From: <los...@us...> - 2007-12-16 21:38:09
|
Revision: 635 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=635&view=rev Author: lostcontrol Date: 2007-12-16 13:38:04 -0800 (Sun, 16 Dec 2007) Log Message: ----------- - Removed Python 2.4. Minimum required version is now Python 2.3. Modified Paths: -------------- branches/FAIL2BAN-0_8/.pydevproject branches/FAIL2BAN-0_8/CHANGELOG branches/FAIL2BAN-0_8/README branches/FAIL2BAN-0_8/client/configparserinc.py branches/FAIL2BAN-0_8/client/configreader.py branches/FAIL2BAN-0_8/client/configurator.py branches/FAIL2BAN-0_8/client/csocket.py branches/FAIL2BAN-0_8/client/jailreader.py branches/FAIL2BAN-0_8/fail2ban-client branches/FAIL2BAN-0_8/fail2ban-regex branches/FAIL2BAN-0_8/server/action.py branches/FAIL2BAN-0_8/server/banmanager.py branches/FAIL2BAN-0_8/server/datedetector.py branches/FAIL2BAN-0_8/server/datetemplate.py branches/FAIL2BAN-0_8/server/filter.py branches/FAIL2BAN-0_8/server/mytime.py Modified: branches/FAIL2BAN-0_8/.pydevproject =================================================================== --- branches/FAIL2BAN-0_8/.pydevproject 2007-12-16 21:32:54 UTC (rev 634) +++ branches/FAIL2BAN-0_8/.pydevproject 2007-12-16 21:38:04 UTC (rev 635) @@ -2,7 +2,7 @@ <?eclipse-pydev version="1.0"?> <pydev_project> -<pydev_property name="org.python.pydev.PYTHON_PROJECT_VERSION">python 2.4</pydev_property> +<pydev_property name="org.python.pydev.PYTHON_PROJECT_VERSION">python 2.3</pydev_property> <pydev_pathproperty name="org.python.pydev.PROJECT_SOURCE_PATH"> <path>/fail2ban-0.8/client</path> <path>/fail2ban-0.8/server</path> Modified: branches/FAIL2BAN-0_8/CHANGELOG =================================================================== --- branches/FAIL2BAN-0_8/CHANGELOG 2007-12-16 21:32:54 UTC (rev 634) +++ branches/FAIL2BAN-0_8/CHANGELOG 2007-12-16 21:38:04 UTC (rev 635) @@ -25,6 +25,8 @@ - Moved socket to /var/run/fail2ban. - Rewrote the communication server. - Refactoring. Reduced number of files. +- Removed Python 2.4. Minimum required version is now Python + 2.3. ver. 0.8.1 (2007/08/14) - stable ---------- Modified: branches/FAIL2BAN-0_8/README =================================================================== --- branches/FAIL2BAN-0_8/README 2007-12-16 21:32:54 UTC (rev 634) +++ branches/FAIL2BAN-0_8/README 2007-12-16 21:38:04 UTC (rev 635) @@ -4,7 +4,7 @@ |_| \__,_|_|_/___|_.__/\__,_|_||_| ============================================================= -Fail2Ban (version 0.8.1) 2007/08/14 +Fail2Ban (version 0.8.2) 2007/??/?? ============================================================= Fail2Ban scans log files like /var/log/pwdfail and bans IP @@ -21,15 +21,15 @@ ------------- Required: - >=python-2.4 (http://www.python.org) + >=python-2.3 (http://www.python.org) Optional: >=gamin-0.0.21 (http://www.gnome.org/~veillard/gamin) To install, just do: -> tar xvfj fail2ban-0.8.1.tar.bz2 -> cd fail2ban-0.8.1 +> tar xvfj fail2ban-0.8.2.tar.bz2 +> cd fail2ban-0.8.2 > python setup.py install This will install Fail2Ban into /usr/share/fail2ban. The Modified: branches/FAIL2BAN-0_8/client/configparserinc.py =================================================================== --- branches/FAIL2BAN-0_8/client/configparserinc.py 2007-12-16 21:32:54 UTC (rev 634) +++ branches/FAIL2BAN-0_8/client/configparserinc.py 2007-12-16 21:38:04 UTC (rev 635) @@ -55,7 +55,7 @@ """ - @staticmethod + #@staticmethod def getIncludedFiles(filename, sectionName='INCLUDES', defaults={}, seen=[]): """ @@ -83,6 +83,7 @@ filenames = newFiles[0][1] + [filename] + newFiles[1][1] #print "Includes list for " + filename + " is " + `filenames` return filenames + getIncludedFiles = staticmethod(getIncludedFiles) def read(self, filenames): Modified: branches/FAIL2BAN-0_8/client/configreader.py =================================================================== --- branches/FAIL2BAN-0_8/client/configreader.py 2007-12-16 21:32:54 UTC (rev 634) +++ branches/FAIL2BAN-0_8/client/configreader.py 2007-12-16 21:38:04 UTC (rev 635) @@ -41,14 +41,16 @@ ConfigReader.BASE_DIRECTORY} ) self.__opts = None - @staticmethod + #@staticmethod def setBaseDir(folderName): path = folderName.rstrip('/') ConfigReader.BASE_DIRECTORY = path + '/' + setBaseDir = staticmethod(setBaseDir) - @staticmethod + #@staticmethod def getBaseDir(): return ConfigReader.BASE_DIRECTORY + getBaseDir = staticmethod(getBaseDir) def read(self, filename): basename = ConfigReader.BASE_DIRECTORY + filename Modified: branches/FAIL2BAN-0_8/client/configurator.py =================================================================== --- branches/FAIL2BAN-0_8/client/configurator.py 2007-12-16 21:32:54 UTC (rev 634) +++ branches/FAIL2BAN-0_8/client/configurator.py 2007-12-16 21:38:04 UTC (rev 635) @@ -40,13 +40,15 @@ self.__fail2ban = Fail2banReader() self.__jails = JailsReader() - @staticmethod + #@staticmethod def setBaseDir(folderName): ConfigReader.setBaseDir(folderName) + setBaseDir = staticmethod(setBaseDir) - @staticmethod + #@staticmethod def getBaseDir(): return ConfigReader.getBaseDir() + getBaseDir = staticmethod(getBaseDir) def readEarly(self): self.__fail2ban.read() Modified: branches/FAIL2BAN-0_8/client/csocket.py =================================================================== --- branches/FAIL2BAN-0_8/client/csocket.py 2007-12-16 21:32:54 UTC (rev 634) +++ branches/FAIL2BAN-0_8/client/csocket.py 2007-12-16 21:38:04 UTC (rev 635) @@ -47,7 +47,7 @@ self.__csock.close() return ret - @staticmethod + #@staticmethod def receive(sock): msg = '' while msg.rfind(CSocket.END_STRING) == -1: @@ -56,3 +56,4 @@ raise RuntimeError, "socket connection broken" msg = msg + chunk return loads(msg) + receive = staticmethod(receive) Modified: branches/FAIL2BAN-0_8/client/jailreader.py =================================================================== --- branches/FAIL2BAN-0_8/client/jailreader.py 2007-12-16 21:32:54 UTC (rev 634) +++ branches/FAIL2BAN-0_8/client/jailreader.py 2007-12-16 21:38:04 UTC (rev 635) @@ -129,7 +129,7 @@ stream.insert(0, ["add", self.__name, backend]) return stream - @staticmethod + #@staticmethod def splitAction(action): m = JailReader.actionCRE.match(action) d = dict() @@ -165,3 +165,4 @@ except IndexError: logSys.error("Invalid argument %s in '%s'" % (p, m.group(2))) return [m.group(1), d] + splitAction = staticmethod(splitAction) Modified: branches/FAIL2BAN-0_8/fail2ban-client =================================================================== --- branches/FAIL2BAN-0_8/fail2ban-client 2007-12-16 21:32:54 UTC (rev 634) +++ branches/FAIL2BAN-0_8/fail2ban-client 2007-12-16 21:38:04 UTC (rev 635) @@ -357,11 +357,12 @@ self.__stream = self.__configurator.getConfigStream() return ret - @staticmethod + #@staticmethod def dumpConfig(cmd): for c in cmd: print c return True + dumpConfig = staticmethod(dumpConfig) class ServerExecutionException(Exception): Modified: branches/FAIL2BAN-0_8/fail2ban-regex =================================================================== --- branches/FAIL2BAN-0_8/fail2ban-regex 2007-12-16 21:32:54 UTC (rev 634) +++ branches/FAIL2BAN-0_8/fail2ban-regex 2007-12-16 21:38:04 UTC (rev 635) @@ -35,7 +35,7 @@ from ConfigParser import NoOptionError, NoSectionError, MissingSectionHeaderError from common.version import version from server.filter import Filter -from server.regex import RegexException +from server.failregex import RegexException # Gets the instance of the logger. logSys = logging.getLogger("fail2ban.regex") @@ -82,7 +82,7 @@ logging.getLogger("fail2ban").addHandler(self.__hdlr) logging.getLogger("fail2ban").setLevel(logging.ERROR) - @staticmethod + #@staticmethod def dispVersion(): print "Fail2Ban v" + version print @@ -92,8 +92,9 @@ print print "Written by Cyril Jaquier <los...@us...>." print "Many contributions by Yaroslav O. Halchenko <de...@on...>." + dispVersion = staticmethod(dispVersion) - @staticmethod + #@staticmethod def dispUsage(): print "Usage: "+sys.argv[0]+" [OPTIONS] <LOG> <REGEX> [IGNOREREGEX]" print @@ -119,6 +120,7 @@ print " filename path to a filter file (filter.d/sshd.conf)" print print "Report bugs to <los...@us...>" + dispUsage = staticmethod(dispUsage) def getCmdLineOptions(self, optList): """ Gets the command line options @@ -131,9 +133,10 @@ self.dispVersion() sys.exit(0) - @staticmethod + #@staticmethod def logIsFile(value): return os.path.isfile(value) + logIsFile = staticmethod(logIsFile) def readIgnoreRegex(self, value): if os.path.isfile(value): Modified: branches/FAIL2BAN-0_8/server/action.py =================================================================== --- branches/FAIL2BAN-0_8/server/action.py 2007-12-16 21:32:54 UTC (rev 634) +++ branches/FAIL2BAN-0_8/server/action.py 2007-12-16 21:38:04 UTC (rev 635) @@ -231,7 +231,7 @@ # @param aInfo the properties # @return a string - @staticmethod + #@staticmethod def replaceTag(query, aInfo): """ Replace tags in query """ @@ -241,6 +241,7 @@ # New line string = string.replace("<br>", '\n') return string + replaceTag = staticmethod(replaceTag) ## # Executes a command with preliminary checks and substitutions. @@ -297,7 +298,7 @@ # @param realCmd the command to execute # @return True if the command succeeded - @staticmethod + #@staticmethod def executeCmd(realCmd): logSys.debug(realCmd) try: @@ -312,3 +313,5 @@ except OSError, e: logSys.error("%s failed with %s" % (realCmd, e)) return False + executeCmd = staticmethod(executeCmd) + Modified: branches/FAIL2BAN-0_8/server/banmanager.py =================================================================== --- branches/FAIL2BAN-0_8/server/banmanager.py 2007-12-16 21:32:54 UTC (rev 634) +++ branches/FAIL2BAN-0_8/server/banmanager.py 2007-12-16 21:38:04 UTC (rev 635) @@ -125,7 +125,7 @@ # @param ticket the FailTicket # @return a BanTicket - @staticmethod + #@staticmethod def createBanTicket(ticket): ip = ticket.getIP() #lastTime = ticket.getTime() @@ -133,6 +133,7 @@ banTicket = BanTicket(ip, lastTime) banTicket.setAttempt(ticket.getAttempt()) return banTicket + createBanTicket = staticmethod(createBanTicket) ## # Add a ban ticket. Modified: branches/FAIL2BAN-0_8/server/datedetector.py =================================================================== --- branches/FAIL2BAN-0_8/server/datedetector.py 2007-12-16 21:32:54 UTC (rev 634) +++ branches/FAIL2BAN-0_8/server/datedetector.py 2007-12-16 21:38:04 UTC (rev 635) @@ -164,8 +164,7 @@ try: self.__lock.acquire() logSys.debug("Sorting the template list") - self.__templates.sort(cmp = lambda x, y: - cmp(x.getHits(), y.getHits()), - reverse = True) + self.__templates.sort(lambda x, y: cmp(x.getHits(), y.getHits())) + self.__templates.reverse() finally: self.__lock.release() Modified: branches/FAIL2BAN-0_8/server/datetemplate.py =================================================================== --- branches/FAIL2BAN-0_8/server/datetemplate.py 2007-12-16 21:32:54 UTC (rev 634) +++ branches/FAIL2BAN-0_8/server/datetemplate.py 2007-12-16 21:38:04 UTC (rev 635) @@ -114,13 +114,14 @@ def __init__(self): DateTemplate.__init__(self) - @staticmethod + #@staticmethod def convertLocale(date): for t in DateStrptime.TABLE: for m in DateStrptime.TABLE[t]: if date.find(m) >= 0: return date.replace(m, t) return date + convertLocale = staticmethod(convertLocale) def getDate(self, line): date = None Modified: branches/FAIL2BAN-0_8/server/filter.py =================================================================== --- branches/FAIL2BAN-0_8/server/filter.py 2007-12-16 21:32:54 UTC (rev 634) +++ branches/FAIL2BAN-0_8/server/filter.py 2007-12-16 21:38:04 UTC (rev 635) @@ -498,7 +498,7 @@ DNS_CRE = re.compile("(?:(?:\w|-)+\.){2,}\w+") IP_CRE = re.compile("(?:\d{1,3}\.){3}\d{1,3}") - @staticmethod + #@staticmethod def dnsToIp(dns): """ Convert a DNS into an IP address using the Python socket module. Thanks to Kevin Drapel. @@ -509,8 +509,9 @@ logSys.warn("Unable to find a corresponding IP address for %s" % dns) return list() + dnsToIp = staticmethod(dnsToIp) - @staticmethod + #@staticmethod def searchIP(text): """ Search if an IP address if directly available and return it. @@ -520,8 +521,9 @@ return match else: return None + searchIP = staticmethod(searchIP) - @staticmethod + #@staticmethod def isValidIP(string): """ Return true if str is a valid IP """ @@ -531,8 +533,9 @@ return True except socket.error: return False + isValidIP = staticmethod(isValidIP) - @staticmethod + #@staticmethod def textToIp(text): """ Return the IP of DNS found in a given text. """ @@ -549,8 +552,9 @@ for e in ip: ipList.append(e) return ipList + textToIp = staticmethod(textToIp) - @staticmethod + #@staticmethod def cidr(i, n): """ Convert an IP address string with a CIDR mask into a 32-bit integer. @@ -558,15 +562,18 @@ # 32-bit IPv4 address mask MASK = 0xFFFFFFFFL return ~(MASK >> n) & MASK & DNSUtils.addr2bin(i) + cidr = staticmethod(cidr) - @staticmethod + #@staticmethod def addr2bin(string): """ Convert a string IPv4 address into an unsigned integer. """ return struct.unpack("!L", socket.inet_aton(string))[0] + addr2bin = staticmethod(addr2bin) - @staticmethod + #@staticmethod def bin2addr(addr): """ Convert a numeric IPv4 address into string n.n.n.n form. """ return socket.inet_ntoa(struct.pack("!L", addr)) + bin2addr = staticmethod(bin2addr) Modified: branches/FAIL2BAN-0_8/server/mytime.py =================================================================== --- branches/FAIL2BAN-0_8/server/mytime.py 2007-12-16 21:32:54 UTC (rev 634) +++ branches/FAIL2BAN-0_8/server/mytime.py 2007-12-16 21:38:04 UTC (rev 635) @@ -46,31 +46,34 @@ # # @param t the time to set or None - @staticmethod + #@staticmethod def setTime(t): MyTime.myTime = t + setTime = staticmethod(setTime) ## # Equivalent to time.time() # # @return time.time() if setTime was called with None - @staticmethod + #@staticmethod def time(): if MyTime.myTime == None: return time.time() else: return MyTime.myTime + time = staticmethod(time) ## # Equivalent to time.gmtime() # # @return time.gmtime() if setTime was called with None - @staticmethod + #@staticmethod def gmtime(): if MyTime.myTime == None: return time.gmtime() else: return time.gmtime(MyTime.myTime) + gmtime = staticmethod(gmtime) \ No newline at end of file This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2007-12-17 20:00:33
|
Revision: 638 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=638&view=rev Author: lostcontrol Date: 2007-12-17 12:00:36 -0800 (Mon, 17 Dec 2007) Log Message: ----------- - Refactoring. Merged failticket and banticket into ticket. Modified Paths: -------------- branches/FAIL2BAN-0_8/MANIFEST branches/FAIL2BAN-0_8/server/banmanager.py branches/FAIL2BAN-0_8/server/failmanager.py branches/FAIL2BAN-0_8/server/ticket.py branches/FAIL2BAN-0_8/testcases/banmanagertestcase.py branches/FAIL2BAN-0_8/testcases/failmanagertestcase.py Removed Paths: ------------- branches/FAIL2BAN-0_8/server/banticket.py branches/FAIL2BAN-0_8/server/failticket.py Modified: branches/FAIL2BAN-0_8/MANIFEST =================================================================== --- branches/FAIL2BAN-0_8/MANIFEST 2007-12-17 19:57:19 UTC (rev 637) +++ branches/FAIL2BAN-0_8/MANIFEST 2007-12-17 20:00:36 UTC (rev 638) @@ -18,12 +18,10 @@ client/configurator.py client/csocket.py server/asyncserver.py -server/banticket.py server/filter.py server/filtergamin.py server/filterpoll.py server/server.py -server/failticket.py server/actions.py server/faildata.py server/failmanager.py Modified: branches/FAIL2BAN-0_8/server/banmanager.py =================================================================== --- branches/FAIL2BAN-0_8/server/banmanager.py 2007-12-17 19:57:19 UTC (rev 637) +++ branches/FAIL2BAN-0_8/server/banmanager.py 2007-12-17 20:00:36 UTC (rev 638) @@ -24,7 +24,7 @@ __copyright__ = "Copyright (c) 2004 Cyril Jaquier" __license__ = "GPL" -from banticket import BanTicket +from ticket import BanTicket from threading import Lock from mytime import MyTime import logging Deleted: branches/FAIL2BAN-0_8/server/banticket.py =================================================================== --- branches/FAIL2BAN-0_8/server/banticket.py 2007-12-17 19:57:19 UTC (rev 637) +++ branches/FAIL2BAN-0_8/server/banticket.py 2007-12-17 20:00:36 UTC (rev 638) @@ -1,50 +0,0 @@ -# This file is part of Fail2Ban. -# -# Fail2Ban is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# Fail2Ban is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Fail2Ban; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - -# Author: Cyril Jaquier -# -# $Revision$ - -__author__ = "Cyril Jaquier" -__version__ = "$Revision$" -__date__ = "$Date$" -__copyright__ = "Copyright (c) 2004 Cyril Jaquier" -__license__ = "GPL" - -import logging -from ticket import Ticket - -# Gets the instance of the logger. -logSys = logging.getLogger("fail2ban") - -## -# Ban Ticket. -# -# This class extends the Ticket class. It is mainly used by the BanManager. - -class BanTicket(Ticket): - - ## - # Constructor. - # - # Call the Ticket (parent) constructor and initialize default - # values. - # @param ip the IP address - # @param time the ban time - - def __init__(self, ip, time): - Ticket.__init__(self, ip, time) - \ No newline at end of file Modified: branches/FAIL2BAN-0_8/server/failmanager.py =================================================================== --- branches/FAIL2BAN-0_8/server/failmanager.py 2007-12-17 19:57:19 UTC (rev 637) +++ branches/FAIL2BAN-0_8/server/failmanager.py 2007-12-17 20:00:36 UTC (rev 638) @@ -25,7 +25,7 @@ __license__ = "GPL" from faildata import FailData -from failticket import FailTicket +from ticket import FailTicket from threading import Lock import logging Deleted: branches/FAIL2BAN-0_8/server/failticket.py =================================================================== --- branches/FAIL2BAN-0_8/server/failticket.py 2007-12-17 19:57:19 UTC (rev 637) +++ branches/FAIL2BAN-0_8/server/failticket.py 2007-12-17 20:00:36 UTC (rev 638) @@ -1,37 +0,0 @@ -# This file is part of Fail2Ban. -# -# Fail2Ban is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# Fail2Ban is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Fail2Ban; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - -# Author: Cyril Jaquier -# -# $Revision$ - -__author__ = "Cyril Jaquier" -__version__ = "$Revision$" -__date__ = "$Date$" -__copyright__ = "Copyright (c) 2004 Cyril Jaquier" -__license__ = "GPL" - -import logging -from ticket import Ticket - -# Gets the instance of the logger. -logSys = logging.getLogger("fail2ban") - -class FailTicket(Ticket): - - def __init__(self, ip, time): - Ticket.__init__(self, ip, time) - \ No newline at end of file Modified: branches/FAIL2BAN-0_8/server/ticket.py =================================================================== --- branches/FAIL2BAN-0_8/server/ticket.py 2007-12-17 19:57:19 UTC (rev 637) +++ branches/FAIL2BAN-0_8/server/ticket.py 2007-12-17 20:00:36 UTC (rev 638) @@ -53,4 +53,28 @@ def getAttempt(self): return self.__attempt - \ No newline at end of file + + +class FailTicket(Ticket): + + def __init__(self, ip, time): + Ticket.__init__(self, ip, time) + + +## +# Ban Ticket. +# +# This class extends the Ticket class. It is mainly used by the BanManager. + +class BanTicket(Ticket): + + ## + # Constructor. + # + # Call the Ticket (parent) constructor and initialize default + # values. + # @param ip the IP address + # @param time the ban time + + def __init__(self, ip, time): + Ticket.__init__(self, ip, time) Modified: branches/FAIL2BAN-0_8/testcases/banmanagertestcase.py =================================================================== --- branches/FAIL2BAN-0_8/testcases/banmanagertestcase.py 2007-12-17 19:57:19 UTC (rev 637) +++ branches/FAIL2BAN-0_8/testcases/banmanagertestcase.py 2007-12-17 20:00:36 UTC (rev 638) @@ -24,9 +24,9 @@ __copyright__ = "Copyright (c) 2004 Cyril Jaquier" __license__ = "GPL" -import unittest, socket, time, pickle +import unittest from server.banmanager import BanManager -from server.banticket import BanTicket +from server.ticket import BanTicket class AddFailure(unittest.TestCase): Modified: branches/FAIL2BAN-0_8/testcases/failmanagertestcase.py =================================================================== --- branches/FAIL2BAN-0_8/testcases/failmanagertestcase.py 2007-12-17 19:57:19 UTC (rev 637) +++ branches/FAIL2BAN-0_8/testcases/failmanagertestcase.py 2007-12-17 20:00:36 UTC (rev 638) @@ -25,9 +25,8 @@ __license__ = "GPL" import unittest, socket, time, pickle -from server.failmanager import FailManager -from server.failmanager import FailManagerEmpty -from server.failticket import FailTicket +from server.failmanager import FailManager, FailManagerEmpty +from server.ticket import FailTicket class AddFailure(unittest.TestCase): This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2007-12-17 20:04:36
