Changed: ---------------- trunk/files/gentoo-initd Modified: trunk/files/gentoo-initd =================================================================== --- trunk/files/gentoo-initd 2006-12-15 23:02:12 UTC (rev 490) +++ trunk/files/gentoo-initd 2006-12-17 22:32:40 UTC (rev 491) @@ -17,7 +17,7 @@ # # Author: Sireyessire, Cyril Jaquier # -# $Revision: 1.2 $ +# $Revision$ opts="start stop restart reload showlog" @@ -41,6 +41,32 @@ eend $? "Failed to stop fail2ban" } +restart() { + if ! service_stopped "${SVCNAME}" ; then + svc_stop || return "$?" + einfon "Waiting for server to shutdown ." + cnt=0 + while [ 1 ]; do + # Ping fail2ban-server + ${FAIL2BAN} ping &> /dev/null + if [ ! "$?" == "0" ]; then + break + fi + cnt=`expr $cnt + 1` + if [ $cnt -gt 60 ] ; then + # We have waited 1 minute. Failed + echo + eend 1 "Failed" + break + fi + sleep 1 + echo -n "." + done + echo + fi + svc_start +} + reload() { ebegin "Reloading fail2ban" ${FAIL2BAN} reload > /dev/null Property changes on: trunk/files/gentoo-initd ___________________________________________________________________ Name: svn:keywords + Author Date Id Revision This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2006-12-15 23:02:13
|
Revision: 490 http://svn.sourceforge.net/fail2ban/?rev=490&view=rev Author: lostcontrol Date: 2006-12-15 15:02:12 -0800 (Fri, 15 Dec 2006) Log Message: ----------- - Added protocol output for Mediawiki Modified Paths: -------------- trunk/common/protocol.py Modified: trunk/common/protocol.py =================================================================== --- trunk/common/protocol.py 2006-12-14 21:20:03 UTC (rev 489) +++ trunk/common/protocol.py 2006-12-15 23:02:12 UTC (rev 490) @@ -30,19 +30,23 @@ # Describes the protocol used to communicate with the server. protocol = [ +['', "Basic", ""], ["start", "starts the server and the jails"], ["reload", "reloads the configuration"], ["stop", "stops all jails and terminate the server"], ["status", "gets the current status of the server"], ["ping", "tests if the server is alive"], -['', ''], +['', "Logging", ""], ["set loglevel <LEVEL>", "sets logging level to <LEVEL>. 0 is minimal, 4 is debug"], ["get loglevel", "gets the logging level"], ["set logtarget <TARGET>", "sets logging target to <TARGET>. Can be STDOUT, STDERR, SYSLOG or a file"], ["get logtarget", "gets logging target"], -['', ''], +['', "Jail control", ""], ["add <JAIL> <BACKEND>", "creates <JAIL> using <BACKEND>"], -['', ''], +["start <JAIL>", "starts the jail <JAIL>"], +["stop <JAIL>", "stops the jail <JAIL>. The jail is removed"], +["status <JAIL>", "gets the current status of <JAIL>"], +['', "Jail configuration", ""], ["set <JAIL> idle on|off", "sets the idle state of <JAIL>"], ["set <JAIL> addignoreip <IP>", "adds <IP> to the ignore list of <JAIL>"], ["set <JAIL> delignoreip <IP>", "removes <IP> from the ignore list of <JAIL>"], @@ -64,7 +68,7 @@ ["set <JAIL> actioncheck <ACT> <CMD>", "sets the check command <CMD> of the action <ACT> for <JAIL>"], ["set <JAIL> actionban <ACT> <CMD>", "sets the ban command <CMD> of the action <ACT> for <JAIL>"], ["set <JAIL> actionunban <ACT> <CMD>", "sets the unban command <CMD> of the action <ACT> for <JAIL>"], -['', ''], +['', "Jail information", ""], ["get <JAIL> logpath", "gets the list of the monitored files for <JAIL>"], ["get <JAIL> ignoreip", "gets the list of ignored IP addresses for <JAIL>"], ["get <JAIL> timeregex", "gets the regular expression used for the time detection for <JAIL>"], @@ -80,10 +84,6 @@ ["get <JAIL> actioncheck <ACT>", "gets the check command for the action <ACT> for <JAIL>"], ["get <JAIL> actionban <ACT>", "gets the ban command for the action <ACT> for <JAIL>"], ["get <JAIL> actionunban <ACT>", "gets the unban command for the action <ACT> for <JAIL>"], -['', ''], -["start <JAIL>", "starts the jail <JAIL>"], -["stop <JAIL>", "stops the jail <JAIL>. The jail is removed"], -["status <JAIL>", "gets the current status of <JAIL>"] ] ## @@ -94,14 +94,41 @@ INDENT=4 MARGIN=41 WIDTH=34 + firstHeading = False for m in protocol: - if m[0] == '': + if m[0] == '' and firstHeading: print + firstHeading = True first = True for n in textwrap.wrap(m[1], WIDTH): if first: - n = ' ' * INDENT + m[0] + ' ' * (MARGIN - len(m[0])) + n + line = ' ' * INDENT + m[0] + ' ' * (MARGIN - len(m[0])) + n first = False else: - n = ' ' * (INDENT + MARGIN) + n - print n + line = ' ' * (INDENT + MARGIN) + n + print line + +## +# Prints the protocol in a "mediawiki" format. + +def printWiki(): + firstHeading = False + for m in protocol: + if m[0] == '': + if firstHeading: + print "|}" + __printWikiHeader(m[1], m[2]) + firstHeading = True + else: + print "|-" + print "| <span style=\"white-space:nowrap;\"><tt>" + m[0] + "</tt></span> || || " + m[1] + print "|}" + +def __printWikiHeader(section, desc): + print + print "=== " + section + " ===" + print + print desc + print + print "{|" + print "| '''Command''' || || '''Description'''" This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2006-12-14 21:20:18
|
Revision: 489 http://svn.sourceforge.net/fail2ban/?rev=489&view=rev Author: lostcontrol Date: 2006-12-14 13:20:03 -0800 (Thu, 14 Dec 2006) Log Message: ----------- - Use numeric output for iptables in "actioncheck" Modified Paths: -------------- trunk/CHANGELOG trunk/config/action.d/iptables.conf Modified: trunk/CHANGELOG =================================================================== --- trunk/CHANGELOG 2006-12-13 23:02:46 UTC (rev 488) +++ trunk/CHANGELOG 2006-12-14 21:20:03 UTC (rev 489) @@ -11,6 +11,7 @@ ---------- - Added a "sleep 1" in redhat-initd. Thanks to Jim Wight - Use /dev/log for SYSLOG output. Thanks to Joerg Sommrey +- Use numeric output for iptables in "actioncheck" ver. 0.7.5 (2006/12/07) - beta ---------- Modified: trunk/config/action.d/iptables.conf =================================================================== --- trunk/config/action.d/iptables.conf 2006-12-13 23:02:46 UTC (rev 488) +++ trunk/config/action.d/iptables.conf 2006-12-14 21:20:03 UTC (rev 489) @@ -27,7 +27,7 @@ # Notes.: command executed once before each fwban command # Values: CMD # -actioncheck = iptables -L INPUT | grep -q fail2ban-<name> +actioncheck = iptables -n -L INPUT | grep -q fail2ban-<name> # Option: fwban # Notes.: command executed when banning an IP. Take care that the This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2006-12-13 23:02:47
|
Revision: 488 http://svn.sourceforge.net/fail2ban/?rev=488&view=rev Author: lostcontrol Date: 2006-12-13 15:02:46 -0800 (Wed, 13 Dec 2006) Log Message: ----------- - Use /dev/log for SYSLOG output. Thanks to Joerg Sommrey Modified Paths: -------------- trunk/CHANGELOG trunk/config/fail2ban.conf trunk/server/server.py Modified: trunk/CHANGELOG =================================================================== --- trunk/CHANGELOG 2006-12-11 22:18:41 UTC (rev 487) +++ trunk/CHANGELOG 2006-12-13 23:02:46 UTC (rev 488) @@ -10,6 +10,7 @@ ver. 0.7.6 (200?/??/??) - ??? ---------- - Added a "sleep 1" in redhat-initd. Thanks to Jim Wight +- Use /dev/log for SYSLOG output. Thanks to Joerg Sommrey ver. 0.7.5 (2006/12/07) - beta ---------- Modified: trunk/config/fail2ban.conf =================================================================== --- trunk/config/fail2ban.conf 2006-12-11 22:18:41 UTC (rev 487) +++ trunk/config/fail2ban.conf 2006-12-13 23:02:46 UTC (rev 488) @@ -18,8 +18,9 @@ loglevel = 3 # Option: logtarget -# Notes.: Set the log target. This could be a file, SYSLOG, STDERR. -# Values: STDERR SYSLOG file Default: /var/log/fail2ban.log +# Notes.: Set the log target. This could be a file, SYSLOG, STDERR or STDOUT. +# Only one log target can be specified. +# Values: STDOUT STDERR SYSLOG file Default: /var/log/fail2ban.log # logtarget = /var/log/fail2ban.log Modified: trunk/server/server.py =================================================================== --- trunk/server/server.py 2006-12-11 22:18:41 UTC (rev 487) +++ trunk/server/server.py 2006-12-13 23:02:46 UTC (rev 488) @@ -306,7 +306,9 @@ # Remove previous handler logging.getLogger("fail2ban").handlers = [] if target == "SYSLOG": - hdlr = logging.handlers.SysLogHandler() + facility = logging.handlers.SysLogHandler.LOG_DAEMON + hdlr = logging.handlers.SysLogHandler("/dev/log", + facility = facility) elif target == "STDOUT": hdlr = logging.StreamHandler(sys.stdout) elif target == "STDERR": This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2006-12-11 22:18:47
|
Revision: 487 http://svn.sourceforge.net/fail2ban/?rev=487&view=rev Author: lostcontrol Date: 2006-12-11 14:18:41 -0800 (Mon, 11 Dec 2006) Log Message: ----------- - Tag for 0.6.2 Added Paths: ----------- tags/FAIL2BAN-0_6_2/ Copied: tags/FAIL2BAN-0_6_2 (from rev 486, branches/FAIL2BAN-0_6) This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2006-12-11 21:44:01
|
Revision: 486 http://svn.sourceforge.net/fail2ban/?rev=486&view=rev Author: lostcontrol Date: 2006-12-11 13:43:57 -0800 (Mon, 11 Dec 2006) Log Message: ----------- - Update for release (0.6.2) Modified Paths: -------------- branches/FAIL2BAN-0_6/CHANGELOG branches/FAIL2BAN-0_6/README branches/FAIL2BAN-0_6/version.py Modified: branches/FAIL2BAN-0_6/CHANGELOG =================================================================== --- branches/FAIL2BAN-0_6/CHANGELOG 2006-12-11 21:14:58 UTC (rev 485) +++ branches/FAIL2BAN-0_6/CHANGELOG 2006-12-11 21:43:57 UTC (rev 486) @@ -4,10 +4,10 @@ |_| \__,_|_|_/___|_.__/\__,_|_||_| ============================================================= -Fail2Ban (version 0.6.2) 2006/??/?? +Fail2Ban (version 0.6.2) 2006/12/11 ============================================================= -ver. 0.6.2 (2006/??/??) - ??? +ver. 0.6.2 (2006/12/11) - stable ---------- - Fixed UTF-8 log file parsing - Propagated patches introduced by Debian maintainer Modified: branches/FAIL2BAN-0_6/README =================================================================== --- branches/FAIL2BAN-0_6/README 2006-12-11 21:14:58 UTC (rev 485) +++ branches/FAIL2BAN-0_6/README 2006-12-11 21:43:57 UTC (rev 486) @@ -4,7 +4,7 @@ |_| \__,_|_|_/___|_.__/\__,_|_||_| ============================================================= -Fail2Ban (version 0.6.2) 2006/??/?? +Fail2Ban (version 0.6.2) 2006/12/11 ============================================================= Fail2Ban scans log files like /var/log/pwdfail and bans IP @@ -116,6 +116,12 @@ -v verbose. Use twice for greater effect -V print software version +Please note that a vulnerability (CVE-2006-6302) affects +version < 0.6.2. Since 0.6.2, a named group "host" was added +to "failregex". This group must match the host address. Old +configuration files will still work but will generate a +warning. In this case, please update your configuration file. + Contact: -------- Modified: branches/FAIL2BAN-0_6/version.py =================================================================== --- branches/FAIL2BAN-0_6/version.py 2006-12-11 21:14:58 UTC (rev 485) +++ branches/FAIL2BAN-0_6/version.py 2006-12-11 21:43:57 UTC (rev 486) @@ -24,4 +24,4 @@ __copyright__ = "Copyright (c) 2004 Cyril Jaquier" __license__ = "GPL" -version = "0.6.1-SVN" +version = "0.6.2" This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2006-12-11 21:15:48
|