|
Revision: 639 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=639&view=rev Author: lostcontrol Date: 2007-12-17 12:04:29 -0800 (Mon, 17 Dec 2007) Log Message: ----------- - Removed user-defined time regex/pattern. Modified Paths: -------------- branches/FAIL2BAN-0_8/common/protocol.py branches/FAIL2BAN-0_8/server/datedetector.py branches/FAIL2BAN-0_8/server/filter.py branches/FAIL2BAN-0_8/server/server.py branches/FAIL2BAN-0_8/server/transmitter.py Modified: branches/FAIL2BAN-0_8/common/protocol.py =================================================================== --- branches/FAIL2BAN-0_8/common/protocol.py 2007-12-17 20:00:36 UTC (rev 638) +++ branches/FAIL2BAN-0_8/common/protocol.py 2007-12-17 20:04:29 UTC (rev 639) @@ -51,9 +51,7 @@ ["set <JAIL> addignoreip <IP>", "adds <IP> to the ignore list of <JAIL>"], ["set <JAIL> delignoreip <IP>", "removes <IP> from the ignore list of <JAIL>"], ["set <JAIL> addlogpath <FILE>", "adds <FILE> to the monitoring list of <JAIL>"], -["set <JAIL> dellogpath <FILE>", "removes <FILE> to the monitoring list of <JAIL>"], -["set <JAIL> timeregex <REGEX>", "sets the regular expression <REGEX> to match the date format for <JAIL>. This will disable the autodetection feature."], -["set <JAIL> timepattern <PATTERN>", "sets the pattern <PATTERN> to match the date format for <JAIL>. This will disable the autodetection feature."], +["set <JAIL> dellogpath <FILE>", "removes <FILE> to the monitoring list of <JAIL>"], ["set <JAIL> addfailregex <REGEX>", "adds the regular expression <REGEX> which must match failures for <JAIL>"], ["set <JAIL> delfailregex <INDEX>", "removes the regular expression at <INDEX> for failregex"], ["set <JAIL> addignoreregex <REGEX>", "adds the regular expression <REGEX> which should match pattern to exclude for <JAIL>"], Modified: branches/FAIL2BAN-0_8/server/datedetector.py =================================================================== --- branches/FAIL2BAN-0_8/server/datedetector.py 2007-12-17 20:00:36 UTC (rev 638) +++ branches/FAIL2BAN-0_8/server/datedetector.py 2007-12-17 20:04:29 UTC (rev 639) @@ -39,7 +39,6 @@ def __init__(self): self.__lock = Lock() self.__templates = list() - self.__defTemplate = DateStrptime() def addDefaultTemplate(self): try: @@ -100,54 +99,31 @@ def getTemplates(self): return self.__templates - def setDefaultRegex(self, value): - self.__defTemplate.setRegex(value) - - def getDefaultRegex(self): - return self.__defTemplate.getRegex() - - def setDefaultPattern(self, value): - self.__defTemplate.setPattern(value) - - def getDefaultPattern(self): - return self.__defTemplate.getPattern() - def matchTime(self, line): - if self.__defTemplate.isValid(): - return self.__defTemplate.matchDate(line) - else: - try: - self.__lock.acquire() - for template in self.__templates: - match = template.matchDate(line) - if not match == None: - return match - return None - finally: - self.__lock.release() + try: + self.__lock.acquire() + for template in self.__templates: + match = template.matchDate(line) + if not match == None: + return match + return None + finally: + self.__lock.release() def getTime(self, line): - if self.__defTemplate.isValid(): - try: - date = self.__defTemplate.getDate(line) - return date - except ValueError: - return None - else: - try: - self.__lock.acquire() - for template in self.__templates: - try: - date = template.getDate(line) - if date == None: - continue - template.incHits() - return date - except ValueError: - pass - return None - finally: - self.__lock.release() + try: + self.__lock.acquire() + for template in self.__templates: + try: + date = template.getDate(line) + if date == None: + continue + return date + except ValueError: + pass + return None + finally: + self.__lock.release() def getUnixTime(self, line): date = self.getTime(line) Modified: branches/FAIL2BAN-0_8/server/filter.py =================================================================== --- branches/FAIL2BAN-0_8/server/filter.py 2007-12-17 20:00:36 UTC (rev 638) +++ branches/FAIL2BAN-0_8/server/filter.py 2007-12-17 20:04:29 UTC (rev 639) @@ -25,7 +25,7 @@ __license__ = "GPL" from failmanager import FailManager -from failticket import FailTicket +from ticket import FailTicket from jailthread import JailThread from datedetector import DateDetector from mytime import MyTime @@ -123,40 +123,6 @@ return False ## - # Set the regular expression which matches the time. - # - # @param value the regular expression - - def setTimeRegex(self, value): - self.dateDetector.setDefaultRegex(value) - logSys.info("Set default regex = %s" % value) - - ## - # Get the regular expression which matches the time. - # - # @return the regular expression - - def getTimeRegex(self): - return self.dateDetector.getDefaultRegex() - - ## - # Set the time pattern. - # - # @param value the time pattern - - def setTimePattern(self, value): - self.dateDetector.setDefaultPattern(value) - logSys.info("Set default pattern = %s" % value) - - ## - # Get the time pattern. - # - # @return the time pattern - - def getTimePattern(self): - return self.dateDetector.getDefaultPattern() - - ## # Add a regular expression which matches the failure. # # The regular expression can also match any other pattern than failures Modified: branches/FAIL2BAN-0_8/server/server.py =================================================================== --- branches/FAIL2BAN-0_8/server/server.py 2007-12-17 20:00:36 UTC (rev 638) +++ branches/FAIL2BAN-0_8/server/server.py 2007-12-17 20:04:29 UTC (rev 639) @@ -73,8 +73,8 @@ logSys.debug("Starting communication") try: self.__asyncServer.start(sock, force) - except AsyncServerException: - logSys.error("Could not start server") + except AsyncServerException, e: + logSys.error("Could not start server: %s", e) logSys.info("Exiting Fail2ban") def quit(self): @@ -148,18 +148,6 @@ def getLogPath(self, name): return self.__jails.getFilter(name).getLogPath() - def setTimeRegex(self, name, value): - self.__jails.getFilter(name).setTimeRegex(value) - - def getTimeRegex(self, name): - return self.__jails.getFilter(name).getTimeRegex() - - def setTimePattern(self, name, value): - self.__jails.getFilter(name).setTimePattern(value) - - def getTimePattern(self, name): - return self.__jails.getFilter(name).getTimePattern() - def setFindTime(self, name, value): self.__jails.getFilter(name).setFindTime(value) Modified: branches/FAIL2BAN-0_8/server/transmitter.py =================================================================== --- branches/FAIL2BAN-0_8/server/transmitter.py 2007-12-17 20:00:36 UTC (rev 638) +++ branches/FAIL2BAN-0_8/server/transmitter.py 2007-12-17 20:04:29 UTC (rev 639) @@ -135,14 +135,6 @@ value = command[2] self.__server.delLogPath(name, value) return self.__server.getLogPath(name) - elif command[1] == "timeregex": - value = command[2] - self.__server.setTimeRegex(name, value) - return self.__server.getTimeRegex(name) - elif command[1] == "timepattern": - value = command[2] - self.__server.setTimePattern(name, value) - return self.__server.getTimePattern(name) elif command[1] == "addfailregex": value = command[2] self.__server.addFailRegex(name, value) @@ -229,10 +221,6 @@ return self.__server.getLogPath(name) elif command[1] == "ignoreip": return self.__server.getIgnoreIP(name) - elif command[1] == "timeregex": - return self.__server.getTimeRegex(name) - elif command[1] == "timepattern": - return self.__server.getTimePattern(name) elif command[1] == "failregex": return self.__server.getFailRegex(name) elif command[1] == "ignoreregex": This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2007-12-26 11:46:27
|
Revision: 641 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=641&view=rev Author: lostcontrol Date: 2007-12-26 03:46:22 -0800 (Wed, 26 Dec 2007) Log Message: ----------- - Split Filter into Filter and FileFilter. Modified Paths: -------------- branches/FAIL2BAN-0_8/server/filter.py branches/FAIL2BAN-0_8/server/filtergamin.py branches/FAIL2BAN-0_8/server/filterpoll.py branches/FAIL2BAN-0_8/testcases/datedetectortestcase.py branches/FAIL2BAN-0_8/testcases/filtertestcase.py Modified: branches/FAIL2BAN-0_8/server/filter.py =================================================================== --- branches/FAIL2BAN-0_8/server/filter.py 2007-12-19 22:50:47 UTC (rev 640) +++ branches/FAIL2BAN-0_8/server/filter.py 2007-12-26 11:46:22 UTC (rev 641) @@ -57,11 +57,6 @@ self.jail = jail ## The failures manager. self.failManager = FailManager() - ## The log file handler. - self.__crtHandler = None - self.__crtFilename = None - ## The log file path. - self.__logPath = [] ## The regular expression list matching the failures. self.__failRegex = list() ## The regular expression list with expressions to ignore. @@ -70,10 +65,6 @@ self.__findTime = 6000 ## The ignore IP list. self.__ignoreIpList = [] - ## The last position of the file. - self.__lastPos = dict() - ## The last date in tht log file. - self.__lastDate = dict() self.dateDetector = DateDetector() self.dateDetector.addDefaultTemplate() @@ -81,48 +72,6 @@ ## - # Add a log file path - # - # @param path log file path - - def addLogPath(self, path): - self.getLogPath().append(path) - # Initialize default values - self.__lastDate[path] = 0 - self.__lastPos[path] = 0 - - ## - # Delete a log path - # - # @param path the log file to delete - - def delLogPath(self, path): - self.getLogPath().remove(path) - del self.__lastDate[path] - del self.__lastPos[path] - - ## - # Get the log file path - # - # @return log file path - - def getLogPath(self): - return self.__logPath - - ## - # Check whether path is already monitored. - # - # @param path The path - # @return True if the path is already monitored else False - - def containsLogPath(self, path): - try: - self.getLogPath().index(path) - return True - except ValueError: - return False - - ## # Add a regular expression which matches the failure. # # The regular expression can also match any other pattern than failures @@ -284,7 +233,161 @@ return True return False + + def processLine(self, line): + if not self._isActive(): + # The jail has been stopped + return + try: + # Decode line to UTF-8 + l = line.decode('utf-8') + except UnicodeDecodeError: + pass + timeMatch = self.dateDetector.matchTime(line) + if not timeMatch: + # There is no valid time in this line + return + # Lets split into time part and log part of the line + timeLine = timeMatch.group() + # Lets leave the beginning in as well, so if there is no + # anchore at the beginning of the time regexp, we don't + # at least allow injection. Should be harmless otherwise + logLine = l[:timeMatch.start()] + l[timeMatch.end():] + for element in self.findFailure(timeLine, logLine): + ip = element[0] + unixTime = element[1] + if unixTime < MyTime.time() - self.__findTime: + break + if self.inIgnoreIPList(ip): + logSys.debug("Ignore "+ip) + continue + logSys.debug("Found "+ip) + self.failManager.addFailure(FailTicket(ip, unixTime)) + + ## + # Returns true if the line should be ignored. + # + # Uses ignoreregex. + # @param line: the line + # @return: a boolean + + def ignoreLine(self, line): + for ignoreRegex in self.__ignoreRegex: + ignoreRegex.search(line) + if ignoreRegex.hasMatched(): + return True + return False + + ## + # Finds the failure in a line given split into time and log parts. + # + # Uses the failregex pattern to find it and timeregex in order + # to find the logging time. + # @return a dict with IP and timestamp. + + def findFailure(self, timeLine, logLine): + failList = list() + # Checks if we must ignore this line. + if self.ignoreLine(logLine): + # The ignoreregex matched. Return. + return failList + # Iterates over all the regular expressions. + for failRegex in self.__failRegex: + failRegex.search(logLine) + if failRegex.hasMatched(): + # The failregex matched. + date = self.dateDetector.getUnixTime(timeLine) + if date == None: + logSys.debug("Found a match for '" + logLine +"' but no " + + "valid date/time found for '" + + timeLine + "'. Please contact the " + + "author in order to get support for this " + + "format") + else: + try: + host = failRegex.getHost() + ipMatch = DNSUtils.textToIp(host) + if ipMatch: + for ip in ipMatch: + failList.append([ip, date]) + # We matched a regex, it is enough to stop. + break + except RegexException, e: + logSys.error(e) + return failList + + + ## + # Get the status of the filter. + # + # Get some informations about the filter state such as the total + # number of failures. + # @return a list with tuple + + def status(self): + ret = [("Currently failed", self.failManager.size()), + ("Total failed", self.failManager.getFailTotal())] + return ret + + +class FileFilter(Filter): + + def __init__(self, jail): + Filter.__init__(self, jail) + ## The log file handler. + self.__crtHandler = None + self.__crtFilename = None + ## The log file path. + self.__logPath = [] + ## The last position of the file. + self.__lastPos = dict() + ## The last date in tht log file. + self.__lastDate = dict() + + ## + # Add a log file path + # + # @param path log file path + + def addLogPath(self, path): + self.getLogPath().append(path) + # Initialize default values + self.__lastDate[path] = 0 + self.__lastPos[path] = 0 + + ## + # Delete a log path + # + # @param path the log file to delete + + def delLogPath(self, path): + self.getLogPath().remove(path) + del self.__lastDate[path] + del self.__lastPos[path] + + ## + # Get the log file path + # + # @return log file path + + def getLogPath(self): + return self.__logPath + + ## + # Check whether path is already monitored. + # + # @param path The path + # @return True if the path is already monitored else False + + def containsLogPath(self, path): + try: + self.getLogPath().index(path) + return True + except ValueError: + return False + + ## # Open the log file. def __openLogFile(self, filename): @@ -334,7 +437,7 @@ def __getFilePos(self): return self.__crtHandler.tell() - + ## # Gets all the failure in the log file. # @@ -372,7 +475,7 @@ for element in self.findFailure(timeLine, logLine): ip = element[0] unixTime = element[1] - if unixTime < MyTime.time()-self.__findTime: + if unixTime < MyTime.time() - self.getFindTime(): break if self.inIgnoreIPList(ip): logSys.debug("Ignore "+ip) @@ -385,72 +488,7 @@ self.__closeLogFile() return True - ## - # Returns true if the line should be ignored. - # - # Uses ignoreregex. - # @param line: the line - # @return: a boolean - def ignoreLine(self, line): - for ignoreRegex in self.__ignoreRegex: - ignoreRegex.search(line) - if ignoreRegex.hasMatched(): - return True - return False - - ## - # Finds the failure in a line given split into time and log parts. - # - # Uses the failregex pattern to find it and timeregex in order - # to find the logging time. - # @return a dict with IP and timestamp. - - def findFailure(self, timeLine, logLine): - failList = list() - # Checks if we must ignore this line. - if self.ignoreLine(logLine): - # The ignoreregex matched. Return. - return failList - # Iterates over all the regular expressions. - for failRegex in self.__failRegex: - failRegex.search(logLine) - if failRegex.hasMatched(): - # The failregex matched. - date = self.dateDetector.getUnixTime(timeLine) - if date == None: - logSys.debug("Found a match for '" + logLine +"' but no " - + "valid date/time found for '" - + timeLine + "'. Please contact the " - + "author in order to get support for this " - + "format") - else: - try: - host = failRegex.getHost() - ipMatch = DNSUtils.textToIp(host) - if ipMatch: - for ip in ipMatch: - failList.append([ip, date]) - # We matched a regex, it is enough to stop. - break - except RegexException, e: - logSys.error(e) - return failList - - - ## - # Get the status of the filter. - # - # Get some informations about the filter state such as the total - # number of failures. - # @return a list with tuple - - def status(self): - ret = [("Currently failed", self.failManager.size()), - ("Total failed", self.failManager.getFailTotal())] - return ret - - ## # Utils class for DNS and IP handling. # Modified: branches/FAIL2BAN-0_8/server/filtergamin.py =================================================================== --- branches/FAIL2BAN-0_8/server/filtergamin.py 2007-12-19 22:50:47 UTC (rev 640) +++ branches/FAIL2BAN-0_8/server/filtergamin.py 2007-12-26 11:46:22 UTC (rev 641) @@ -25,7 +25,7 @@ __license__ = "GPL" from failmanager import FailManagerEmpty -from filter import Filter +from filter import FileFilter from mytime import MyTime import time, logging, gamin @@ -40,7 +40,7 @@ # that matches a given regular expression. This class is instanciated by # a Jail object. -class FilterGamin(Filter): +class FilterGamin(FileFilter): ## # Constructor. @@ -49,7 +49,7 @@ # @param jail the jail object def __init__(self, jail): - Filter.__init__(self, jail) + FileFilter.__init__(self, jail) self.__modified = False # Gamin monitor self.monitor = gamin.WatchMonitor() @@ -74,7 +74,7 @@ logSys.error(path + " already exists") else: self.monitor.watch_file(path, self.callback) - Filter.addLogPath(self, path) + FileFilter.addLogPath(self, path) logSys.info("Added logfile = %s" % path) ## @@ -87,7 +87,7 @@ logSys.error(path + " is not monitored") else: self.monitor.stop_watch(path) - Filter.delLogPath(self, path) + FileFilter.delLogPath(self, path) logSys.info("Removed logfile = %s" % path) ## @@ -126,6 +126,6 @@ # Desallocates the resources used by Gamin. def __cleanup(self): - for path in Filter.getLogPath(self): + for path in self.getLogPath(self): self.monitor.stop_watch(path) del self.monitor Modified: branches/FAIL2BAN-0_8/server/filterpoll.py =================================================================== --- branches/FAIL2BAN-0_8/server/filterpoll.py 2007-12-19 22:50:47 UTC (rev 640) +++ branches/FAIL2BAN-0_8/server/filterpoll.py 2007-12-26 11:46:22 UTC (rev 641) @@ -25,7 +25,7 @@ __license__ = "GPL" from failmanager import FailManagerEmpty -from filter import Filter +from filter import FileFilter from mytime import MyTime import time, logging, os @@ -40,7 +40,7 @@ # that matches a given regular expression. This class is instanciated by # a Jail object. -class FilterPoll(Filter): +class FilterPoll(FileFilter): ## # Constructor. @@ -49,7 +49,7 @@ # @param jail the jail object def __init__(self, jail): - Filter.__init__(self, jail) + FileFilter.__init__(self, jail) self.__modified = False ## The time of the last modification of the file. self.__lastModTime = dict() @@ -67,7 +67,7 @@ else: self.__lastModTime[path] = 0 self.__file404Cnt[path] = 0 - Filter.addLogPath(self, path) + FileFilter.addLogPath(self, path) logSys.info("Added logfile = %s" % path) ## @@ -81,7 +81,7 @@ else: del self.__lastModTime[path] del self.__file404Cnt[path] - Filter.delLogPath(self, path) + FileFilter.delLogPath(self, path) logSys.info("Removed logfile = %s" % path) ## Modified: branches/FAIL2BAN-0_8/testcases/datedetectortestcase.py =================================================================== --- branches/FAIL2BAN-0_8/testcases/datedetectortestcase.py 2007-12-19 22:50:47 UTC (rev 640) +++ branches/FAIL2BAN-0_8/testcases/datedetectortestcase.py 2007-12-26 11:46:22 UTC (rev 641) @@ -54,14 +54,14 @@ self.assertEqual(self.__datedetector.getTime(log), date) self.assertEqual(self.__datedetector.getUnixTime(log), dateUnix) - def testDefaultTempate(self): - self.__datedetector.setDefaultRegex("^\S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}") - self.__datedetector.setDefaultPattern("%b %d %H:%M:%S") - - log = "Jan 23 21:59:59 [sshd] error: PAM: Authentication failure" - date = [2005, 1, 23, 21, 59, 59, 1, 23, -1] - dateUnix = 1106513999.0 - - self.assertEqual(self.__datedetector.getTime(log), date) - self.assertEqual(self.__datedetector.getUnixTime(log), dateUnix) +# def testDefaultTempate(self): +# self.__datedetector.setDefaultRegex("^\S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}") +# self.__datedetector.setDefaultPattern("%b %d %H:%M:%S") +# +# log = "Jan 23 21:59:59 [sshd] error: PAM: Authentication failure" +# date = [2005, 1, 23, 21, 59, 59, 1, 23, -1] +# dateUnix = 1106513999.0 +# +# self.assertEqual(self.__datedetector.getTime(log), date) +# self.assertEqual(self.__datedetector.getUnixTime(log), dateUnix) \ No newline at end of file Modified: branches/FAIL2BAN-0_8/testcases/filtertestcase.py =================================================================== --- branches/FAIL2BAN-0_8/testcases/filtertestcase.py 2007-12-19 22:50:47 UTC (rev 640) +++ branches/FAIL2BAN-0_8/testcases/filtertestcase.py 2007-12-26 11:46:22 UTC (rev 641) @@ -26,7 +26,7 @@ import unittest from server.filterpoll import FilterPoll -from server.filter import Filter +from server.filter import FileFilter from server.failmanager import FailManager from server.failmanager import FailManagerEmpty @@ -34,7 +34,7 @@ def setUp(self): """Call before every test case.""" - self.__filter = Filter(None) + self.__filter = FileFilter(None) def tearDown(self): """Call after every test case.""" @@ -86,7 +86,7 @@ def setUp(self): """Call before every test case.""" - self.__filter = Filter(None) + self.__filter = FileFilter(None) self.__filter.setActive(True) # TODO Test this #self.__filter.setTimeRegex("\S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}") This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-01-14 23:12:30
|
Revision: 644 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=644&view=rev Author: lostcontrol Date: 2008-01-14 15:12:21 -0800 (Mon, 14 Jan 2008) Log Message: ----------- - New log rotation detection algorithm. - Print monitored files in status. Modified Paths: -------------- branches/FAIL2BAN-0_8/CHANGELOG branches/FAIL2BAN-0_8/client/beautifier.py branches/FAIL2BAN-0_8/server/filter.py branches/FAIL2BAN-0_8/server/filtergamin.py Modified: branches/FAIL2BAN-0_8/CHANGELOG =================================================================== --- branches/FAIL2BAN-0_8/CHANGELOG 2008-01-13 15:49:23 UTC (rev 643) +++ branches/FAIL2BAN-0_8/CHANGELOG 2008-01-14 23:12:21 UTC (rev 644) @@ -4,10 +4,10 @@ |_| \__,_|_|_/___|_.__/\__,_|_||_| ============================================================= -Fail2Ban (version 0.8.2) 2007/??/?? +Fail2Ban (version 0.8.2) 2008/??/?? ============================================================= -ver. 0.8.2 (2007/??/??) - stable +ver. 0.8.2 (2008/??/??) - stable ---------- - Fixed named filter. Thanks to Yaroslav Halchenko - Fixed wrong path for apache-auth in jail.conf. Thanks to @@ -27,6 +27,8 @@ - Refactoring. Reduced number of files. - Removed Python 2.4. Minimum required version is now Python 2.3. +- New log rotation detection algorithm. +- Print monitored files in status. ver. 0.8.1 (2007/08/14) - stable ---------- Modified: branches/FAIL2BAN-0_8/client/beautifier.py =================================================================== --- branches/FAIL2BAN-0_8/client/beautifier.py 2008-01-13 15:49:23 UTC (rev 643) +++ branches/FAIL2BAN-0_8/client/beautifier.py 2008-01-14 23:12:21 UTC (rev 644) @@ -72,9 +72,14 @@ ipList = "" for ip in response[1][1][2][1]: ipList += ip + " " + # Creates file list. + fileList = "" + for f in response[0][1][2][1]: + fileList += f + " " # Display information msg = "Status for the jail: " + inC[1] + "\n" msg = msg + "|- " + response[0][0] + "\n" + msg = msg + "| |- " + response[0][1][2][0] + ":\t" + fileList + "\n" msg = msg + "| |- " + response[0][1][0][0] + ":\t" + `response[0][1][0][1]` + "\n" msg = msg + "| `- " + response[0][1][1][0] + ":\t" + `response[0][1][1][1]` + "\n" msg = msg + "`- " + response[1][0] + "\n" Modified: branches/FAIL2BAN-0_8/server/filter.py =================================================================== --- branches/FAIL2BAN-0_8/server/filter.py 2008-01-13 15:49:23 UTC (rev 643) +++ branches/FAIL2BAN-0_8/server/filter.py 2008-01-14 23:12:21 UTC (rev 644) @@ -242,8 +242,8 @@ # Decode line to UTF-8 l = line.decode('utf-8') except UnicodeDecodeError: - pass - timeMatch = self.dateDetector.matchTime(line) + l = line + timeMatch = self.dateDetector.matchTime(l) if not timeMatch: # There is no valid time in this line return @@ -335,26 +335,17 @@ def __init__(self, jail): Filter.__init__(self, jail) - ## The log file handler. - self.__crtHandler = None - self.__crtFilename = None ## The log file path. self.__logPath = [] - ## The last position of the file. - self.__lastPos = dict() - ## The last date in tht log file. - self.__lastDate = dict() ## # Add a log file path # # @param path log file path - def addLogPath(self, path): - self.getLogPath().append(path) - # Initialize default values - self.__lastDate[path] = 0 - self.__lastPos[path] = 0 + def addLogPath(self, path, tail = False): + container = FileContainer(path, tail) + self.__logPath.append(container) ## # Delete a log path @@ -362,9 +353,10 @@ # @param path the log file to delete def delLogPath(self, path): - self.getLogPath().remove(path) - del self.__lastDate[path] - del self.__lastPos[path] + for log in self.__logPath: + if log.getFileName() == path: + self.__logPath.remove(log) + return ## # Get the log file path @@ -381,64 +373,18 @@ # @return True if the path is already monitored else False def containsLogPath(self, path): - try: - self.getLogPath().index(path) - return True - except ValueError: - return False - - ## - # Open the log file. - - def __openLogFile(self, filename): - """ Opens the log file specified on init. - """ - try: - self.__crtFilename = filename - self.__crtHandler = open(filename) - logSys.debug("Opened " + filename) - return True - except OSError: - logSys.error("Unable to open " + filename) - except IOError: - logSys.error("Unable to read " + filename + - ". Please check permissions") + for log in self.__logPath: + if log.getFileName() == path: + return True return False - ## - # Close the log file. + def getFileContainer(self, path): + for log in self.__logPath: + if log.getFileName() == path: + return log + return None - def __closeLogFile(self): - self.__crtFilename = None - self.__crtHandler.close() - ## - # Set the file position. - # - # Sets the file position. We must take care of log file rotation - # and reset the position to 0 in that case. Use the log message - # timestamp in order to detect this. - - def __setFilePos(self): - line = self.__crtHandler.readline() - lastDate = self.__lastDate[self.__crtFilename] - lineDate = self.dateDetector.getUnixTime(line) - if lastDate < lineDate: - logSys.debug("Date " + `lastDate` + " is smaller than " + `lineDate`) - logSys.debug("Log rotation detected for " + self.__crtFilename) - self.__lastPos[self.__crtFilename] = 0 - lastPos = self.__lastPos[self.__crtFilename] - logSys.debug("Setting file position to " + `lastPos` + " for " + - self.__crtFilename) - self.__crtHandler.seek(lastPos) - - ## - # Get the file position. - - def __getFilePos(self): - return self.__crtHandler.tell() - - ## # Gets all the failure in the log file. # # Gets all the failure in the log file which are newer than @@ -446,13 +392,20 @@ # is created and is added to the FailManager. def getFailures(self, filename): - # Try to open log file. - if not self.__openLogFile(filename): + container = self.getFileContainer(filename) + if container == None: logSys.error("Unable to get failures in " + filename) return False - self.__setFilePos() - lastTimeLine = None - for line in self.__crtHandler: + # Try to open log file. + try: + container.open() + except Exception, e: + logSys.error("Unable to open %s" % filename) + logSys.exception(e) + return False + + line = container.readline() + while not line == "": if not self._isActive(): # The jail has been stopped break @@ -464,6 +417,7 @@ timeMatch = self.dateDetector.matchTime(line) if not timeMatch: # There is no valid time in this line + line = container.readline() continue # Lets split into time part and log part of the line timeLine = timeMatch.group() @@ -471,7 +425,6 @@ # anchore at the beginning of the time regexp, we don't # at least allow injection. Should be harmless otherwise logLine = line[:timeMatch.start()] + line[timeMatch.end():] - lastTimeLine = timeLine for element in self.findFailure(timeLine, logLine): ip = element[0] unixTime = element[1] @@ -482,13 +435,78 @@ continue logSys.debug("Found "+ip) self.failManager.addFailure(FailTicket(ip, unixTime)) - self.__lastPos[filename] = self.__getFilePos() - if lastTimeLine: - self.__lastDate[filename] = self.dateDetector.getUnixTime(lastTimeLine) - self.__closeLogFile() + # Read a new line. + line = container.readline() + container.close() return True + + def status(self): + ret = Filter.status(self) + path = [m.getFileName() for m in self.getLogPath()] + ret.append(("File list", path)) + return ret +## +# FileContainer class. +# +# This class manages a file handler and takes care of log rotation detection. +# In order to detect log rotation, the hash (MD5) of the first line of the file +# is computed and compared to the previous hash of this line. +import md5 + +class FileContainer: + + def __init__(self, filename, tail = False): + self.__filename = filename + self.__tail = tail + self.__handler = None + # Try to open the file. Raises an exception if an error occured. + handler = open(filename) + try: + firstLine = handler.readline() + # Computes the MD5 of the first line. + self.__hash = md5.new(firstLine).digest() + # Start at the beginning of file if tail mode is off. + if tail: + handler.seek(0, 2) + self.__pos = handler.tell() + else: + self.__pos = 0 + finally: + handler.close() + + def getFileName(self): + return self.__filename + + def open(self): + self.__handler = open(self.__filename) + firstLine = self.__handler.readline() + # Computes the MD5 of the first line. + myHash = md5.new(firstLine).digest() + # Compare hash. + if not self.__hash == myHash: + logSys.info("Log rotation detected for %s" % self.__filename) + self.__hash = myHash + self.__pos = 0 + # Sets the file pointer to the last position. + self.__handler.seek(self.__pos) + + def readline(self): + if self.__handler == None: + return "" + return self.__handler.readline() + + def close(self): + if not self.__handler == None: + # Saves the last position. + self.__pos = self.__handler.tell() + # Closes the file. + self.__handler.close() + self.__handler = None + + + ## # Utils class for DNS and IP handling. # Modified: branches/FAIL2BAN-0_8/server/filtergamin.py =================================================================== --- branches/FAIL2BAN-0_8/server/filtergamin.py 2008-01-13 15:49:23 UTC (rev 643) +++ branches/FAIL2BAN-0_8/server/filtergamin.py 2008-01-14 23:12:21 UTC (rev 644) @@ -126,6 +126,6 @@ # Desallocates the resources used by Gamin. def __cleanup(self): - for path in self.getLogPath(self): - self.monitor.stop_watch(path) + for path in self.getLogPath(): + self.monitor.stop_watch(path.getFileName()) del self.monitor This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-01-20 16:30:52
|
Revision: 647 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=647&view=rev Author: lostcontrol Date: 2008-01-20 08:30:35 -0800 (Sun, 20 Jan 2008) Log Message: ----------- - Create a PID file in /var/run/fail2ban/. Thanks to Julien Perez. Modified Paths: -------------- branches/FAIL2BAN-0_8/CHANGELOG branches/FAIL2BAN-0_8/server/server.py Modified: branches/FAIL2BAN-0_8/CHANGELOG =================================================================== --- branches/FAIL2BAN-0_8/CHANGELOG 2008-01-19 11:14:07 UTC (rev 646) +++ branches/FAIL2BAN-0_8/CHANGELOG 2008-01-20 16:30:35 UTC (rev 647) @@ -29,6 +29,8 @@ 2.3. - New log rotation detection algorithm. - Print monitored files in status. +- Create a PID file in /var/run/fail2ban/. Thanks to Julien + Perez. ver. 0.8.1 (2007/08/14) - stable ---------- Modified: branches/FAIL2BAN-0_8/server/server.py =================================================================== --- branches/FAIL2BAN-0_8/server/server.py 2008-01-19 11:14:07 UTC (rev 646) +++ branches/FAIL2BAN-0_8/server/server.py 2008-01-20 16:30:35 UTC (rev 647) @@ -36,6 +36,8 @@ logSys = logging.getLogger("fail2ban.server") class Server: + + PID_FILE = "/var/run/fail2ban/fail2ban.pid" def __init__(self, daemon = False): self.__loggingLock = Lock() @@ -57,6 +59,15 @@ def start(self, sock, force = False): logSys.info("Starting Fail2ban v" + version.version) + # Creates a PID file. + try: + logSys.debug("Creating PID file %s" % Server.PID_FILE) + pidFile = open(Server.PID_FILE, 'w') + pidFile.write("%s\n" % os.getpid()) + pidFile.close() + except IOError, e: + logSys.error("Unable to create PID file: %s" % e) + # Install signal handlers signal.signal(signal.SIGTERM, self.__sigTERMhandler) signal.signal(signal.SIGINT, self.__sigTERMhandler) @@ -76,6 +87,12 @@ self.__asyncServer.start(sock, force) except AsyncServerException, e: logSys.error("Could not start server: %s", e) + # Removes the PID file. + try: + logSys.debug("Remove PID file %s" % Server.PID_FILE) + os.remove(Server.PID_FILE) + except OSError, e: + logSys.error("Unable to remove PID file: %s" % e) logSys.info("Exiting Fail2ban") def quit(self): This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-02-06 20:17:17
|
Revision: 651 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=651&view=rev Author: lostcontrol Date: 2008-02-06 12:17:12 -0800 (Wed, 06 Feb 2008) Log Message: ----------- - Renamed CHANGELOG to ChangeLog. Modified Paths: -------------- branches/FAIL2BAN-0_8/MANIFEST Added Paths: ----------- branches/FAIL2BAN-0_8/ChangeLog Removed Paths: ------------- branches/FAIL2BAN-0_8/CHANGELOG Deleted: branches/FAIL2BAN-0_8/CHANGELOG =================================================================== --- branches/FAIL2BAN-0_8/CHANGELOG 2008-02-02 20:07:06 UTC (rev 650) +++ branches/FAIL2BAN-0_8/CHANGELOG 2008-02-06 20:17:12 UTC (rev 651) @@ -1,385 +0,0 @@ - __ _ _ ___ _ - / _|__ _(_) |_ ) |__ __ _ _ _ - | _/ _` | | |/ /| '_ \/ _` | ' \ - |_| \__,_|_|_/___|_.__/\__,_|_||_| - -============================================================= -Fail2Ban (version 0.8.2) 2008/??/?? -============================================================= - -ver. 0.8.2 (2008/??/??) - stable ----------- -- Fixed named filter. Thanks to Yaroslav Halchenko -- Fixed wrong path for apache-auth in jail.conf. Thanks to - Vincent Deffontaines -- Fixed timezone bug with epoch date template. Thanks to - Michael Hanselmann -- Added "full line failregex" patch. Thanks to Yaroslav - Halchenko. It will be possible to create stronger failregex - against log injection -- Fixed ipfw action script. Thanks to Nick Munger -- Removed date from logging message when using SYSLOG. Thanks - to Iain Lea -- Fixed "ignore IPs". Only the first value was taken into - account. Thanks to Adrien Clerc -- Moved socket to /var/run/fail2ban. -- Rewrote the communication server. -- Refactoring. Reduced number of files. -- Removed Python 2.4. Minimum required version is now Python - 2.3. -- New log rotation detection algorithm. -- Print monitored files in status. -- Create a PID file in /var/run/fail2ban/. Thanks to Julien - Perez. - -ver. 0.8.1 (2007/08/14) - stable ----------- -- Fixed vulnerability in sshd.conf. Thanks to Daniel B. Cid -- Expand <HOST> in ignoreregex. Thanks to Yaroslav Halchenko -- Improved regular expressions. Thanks to Yaroslav Halchenko - and others -- Added sendmail actions. The action started with "mail" are - now deprecated. Thanks to Raphaël Marichez -- Added "ignoreregex" support to fail2ban-regex -- Updated suse-initd and added it to MANIFEST. Thanks to - Christian Rauch -- Tightening up the pid check in redhat-initd. Thanks to - David Nutter -- Added webmin authentication filter. Thanks to Guillaume - Delvit -- Removed textToDns() which is not required anymore. Thanks - to Yaroslav Halchenko -- Added new action iptables-allports. Thanks to Yaroslav - Halchenko -- Added "named" date format to date detector. Thanks to - Yaroslav Halchenko -- Added filter file for named (bind9). Thanks to Yaroslav - Halchenko -- Fixed vsftpd filter. Thanks to Yaroslav Halchenko - -ver. 0.8.0 (2007/05/03) - stable ----------- -- Fixed RedHat init script. Thanks to Jonathan Underwood -- Added Solaris 10 files. Thanks to Hanno 'Rince' Wagner - -ver. 0.7.9 (2007/04/19) - release candidate ----------- -- Close opened handlers. Thanks to Yaroslav Halchenko -- Fixed "reload" bug. Many many thanks to Yaroslav Halchenko -- Added date format for asctime without year -- Modified filters config. Thanks to Michael C. Haller -- Fixed a small bug in mail-buffered.conf - -ver. 0.7.8 (2007/03/21) - release candidate ----------- -- Fixed asctime pattern in datedetector.py -- Added new filters/actions. Thanks to Yaroslav Halchenko -- Added Suse init script and modified gentoo-initd. Thanks to - Christian Rauch -- Moved every locking statements in a try..finally block - -ver. 0.7.7 (2007/02/08) - release candidate ----------- -- Added signal handling in fail2ban-client -- Added a wonderful visual effect when waiting on the server -- fail2ban-client returns an error code if configuration is - not valid -- Added new filters/actions. Thanks to Yaroslav Halchenko -- Call Python interpreter directly (instead of using "env") -- Added file support to fail2ban-regex. Benchmark feature has - been removed -- Added cacti script and template. -- Added IP list in "status <JAIL>". Thanks to Eric Gerbier - -ver. 0.7.6 (2007/01/04) - beta ----------- -- Added a "sleep 1" in redhat-initd. Thanks to Jim Wight -- Use /dev/log for SYSLOG output. Thanks to Joerg Sommrey -- Use numeric output for iptables in "actioncheck" -- Fixed removal of host in hosts.deny. Thanks to René Berber -- Added new date format (2006-12-21 06:43:20) and Exim4 - filter. Thanks to mEDI -- Several "failregex" and "ignoreregex" are now accepted. - Creation of rules should be easier now. -- Added license in COPYING. Thanks to Axel Thimm -- Allow comma in action options. The value of the option must - be escaped with " or '. Thanks to Yaroslav Halchenko -- Now Fail2ban goes in /usr/share/fail2ban instead of - /usr/lib/fail2ban. This is more compliant with FHS. Thanks - to Axel Thimm and Yaroslav Halchenko - -ver. 0.7.5 (2006/12/07) - beta ----------- -- Do not ban a host that is currently banned. Thanks to - Yaroslav Halchenko -- The supported tags in "action(un)ban" are <ip>, <failures> - and <time> -- Fixed refactoring bug (getLastcommand -> getLastAction) -- Added option "ignoreregex" in filter scripts and jail.conf. - Feature Request #1283304 -- Fixed a bug in user defined time regex/pattern -- Improved documentation -- Moved version.py and protocol.py to common/ -- Merged "maxtime" option with "findtime" -- Added "<HOST>" tag support in failregex which matches - default IP address/hostname. "(?P<host>\S)" is still valid - and supported -- Fixed exception when calling fail2ban-server with unknown - option -- Fixed Debian bug 400162. The "socket" option is now handled - correctly by fail2ban-client -- Fixed RedHat init script. Thanks to Justin Shore -- Changed timeout to 30 secondes before assuming the server - cannot be started. Thanks to Joël Bertrand - -ver. 0.7.4 (2006/11/01) - beta ----------- -- Improved configuration files. Thanks to Yaroslav Halchenko -- Added man page for "fail2ban-regex" -- Moved ban/unban messages from "info" level to "warn" -- Added "-s" option to specify the socket path and "socket" - option in "fail2ban.conf" -- Added "backend" option in "jail.conf" -- Added more filters/actions and jail samples. Thanks to Nick - Munger, Christoph Haas -- Improved testing framework -- Fixed a bug in the return code handling of the executed - commands. Thanks to Yaroslav Halchenko -- Signal handling. There is a bug with join() and signal in - Python -- Better debugging output for "fail2ban-regex" -- Added support for more date format -- cPickle does not work with Python 2.5. Use pickle instead - (performance is not a problem in our case) - -ver. 0.7.3 (2006/09/28) - beta ----------- -- Added man pages. Thanks to Yaroslav Halchenko -- Added wildcard support for "logpath" -- Added Gamin (file and directory monitoring system) support -- (Re)added "ignoreip" option -- Added more concurrency