Revision: 485 http://svn.sourceforge.net/fail2ban/?rev=485&view=rev Author: lostcontrol Date: 2006-12-11 13:14:58 -0800 (Mon, 11 Dec 2006) Log Message: ----------- - Added pydev project file Added Paths: ----------- branches/FAIL2BAN-0_6/.pydevproject Added: branches/FAIL2BAN-0_6/.pydevproject =================================================================== --- branches/FAIL2BAN-0_6/.pydevproject (rev 0) +++ branches/FAIL2BAN-0_6/.pydevproject 2006-12-11 21:14:58 UTC (rev 485) @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<?eclipse-pydev version="1.0"?> + +<pydev_project> +<pydev_property name="org.python.pydev.PYTHON_PROJECT_VERSION">python 2.4</pydev_property> +<pydev_pathproperty name="org.python.pydev.PROJECT_SOURCE_PATH"> +<path>/fail2ban-stable/confreader</path> +<path>/fail2ban-stable/firewall</path> +<path>/fail2ban-stable/logreader</path> +<path>/fail2ban-stable/utils</path> +</pydev_pathproperty> +</pydev_project> This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2006-12-10 21:16:37
|
Revision: 484 http://svn.sourceforge.net/fail2ban/?rev=484&view=rev Author: lostcontrol Date: 2006-12-10 13:16:26 -0800 (Sun, 10 Dec 2006) Log Message: ----------- - Added named group "host" for "failregex" - Fixed vulnerability CVE-2006-6302 Modified Paths: -------------- branches/FAIL2BAN-0_6/CHANGELOG branches/FAIL2BAN-0_6/README branches/FAIL2BAN-0_6/config/fail2ban.conf.hostsdeny branches/FAIL2BAN-0_6/config/fail2ban.conf.iptables branches/FAIL2BAN-0_6/config/fail2ban.conf.shorewall branches/FAIL2BAN-0_6/logreader/logreader.py branches/FAIL2BAN-0_6/version.py Modified: branches/FAIL2BAN-0_6/CHANGELOG =================================================================== --- branches/FAIL2BAN-0_6/CHANGELOG 2006-12-10 16:46:54 UTC (rev 483) +++ branches/FAIL2BAN-0_6/CHANGELOG 2006-12-10 21:16:26 UTC (rev 484) @@ -14,6 +14,8 @@ (Yaroslav Halchenko): * Made locale configurable * Fixed warning if ignoreip is empty +- Added named group "host" for "failregex". Fixed security + vulnerability CVE-2006-6302 ver. 0.6.1 (2006/03/16) - stable ---------- Modified: branches/FAIL2BAN-0_6/README =================================================================== --- branches/FAIL2BAN-0_6/README 2006-12-10 16:46:54 UTC (rev 483) +++ branches/FAIL2BAN-0_6/README 2006-12-10 21:16:26 UTC (rev 484) @@ -4,7 +4,7 @@ |_| \__,_|_|_/___|_.__/\__,_|_||_| ============================================================= -Fail2Ban (version 0.6.1) 2006/03/16 +Fail2Ban (version 0.6.2) 2006/??/?? ============================================================= Fail2Ban scans log files like /var/log/pwdfail and bans IP @@ -58,8 +58,8 @@ To install, just do: -> tar xvfj fail2ban-0.6.1.tar.bz2 -> cd fail2ban-0.6.1 +> tar xvfj fail2ban-0.6.2.tar.bz2 +> cd fail2ban-0.6.2 > python setup.py install This will install Fail2Ban into /usr/lib/fail2ban. The @@ -130,10 +130,10 @@ Thanks: ------- -K\xE9vin Drapel, Marvin Rouge, Sireyessire, Robert Edeker, +Kévin Drapel, Marvin Rouge, Sireyessire, Robert Edeker, Tom Pike, Iain Lea, Andrey G. Grozin, Yaroslav Halchenko, Jonathan Kamens, Stephen Gildea, Markus Hoffmann, Mark -Edgington, Patrick B\xF6rjesson, kojiro, zugeschmiert +Edgington, Patrick Börjesson, kojiro, zugeschmiert License: -------- Modified: branches/FAIL2BAN-0_6/config/fail2ban.conf.hostsdeny =================================================================== --- branches/FAIL2BAN-0_6/config/fail2ban.conf.hostsdeny 2006-12-10 16:46:54 UTC (rev 483) +++ branches/FAIL2BAN-0_6/config/fail2ban.conf.hostsdeny 2006-12-10 21:16:26 UTC (rev 484) @@ -257,7 +257,7 @@ # Notes.: regex to match the password failure messages in the logfile. # Values: TEXT Default: authentication failure|user .* not found # -failregex = authentication failure|user .* not found +failregex = [[]client (?P<host>\S*)[]] user .