protection -- First attempt at solving bug #1457620 (locale issue) -- Performance improvements -- (Re)added permanent banning with banTime < 0 -- Added DNS support to "ignoreip". Feature Request #1285859 - -ver. 0.7.2 (2006/09/10) - beta ----------- -- Refactoring and code cleanup -- Improved client output -- Added more get/set commands -- Added more configuration templates -- Removed "logpath" and "maxretry" from filter templates. - They must be defined in jail.conf now -- Added interactive mode. Use "-i" -- Added a date detector. "timeregex" and "timepattern" are no - more needed -- Added "fail2ban-regex". This is a tool to help finding - "failregex" -- Improved server communication. Start a new thread for each - incoming request. Fail2ban is not really thread-safe yet - -ver. 0.7.1 (2006/08/23) - alpha ----------- -- Fixed daemon mode bug -- Added Gentoo init.d script -- Fixed path bug when trying to start "fail2ban-server" -- Fixed reload command - -ver. 0.7.0 (2006/08/23) - alpha ----------- -- Almost a complete rewrite :) Fail2ban design is really - better (IMHO). There is a lot of new features -- Client/Server architecture -- Multithreading. Each jail has its own threads: one for the - log reading and another for the actions -- Execute several actions -- Split configuration files. They are more readable and easy - to use -- failregex uses group (<host>) now. This feature was already - present in the Debian package -- lots of things... - -ver. 0.6.1 (2006/03/16) - stable ----------- -- Added permanent banning. Set banTime to a negative value to - enable this feature (-1 is perfect). Thanks to Mannone -- Fixed locale bug. Thanks to Fernando José -- Fixed crash when time format does not match data -- Propagated patch from Debian to fix fail2ban search path - addition to the path search list: now it is added first. - Thanks to Nick Craig-Wood -- Added SMTP authentification for mail notification. Thanks - to Markus Hoffmann -- Removed debug mode as it is confusing for people -- Added parsing of timestamp in TAI64N format (#1275325). - Thanks to Mark Edgington -- Added patch #1382936 (Default formatted syslog logging). - Thanks to Patrick B�rjesson -- Removed 192.168.0.0/16 from ignoreip. Attacks could also - come from the local network. -- Robust startup: if iptables module does not get fully - initialized after startup of fail2ban, fail2ban will do - "maxreinit" attempts to initialize its own firewall. It - will sleep between attempts for "polltime" number of - seconds (closes Debian: #334272). Thanks to Yaroslav - Halchenko -- Added "interpolations" in fail2ban.conf. This is provided - by the ConfigParser module. Old configuration files still - work. Thanks to Yaroslav Halchenko -- Added initial support for hosts.deny and shorewall. Need - more testing. Please test. Thanks to kojiro from Gentoo - forum for hosts.deny support -- Added support for vsftpd. Thanks to zugeschmiert - -ver. 0.6.0 (2005/11/20) - stable ----------- -- Propagated patches introduced by Debian maintainer - (Yaroslav Halchenko): - * Added an option to report local time (including timezone) - or GMT in mail notification. - -ver. 0.5.5 (2005/10/26) - beta ----------- -- Propagated patches introduced by Debian maintainer - (Yaroslav Halchenko): - * Introduced fwcheck option to verify consistency of the - chains. Implemented automatic restart of fail2ban main - function in case check of fwban or fwunban command failed - (closes: #329163, #331695). (Introduced patch was further - adjusted by upstream author). - * Added -f command line parameter for [findtime]. - * Added a cleanup of firewall rules on emergency shutdown - when unknown exception is catched. - * Fail2ban should not crash now if a wrong file name is - specified in config. - * reordered code a bit so that log targets are setup right - after background and then only loglevel (verbose, debug) - is processed, so the warning could be seen in the logs - * Added a keyword <section> in parsing of the subject and - the body of an email sent out by fail2ban (closes: - #330311) - -ver. 0.5.4 (2005/09/13) - beta ----------- -- Fixed bug #1286222. -- Propagated patches introduced by Debian maintainer - (Yaroslav Halchenko): - * Fixed handling of SYSLOG logging target. Now it can log - to any SYSLOG target and facility as directed by the - config - * Format of SYSLOG entries fixed to look closer to standard - * Fixed errata in config/gentoo-confd - * Introduced findtime configuration variable to control the - lifetime of caught "failed" log entries - -ver. 0.5.3 (2005/09/08) - beta ----------- -- Fixed a bug when overriding "maxfailures" or "bantime". - Thanks to Yaroslav Halchenko -- Added more debug output if an error occurs when sending - mail. Thanks to Stephen Gildea -- Renamed "maxretry" to "maxfailures" and changed default - value to 5. Thanks to Stephen Gildea -- Hopefully fixed bug #1256075 -- Fixed bug #1262345 -- Fixed exception handling in PIDLock -- Removed warning when using "-V" or "-h" with no config - file. Thanks to Yaroslav Halchenko -- Removed "-i eth0" from config file. Thanks to Yaroslav - Halchenko - -ver. 0.5.2 (2005/08/06) - beta ----------- -- Better PID lock file handling. Should close #1239562 -- Added man pages -- Removed log4py dependency. Use logging module instead -- "maxretry" and "bantime" can be overridden in each section -- Fixed bug #1246278 (excessive memory usage) -- Fixed crash on wrong option value in configuration file -- Changed custom chains to lowercase - -ver. 0.5.1 (2005/07/23) - beta ----------- -- Fixed bugs #1241756, #1239557 -- Added log targets in configuration file. Removed -l option -- Changed iptables rules in order to create a separated chain - for each section -- Fixed static banList in firewall.py -- Added an initd script for Debian. Thanks to Yaroslav - Halchenko -- Check for obsolete files after install - -ver. 0.5.0 (2005/07/12) - beta ----------- -- Added support for CIDR mask in ignoreip -- Added mail notification support -- Fixed bug #1234699 -- Added tags replacement in rules definition. Should allow a - clean solution for Feature Request #1229479 -- Removed "interface" and "firewall" options -- Added start and end commands in the configuration file. - Thanks to Yaroslav Halchenko -- Added firewall rules definition in the configuration file -- Cleaned fail2ban.py -- Added an initd script for RedHat/Fedora. Thanks to Andrey - G. Grozin - -ver. 0.4.1 (2005/06/30) - stable ----------- -- Fixed textToDNS method which generated wrong matches for - "rhost=12-xyz...". Thanks to Tom Pike -- fail2ban.conf modified for readability. Thanks to Iain Lea -- Added an initd script for Gentoo -- Changed default PID lock file location from /tmp to - /var/run - -ver. 0.4.0 (2005/04/24) - stable ----------- -- Fixed textToDNS which did not recognize strings like - "12-345-67-890.abcd.mnopqr.xyz" - -ver. 0.3.1 (2005/03/31) - beta ----------- -- Corrected level of messages -- Added DNS lookup support -- Improved parsing speed. Only parse the new log messages -- Added a second verbose level (-vv) - -ver. 0.3.0 (2005/02/24) - beta ----------- -- Re-writting of parts of the code in order to handle several - log files with different rules -- Removed sshd.py because it is no more needed -- Fixed a bug when exiting with IP in the ban list -- Added PID lock file -- Improved some parts of the code -- Added ipfw-start-rule option (thanks to Robert Edeker) -- Added -k option which kills a currently running Fail2Ban - -ver. 0.1.2 (2004/11/21) - beta ----------- -- Add ipfw and ipfwadm support. The rules are taken from - BlockIt. Thanks to Robert Edeker -- Add -e option which allows to set the interface. Thanks to - Robert Edeker who reminded me this -- Small code cleaning - -ver. 0.1.1 (2004/10/23) - beta ----------- -- Add SIGTERM handler in order to exit nicely when in daemon - mode -- Add -r option which allows to set the maximum number of - login failures -- Remove the Metalog class as the log file are not so syslog - daemon specific -- Rewrite log reader to be service centered. Sshd support - added. Match "Failed password" and "Illegal user" -- Add /etc/fail2ban.conf configuration support -- Code documentation - - -ver. 0.1.0 (2004/10/12) - alpha ----------- -- Initial release Copied: branches/FAIL2BAN-0_8/ChangeLog (from rev 647, branches/FAIL2BAN-0_8/CHANGELOG) =================================================================== --- branches/FAIL2BAN-0_8/ChangeLog (rev 0) +++ branches/FAIL2BAN-0_8/ChangeLog 2008-02-06 20:17:12 UTC (rev 651) @@ -0,0 +1,385 @@ + __ _ _ ___ _ + / _|__ _(_) |_ ) |__ __ _ _ _ + | _/ _` | | |/ /| '_ \/ _` | ' \ + |_| \__,_|_|_/___|_.__/\__,_|_||_| + +============================================================= +Fail2Ban (version 0.8.2) 2008/??/?? +============================================================= + +ver. 0.8.2 (2008/??/??) - stable +---------- +- Fixed named filter. Thanks to Yaroslav Halchenko +- Fixed wrong path for apache-auth in jail.conf. Thanks to + Vincent Deffontaines +- Fixed timezone bug with epoch date template. Thanks to + Michael Hanselmann +- Added "full line failregex" patch. Thanks to Yaroslav + Halchenko. It will be possible to create stronger failregex + against log injection +- Fixed ipfw action script. Thanks to Nick Munger +- Removed date from logging message when using SYSLOG. Thanks + to Iain Lea +- Fixed "ignore IPs". Only the first value was taken into + account. Thanks to Adrien Clerc +- Moved socket to /var/run/fail2ban. +- Rewrote the communication server. +- Refactoring. Reduced number of files. +- Removed Python 2.4. Minimum required version is now Python + 2.3. +- New log rotation detection algorithm. +- Print monitored files in status. +- Create a PID file in /var/run/fail2ban/. Thanks to Julien + Perez. + +ver. 0.8.1 (2007/08/14) - stable +---------- +- Fixed vulnerability in sshd.conf. Thanks to Daniel B. Cid +- Expand <HOST> in ignoreregex. Thanks to Yaroslav Halchenko +- Improved regular expressions. Thanks to Yaroslav Halchenko + and others +- Added sendmail actions. The action started with "mail" are + now deprecated. Thanks to Raphaël Marichez +- Added "ignoreregex" support to fail2ban-regex +- Updated suse-initd and added it to MANIFEST. Thanks to + Christian Rauch +- Tightening up the pid check in redhat-initd. Thanks to + David Nutter +- Added webmin authentication filter. Thanks to Guillaume + Delvit +- Removed textToDns() which is not required anymore. Thanks + to Yaroslav Halchenko +- Added new action iptables-allports. Thanks to Yaroslav + Halchenko +- Added "named" date format to date detector. Thanks to + Yaroslav Halchenko +- Added filter file for named (bind9). Thanks to Yaroslav + Halchenko +- Fixed vsftpd filter. Thanks to Yaroslav Halchenko + +ver. 0.8.0 (2007/05/03) - stable +---------- +- Fixed RedHat init script. Thanks to Jonathan Underwood +- Added Solaris 10 files. Thanks to Hanno 'Rince' Wagner + +ver. 0.7.9 (2007/04/19) - release candidate +---------- +- Close opened handlers. Thanks to Yaroslav Halchenko +- Fixed "reload" bug. Many many thanks to Yaroslav Halchenko +- Added date format for asctime without year +- Modified filters config. Thanks to Michael C. Haller +- Fixed a small bug in mail-buffered.conf + +ver. 0.7.8 (2007/03/21) - release candidate +---------- +- Fixed asctime pattern in datedetector.py +- Added new filters/actions. Thanks to Yaroslav Halchenko +- Added Suse init script and modified gentoo-initd. Thanks to + Christian Rauch +- Moved every locking statements in a try..finally block + +ver. 0.7.7 (2007/02/08) - release candidate +---------- +- Added signal handling in fail2ban-client +- Added a wonderful visual effect when waiting on the server +- fail2ban-client returns an error code if configuration is + not valid +- Added new filters/actions. Thanks to Yaroslav Halchenko +- Call Python interpreter directly (instead of using "env") +- Added file support to fail2ban-regex. Benchmark feature has + been removed +- Added cacti script and template. +- Added IP list in "status <JAIL>". Thanks to Eric Gerbier + +ver. 0.7.6 (2007/01/04) - beta +---------- +- Added a "sleep 1" in redhat-initd. Thanks to Jim Wight +- Use /dev/log for SYSLOG output. Thanks to Joerg Sommrey +- Use numeric output for iptables in "actioncheck" +- Fixed removal of host in hosts.deny. Thanks to René Berber +- Added new date format (2006-12-21 06:43:20) and Exim4 + filter. Thanks to mEDI +- Several "failregex" and "ignoreregex" are now accepted. + Creation of rules should be easier now. +- Added license in COPYING. Thanks to Axel Thimm +- Allow comma in action options. The value of the option must + be escaped with " or '. Thanks to Yaroslav Halchenko +- Now Fail2ban goes in /usr/share/fail2ban instead of + /usr/lib/fail2ban. This is more compliant with FHS. Thanks + to Axel Thimm and Yaroslav Halchenko + +ver. 0.7.5 (2006/12/07) - beta +---------- +- Do not ban a host that is currently banned. Thanks to + Yaroslav Halchenko +- The supported tags in "action(un)ban" are <ip>, <failures> + and <time> +- Fixed refactoring bug (getLastcommand -> getLastAction) +- Added option "ignoreregex" in filter scripts and jail.conf. + Feature Request #1283304 +- Fixed a bug in user defined time regex/pattern +- Improved documentation +- Moved version.py and protocol.py to common/ +- Merged "maxtime" option with "findtime" +- Added "<HOST>" tag support in failregex which matches + default IP address/hostname. "(?P<host>\S)" is still valid + and supported +- Fixed exception when calling fail2ban-server with unknown + option +- Fixed Debian bug 400162. The "socket" option is now handled + correctly by fail2ban-client +- Fixed RedHat init script. Thanks to Justin Shore +- Changed timeout to 30 secondes before assuming the server + cannot be started. Thanks to Joël Bertrand + +ver. 0.7.4 (2006/11/01) - beta +---------- +- Improved configuration files. Thanks to Yaroslav Halchenko +- Added man page for "fail2ban-regex" +- Moved ban/unban messages from "info" level to "warn" +- Added "-s" option to specify the socket path and "socket" + option in "fail2ban.conf" +- Added "backend" option in "jail.conf" +- Added more filters/actions and jail samples. Thanks to Nick + Munger, Christoph Haas +- Improved testing framework +- Fixed a bug in the return code handling of the executed + commands. Thanks to Yaroslav Halchenko +- Signal handling. There is a bug with join() and signal in + Python +- Better debugging output for "fail2ban-regex" +- Added support for more date format +- cPickle does not work with Python 2.5. Use pickle instead + (performance is not a problem in our case) + +ver. 0.7.3 (2006/09/28) - beta +---------- +- Added man pages. Thanks to Yaroslav Halchenko +- Added wildcard support for "logpath" +- Added Gamin (file and directory monitoring system) support +- (Re)added "ignoreip" option +- Added more concurrency protection +- First attempt at solving bug #1457620 (locale issue) +- Performance improvements +- (Re)added permanent banning with banTime < 0 +- Added DNS support to "ignoreip". Feature Request #1285859 + +ver. 0.7.2 (2006/09/10) - beta +---------- +- Refactoring and code cleanup +- Improved client output +- Added more get/set commands +- Added more configuration templates +- Removed "logpath" and "maxretry" from filter templates. + They must be defined in jail.conf now +- Added interactive mode. Use "-i" +- Added a date detector. "timeregex" and "timepattern" are no + more needed +- Added "fail2ban-regex". This is a tool to help finding + "failregex" +- Improved server communication. Start a new thread for each + incoming request. Fail2ban is not really thread-safe yet + +ver. 0.7.1 (2006/08/23) - alpha +---------- +- Fixed daemon mode bug +- Added Gentoo init.d script +- Fixed path bug when trying to start "fail2ban-server" +- Fixed reload command + +ver. 0.7.0 (2006/08/23) - alpha +---------- +- Almost a complete rewrite :) Fail2ban design is really + better (IMHO). There is a lot of new features +- Client/Server architecture +- Multithreading. Each jail has its own threads: one for the + log reading and another for the actions +- Execute several actions +- Split configuration files. They are more readable and easy + to use +- failregex uses group (<host>) now. This feature was already + present in the Debian package +- lots of things... + +ver. 0.6.1 (2006/03/16) - stable +---------- +- Added permanent banning. Set banTime to a negative value to + enable this feature (-1 is perfect). Thanks to Mannone +- Fixed locale bug. Thanks to Fernando José +- Fixed crash when time format does not match data +- Propagated patch from Debian to fix fail2ban search path + addition to the path search list: now it is added first. + Thanks to Nick Craig-Wood +- Added SMTP authentification for mail notification. Thanks + to Markus Hoffmann +- Removed debug mode as it is confusing for people +- Added parsing of timestamp in TAI64N format (#1275325). + Thanks to Mark Edgington +- Added patch #1382936 (Default formatted syslog logging). + Thanks to Patrick B�rjesson +- Removed 192.168.0.0/16 from ignoreip. Attacks could also + come from the local network. +- Robust startup: if iptables module does not get fully + initialized after startup of fail2ban, fail2ban will do + "maxreinit" attempts to initialize its own firewall. It + will sleep between attempts for "polltime" number of + seconds (closes Debian: #334272). Thanks to Yaroslav + Halchenko +- Added "interpolations" in fail2ban.conf. This is provided + by the ConfigParser module. Old configuration files still + work. Thanks to Yaroslav Halchenko +- Added initial support for hosts.deny and shorewall. Need + more testing. Please test. Thanks to kojiro from Gentoo + forum for hosts.deny support +- Added support for vsftpd. Thanks to zugeschmiert + +ver. 0.6.0 (2005/11/20) - stable +---------- +- Propagated patches introduced by Debian maintainer + (Yaroslav Halchenko): + * Added an option to report local time (including timezone) + or GMT in mail notification. + +ver. 0.5.5 (2005/10/26) - beta +---------- +- Propagated patches introduced by Debian maintainer + (Yaroslav Halchenko): + * Introduced fwcheck option to verify consistency of the + chains. Implemented automatic restart of fail2ban main + function in case check of fwban or fwunban command failed + (closes: #329163, #331695). (Introduced patch was further + adjusted by upstream author). + * Added -f command line parameter for [findtime]. + * Added a cleanup of firewall rules on emergency shutdown + when unknown exception is catched. + * Fail2ban should not crash now if a wrong file name is + specified in config. + * reordered code a bit so that log targets are setup right + after background and then only loglevel (verbose, debug) + is processed, so the warning could be seen in the logs + * Added a keyword <section> in parsing of the subject and + the body of an email sent out by fail2ban (closes: + #330311) + +ver. 0.5.4 (2005/09/13) - beta +---------- +- Fixed bug #1286222. +- Propagated patches introduced by Debian maintainer + (Yaroslav Halchenko): + * Fixed handling of SYSLOG logging target. Now it can log + to any SYSLOG target and facility as directed by the + config + * Format of SYSLOG entries fixed to look closer to standard + * Fixed errata in config/gentoo-confd + * Introduced findtime configuration variable to control the + lifetime of caught "failed" log entries + +ver. 0.5.3 (2005/09/08) - beta +---------- +- Fixed a bug when overriding "maxfailures" or "bantime". + Thanks to Yaroslav Halchenko +- Added more debug output if an error occurs when sending + mail. Thanks to Stephen Gildea +- Renamed "maxretry" to "maxfailures" and changed default + value to 5. Thanks to Stephen Gildea +- Hopefully fixed bug #1256075 +- Fixed bug #1262345 +- Fixed exception handling in PIDLock +- Removed warning when using "-V" or "-h" with no config + file. Thanks to Yaroslav Halchenko +- Removed "-i eth0" from config file. Thanks to Yaroslav + Halchenko + +ver. 0.5.2 (2005/08/06) - beta +---------- +- Better PID lock file handling. Should close #1239562 +- Added man pages +- Removed log4py dependency. Use logging module instead +- "maxretry" and "bantime" can be overridden in each section +- Fixed bug #1246278 (excessive memory usage) +- Fixed crash on wrong option value in configuration file +- Changed custom chains to lowercase + +ver. 0.5.1 (2005/07/23) - beta +---------- +- Fixed bugs #1241756, #1239557 +- Added log targets in configuration file. Removed -l option +- Changed iptables rules in order to create a separated chain + for each section +- Fixed static banList in firewall.py +- Added an initd script for Debian. Thanks to Yaroslav + Halchenko +- Check for obsolete files after install + +ver. 0.5.0 (2005/07/12) - beta +---------- +- Added support for CIDR mask in ignoreip +- Added mail notification support +- Fixed bug #1234699 +- Added tags replacement in rules definition. Should allow a + clean solution for Feature Request #1229479 +- Removed "interface" and "firewall" options +- Added start and end commands in the configuration file. + Thanks to Yaroslav Halchenko +- Added firewall rules definition in the configuration file +- Cleaned fail2ban.py +- Added an initd script for RedHat/Fedora. Thanks to Andrey + G. Grozin + +ver. 0.4.1 (2005/06/30) - stable +---------- +- Fixed textToDNS method which generated wrong matches for + "rhost=12-xyz...". Thanks to Tom Pike +- fail2ban.conf modified for readability. Thanks to Iain Lea +- Added an initd script for Gentoo +- Changed default PID lock file location from /tmp to + /var/run + +ver. 0.4.0 (2005/04/24) - stable +---------- +- Fixed textToDNS which did not recognize strings like + "12-345-67-890.abcd.mnopqr.xyz" + +ver. 0.3.1 (2005/03/31) - beta +---------- +- Corrected level of messages +- Added DNS lookup support +- Improved parsing speed. Only parse the new log messages +- Added a second verbose level (-vv) + +ver. 0.3.0 (2005/02/24) - beta +---------- +- Re-writting of parts of the code in order to handle several + log files with different rules +- Removed sshd.py because it is no more needed +- Fixed a bug when exiting with IP in the ban list +- Added PID lock file +- Improved some parts of the code +- Added ipfw-start-rule option (thanks to Robert Edeker) +- Added -k option which kills a currently running Fail2Ban + +ver. 0.1.2 (2004/11/21) - beta +---------- +- Add ipfw and ipfwadm support. The rules are taken from + BlockIt. Thanks to Robert Edeker +- Add -e option which allows to set the interface. Thanks to + Robert Edeker who reminded me this +- Small code cleaning + +ver. 0.1.1 (2004/10/23) - beta +---------- +- Add SIGTERM handler in order to exit nicely when in daemon + mode +- Add -r option which allows to set the maximum number of + login failures +- Remove the Metalog class as the log file are not so syslog + daemon specific +- Rewrite log reader to be service centered. Sshd support + added. Match "Failed password" and "Illegal user" +- Add /etc/fail2ban.conf configuration support +- Code documentation + + +ver. 0.1.0 (2004/10/12) - alpha +---------- +- Initial release Modified: branches/FAIL2BAN-0_8/MANIFEST =================================================================== --- branches/FAIL2BAN-0_8/MANIFEST 2008-02-02 20:07:06 UTC (rev 650) +++ branches/FAIL2BAN-0_8/MANIFEST 2008-02-06 20:17:12 UTC (rev 651) @@ -1,5 +1,5 @@ README -CHANGELOG +ChangeLog TODO COPYING fail2ban-client This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-02-28 23:01:28
|
Revision: 652 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=652&view=rev Author: lostcontrol Date: 2008-02-28 15:01:30 -0800 (Thu, 28 Feb 2008) Log Message: ----------- - Fixed "Feb 29" bug. Thanks to James Andrewartha who pointed this out. Thanks to Yaroslav Halchenko for the fix. Modified Paths: -------------- branches/FAIL2BAN-0_8/ChangeLog branches/FAIL2BAN-0_8/server/datetemplate.py Modified: branches/FAIL2BAN-0_8/ChangeLog =================================================================== --- branches/FAIL2BAN-0_8/ChangeLog 2008-02-06 20:17:12 UTC (rev 651) +++ branches/FAIL2BAN-0_8/ChangeLog 2008-02-28 23:01:30 UTC (rev 652) @@ -31,6 +31,8 @@ - Print monitored files in status. - Create a PID file in /var/run/fail2ban/. Thanks to Julien Perez. +- Fixed "Feb 29" bug. Thanks to James Andrewartha who pointed + this out. Thanks to Yaroslav Halchenko for the fix. ver. 0.8.1 (2007/08/14) - stable ---------- Modified: branches/FAIL2BAN-0_8/server/datetemplate.py =================================================================== --- branches/FAIL2BAN-0_8/server/datetemplate.py 2008-02-06 20:17:12 UTC (rev 651) +++ branches/FAIL2BAN-0_8/server/datetemplate.py 2008-02-28 23:01:30 UTC (rev 652) @@ -129,7 +129,14 @@ except ValueError: # Try to convert date string to 'C' locale conv = self.convertLocale(dateMatch.group()) - date = list(time.strptime(conv, self.getPattern())) + try: + date = list(time.strptime(conv, self.getPattern())) + except ValueError: + # Try to add the current year to the pattern. Should fix + # the "Feb 29" issue. + conv += " %s" % MyTime.gmtime()[0] + pattern = "%s %%Y" % self.getPattern() + date = list(time.strptime(conv, pattern)) if date[0] < 2000: # There is probably no year field in the logs date[0] = MyTime.gmtime()[0] This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-03-04 00:10:26
|
Revision: 654 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=654&view=rev Author: lostcontrol Date: 2008-03-03 16:10:30 -0800 (Mon, 03 Mar 2008) Log Message: ----------- - Added Mac OS/X startup script. Thanks to Bill Heaton. Modified Paths: -------------- branches/FAIL2BAN-0_8/MANIFEST Added Paths: ----------- branches/FAIL2BAN-0_8/files/macosx-initd Modified: branches/FAIL2BAN-0_8/MANIFEST =================================================================== --- branches/FAIL2BAN-0_8/MANIFEST 2008-03-03 20:39:04 UTC (rev 653) +++ branches/FAIL2BAN-0_8/MANIFEST 2008-03-04 00:10:30 UTC (rev 654) @@ -99,6 +99,7 @@ files/gentoo-initd files/gentoo-confd files/redhat-initd +files/macosx-initd files/solaris-fail2ban.xml files/solaris-svc-fail2ban files/suse-initd Added: branches/FAIL2BAN-0_8/files/macosx-initd =================================================================== --- branches/FAIL2BAN-0_8/files/macosx-initd (rev 0) +++ branches/FAIL2BAN-0_8/files/macosx-initd 2008-03-04 00:10:30 UTC (rev 654) @@ -0,0 +1,19 @@ +/Library/LaunchDaemonsm/org.fail2ban.plist +=================================== +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> +<plist version="1.0"> +<dict> + <key>Disabled</key> + <false/> + <key>Label</key> + <string>fail2ban</string> + <key>ProgramArguments</key> + <array> + <string>/usr/local/bin/fail2ban-client</string> + <string>start</string> + </array> + <key>RunAtLoad</key> + <true/> +</dict> +</plist> \ No newline at end of file This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-03-04 00:13:36
|
Revision: 655 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=655&view=rev Author: lostcontrol Date: 2008-03-03 16:13:39 -0800 (Mon, 03 Mar 2008) Log Message: ----------- - "reload <jail>" reloads a single jail and the parameters in fail2ban.conf. - Look for fail2ban-server in sys.path[0]. Thanks to Bill Heaton. Modified Paths: -------------- branches/FAIL2BAN-0_8/client/configurator.py branches/FAIL2BAN-0_8/client/jailsreader.py branches/FAIL2BAN-0_8/fail2ban-client Modified: branches/FAIL2BAN-0_8/client/configurator.py =================================================================== --- branches/FAIL2BAN-0_8/client/configurator.py 2008-03-04 00:10:30 UTC (rev 654) +++ branches/FAIL2BAN-0_8/client/configurator.py 2008-03-04 00:13:39 UTC (rev 655) @@ -56,13 +56,13 @@ def readAll(self): self.readEarly() self.__jails.read() - + def getEarlyOptions(self): return self.__fail2ban.getEarlyOptions() - - def getAllOptions(self): + + def getOptions(self, jail = None): self.__fail2ban.getOptions() - return self.__jails.getOptions() + return self.__jails.getOptions(jail) def convertToProtocol(self): self.__streams["general"] = self.__fail2ban.convert() Modified: branches/FAIL2BAN-0_8/client/jailsreader.py =================================================================== --- branches/FAIL2BAN-0_8/client/jailsreader.py 2008-03-04 00:10:30 UTC (rev 654) +++ branches/FAIL2BAN-0_8/client/jailsreader.py 2008-03-04 00:13:39 UTC (rev 655) @@ -40,12 +40,13 @@ def read(self): ConfigReader.read(self, "jail") - def getOptions(self): + def getOptions(self, section = None): opts = [] self.__opts = ConfigReader.getOptions(self, "Definition", opts) - for sec in self.sections(): - jail = JailReader(sec) + if section: + # Get the options of a specific jail. + jail = JailReader(section) jail.read() ret = jail.getOptions() if ret: @@ -53,8 +54,21 @@ # We only add enabled jails self.__jails.append(jail) else: - logSys.error("Errors in jail '" + sec + "'. Skipping...") + logSys.error("Errors in jail '%s'. Skipping..." % section) return False + else: + # Get the options of all jails. + for sec in self.sections(): + jail = JailReader(sec) + jail.read() + ret = jail.getOptions() + if ret: + if jail.isEnabled(): + # We only add enabled jails + self.__jails.append(jail) + else: + logSys.error("Errors in jail '" + sec + "'. Skipping...") + return False return True def convert(self): Modified: branches/FAIL2BAN-0_8/fail2ban-client =================================================================== --- branches/FAIL2BAN-0_8/fail2ban-client 2008-03-04 00:10:30 UTC (rev 654) +++ branches/FAIL2BAN-0_8/fail2ban-client 2008-03-04 00:13:39 UTC (rev 655) @@ -48,7 +48,8 @@ class Fail2banClient: - prompt = "fail2ban> " + SERVER = "fail2ban-server" + PROMPT = "fail2ban> " def __init__(self): self.__argv = None @@ -208,6 +209,19 @@ else: logSys.error("Could not find server") return False + elif len(cmd) == 2 and cmd[0] == "reload": + if self.__ping(): + jail = cmd[1] + ret = self.__readJailConfig(jail) + # Do not continue if configuration is not 100% valid + if not ret: + return False + self.__processCmd([['stop', jail]], False) + # Configure the server + return self.__processCmd(self.__stream, False) + else: + logSys.error("Could not find server") + return False else: return self.__processCmd([cmd]) @@ -222,7 +236,7 @@ pid = os.fork() if pid == 0: args = list() - args.append("fail2ban-server") + args.append(self.SERVER) # Start in background mode. args.append("-b") # Set the socket path. @@ -232,14 +246,15 @@ if force: args.append("-x") try: - # Use the PATH env - os.execvp("fail2ban-server", args) + # Use the current directory. + exe = os.path.abspath(os.path.join(sys.path[0], self.SERVER)) + os.execv(exe, args) except OSError: try: - # Use the current directory - os.execv("fail2ban-server", args) + # Use the PATH env. + os.execvp(self.SERVER, args) except OSError: - print "Could not find fail2ban-server" + print "Could not find %s" % self.SERVER os.exit(-1) @@ -333,7 +348,7 @@ readline.parse_and_bind("tab: complete") self.dispInteractive() while True: - cmd = raw_input(self.prompt) + cmd = raw_input(self.PROMPT) if cmd == "exit" or cmd == "quit": # Exit return True @@ -352,11 +367,18 @@ def __readConfig(self): # Read the configuration self.__configurator.readAll() - ret = self.__configurator.getAllOptions() + ret = self.__configurator.getOptions() self.__configurator.convertToProtocol() self.__stream = self.__configurator.getConfigStream() return ret + def __readJailConfig(self, jail): + self.__configurator.readAll() + ret = self.__configurator.getOptions(jail) + self.__configurator.convertToProtocol() + self.__stream = self.__configurator.getConfigStream() + return ret + #@staticmethod def dumpConfig(cmd): for c in cmd: This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-03-04 00:17:51
|
Revision: 656 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=656&view=rev Author: lostcontrol Date: 2008-03-03 16:17:56 -0800 (Mon, 03 Mar 2008) Log Message: ----------- - Fixed fail2ban-regex. It support "includes" in configuration files. - Modified "includes" to be more generic. We will probably support URL in the future. - Small refactoring. Modified Paths: -------------- branches/FAIL2BAN-0_8/client/configparserinc.py branches/FAIL2BAN-0_8/client/configreader.py branches/FAIL2BAN-0_8/config/filter.d/common.conf branches/FAIL2BAN-0_8/config/filter.d/sshd.conf branches/FAIL2BAN-0_8/fail2ban-regex branches/FAIL2BAN-0_8/server/filter.py Modified: branches/FAIL2BAN-0_8/client/configparserinc.py =================================================================== --- branches/FAIL2BAN-0_8/client/configparserinc.py 2008-03-04 00:13:39 UTC (rev 655) +++ branches/FAIL2BAN-0_8/client/configparserinc.py 2008-03-04 00:17:56 UTC (rev 656) @@ -15,6 +15,7 @@ # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # Author: Yaroslav Halchenko +# Modified: Cyril Jaquier # $Revision$ __author__ = 'Yaroslav Halhenko' @@ -23,9 +24,12 @@ __copyright__ = 'Copyright (c) 2007 Yaroslav Halchenko' __license__ = 'GPL' +import logging, os from ConfigParser import SafeConfigParser -from ConfigParser import NoOptionError, NoSectionError +# Gets the instance of the logger. +logSys = logging.getLogger("fail2ban.client.config") + class SafeConfigParserWithIncludes(SafeConfigParser): """ Class adds functionality to SafeConfigParser to handle included @@ -38,10 +42,10 @@ Example: [INCLUDES] -files_before = 1.conf +before = 1.conf 3.conf -files_after = 1.conf +after = 1.conf It is a simple implementation, so just basic care is taken about recursion. Includes preserve right order, ie new files are @@ -55,35 +59,42 @@ """ + SECTION_NAME = "INCLUDES" + #@staticmethod - def getIncludedFiles(filename, sectionName='INCLUDES', - defaults={}, seen=[]): + def getIncludes(resource, seen = []): """ - Given 1 config filename returns list of included files + Given 1 config resource returns list of included files (recursively) with the original one as well Simple loops are taken care about """ - filenames = [] - #print "Opening file " + filename - d = defaults.copy() # so that we do not poison our defaults - parser = SafeConfigParser(defaults = d) - parser.read(filename) - newFiles = [ ('files_before', []), ('files_after', []) ] - if sectionName in parser.sections(): + + # Use a short class name ;) + SCPWI = SafeConfigParserWithIncludes + + parser = SafeConfigParser() + parser.read(resource) + + resourceDir = os.path.dirname(resource) + + newFiles = [ ('before', []), ('after', []) ] + if SCPWI.SECTION_NAME in parser.sections(): for option_name, option_list in newFiles: - if option_name in parser.options(sectionName): - newFileNames = parser.get(sectionName, option_name) - for newFileName in newFileNames.split('\n'): - if newFileName in seen: continue - option_list += SafeConfigParserWithIncludes.\ - getIncludedFiles(newFileName, - defaults=defaults, - seen=seen + [filename]) + if option_name in parser.options(SCPWI.SECTION_NAME): + newResources = parser.get(SCPWI.SECTION_NAME, option_name) + for newResource in newResources.split('\n'): + if os.path.isabs(newResource): + r = newResource + else: + r = "%s/%s" % (resourceDir, newResource) + if r in seen: + continue + s = seen + [resource] + option_list += SCPWI.getIncludes(r, s) # combine lists - filenames = newFiles[0][1] + [filename] + newFiles[1][1] - #print "Includes list for " + filename + " is " + `filenames` - return filenames - getIncludedFiles = staticmethod(getIncludedFiles) + return newFiles[0][1] + [resource] + newFiles[1][1] + #print "Includes list for " + resource + " is " + `resources` + getIncludes = staticmethod(getIncludes) def read(self, filenames): @@ -91,8 +102,7 @@ if not isinstance(filenames, list): filenames = [ filenames ] for filename in filenames: - fileNamesFull += SafeConfigParserWithIncludes.\ - getIncludedFiles(filename, defaults=self._defaults) - #print "Opening config files " + `fileNamesFull` + fileNamesFull += SafeConfigParserWithIncludes.getIncludes(filename) + logSys.debug("Reading files: %s" % fileNamesFull) return SafeConfigParser.read(self, fileNamesFull) Modified: branches/FAIL2BAN-0_8/client/configreader.py =================================================================== --- branches/FAIL2BAN-0_8/client/configreader.py 2008-03-04 00:13:39 UTC (rev 655) +++ branches/FAIL2BAN-0_8/client/configreader.py 2008-03-04 00:17:56 UTC (rev 656) @@ -36,9 +36,7 @@ BASE_DIRECTORY = "/etc/fail2ban/" def __init__(self): - SafeConfigParserWithIncludes.__init__(self, - {'configpath' : \ - ConfigReader.BASE_DIRECTORY} ) + SafeConfigParserWithIncludes.__init__(self) self.__opts = None #@staticmethod Modified: branches/FAIL2BAN-0_8/config/filter.d/common.conf =================================================================== --- branches/FAIL2BAN-0_8/config/filter.d/common.conf 2008-03-04 00:13:39 UTC (rev 655) +++ branches/FAIL2BAN-0_8/config/filter.d/common.conf 2008-03-04 00:17:56 UTC (rev 656) @@ -9,7 +9,7 @@ [INCLUDES] # Load customizations if any available -files_after = %(configpath)s/filter.d/common.local +after = common.local [DEFAULT] Modified: branches/FAIL2BAN-0_8/config/filter.d/sshd.conf =================================================================== --- branches/FAIL2BAN-0_8/config/filter.d/sshd.conf 2008-03-04 00:13:39 UTC (rev 655) +++ branches/FAIL2BAN-0_8/config/filter.d/sshd.conf 2008-03-04 00:17:56 UTC (rev 656) @@ -9,7 +9,7 @@ # Read common prefixes. If any customizations available -- read them from # common.local -files_before = %(configpath)s/filter.d/common.conf +before = common.conf [Definition] Modified: branches/FAIL2BAN-0_8/fail2ban-regex =================================================================== --- branches/FAIL2BAN-0_8/fail2ban-regex 2008-03-04 00:13:39 UTC (rev 655) +++ branches/FAIL2BAN-0_8/fail2ban-regex 2008-03-04 00:17:56 UTC (rev 656) @@ -222,7 +222,7 @@ try: self.__filter.addFailRegex(regex.getFailRegex()) try: - ret = self.__filter.findFailure(line) + ret = self.__filter.processLine(line) if not len(ret) == 0: if found == True: ret[0].append(True) Modified: branches/FAIL2BAN-0_8/server/filter.py =================================================================== --- branches/FAIL2BAN-0_8/server/filter.py 2008-03-04 00:13:39 UTC (rev 655) +++ branches/FAIL2BAN-0_8/server/filter.py 2008-03-04 00:17:56 UTC (rev 656) @@ -235,9 +235,6 @@ def processLine(self, line): - if not self._isActive(): - # The jail has been stopped - return try: # Decode line to UTF-8 l = line.decode('utf-8') @@ -246,25 +243,27 @@ timeMatch = self.dateDetector.matchTime(l) if not timeMatch: # There is no valid time in this line - return + return [] # Lets split into time part and log part of the line timeLine = timeMatch.group() # Lets leave the beginning in as well, so if there is no # anchore at the beginning of the time regexp, we don't # at least allow injection. Should be harmless otherwise logLine = l[:timeMatch.start()] + l[timeMatch.end():] - for element in self.findFailure(timeLine, logLine): + return self.findFailure(timeLine, logLine) + + def processLineAndAdd(self, line): + for element in self.processLine(line): ip = element[0] unixTime = element[1] - if unixTime < MyTime.time() - self.__findTime: + if unixTime < MyTime.time() - self.getFindTime(): break if self.inIgnoreIPList(ip): - logSys.debug("Ignore "+ip) + logSys.debug("Ignore %s" % ip) continue - logSys.debug("Found "+ip) + logSys.debug("Found %s" % ip) self.failManager.addFailure(FailTicket(ip, unixTime)) - ## # Returns true if the line should be ignored. # @@ -409,32 +408,7 @@ if not self._isActive(): # The jail has been stopped break - try: - # Decode line to UTF-8 - line = line.decode('utf-8') - except UnicodeDecodeError: - pass - timeMatch = self.dateDetector.matchTime(line) - if not timeMatch: - # There is no valid time in this line - line = container.readline() - continue - # Lets split into time part and log part of the line - timeLine = timeMatch.group() - # Lets leave the beginning in as well, so if there is no - # anchore at the beginning of the time regexp, we don't - # at least allow injection. Should be harmless otherwise - logLine = line[:timeMatch.start()] + line[timeMatch.end():] - for element in self.findFailure(timeLine, logLine): - ip = element[0] - unixTime = element[1] - if unixTime < MyTime.time() - self.getFindTime(): - break - if self.inIgnoreIPList(ip): - logSys.debug("Ignore "+ip) - continue - logSys.debug("Found "+ip) - self.failManager.addFailure(FailTicket(ip, unixTime)) + self.processLineAndAdd(line) # Read a new line. line = container.readline() container.close() This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-03-04 00:20:17