*(?:: authentication failure|not found) [VSFTPD] @@ -297,7 +297,7 @@ # Notes.: regex to match the password failures messages in the logfile. # Values: TEXT Default: Authentication failure|Failed password|Invalid user # -failregex = FAIL LOGIN +failregex = vsftpd: \(pam_unix\) authentication failure; .* rhost=(?P<host>\S+) [SSH] @@ -333,4 +333,4 @@ # Notes.: regex to match the password failures messages in the logfile. # Values: TEXT Default: Authentication failure|Failed password|Invalid user # -failregex = Authentication failure|Failed password|Invalid user +failregex = : (?:(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|nvalid) user)?|[Ii](?:llegal|nvalid) user|ROOT LOGIN REFUSED) .*(?: from|FROM) (?:::f{4,6}:)?(?P<host>\S*) Modified: branches/FAIL2BAN-0_6/config/fail2ban.conf.iptables =================================================================== --- branches/FAIL2BAN-0_6/config/fail2ban.conf.iptables 2006-12-10 16:46:54 UTC (rev 483) +++ branches/FAIL2BAN-0_6/config/fail2ban.conf.iptables 2006-12-10 21:16:26 UTC (rev 484) @@ -285,7 +285,7 @@ # Notes.: regex to match the password failure messages in the logfile. # Values: TEXT Default: authentication failure|user .* not found # -failregex = authentication failure|user .* not found +failregex = [[]client (?P<host>\S*)[]] user .*(?:: authentication failure|not found) [VSFTPD] @@ -325,7 +325,7 @@ # Notes.: regex to match the password failures messages in the logfile. # Values: TEXT Default: Authentication failure|Failed password|Invalid user # -failregex = FAIL LOGIN +failregex = vsftpd: \(pam_unix\) authentication failure; .* rhost=(?P<host>\S+) [SSH] @@ -367,4 +367,4 @@ # Notes.: regex to match the password failures messages in the logfile. # Values: TEXT Default: Authentication failure|Failed password|Invalid user # -failregex = Authentication failure|Failed password|Invalid user +failregex = : (?:(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|nvalid) user)?|[Ii](?:llegal|nvalid) user|ROOT LOGIN REFUSED) .*(?: from|FROM) (?:::f{4,6}:)?(?P<host>\S*) Modified: branches/FAIL2BAN-0_6/config/fail2ban.conf.shorewall =================================================================== --- branches/FAIL2BAN-0_6/config/fail2ban.conf.shorewall 2006-12-10 16:46:54 UTC (rev 483) +++ branches/FAIL2BAN-0_6/config/fail2ban.conf.shorewall 2006-12-10 21:16:26 UTC (rev 484) @@ -251,8 +251,9 @@ # Notes.: regex to match the password failure messages in the logfile. # Values: TEXT Default: authentication failure|user .* not found # -failregex = authentication failure|user .* not found +failregex = [[]client (?P<host>\S*)[]] user .*(?:: authentication failure|not found) + [VSFTPD] # Option: enabled # Notes.: enable monitoring for this section. @@ -284,7 +285,7 @@ # Notes.: regex to match the password failures messages in the logfile. # Values: TEXT Default: Authentication failure|Failed password|Invalid user # -failregex = FAIL LOGIN +failregex = vsftpd: \(pam_unix\) authentication failure; .* rhost=(?P<host>\S+) [SSH] @@ -320,4 +321,4 @@ # Notes.: regex to match the password failures messages in the logfile. # Values: TEXT Default: Authentication failure|Failed password|Invalid user # -failregex = Authentication failure|Failed password|Invalid user +failregex = : (?:(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|nvalid) user)?|[Ii](?:llegal|nvalid) user|ROOT LOGIN REFUSED) .*(?: from|FROM) (?:::f{4,6}:)?(?P<host>\S*) Modified: branches/FAIL2BAN-0_6/logreader/logreader.py =================================================================== --- branches/FAIL2BAN-0_6/logreader/logreader.py 2006-12-10 16:46:54 UTC (rev 483) +++ branches/FAIL2BAN-0_6/logreader/logreader.py 2006-12-10 21:16:26 UTC (rev 484) @@ -177,7 +177,16 @@ timeMatch = re.search(self.timeregex, match.string) if timeMatch: date = self.getUnixTime(timeMatch.group()) - ipMatch = textToIp(match.string) + try: + # Fix for CVE-2006-6302 + matchString = match.group("host") + except IndexError: + # However does not break the current configuration + logSys.warn("No 'host' group defined. This is a security " + + "issue. Please fix your configuration file " + + "and look at CVE-2006-6302") + matchString = match.string + ipMatch = textToIp(matchString) if ipMatch: for ip in ipMatch: failList.append([ip, date]) Modified: branches/FAIL2BAN-0_6/version.py =================================================================== --- branches/FAIL2BAN-0_6/version.py 2006-12-10 16:46:54 UTC (rev 483) +++ branches/FAIL2BAN-0_6/version.py 2006-12-10 21:16:26 UTC (rev 484) @@ -24,4 +24,4 @@ __copyright__ = "Copyright (c) 2004 Cyril Jaquier" __license__ = "GPL" -version = "0.6.1-CVS" +version = "0.6.1-SVN" This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2006-12-10 16:47:02
|
Revision: 483 http://svn.sourceforge.net/fail2ban/?rev=483&view=rev Author: lostcontrol Date: 2006-12-10 08:46:54 -0800 (Sun, 10 Dec 2006) Log Message: ----------- - Prepared for next release Modified Paths: -------------- trunk/CHANGELOG trunk/README trunk/common/version.py Modified: trunk/CHANGELOG =================================================================== --- trunk/CHANGELOG 2006-12-10 16:37:22 UTC (rev 482) +++ trunk/CHANGELOG 2006-12-10 16:46:54 UTC (rev 483) @@ -4,9 +4,13 @@ |_| \__,_|_|_/___|_.__/\__,_|_||_| ============================================================= -Fail2Ban (version 0.7.5) 2006/12/07 +Fail2Ban (version 0.7.6) 200?/??/?? ============================================================= +ver. 0.7.6 (200?/??/??) - ??? +---------- +- Added a "sleep 1" in redhat-initd. Thanks to Jim Wight + ver. 0.7.5 (2006/12/07) - beta ---------- - Do not ban a host that is currently banned. Thanks to Modified: trunk/README =================================================================== --- trunk/README 2006-12-10 16:37:22 UTC (rev 482) +++ trunk/README 2006-12-10 16:46:54 UTC (rev 483) @@ -4,7 +4,7 @@ |_| \__,_|_|_/___|_.__/\__,_|_||_| ============================================================= -Fail2Ban (version 0.7.5) 2006/12/07 +Fail2Ban (version 0.7.6) 200?/??/?? ============================================================= Fail2Ban scans log files like /var/log/pwdfail and bans IP Modified: trunk/common/version.py =================================================================== --- trunk/common/version.py 2006-12-10 16:37:22 UTC (rev 482) +++ trunk/common/version.py 2006-12-10 16:46:54 UTC (rev 483) @@ -24,4 +24,4 @@ __copyright__ = "Copyright (c) 2004 Cyril Jaquier" __license__ = "GPL" -version = "0.7.5" +version = "0.7.5-SVN" This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2006-12-10 16:37:31
|
Revision: 482 http://svn.sourceforge.net/fail2ban/?rev=482&view=rev Author: lostcontrol Date: 2006-12-10 08:37:22 -0800 (Sun, 10 Dec 2006) Log Message: ----------- - Added a "sleep 1". Thanks to Jim Wight Modified Paths: -------------- trunk/files/redhat-initd Modified: trunk/files/redhat-initd =================================================================== --- trunk/files/redhat-initd 2006-12-07 22:31:44 UTC (rev 481) +++ trunk/files/redhat-initd 2006-12-10 16:37:22 UTC (rev 482) @@ -48,6 +48,7 @@ if [ -n "$pid" ]; then $FAIL2BAN stop > /dev/null fi + sleep 1 getpid if [ -z "$pid" ]; then rm -f /var/lock/subsys/fail2ban This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: Cyril J. <cyr...@bl...> - 2006-08-07 20:04:18
|
Hi, I'm sorry but it seems that the commit notification script of Sourceforge doesn't like to send e-mails to this list :( I hope to resolve this soon. Sorry Regards, Cyril Jaquier |
From: Cyril J. <cyr...@bl...> - 2006-07-17 19:40:36
|
This is a test... |