|
Revision: 657 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=657&view=rev Author: lostcontrol Date: 2008-03-03 16:20:12 -0800 (Mon, 03 Mar 2008) Log Message: ----------- - Updated. Modified Paths: -------------- branches/FAIL2BAN-0_8/ChangeLog branches/FAIL2BAN-0_8/README Modified: branches/FAIL2BAN-0_8/ChangeLog =================================================================== --- branches/FAIL2BAN-0_8/ChangeLog 2008-03-04 00:17:56 UTC (rev 656) +++ branches/FAIL2BAN-0_8/ChangeLog 2008-03-04 00:20:12 UTC (rev 657) @@ -33,6 +33,9 @@ Perez. - Fixed "Feb 29" bug. Thanks to James Andrewartha who pointed this out. Thanks to Yaroslav Halchenko for the fix. +- "reload <jail>" reloads a single jail and the parameters in + fail2ban.conf. +- Added Mac OS/X startup script. Thanks to Bill Heaton. ver. 0.8.1 (2007/08/14) - stable ---------- Modified: branches/FAIL2BAN-0_8/README =================================================================== --- branches/FAIL2BAN-0_8/README 2008-03-04 00:17:56 UTC (rev 656) +++ branches/FAIL2BAN-0_8/README 2008-03-04 00:20:12 UTC (rev 657) @@ -75,7 +75,8 @@ René Berber, mEDI, Axel Thimm, Eric Gerbier, Christian Rauch, Michael C. Haller, Jonathan Underwood, Hanno 'Rince' Wagner, Daniel B. Cid, David Nutter, Raphaël Marichez, Guillaume -Delvit, Vaclav Misek, Adrien Clerc +Delvit, Vaclav Misek, Adrien Clerc, Michael Hanselmann, +Vincent Deffontaines, Bill Heaton License: -------- This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-03-04 22:41:28
|
Revision: 658 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=658&view=rev Author: lostcontrol Date: 2008-03-04 14:41:28 -0800 (Tue, 04 Mar 2008) Log Message: ----------- - Absorbed some Debian patches. Thanks to Yaroslav Halchenko. - Renamed actionend to actionstop. Modified Paths: -------------- branches/FAIL2BAN-0_8/ChangeLog branches/FAIL2BAN-0_8/config/action.d/dummy.conf branches/FAIL2BAN-0_8/config/action.d/hostsdeny.conf branches/FAIL2BAN-0_8/config/action.d/ipfw.conf branches/FAIL2BAN-0_8/config/action.d/iptables-allports.conf branches/FAIL2BAN-0_8/config/action.d/iptables-multiport.conf branches/FAIL2BAN-0_8/config/action.d/iptables-new.conf branches/FAIL2BAN-0_8/config/action.d/iptables.conf branches/FAIL2BAN-0_8/config/action.d/mail-buffered.conf branches/FAIL2BAN-0_8/config/action.d/mail-whois-lines.conf branches/FAIL2BAN-0_8/config/action.d/mail-whois.conf branches/FAIL2BAN-0_8/config/action.d/mail.conf branches/FAIL2BAN-0_8/config/action.d/sendmail-buffered.conf branches/FAIL2BAN-0_8/config/action.d/sendmail-whois-lines.conf branches/FAIL2BAN-0_8/config/action.d/sendmail-whois.conf branches/FAIL2BAN-0_8/config/action.d/sendmail.conf branches/FAIL2BAN-0_8/config/action.d/shorewall.conf branches/FAIL2BAN-0_8/config/filter.d/apache-noscript.conf branches/FAIL2BAN-0_8/config/filter.d/proftpd.conf branches/FAIL2BAN-0_8/config/filter.d/sshd.conf branches/FAIL2BAN-0_8/config/filter.d/vsftpd.conf Modified: branches/FAIL2BAN-0_8/ChangeLog =================================================================== --- branches/FAIL2BAN-0_8/ChangeLog 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/ChangeLog 2008-03-04 22:41:28 UTC (rev 658) @@ -36,6 +36,7 @@ - "reload <jail>" reloads a single jail and the parameters in fail2ban.conf. - Added Mac OS/X startup script. Thanks to Bill Heaton. +- Absorbed some Debian patches. Thanks to Yaroslav Halchenko. ver. 0.8.1 (2007/08/14) - stable ---------- Modified: branches/FAIL2BAN-0_8/config/action.d/dummy.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/dummy.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/action.d/dummy.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -14,7 +14,7 @@ actionstart = touch /tmp/fail2ban.dummy echo "<init>" >> /tmp/fail2ban.dummy -# Option: actionend +# Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # Modified: branches/FAIL2BAN-0_8/config/action.d/hostsdeny.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/hostsdeny.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/action.d/hostsdeny.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -13,7 +13,7 @@ # actionstart = -# Option: actionend +# Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # Modified: branches/FAIL2BAN-0_8/config/action.d/ipfw.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/ipfw.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/action.d/ipfw.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -15,7 +15,7 @@ actionstart = -# Option: actionend +# Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # Modified: branches/FAIL2BAN-0_8/config/action.d/iptables-allports.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/iptables-allports.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/action.d/iptables-allports.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -17,7 +17,7 @@ iptables -A fail2ban-<name> -j RETURN iptables -I INPUT -p <protocol> -j fail2ban-<name> -# Option: actionend +# Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # Modified: branches/FAIL2BAN-0_8/config/action.d/iptables-multiport.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/iptables-multiport.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/action.d/iptables-multiport.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -15,7 +15,7 @@ iptables -A fail2ban-<name> -j RETURN iptables -I INPUT -p <protocol> -m multiport --dports <port> -j fail2ban-<name> -# Option: actionend +# Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # Modified: branches/FAIL2BAN-0_8/config/action.d/iptables-new.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/iptables-new.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/action.d/iptables-new.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -17,7 +17,7 @@ iptables -A fail2ban-<name> -j RETURN iptables -I INPUT -m state --state NEW -p <protocol> --dport <port> -j fail2ban-<name> -# Option: actionend +# Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # Modified: branches/FAIL2BAN-0_8/config/action.d/iptables.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/iptables.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/action.d/iptables.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -15,7 +15,7 @@ iptables -A fail2ban-<name> -j RETURN iptables -I INPUT -p <protocol> --dport <port> -j fail2ban-<name> -# Option: actionend +# Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # Modified: branches/FAIL2BAN-0_8/config/action.d/mail-buffered.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/mail-buffered.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/action.d/mail-buffered.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -17,7 +17,7 @@ Regards,\n Fail2Ban"|mail -s "[Fail2Ban] <name>: started" <dest> -# Option: actionend +# Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # Modified: branches/FAIL2BAN-0_8/config/action.d/mail-whois-lines.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/mail-whois-lines.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/action.d/mail-whois-lines.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -7,7 +7,7 @@ [Definition] -# Option: fwstart +# Option: actionstart # Notes.: command executed once at the start of Fail2Ban. # Values: CMD # @@ -16,7 +16,7 @@ Regards,\n Fail2Ban"|mail -s "[Fail2Ban] <name>: started" <dest> -# Option: fwend +# Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # @@ -25,13 +25,13 @@ Regards,\n Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped" <dest> -# Option: fwcheck -# Notes.: command executed once before each fwban command +# Option: actioncheck +# Notes.: command executed once before each actionban command # Values: CMD # actioncheck = -# Option: fwban +# Option: actionban # Notes.: command executed when banning an IP. Take care that the # command is executed with Fail2Ban user rights. # Tags: <ip> IP address @@ -50,7 +50,7 @@ Regards,\n Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip>" <dest> -# Option: fwunban +# Option: actionunban # Notes.: command executed when unbanning an IP. Take care that the # command is executed with Fail2Ban user rights. # Tags: <ip> IP address Modified: branches/FAIL2BAN-0_8/config/action.d/mail-whois.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/mail-whois.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/action.d/mail-whois.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -16,7 +16,7 @@ Regards,\n Fail2Ban"|mail -s "[Fail2Ban] <name>: started" <dest> -# Option: actionend +# Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # Modified: branches/FAIL2BAN-0_8/config/action.d/mail.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/mail.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/action.d/mail.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -16,7 +16,7 @@ Regards,\n Fail2Ban"|mail -s "[Fail2Ban] <name>: started" <dest> -# Option: actionend +# Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # Modified: branches/FAIL2BAN-0_8/config/action.d/sendmail-buffered.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/sendmail-buffered.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/action.d/sendmail-buffered.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -20,7 +20,7 @@ Regards,\n Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest> -# Option: actionend +# Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # Modified: branches/FAIL2BAN-0_8/config/action.d/sendmail-whois-lines.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/sendmail-whois-lines.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/action.d/sendmail-whois-lines.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -19,7 +19,7 @@ Regards,\n Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest> -# Option: actionend +# Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # Modified: branches/FAIL2BAN-0_8/config/action.d/sendmail-whois.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/sendmail-whois.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/action.d/sendmail-whois.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -19,7 +19,7 @@ Regards,\n Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest> -# Option: actionend +# Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # Modified: branches/FAIL2BAN-0_8/config/action.d/sendmail.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/sendmail.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/action.d/sendmail.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -19,7 +19,7 @@ Regards,\n Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest> -# Option: actionend +# Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # Modified: branches/FAIL2BAN-0_8/config/action.d/shorewall.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/shorewall.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/action.d/shorewall.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -13,7 +13,7 @@ # actionstart = -# Option: actionend +# Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # Modified: branches/FAIL2BAN-0_8/config/filter.d/apache-noscript.conf =================================================================== --- branches/FAIL2BAN-0_8/config/filter.d/apache-noscript.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/filter.d/apache-noscript.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -14,7 +14,7 @@ # (?:::f{4,6}:)?(?P<host>\S+) # Values: TEXT # -failregex = [[]client <HOST>[]] File does not exist: .*(\.php|\.asp) +failregex = [[]client <HOST>[]] (File does not exist|script not found or unable to stat): .*(\.php|\.asp|\.exe|\.pl) # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. Modified: branches/FAIL2BAN-0_8/config/filter.d/proftpd.conf =================================================================== --- branches/FAIL2BAN-0_8/config/filter.d/proftpd.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/filter.d/proftpd.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -14,8 +14,10 @@ # (?:::f{4,6}:)?(?P<host>\S+) # Values: TEXT # -failregex = USER \S+: no such user found from \S* ?\[<HOST>\] to \S+\s*$ - \(\S*\[<HOST>\]\) - USER \S+ \(Login failed\): Incorrect password.$ +failregex = \(\S+\[<HOST>\]\): USER \S+: no such user found from \S+ \[[0-9.]+\] to \S+:\S+$ + \(\S+\[<HOST>\]\): USER \S+ \(Login failed\): Incorrect password\.$ + \(\S+\[<HOST>\]\): SECURITY VIOLATION: \S+ login attempted\.$ + \(\S+\[<HOST>\]\): Maximum login attempts \(\d+\) exceeded$ # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. Modified: branches/FAIL2BAN-0_8/config/filter.d/sshd.conf =================================================================== --- branches/FAIL2BAN-0_8/config/filter.d/sshd.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/filter.d/sshd.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -28,6 +28,8 @@ ^%(__prefix_line)sROOT LOGIN REFUSED.* FROM <HOST>\s*$ ^%(__prefix_line)s[iI](?:llegal|nvalid) user .* from <HOST>\s*$ ^%(__prefix_line)sUser \S+ from <HOST> not allowed because not listed in AllowUsers$ + ^%(__prefix_line)sauthentication failure; logname=\S* uid=\S* euid=\S* tty=\S* ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$ + ^%(__prefix_line)srefused connect from \S+ \(<HOST>\)\s*$ # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. Modified: branches/FAIL2BAN-0_8/config/filter.d/vsftpd.conf =================================================================== --- branches/FAIL2BAN-0_8/config/filter.d/vsftpd.conf 2008-03-04 00:20:12 UTC (rev 657) +++ branches/FAIL2BAN-0_8/config/filter.d/vsftpd.conf 2008-03-04 22:41:28 UTC (rev 658) @@ -14,7 +14,7 @@ # (?:::f{4,6}:)?(?P<host>\S+) # Values: TEXT # -failregex = vsftpd(?:\[\d+\])?: .* authentication failure; .* rhost=<HOST>\s*$ +failregex = vsftpd(?:\(pam_unix\))?(?:\[\d+\])?:.* authentication failure; .* rhost=<HOST>(?:\s+user=\S*)?\s*$ \[.+\] FAIL LOGIN: Client "<HOST>"\s*$ # Option: ignoreregex This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-03-04 23:11:22
|
Revision: 660 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=660&view=rev Author: lostcontrol Date: 2008-03-04 15:11:28 -0800 (Tue, 04 Mar 2008) Log Message: ----------- - Replaced "echo" with "printf" in actions. Fix #1839673 Modified Paths: -------------- branches/FAIL2BAN-0_8/ChangeLog branches/FAIL2BAN-0_8/config/action.d/dummy.conf branches/FAIL2BAN-0_8/config/action.d/hostsdeny.conf branches/FAIL2BAN-0_8/config/action.d/mail-buffered.conf branches/FAIL2BAN-0_8/config/action.d/mail-whois-lines.conf branches/FAIL2BAN-0_8/config/action.d/mail-whois.conf branches/FAIL2BAN-0_8/config/action.d/mail.conf branches/FAIL2BAN-0_8/config/action.d/sendmail-buffered.conf branches/FAIL2BAN-0_8/config/action.d/sendmail-whois-lines.conf branches/FAIL2BAN-0_8/config/action.d/sendmail-whois.conf branches/FAIL2BAN-0_8/config/action.d/sendmail.conf Modified: branches/FAIL2BAN-0_8/ChangeLog =================================================================== --- branches/FAIL2BAN-0_8/ChangeLog 2008-03-04 23:09:30 UTC (rev 659) +++ branches/FAIL2BAN-0_8/ChangeLog 2008-03-04 23:11:28 UTC (rev 660) @@ -37,6 +37,7 @@ fail2ban.conf. - Added Mac OS/X startup script. Thanks to Bill Heaton. - Absorbed some Debian patches. Thanks to Yaroslav Halchenko. +- Replaced "echo" with "printf" in actions. Fix #1839673 ver. 0.8.1 (2007/08/14) - stable ---------- Modified: branches/FAIL2BAN-0_8/config/action.d/dummy.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/dummy.conf 2008-03-04 23:09:30 UTC (rev 659) +++ branches/FAIL2BAN-0_8/config/action.d/dummy.conf 2008-03-04 23:11:28 UTC (rev 660) @@ -12,7 +12,7 @@ # Values: CMD # actionstart = touch /tmp/fail2ban.dummy - echo "<init>" >> /tmp/fail2ban.dummy + printf %%b "<init>\n" >> /tmp/fail2ban.dummy # Option: actionstop # Notes.: command executed once at the end of Fail2Ban @@ -34,7 +34,7 @@ # <time> unix timestamp of the ban time # Values: CMD # -actionban = echo "+<ip>" >> /tmp/fail2ban.dummy +actionban = printf %%b "+<ip>\n" >> /tmp/fail2ban.dummy # Option: actionunban # Notes.: command executed when unbanning an IP. Take care that the @@ -44,7 +44,7 @@ # <time> unix timestamp of the ban time # Values: CMD # -actionunban = echo "-<ip>" >> /tmp/fail2ban.dummy +actionunban = printf %%b "-<ip>\n" >> /tmp/fail2ban.dummy [Init] Modified: branches/FAIL2BAN-0_8/config/action.d/hostsdeny.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/hostsdeny.conf 2008-03-04 23:09:30 UTC (rev 659) +++ branches/FAIL2BAN-0_8/config/action.d/hostsdeny.conf 2008-03-04 23:11:28 UTC (rev 660) @@ -34,7 +34,7 @@ # Values: CMD # actionban = IP=<ip> && - echo "ALL: $IP" >> <file> + printf %%b "ALL: $IP\n" >> <file> # Option: actionunban # Notes.: command executed when unbanning an IP. Take care that the Modified: branches/FAIL2BAN-0_8/config/action.d/mail-buffered.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/mail-buffered.conf 2008-03-04 23:09:30 UTC (rev 659) +++ branches/FAIL2BAN-0_8/config/action.d/mail-buffered.conf 2008-03-04 23:11:28 UTC (rev 660) @@ -11,7 +11,7 @@ # Notes.: command executed once at the start of Fail2Ban. # Values: CMD # -actionstart = echo -en "Hi,\n +actionstart = printf %%b "Hi,\n The jail <name> has been started successfully.\n Output will be buffered until <lines> lines are available.\n Regards,\n @@ -22,14 +22,14 @@ # Values: CMD # actionstop = if [ -f <tmpfile> ]; then - echo -en "Hi,\n + printf %%b "Hi,\n These hosts have been banned by Fail2Ban.\n `cat <tmpfile>` Regards,\n Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary" <dest> rm <tmpfile> fi - echo -en "Hi,\n + printf %%b "Hi,\n The jail <name> has been stopped.\n Regards,\n Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped" <dest> @@ -48,10 +48,10 @@ # <time> unix timestamp of the ban time # Values: CMD # -actionban = echo `date`": <ip> (<failures> failures)" >> <tmpfile> +actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile> LINE=$( wc -l <tmpfile> | awk '{ print $1 }' ) if [ $LINE -eq <lines> ]; then - echo -en "Hi,\n + printf %%b "Hi,\n These hosts have been banned by Fail2Ban.\n `cat <tmpfile>` \nRegards,\n Modified: branches/FAIL2BAN-0_8/config/action.d/mail-whois-lines.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/mail-whois-lines.conf 2008-03-04 23:09:30 UTC (rev 659) +++ branches/FAIL2BAN-0_8/config/action.d/mail-whois-lines.conf 2008-03-04 23:11:28 UTC (rev 660) @@ -11,7 +11,7 @@ # Notes.: command executed once at the start of Fail2Ban. # Values: CMD # -actionstart = echo -en "Hi,\n +actionstart = printf %%b "Hi,\n The jail <name> has been started successfully.\n Regards,\n Fail2Ban"|mail -s "[Fail2Ban] <name>: started" <dest> @@ -20,7 +20,7 @@ # Notes.: command executed once at the end of Fail2Ban # Values: CMD # -actionstop = echo -en "Hi,\n +actionstop = printf %%b "Hi,\n The jail <name> has been stopped.\n Regards,\n Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped" <dest> @@ -40,7 +40,7 @@ # <bantime> unix timestamp of the ban time # Values: CMD # -actionban = echo -en "Hi,\n +actionban = printf %%b "Hi,\n The IP <ip> has just been banned by Fail2Ban after <failures> attempts against <name>.\n\n Here are more information about <ip>:\n Modified: branches/FAIL2BAN-0_8/config/action.d/mail-whois.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/mail-whois.conf 2008-03-04 23:09:30 UTC (rev 659) +++ branches/FAIL2BAN-0_8/config/action.d/mail-whois.conf 2008-03-04 23:11:28 UTC (rev 660) @@ -11,7 +11,7 @@ # Notes.: command executed once at the start of Fail2Ban. # Values: CMD # -actionstart = echo -en "Hi,\n +actionstart = printf %%b "Hi,\n The jail <name> has been started successfully.\n Regards,\n Fail2Ban"|mail -s "[Fail2Ban] <name>: started" <dest> @@ -20,7 +20,7 @@ # Notes.: command executed once at the end of Fail2Ban # Values: CMD # -actionstop = echo -en "Hi,\n +actionstop = printf %%b "Hi,\n The jail <name> has been stopped.\n Regards,\n Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped" <dest> @@ -39,7 +39,7 @@ # <time> unix timestamp of the ban time # Values: CMD # -actionban = echo -en "Hi,\n +actionban = printf %%b "Hi,\n The IP <ip> has just been banned by Fail2Ban after <failures> attempts against <name>.\n\n Here are more information about <ip>:\n Modified: branches/FAIL2BAN-0_8/config/action.d/mail.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/mail.conf 2008-03-04 23:09:30 UTC (rev 659) +++ branches/FAIL2BAN-0_8/config/action.d/mail.conf 2008-03-04 23:11:28 UTC (rev 660) @@ -11,7 +11,7 @@ # Notes.: command executed once at the start of Fail2Ban. # Values: CMD # -actionstart = echo -en "Hi,\n +actionstart = printf %%b "Hi,\n The jail <name> has been started successfully.\n Regards,\n Fail2Ban"|mail -s "[Fail2Ban] <name>: started" <dest> @@ -20,7 +20,7 @@ # Notes.: command executed once at the end of Fail2Ban # Values: CMD # -actionstop = echo -en "Hi,\n +actionstop = printf %%b "Hi,\n The jail <name> has been stopped.\n Regards,\n Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped" <dest> @@ -39,7 +39,7 @@ # <time> unix timestamp of the ban time # Values: CMD # -actionban = echo -en "Hi,\n +actionban = printf %%b "Hi,\n The IP <ip> has just been banned by Fail2Ban after <failures> attempts against <name>.\n Regards,\n Modified: branches/FAIL2BAN-0_8/config/action.d/sendmail-buffered.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/sendmail-buffered.conf 2008-03-04 23:09:30 UTC (rev 659) +++ branches/FAIL2BAN-0_8/config/action.d/sendmail-buffered.conf 2008-03-04 23:11:28 UTC (rev 660) @@ -11,7 +11,7 @@ # Notes.: command executed once at the start of Fail2Ban. # Values: CMD # -actionstart = echo -en "Subject: [Fail2Ban] <name>: started +actionstart = printf %%b "Subject: [Fail2Ban] <name>: started From: Fail2Ban <<sender>> To: <dest>\n Hi,\n @@ -25,7 +25,7 @@ # Values: CMD # actionstop = if [ -f <tmpfile> ]; then - echo -en "Subject: [Fail2Ban] <name>: summary + printf %%b "Subject: [Fail2Ban] <name>: summary From: Fail2Ban <<sender>> To: <dest>\n Hi,\n @@ -35,7 +35,7 @@ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest> rm <tmpfile> fi - echo -en "Subject: [Fail2Ban] <name>: stopped + printf %%b "Subject: [Fail2Ban] <name>: stopped From: Fail2Ban <<sender>> To: <dest>\n Hi,\n @@ -57,10 +57,10 @@ # <time> unix timestamp of the ban time # Values: CMD # -actionban = echo `date`": <ip> (<failures> failures)" >> <tmpfile> +actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile> LINE=$( wc -l <tmpfile> | awk '{ print $1 }' ) if [ $LINE -eq <lines> ]; then - echo -en "Subject: [Fail2Ban] <name>: summary + printf %%b "Subject: [Fail2Ban] <name>: summary From: Fail2Ban <<sender>> To: <dest>\n Hi,\n Modified: branches/FAIL2BAN-0_8/config/action.d/sendmail-whois-lines.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/sendmail-whois-lines.conf 2008-03-04 23:09:30 UTC (rev 659) +++ branches/FAIL2BAN-0_8/config/action.d/sendmail-whois-lines.conf 2008-03-04 23:11:28 UTC (rev 660) @@ -11,7 +11,7 @@ # Notes.: command executed once at the start of Fail2Ban. # Values: CMD # -actionstart = echo -en "Subject: [Fail2Ban] <name>: started +actionstart = printf %%b "Subject: [Fail2Ban] <name>: started From: Fail2Ban <<sender>> To: <dest>\n Hi,\n @@ -23,7 +23,7 @@ # Notes.: command executed once at the end of Fail2Ban # Values: CMD # -actionstop = echo -en "Subject: [Fail2Ban] <name>: stopped +actionstop = printf %%b "Subject: [Fail2Ban] <name>: stopped From: Fail2Ban <<sender>> To: <dest>\n Hi,\n @@ -45,7 +45,7 @@ # <time> unix timestamp of the ban time # Values: CMD # -actionban = echo -en "Subject: [Fail2Ban] <name>: banned <ip> +actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> From: Fail2Ban <<sender>> To: <dest>\n Hi,\n Modified: branches/FAIL2BAN-0_8/config/action.d/sendmail-whois.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/sendmail-whois.conf 2008-03-04 23:09:30 UTC (rev 659) +++ branches/FAIL2BAN-0_8/config/action.d/sendmail-whois.conf 2008-03-04 23:11:28 UTC (rev 660) @@ -11,7 +11,7 @@ # Notes.: command executed once at the start of Fail2Ban. # Values: CMD # -actionstart = echo -en "Subject: [Fail2Ban] <name>: started +actionstart = printf %%b "Subject: [Fail2Ban] <name>: started From: Fail2Ban <<sender>> To: <dest>\n Hi,\n @@ -23,7 +23,7 @@ # Notes.: command executed once at the end of Fail2Ban # Values: CMD # -actionstop = echo -en "Subject: [Fail2Ban] <name>: stopped +actionstop = printf %%b "Subject: [Fail2Ban] <name>: stopped From: Fail2Ban <<sender>> To: <dest>\n Hi,\n @@ -45,7 +45,7 @@ # <time> unix timestamp of the ban time # Values: CMD # -actionban = echo -en "Subject: [Fail2Ban] <name>: banned <ip> +actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> From: Fail2Ban <<sender>> To: <dest>\n Hi,\n Modified: branches/FAIL2BAN-0_8/config/action.d/sendmail.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/sendmail.conf 2008-03-04 23:09:30 UTC (rev 659) +++ branches/FAIL2BAN-0_8/config/action.d/sendmail.conf 2008-03-04 23:11:28 UTC (rev 660) @@ -11,7 +11,7 @@ # Notes.: command executed once at the start of Fail2Ban. # Values: CMD # -actionstart = echo -en "Subject: [Fail2Ban] <name>: started +actionstart = printf %%b "Subject: [Fail2Ban] <name>: started From: Fail2Ban <<sender>> To: <dest>\n Hi,\n @@ -23,7 +23,7 @@ # Notes.: command executed once at the end of Fail2Ban # Values: CMD # -actionstop = echo -en "Subject: [Fail2Ban] <name>: stopped +actionstop = printf %%b "Subject: [Fail2Ban] <name>: stopped From: Fail2Ban <<sender>> To: <dest>\n Hi,\n @@ -45,7 +45,7 @@ # <time> unix timestamp of the ban time # Values: CMD # -actionban = echo -en "Subject: [Fail2Ban] <name>: banned <ip> +actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> From: Fail2Ban <<sender>> To: <dest>\n Hi,\n This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-03-04 23:20:13
|
Revision: 661 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=661&view=rev Author: lostcontrol Date: 2008-03-04 15:20:10 -0800 (Tue, 04 Mar 2008) Log Message: ----------- - Replaced "reject" with "drop" in shorwall action. Fix #1854875 Modified Paths: -------------- branches/FAIL2BAN-0_8/ChangeLog branches/FAIL2BAN-0_8/config/action.d/shorewall.conf Modified: branches/FAIL2BAN-0_8/ChangeLog =================================================================== --- branches/FAIL2BAN-0_8/ChangeLog 2008-03-04 23:11:28 UTC (rev 660) +++ branches/FAIL2BAN-0_8/ChangeLog 2008-03-04 23:20:10 UTC (rev 661) @@ -38,6 +38,8 @@ - Added Mac OS/X startup script. Thanks to Bill Heaton. - Absorbed some Debian patches. Thanks to Yaroslav Halchenko. - Replaced "echo" with "printf" in actions. Fix #1839673 +- Replaced "reject" with "drop" in shorwall action. Fix + #1854875 ver. 0.8.1 (2007/08/14) - stable ---------- Modified: branches/FAIL2BAN-0_8/config/action.d/shorewall.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/shorewall.conf 2008-03-04 23:11:28 UTC (rev 660) +++ branches/FAIL2BAN-0_8/config/action.d/shorewall.conf 2008-03-04 23:20:10 UTC (rev 661) @@ -4,6 +4,14 @@ # # $Revision$ # +# The default Shorewall configuration is with "BLACKLISTNEWONLY=Yes" (see +# file /etc/shorewall/shorewall.conf). This means that when Fail2ban adds a +# new shorewall rule to ban an IP address, that rule will affect only new +# connections. So if the attempter goes on trying using the same connection +# he could even log in. In order to get the same behavior of the iptable +# action (so that the ban is immediate) the /etc/shorewall/shorewall.conf +# file should me modified with "BLACKLISTNEWONLY=No". +# [Definition] @@ -33,7 +41,7 @@ # <time> unix timestamp of the ban time # Values: CMD # -actionban = shorewall reject <ip> +actionban = shorewall drop <ip> # Option: actionunban # Notes.: command executed when unbanning an IP. Take care that the This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-03-05 21:56:28
|
Revision: 665 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=665&view=rev Author: lostcontrol Date: 2008-03-05 13:53:33 -0800 (Wed, 05 Mar 2008) Log Message: ----------- - Fixed Debian bug #468477 Modified Paths: -------------- branches/FAIL2BAN-0_8/ChangeLog branches/FAIL2BAN-0_8/config/filter.d/proftpd.conf Modified: branches/FAIL2BAN-0_8/ChangeLog =================================================================== --- branches/FAIL2BAN-0_8/ChangeLog 2008-03-05 21:47:59 UTC (rev 664) +++ branches/FAIL2BAN-0_8/ChangeLog 2008-03-05 21:53:33 UTC (rev 665) @@ -40,7 +40,7 @@ - Replaced "echo" with "printf" in actions. Fix #1839673 - Replaced "reject" with "drop" in shorwall action. Fix #1854875 -- Fixed Debian bug #456567 +- Fixed Debian bug #456567, #468477 ver. 0.8.1 (2007/08/14) - stable ---------- Modified: branches/FAIL2BAN-0_8/config/filter.d/proftpd.conf =================================================================== --- branches/FAIL2BAN-0_8/config/filter.d/proftpd.conf 2008-03-05 21:47:59 UTC (rev 664) +++ branches/FAIL2BAN-0_8/config/filter.d/proftpd.conf 2008-03-05 21:53:33 UTC (rev 665) @@ -14,10 +14,10 @@ # (?:::f{4,6}:)?(?P<host>\S+) # Values: TEXT # -failregex = \(\S+\[<HOST>\]\): USER \S+: no such user found from \S+ \[[0-9.]+\] to \S+:\S+$ - \(\S+\[<HOST>\]\): USER \S+ \(Login failed\): Incorrect password\.$ - \(\S+\[<HOST>\]\): SECURITY VIOLATION: \S+ login attempted\.$ - \(\S+\[<HOST>\]\): Maximum login attempts \(\d+\) exceeded$ +failregex = \(\S+\[<HOST>\]\)[: -]+ USER \S+: no such user found from \S+ \[[0-9.]+\] to \S+:\S+$ + \(\S+\[<HOST>\]\)[: -]+ USER \S+ \(Login failed\): Incorrect password\.$ + \(\S+\[<HOST>\]\)[: -]+ SECURITY VIOLATION: \S+ login attempted\.$ + \(\S+\[<HOST>\]\)[: -]+ Maximum login attempts \(\d+\) exceeded$ # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-03-05 21:56:45
|
Revision: 664 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=664&view=rev Author: lostcontrol Date: 2008-03-05 13:47:59 -0800 (Wed, 05 Mar 2008) Log Message: ----------- - Fixed Debian bug #456567 Modified Paths: -------------- branches/FAIL2BAN-0_8/ChangeLog branches/FAIL2BAN-0_8/MANIFEST branches/FAIL2BAN-0_8/config/filter.d/apache-badbots.conf Added Paths: ----------- branches/FAIL2BAN-0_8/config/filter.d/apache-overflows.conf Modified: branches/FAIL2BAN-0_8/ChangeLog =================================================================== --- branches/FAIL2BAN-0_8/ChangeLog 2008-03-05 21:47:14 UTC (rev 663) +++ branches/FAIL2BAN-0_8/ChangeLog 2008-03-05 21:47:59 UTC (rev 664) @@ -40,6 +40,7 @@ - Replaced "echo" with "printf" in actions. Fix #1839673 - Replaced "reject" with "drop" in shorwall action. Fix #1854875 +- Fixed Debian bug #456567 ver. 0.8.1 (2007/08/14) - stable ---------- Modified: branches/FAIL2BAN-0_8/MANIFEST =================================================================== --- branches/FAIL2BAN-0_8/MANIFEST 2008-03-05 21:47:14 UTC (rev 663) +++ branches/FAIL2BAN-0_8/MANIFEST 2008-03-05 21:47:59 UTC (rev 664) @@ -59,6 +59,7 @@ config/filter.d/apache-auth.conf config/filter.d/apache-badbots.conf config/filter.d/apache-noscript.conf +config/filter.d/apache-overflows.conf config/filter.d/courierlogin.conf config/filter.d/couriersmtp.conf config/filter.d/exim.conf Modified: branches/FAIL2BAN-0_8/config/filter.d/apache-badbots.conf =================================================================== --- branches/FAIL2BAN-0_8/config/filter.d/apache-badbots.conf 2008-03-05 21:47:14 UTC (rev 663) +++ branches/FAIL2BAN-0_8/config/filter.d/apache-badbots.conf 2008-03-05 21:47:59 UTC (rev 664) @@ -5,10 +5,12 @@ # # Author: Yaroslav Halchenko # +# $Revision: 658 $ +# [Definition] -badbotscustom = EmailCollector|WebEMailExtrac|TrackBack/1\.02 +badbotscustom = EmailCollector|WebEMailExtrac|TrackBack/1\.02|sogou music spider badbots = atSpider/1\.0|autoemailspider|China Local Browse 2\.6|ContentSmartz|DataCha0s/2\.0|DataCha0s/2\.0|DBrowse 1\.4b|DBrowse 1\.4d|Demo Bot DOT 16b|Demo Bot Z 16b|DSurf15a 01|DSurf15a 71|DSurf15a 81|DSurf15a VA|EBrowse 1\.4b|Educate Search VxB|EmailSiphon|EmailWolf 1\.00|ESurf15a 15|ExtractorPro|Franklin Locator 1\.8|FSurf15a 01|Full Web Bot 0416B|Full Web Bot 0516B|Full Web Bot 2816B|Industry Program 1\.0\.x|ISC Systems iRc Search 2\.1|IUPUI Research Bot v 1\.9a|LARBIN-EXPERIMENTAL \(efp@gmx\.net\)|LetsCrawl\.com/1\.0 +http\://letscrawl\.com/|Lincoln State Web Browser|LWP\:\:Simple/5\.803|Mac Finder 1\.0\.xx|MFC Foundation Class Library 4\.0|Microsoft URL Control - 6\.00\.8xxx|Missauga Locate 1\.0\.0|Missigua Locator 1\.9|Missouri College Browse|Mizzu Labs 2\.2|Mo College 1\.9|Mozilla/2\.0 \(compatible; NEWT ActiveX; Win32\)|Mozilla/3\.0 \(compatible; Indy Library\)|Mozilla/4\.0 \(compatible; Advanced Email Extractor v2\.xx\)|Mozilla/4\.0 \(compatible; Iplexx Spider/1\.0 http\://www\.iplexx\.at\)|Mozilla/4\.0 \(compatible; MSIE 5\.0; Windows NT; DigExt; DTS Agent|Mozilla/4\.0 efp@gmx\.net|Mozilla/5\.0 \(Version\: xxxx Type\:xx\)|MVAClient|NASA Search 1\.0|Nsauditor/1\.x|PBrowse 1\.4b|PEval 1\.4b|Poirot|Port Huron Labs|Production Bot 0116B|Production Bot 2016B|Production Bot DOT 3016B|Program Shareware 1\.0\.2|PSurf15a 11|PSurf15a 51|PSurf15a VA|psycheclone|RSurf15a 41|RSurf15a 51|RSurf15a 81|searchbot admin@google\.com|sogou spider|sohu agent|SSurf15a 11 |TSurf15a 11|Under the Rainbow 2\.2|User-Agent\: Mozilla/4\.0 \(compatible; MSIE 6\.0; Windows NT 5\.1\)|WebVulnCrawl\.blogspot\.com/1\.0 libwww-perl/5\.803|Wells Search II|WEP Search 00 # Option: failregex Added: branches/FAIL2BAN-0_8/config/filter.d/apache-overflows.conf =================================================================== --- branches/FAIL2BAN-0_8/config/filter.d/apache-overflows.conf (rev 0) +++ branches/FAIL2BAN-0_8/config/filter.d/apache-overflows.conf 2008-03-05 21:47:59 UTC (rev 664) @@ -0,0 +1,20 @@ +# Fail2Ban configuration file +# +# Author: Tim Connors +# +# $Revision: 658 $ +# + +[Definition] + +# Option: failregex +# Notes.: Regexp to catch Apache overflow attempts. +# Values: TEXT +# +failregex = [[]client <HOST>[]] (Invalid method in request|request failed: URI too long|erroneous characters after protocol string) + +# Option: ignoreregex +# Notes.: regex to ignore. If this regex matches, the line is ignored. +# Values: TEXT +# +ignoreregex = This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-03-05 22:23:39
|
Revision: 666 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=666&view=rev Author: lostcontrol Date: 2008-03-05 14:23:41 -0800 (Wed, 05 Mar 2008) Log Message: ----------- - Fixed Debian bug #462060 Modified Paths: -------------- branches/FAIL2BAN-0_8/ChangeLog branches/FAIL2BAN-0_8/MANIFEST Added Paths: ----------- branches/FAIL2BAN-0_8/config/action.d/iptables-multiport-log.conf Modified: branches/FAIL2BAN-0_8/ChangeLog =================================================================== --- branches/FAIL2BAN-0_8/ChangeLog 2008-03-05 21:53:33 UTC (rev 665) +++ branches/FAIL2BAN-0_8/ChangeLog 2008-03-05 22:23:41 UTC (rev 666) @@ -40,7 +40,7 @@ - Replaced "echo" with "printf" in actions. Fix #1839673 - Replaced "reject" with "drop" in shorwall action. Fix #1854875 -- Fixed Debian bug #456567, #468477 +- Fixed Debian bug #456567, #468477, #462060 ver. 0.8.1 (2007/08/14) - stable ---------- Modified: branches/FAIL2BAN-0_8/MANIFEST =================================================================== --- branches/FAIL2BAN-0_8/MANIFEST 2008-03-05 21:53:33 UTC (rev 665) +++ branches/FAIL2BAN-0_8/MANIFEST 2008-03-05 22:23:41 UTC (rev 666) @@ -79,6 +79,7 @@ config/action.d/iptables.conf config/action.d/iptables-allports.conf config/action.d/iptables-multiport.conf +config/action.d/iptables-multiport-log.conf config/action.d/iptables-new.conf config/action.d/mail.conf config/action.d/mail-buffered.conf Added: branches/FAIL2BAN-0_8/config/action.d/iptables-multiport-log.conf =================================================================== --- branches/FAIL2BAN-0_8/config/action.d/iptables-multiport-log.conf (rev 0) +++ branches/FAIL2BAN-0_8/config/action.d/iptables-multiport-log.conf 2008-03-05 22:23:41 UTC (rev 666) @@ -0,0 +1,78 @@ +# Fail2Ban configuration file +# +# Author: Guido Bozzetto +# Modified: Cyril Jaquier +# +# make "fail2ban-<name>" chain to match drop IP +# make "fail2ban-<name>-log" chain to log and drop +# insert a jump to fail2ban-<name> from -I INPUT if proto/port match +# +# $Revision: 658 $ +# + +[Definition] + +# Option: actionstart +# Notes.: command executed once at the start of Fail2Ban. +# Values: CMD +# +actionstart = iptables -N fail2ban-<name> + iptables -A fail2ban-<name> -j RETURN + iptables -I INPUT 1 -p <protocol> -m multiport --dports <port> -j fail2ban-<name> + iptables -N fail2ban-<name>-log + iptables -I fail2ban-<name>-log -j LOG --log-prefix "$(expr fail2ban-<name> : '\(.\{1,23\}\)'):DROP " --log-level warning -m limit --limit 6/m --limit-burst 2 + iptables -A fail2ban-<name>-log -j DROP + +# Option: actionstop +# Notes.: command executed once at the end of Fail2Ban +# Values: CMD +# +actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -j fail2ban-<name> + iptables -F fail2ban-<name> + iptables -F fail2ban-<name>-log + iptables -X fail2ban-<name> + iptables -X fail2ban-<name>-log + +# Option: actioncheck +# Notes.: command executed once before each actionban command +# Values: CMD +# +actioncheck = iptables -n -L fail2ban-<name>-log >/dev/null + +# Option: actionban +# Notes.: command executed when banning an IP. Take care that the +# command is executed with Fail2Ban user rights. +# Tags: <ip> IP address +# <failures> number of failures +# <time> unix timestamp of the ban time +# Values: CMD +# +actionban = iptables -I fail2ban-<name> 1 -s <ip> -j fail2ban-<name>-log + +# Option: actionunban +# Notes.: command executed when unbanning an IP. Take care that the +# command is executed with Fail2Ban user rights. +# Tags: <ip> IP address +# <failures> number of failures +# <time> unix timestamp of the ban time +# Values: CMD +# +actionunban = iptables -D fail2ban-<name> -s <ip> -j fail2ban-<name>-log + +[Init] + +# Defaut name of the chain +# +name = default + +# Option: port +# Notes.: specifies port to monitor +# Values: [ NUM | STRING ] Default: +# +port = ssh + +# Option: protocol +# Notes.: internally used by config reader for interpolations. +# Values: [ tcp | udp | icmp | all ] Default: tcp +# +protocol = tcp This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-03-05 22:35:06
|
Revision: 667 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=667&view=rev Author: lostcontrol Date: 2008-03-05 14:35:09 -0800 (Wed, 05 Mar 2008) Log Message: ----------- - Fixed Debian bug #461426 Modified Paths: -------------- branches/FAIL2BAN-0_8/ChangeLog branches/FAIL2BAN-0_8/MANIFEST Added Paths: ----------- branches/FAIL2BAN-0_8/config/filter.d/xinetd-fail.conf Modified: branches/FAIL2BAN-0_8/ChangeLog =================================================================== --- branches/FAIL2BAN-0_8/ChangeLog 2008-03-05 22:23:41 UTC (rev 666) +++ branches/FAIL2BAN-0_8/ChangeLog 2008-03-05 22:35:09 UTC (rev 667) @@ -40,7 +40,7 @@ - Replaced "echo" with "printf" in actions. Fix #1839673 - Replaced "reject" with "drop" in shorwall action. Fix #1854875 -- Fixed Debian bug #456567, #468477, #462060 +- Fixed Debian bug #456567, #468477, #462060, #461426 ver. 0.8.1 (2007/08/14) - stable ---------- Modified: branches/FAIL2BAN-0_8/MANIFEST =================================================================== --- branches/FAIL2BAN-0_8/MANIFEST 2008-03-05 22:23:41 UTC (rev 666) +++ branches/FAIL2BAN-0_8/MANIFEST 2008-03-05 22:35:09 UTC (rev 667) @@ -74,6 +74,7 @@ config/filter.d/vsftpd.conf config/filter.d/webmin-auth.conf config/filter.d/wuftpd.conf +config/filter.d/xinetd-fail.conf config/action.d/hostsdeny.conf config/action.d/ipfw.conf config/action.d/iptables.conf Added: branches/FAIL2BAN-0_8/config/filter.d/xinetd-fail.conf =================================================================== --- branches/FAIL2BAN-0_8/config/filter.d/xinetd-fail.conf (rev 0) +++ branches/FAIL2BAN-0_8/config/filter.d/xinetd-fail.conf 2008-03-05 22:35:09 UTC (rev 667) @@ -0,0 +1,30 @@ +# Fail2Ban configuration file +# +# Author: Guido Bozzetto +# +# $Revision: 663 $ +# + +[Definition] + +# Option: failregex +# Notes.: regex to match the password failures messages in the logfile. The +# host must be matched by a group named "host". The tag "<HOST>" can +# be used for standard IP/hostname matching and is only an alias for +# (?:::f{4,6}:)?(?P<host>\S+) +# Values: TEXT +# +# Cfr.: /var/log/(daemon\.|sys)log +# libwrap => tcp wrappers: hosts.(allow|deny) +# address => xinetd: deny_from|only_from +# load => xinetd: max_load (temporary problem) +# + +failregex = xinetd(?:\[\d{1,5}\])?: FAIL: \S+ address from=<HOST>$ + xinetd(?:\[\d{1,5}\])?: FAIL: \S+ libwrap from=<HOST>$ + +# Option: ignoreregex +# Notes.: regex to ignore. If this regex matches, the line is ignored. +# Values: TEXT +# +ignoreregex = This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-03-05 22:49:29
|
Revision: 669 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=669&view=rev Author: lostcontrol Date: 2008-03-05 14:49:29 -0800 (Wed, 05 Mar 2008) Log Message: ----------- - readline is now optional in fail2ban-client (not needed in fail2ban-server). Modified Paths: -------------- branches/FAIL2BAN-0_8/ChangeLog branches/FAIL2BAN-0_8/fail2ban-client Modified: branches/FAIL2BAN-0_8/ChangeLog =================================================================== --- branches/FAIL2BAN-0_8/ChangeLog 2008-03-05 22:37:20 UTC (rev 668) +++ branches/FAIL2BAN-0_8/ChangeLog 2008-03-05 22:49:29 UTC (rev 669) @@ -41,6 +41,8 @@ - Replaced "reject" with "drop" in shorwall action. Fix #1854875 - Fixed Debian bug #456567, #468477, #462060, #461426 +- readline is now optional in fail2ban-client (not needed in + fail2ban-server). ver. 0.8.1 (2007/08/14) - stable ---------- Modified: branches/FAIL2BAN-0_8/fail2ban-client =================================================================== --- branches/FAIL2BAN-0_8/fail2ban-client 2008-03-05 22:37:20 UTC (rev 668) +++ branches/FAIL2BAN-0_8/fail2ban-client 2008-03-05 22:49:29 UTC (rev 669) @@ -26,7 +26,7 @@ __license__ = "GPL" import sys, string, os, pickle, re, logging, signal -import getopt, time, readline, shlex, socket +import getopt, time, shlex, socket # Inserts our own modules path first in the list # fix for bug #343821 @@ -341,6 +341,11 @@ # Interactive mode if self.__conf["interactive"]: try: + import readline + except ImportError: + logSys.error("Readline not available") + return False + try: ret = True if len(args) > 0: ret = self.__processCommand(args) This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-03-05 23:06:24
|
Revision: 670 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=670&view=rev Author: lostcontrol Date: 2008-03-05 15:06:28 -0800 (Wed, 05 Mar 2008) Log Message: ----------- - Updated copyright. Modified Paths: -------------- branches/FAIL2BAN-0_8/fail2ban-client branches/FAIL2BAN-0_8/fail2ban-regex branches/FAIL2BAN-0_8/fail2ban-server Modified: branches/FAIL2BAN-0_8/fail2ban-client =================================================================== --- branches/FAIL2BAN-0_8/fail2ban-client 2008-03-05 22:49:29 UTC (rev 669) +++ branches/FAIL2BAN-0_8/fail2ban-client 2008-03-05 23:06:28 UTC (rev 670) @@ -66,7 +66,7 @@ def dispVersion(self): print "Fail2Ban v" + version print - print "Copyright (c) 2004-2006 Cyril Jaquier" + print "Copyright (c) 2004-2008 Cyril Jaquier" print "Copyright of modifications held by their respective authors." print "Licensed under the GNU General Public License v2 (GPL)." print Modified: branches/FAIL2BAN-0_8/fail2ban-regex =================================================================== --- branches/FAIL2BAN-0_8/fail2ban-regex 2008-03-05 22:49:29 UTC (rev 669) +++ branches/FAIL2BAN-0_8/fail2ban-regex 2008-03-05 23:06:28 UTC (rev 670) @@ -86,7 +86,7 @@ def dispVersion(): print "Fail2Ban v" + version print - print "Copyright (c) 2004-2006 Cyril Jaquier" + print "Copyright (c) 2004-2008 Cyril Jaquier" print "Copyright of modifications held by their respective authors." print "Licensed under the GNU General Public License v2 (GPL)." print Modified: branches/FAIL2BAN-0_8/fail2ban-server =================================================================== --- branches/FAIL2BAN-0_8/fail2ban-server 2008-03-05 22:49:29 UTC (rev 669) +++ branches/FAIL2BAN-0_8/fail2ban-server 2008-03-05 23:06:28 UTC (rev 670) @@ -58,7 +58,7 @@ def dispVersion(self): print "Fail2Ban v" + version print - print "Copyright (c) 2004-2006 Cyril Jaquier" + print "Copyright (c) 2004-2008 Cyril Jaquier" print "Copyright of modifications held by their respective authors." print "Licensed under the GNU General Public License v2 (GPL)." print This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-03-05 23:18:03
|
Revision: 672 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=672&view=rev Author: lostcontrol Date: 2008-03-05 15:18:06 -0800 (Wed, 05 Mar 2008) Log Message: ----------- - Updated e-mail Modified Paths: -------------- branches/FAIL2BAN-0_8/fail2ban-client branches/FAIL2BAN-0_8/fail2ban-regex branches/FAIL2BAN-0_8/fail2ban-server branches/FAIL2BAN-0_8/files/cacti/README Modified: branches/FAIL2BAN-0_8/fail2ban-client =================================================================== --- branches/FAIL2BAN-0_8/fail2ban-client 2008-03-05 23:12:41 UTC (rev 671) +++ branches/FAIL2BAN-0_8/fail2ban-client 2008-03-05 23:18:06 UTC (rev 672) @@ -70,7 +70,7 @@ print "Copyright of modifications held by their respective authors." print "Licensed under the GNU General Public License v2 (GPL)." print - print "Written by Cyril Jaquier <los...@us...>." + print "Written by Cyril Jaquier <cyr...@fa...>." print "Many contributions by Yaroslav O. Halchenko <de...@on...>." def dispUsage(self): @@ -98,7 +98,7 @@ printFormatted() print - print "Report bugs to <los...@us...>" + print "Report bugs to <cyr...@fa...>" def dispInteractive(self): print "Fail2Ban v" + version + " reads log file that contains password failure report" Modified: branches/FAIL2BAN-0_8/fail2ban-regex =================================================================== --- branches/FAIL2BAN-0_8/fail2ban-regex 2008-03-05 23:12:41 UTC (rev 671) +++ branches/FAIL2BAN-0_8/fail2ban-regex 2008-03-05 23:18:06 UTC (rev 672) @@ -90,7 +90,7 @@ print "Copyright of modifications held by their respective authors." print "Licensed under the GNU General Public License v2 (GPL)." print - print "Written by Cyril Jaquier <los...@us...>." + print "Written by Cyril Jaquier <cyr...@fa...>." print "Many contributions by Yaroslav O. Halchenko <de...@on...>." dispVersion = staticmethod(dispVersion) @@ -119,7 +119,7 @@ print " string a string representing an 'ignoreregex'" print " filename path to a filter file (filter.d/sshd.conf)" print - print "Report bugs to <los...@us...>" + print "Report bugs to <cyr...@fa...>" dispUsage = staticmethod(dispUsage) def getCmdLineOptions(self, optList): Modified: branches/FAIL2BAN-0_8/fail2ban-server =================================================================== --- branches/FAIL2BAN-0_8/fail2ban-server 2008-03-05 23:12:41 UTC (rev 671) +++ branches/FAIL2BAN-0_8/fail2ban-server 2008-03-05 23:18:06 UTC (rev 672) @@ -62,7 +62,7 @@ print "Copyright of modifications held by their respective authors." print "Licensed under the GNU General Public License v2 (GPL)." print - print "Written by Cyril Jaquier <los...@us...>." + print "Written by Cyril Jaquier <cyr...@fa...>." print "Many contributions by Yaroslav O. Halchenko <de...@on...>." def dispUsage(self): @@ -85,7 +85,7 @@ print " -h, --help display this help message" print " -V, --version print the version" print - print "Report bugs to <los...@us...>" + print "Report bugs to <cyr...@fa...>" def __getCmdLineOptions(self, optList): """ Gets the command line options Modified: branches/FAIL2BAN-0_8/files/cacti/README =================================================================== --- branches/FAIL2BAN-0_8/files/cacti/README 2008-03-05 23:12:41 UTC (rev 671) +++ branches/FAIL2BAN-0_8/files/cacti/README 2008-03-05 23:18:06 UTC (rev 672) @@ -4,7 +4,7 @@ |_| \__,_|_|_/___|_.__/\__,_|_||_| ============================================================= -Fail2Ban (version 0.7.7) 2007/??/?? +Fail2Ban (version 0.8.2) 2008/03/06 ============================================================= Cacti is a graphing solution using RRDTool. It is possible to @@ -13,7 +13,7 @@ Installation: ------------- -1/ Install Fail2ban version 0.7 or higher and ensure that it +1/ Install Fail2ban version 0.8 or higher and ensure that it works properly. 2/ The user running poller.php must have read and write access to the socket used by Fail2ban. @@ -30,7 +30,7 @@ Website: http://www.fail2ban.org -Cyril Jaquier: <los...@us...> +Cyril Jaquier: <cyr...@fa...> License: -------- This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-03-05 23:19:39
|
Revision: 673 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=673&view=rev Author: lostcontrol Date: 2008-03-05 15:19:45 -0800 (Wed, 05 Mar 2008) Log Message: ----------- - Updated for 0.8.2 Modified Paths: -------------- branches/FAIL2BAN-0_8/ChangeLog branches/FAIL2BAN-0_8/README branches/FAIL2BAN-0_8/common/version.py branches/FAIL2BAN-0_8/man/fail2ban-client.1 branches/FAIL2BAN-0_8/man/fail2ban-regex.1 branches/FAIL2BAN-0_8/man/fail2ban-server.1 Modified: branches/FAIL2BAN-0_8/ChangeLog =================================================================== --- branches/FAIL2BAN-0_8/ChangeLog 2008-03-05 23:18:06 UTC (rev 672) +++ branches/FAIL2BAN-0_8/ChangeLog 2008-03-05 23:19:45 UTC (rev 673) @@ -4,10 +4,10 @@ |_| \__,_|_|_/___|_.__/\__,_|_||_| ============================================================= -Fail2Ban (version 0.8.2) 2008/??/?? +Fail2Ban (version 0.8.2) 2008/03/06 ============================================================= -ver. 0.8.2 (2008/??/??) - stable +ver. 0.8.2 (2008/03/06) - stable ---------- - Fixed named filter. Thanks to Yaroslav Halchenko - Fixed wrong path for apache-auth in jail.conf. Thanks to Modified: branches/FAIL2BAN-0_8/README =================================================================== --- branches/FAIL2BAN-0_8/README 2008-03-05 23:18:06 UTC (rev 672) +++ branches/FAIL2BAN-0_8/README 2008-03-05 23:19:45 UTC (rev 673) @@ -4,7 +4,7 @@ |_| \__,_|_|_/___|_.__/\__,_|_||_| ============================================================= -Fail2Ban (version 0.8.2) 2007/??/?? +Fail2Ban (version 0.8.2) 2008/03/06 ============================================================= Fail2Ban scans log files like /var/log/pwdfail and bans IP @@ -62,7 +62,7 @@ Website: http://www.fail2ban.org -Cyril Jaquier: <los...@us...> +Cyril Jaquier: <cyr...@fa...> Thanks: ------- @@ -76,7 +76,7 @@ Michael C. Haller, Jonathan Underwood, Hanno 'Rince' Wagner, Daniel B. Cid, David Nutter, Raphaël Marichez, Guillaume Delvit, Vaclav Misek, Adrien Clerc, Michael Hanselmann, -Vincent Deffontaines, Bill Heaton +Vincent Deffontaines, Bill Heaton and many others. License: -------- Modified: branches/FAIL2BAN-0_8/common/version.py =================================================================== --- branches/FAIL2BAN-0_8/common/version.py 2008-03-05 23:18:06 UTC (rev 672) +++ branches/FAIL2BAN-0_8/common/version.py 2008-03-05 23:19:45 UTC (rev 673) @@ -24,4 +24,4 @@ __copyright__ = "Copyright (c) 2004 Cyril Jaquier" __license__ = "GPL" -version = "0.8.1-SVN" +version = "0.8.2" Modified: branches/FAIL2BAN-0_8/man/fail2ban-client.1 =================================================================== --- branches/FAIL2BAN-0_8/man/fail2ban-client.1 2008-03-05 23:18:06 UTC (rev 672) +++ branches/FAIL2BAN-0_8/man/fail2ban-client.1 2008-03-05 23:19:45 UTC (rev 673) @@ -1,11 +1,12 @@ .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.36. -.TH FAIL2BAN-CLIENT "1" "August 2007" "fail2ban-client v0.8.1" "User Commands" +.TH FAIL2BAN-CLIENT "1" "March 2008" "fail2ban-client v0.8.2" "User Commands" .SH NAME fail2ban-client \- configure and control the server +.SH SYNOPSIS +.B fail2ban-client +[\fIOPTIONS\fR] \fI<COMMAND>\fR .SH DESCRIPTION -[?1034hUsage: ../fail2ban\-client [OPTIONS] <COMMAND> -.PP -Fail2Ban v0.8.1 reads log file that contains password failure report +Fail2Ban v0.8.2 reads log file that contains password failure report and bans the corresponding IP addresses using firewall rules. .SH OPTIONS .TP @@ -45,6 +46,9 @@ \fBreload\fR reloads the configuration .TP +\fBreload <JAIL>\fR +reloads the jail <JAIL> +.TP \fBstop\fR stops all jails and terminate the server @@ -109,18 +113,6 @@ removes <FILE> to the monitoring list of <JAIL> .TP -\fBset <JAIL> timeregex <REGEX>\fR -sets the regular expression -<REGEX> to match the date format -for <JAIL>. This will disable the -autodetection feature. -.TP -\fBset <JAIL> timepattern <PATTERN>\fR -sets the pattern <PATTERN> to -match the date format for <JAIL>. -This will disable the -autodetection feature. -.TP \fBset <JAIL> addfailregex <REGEX>\fR adds the regular expression <REGEX> which must match failures @@ -256,12 +248,12 @@ .SH FILES \fI/etc/fail2ban/*\fR .SH AUTHOR -Written by Cyril Jaquier <los...@us...>. +Written by Cyril Jaquier <cyr...@fa...>. Many contributions by Yaroslav O. Halchenko <de...@on...>. .SH "REPORTING BUGS" -Report bugs to <los...@us...> +Report bugs to <cyr...@fa...> .SH COPYRIGHT -Copyright \(co 2004-2006 Cyril Jaquier +Copyright \(co 2004-2008 Cyril Jaquier .br Copyright of modifications held by their respective authors. Licensed under the GNU General Public License v2 (GPL). Modified: branches/FAIL2BAN-0_8/man/fail2ban-regex.1 =================================================================== --- branches/FAIL2BAN-0_8/man/fail2ban-regex.1 2008-03-05 23:18:06 UTC (rev 672) +++ branches/FAIL2BAN-0_8/man/fail2ban-regex.1 2008-03-05 23:19:45 UTC (rev 673) @@ -1,12 +1,12 @@ .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.36. -.TH FAIL2BAN-REGEX "1" "August 2007" "fail2ban-regex v0.8.1" "User Commands" +.TH FAIL2BAN-REGEX "1" "March 2008" "fail2ban-regex v0.8.2" "User Commands" .SH NAME fail2ban-regex \- test Fail2ban "failregex" option .SH SYNOPSIS .B fail2ban-regex [\fIOPTIONS\fR] \fI<LOG> <REGEX> \fR[\fIIGNOREREGEX\fR] .SH DESCRIPTION -Fail2Ban v0.8.1 reads log file that contains password failure report +Fail2Ban v0.8.2 reads log file that contains password failure report and bans the corresponding IP addresses using firewall rules. .PP This tools can test regular expressions for "fail2ban". @@ -39,12 +39,12 @@ \fBfilename\fR path to a filter file (filter.d/sshd.conf) .SH AUTHOR -Written by Cyril Jaquier <los...@us...>. +Written by Cyril Jaquier <cyr...@fa...>. Many contributions by Yaroslav O. Halchenko <de...@on...>. .SH "REPORTING BUGS" -Report bugs to <los...@us...> +Report bugs to <cyr...@fa...> .SH COPYRIGHT -Copyright \(co 2004-2006 Cyril Jaquier +Copyright \(co 2004-2008 Cyril Jaquier .br Copyright of modifications held by their respective authors. Licensed under the GNU General Public License v2 (GPL). Modified: branches/FAIL2BAN-0_8/man/fail2ban-server.1 =================================================================== --- branches/FAIL2BAN-0_8/man/fail2ban-server.1 2008-03-05 23:18:06 UTC (rev 672) +++ branches/FAIL2BAN-0_8/man/fail2ban-server.1 2008-03-05 23:19:45 UTC (rev 673) @@ -1,12 +1,12 @@ .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.36. -.TH FAIL2BAN-SERVER "1" "August 2007" "fail2ban-server v0.8.1" "User Commands" +.TH FAIL2BAN-SERVER "1" "March 2008" "fail2ban-server v0.8.2" "User Commands" .SH NAME fail2ban-server \- start the server .SH SYNOPSIS .B fail2ban-server [\fIOPTIONS\fR] .SH DESCRIPTION -Fail2Ban v0.8.1 reads log file that contains password failure report +Fail2Ban v0.8.2 reads log file that contains password failure report and bans the corresponding IP addresses using firewall rules. .PP Only use this command for debugging purpose. Start the server with @@ -32,12 +32,12 @@ \fB\-V\fR, \fB\-\-version\fR print the version .SH AUTHOR -Written by Cyril Jaquier <los...@us...>. +Written by Cyril Jaquier <cyr...@fa...>. Many contributions by Yaroslav O. Halchenko <de...@on...>. .SH "REPORTING BUGS" -Report bugs to <los...@us...> +Report bugs to <cyr...@fa...> .SH COPYRIGHT -Copyright \(co 2004-2006 Cyril Jaquier +Copyright \(co 2004-2008 Cyril Jaquier .br Copyright of modifications held by their respective authors. Licensed under the GNU General Public License v2 (GPL). This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-03-06 00:18:50
|
Revision: 675 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=675&view=rev Author: lostcontrol Date: 2008-03-05 16:18:55 -0800 (Wed, 05 Mar 2008) Log Message: ----------- - Prepared for future 0.8.3 Modified Paths: -------------- branches/FAIL2BAN-0_8/ChangeLog branches/FAIL2BAN-0_8/README branches/FAIL2BAN-0_8/common/version.py Modified: branches/FAIL2BAN-0_8/ChangeLog =================================================================== --- branches/FAIL2BAN-0_8/ChangeLog 2008-03-05 23:22:44 UTC (rev 674) +++ branches/FAIL2BAN-0_8/ChangeLog 2008-03-06 00:18:55 UTC (rev 675) @@ -4,9 +4,13 @@ |_| \__,_|_|_/___|_.__/\__,_|_||_| ============================================================= -Fail2Ban (version 0.8.2) 2008/03/06 +Fail2Ban (version 0.8.3) 2008/??/?? ============================================================= +ver. 0.8.3 (2008/??/??) - stable +---------- + + ver. 0.8.2 (2008/03/06) - stable ---------- - Fixed named filter. Thanks to Yaroslav Halchenko Modified: branches/FAIL2BAN-0_8/README =================================================================== --- branches/FAIL2BAN-0_8/README 2008-03-05 23:22:44 UTC (rev 674) +++ branches/FAIL2BAN-0_8/README 2008-03-06 00:18:55 UTC (rev 675) @@ -4,7 +4,7 @@ |_| \__,_|_|_/___|_.__/\__,_|_||_| ============================================================= -Fail2Ban (version 0.8.2) 2008/03/06 +Fail2Ban (version 0.8.3) 2008/??/?? ============================================================= Fail2Ban scans log files like /var/log/pwdfail and bans IP @@ -28,8 +28,8 @@ To install, just do: -> tar xvfj fail2ban-0.8.2.tar.bz2 -> cd fail2ban-0.8.2 +> tar xvfj fail2ban-0.8.3.tar.bz2 +> cd fail2ban-0.8.3 > python setup.py install This will install Fail2Ban into /usr/share/fail2ban. The Modified: branches/FAIL2BAN-0_8/common/version.py =================================================================== --- branches/FAIL2BAN-0_8/common/version.py 2008-03-05 23:22:44 UTC (rev 674) +++ branches/FAIL2BAN-0_8/common/version.py 2008-03-06 00:18:55 UTC (rev 675) @@ -24,4 +24,4 @@ __copyright__ = "Copyright (c) 2004 Cyril Jaquier" __license__ = "GPL" -version = "0.8.2" +version = "0.8.2-SVN" This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <los...@us...> - 2008-03-06 00:21:46
|
Revision: 676 http://fail2ban.svn.sourceforge.net/fail2ban/?rev=676&view=rev Author: lostcontrol Date: 2008-03-05 16:21:52 -0800 (Wed, 05 Mar 2008) Log Message: ----------- - Process failtickets as long as failmanager is not empty. Modified Paths: -------------- branches/FAIL2BAN-0_8/ChangeLog branches/FAIL2BAN-0_8/server/filtergamin.py branches/FAIL2BAN-0_8/server/filterpoll.py Modified: branches/FAIL2BAN-0_8/ChangeLog =================================================================== --- branches/FAIL2BAN-0_8/ChangeLog 2008-03-06 00:18:55 UTC (rev 675) +++ branches/FAIL2BAN-0_8/ChangeLog 2008-03-06 00:21:52 UTC (rev 676) @@ -9,8 +9,8 @@ ver. 0.8.3 (2008/??/??) - stable ---------- +- Process failtickets as long as failmanager is not empty. - ver. 0.8.2 (2008/03/06) - stable ---------- - Fixed named filter. Thanks to Yaroslav Halchenko Modified: branches/FAIL2BAN-0_8/server/filtergamin.py =================================================================== --- branches/FAIL2BAN-0_8/server/filtergamin.py 2008-03-06 00:18:55 UTC (rev 675) +++ branches/FAIL2BAN-0_8/server/filtergamin.py 2008-03-06 00:21:52 UTC (rev 676) @@ -108,8 +108,9 @@ if self.__modified: try: - ticket = self.failManager.toBan() - self.jail.putFailTicket(ticket) + while True: + ticket = self.failManager.toBan() + self.jail.putFailTicket(ticket) except FailManagerEmpty: self.failManager.cleanup(MyTime.time()) self.dateDetector.sortTemplate() Modified: branches/FAIL2BAN-0_8/server/filterpoll.py =================================================================== --- branches/FAIL2BAN-0_8/server/filterpoll.py 2008-03-06 00:18:55 UTC (rev 675) +++ branches/FAIL2BAN-0_8/server/filterpoll.py 2008-03-06 00:21:52 UTC (rev 676) @@ -103,8 +103,9 @@ if self.__modified: try: - ticket = self.failManager.toBan() - self.jail.putFailTicket(ticket) + while True: + ticket = self.failManager.toBan() + self.jail.putFailTicket(ticket) except FailManagerEmpty: self.failManager.cleanup(MyTime.time()) self.dateDetector.sortTemplate() This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |