summaryrefslogtreecommitdiff
path: root/fail2ban/helpers.py
Commit message (Collapse)AuthorAgeFilesLines
* filtertestcase.py: byte related copy of lines in tests (locale independent); ↵sebres2023-04-041-0/+3
| | | | closes gh-2936
* extractOptions: ensure options are parsed completely - avoids unexpected ↵sebres2021-02-031-3/+9
| | | | | | skip or truncate of parameters, produces more verbose error message in case of incorrect syntax; added more tests covering several cases WARN: potential incompatibility (since it doesn't silently ignore wrong syntax anymore)
* amend to 39d4bb3c35ffb3bc6cdead5ecb58b3377f87867c (#2758): better reaction ↵sebres2020-09-091-2/+3
| | | | on broken pipe (on long output), don't close stdout explicitly (allows usage of modules like cProfile, which outputs result on exit), just flush it before exit.
* action in jail-config extended to consider space as separator now ↵sebres2020-09-021-1/+1
| | | | | | (splitWithOptions separates by space between mains words, but not in options), so defining `action = a b` would specify 2 actions `a` and `b`; it is additionally more precise now (see fixed typo with closed bracket `]` instead of comma in testServerReloadTest)
* substituteRecursiveTags: more precise self- or cyclic-recursion prevention ↵sebres2020-08-261-6/+8
| | | | (don't clear replacement counts of tags, rather consider replacement count by tax X in tag Y)
* amend to e786dbf132689133c29671871718a97f93b8912a: removes space between ↵sebres2020-05-261-1/+1
| | | | | | name and [pid] by normal non-verbose logging, padding without truncate now; test coverage for getVerbosityFormat; closes #2734
* fail2ban-regex: stop endless logging on closed streams (redirected pipes ↵sebres2020-02-031-0/+35
| | | | like `... | head -n 100`), exit if stdout channel is closed
* closes gh-2599: fixes `splitwords` for unicode stringsebres2020-01-131-1/+1
|
* avoid unhandled exception during flush, better invariant check (and repair), ↵sebres2019-12-271-2/+10
| | | | avoid repair by unban/stop etc...
* amend to f3dbc9dda10e52610e3de26f538b5581fd905505: don't need truncate (if ↵sebres2019-12-121-2/+4
| | | | the name with \0 exceeds 16 bytes, the string is silently truncated by prctl).
* set real thread names (used for identification and diagnostic purposes, e. ↵sebres2019-12-121-0/+24
| | | | g. top -H, ps -e -T, pstree, etc)
* Fixed action parameter `timeout`: it is a time (integer), so avoid to ↵sebres2018-09-271-1/+1
| | | | | | convert it to string (for replacement); fix substituteRecursiveTags using auto-convert to string. Closes gh-2241.
* fixes initialization bug if sys.stdout.encoding is None (closes gh-2177).sebres2018-07-111-2/+1
|
* relocate exception-safe logging from database json-handler to common logger ↵sebres2018-07-051-0/+29
| | | | | | | | handling, using injection on _log-method of Logger class; additionally provides more info if handler/conversion failed (with double protection inside catch-case); tests/utils.py: log handler "_MemHandler" of LogCaptureTestCase fixed now to be safe also (test-cases only); tests/misctestcase.py: the safe logging of all possible constellations is covered in testSafeLogging now.
* typo/indent fix (no functional changes)sebres2018-07-051-1/+1
|
* coveragesebres2018-07-041-4/+4
|
* a bit optimized helperssebres2018-07-041-5/+5
|
* minimize influence of implicit conversions errors (between unicode, bytes ↵sebres2018-07-041-42/+61
| | | | and str), provide new universal helper `uni_string`, which uses safe explicit conversion to string (also if default encoding is ascii); avoid conversion errors on wrong-chars by replace tags.
* **interim** try to fix several conversion errorssebres2018-06-291-1/+23
|
* normalize bool conversion, introduced common helper function `_as_bool`sebres2018-04-261-0/+4
|
* New logging parameter `padding`, default enabled, excepting the SYSLOG (for ↵sebres2018-04-031-1/+8
| | | | | | backwards compatibility purposes); Closes gh-2099.
* shutdown sockets before close, avoid socket leakage by use of the explicit ↵sebres2018-03-021-1/+3
| | | | | | | | socket close in async_chat; better error handling with error counting, differentiate special case ([Errno 24] Too many open files), with resulting stop of the server (avoid flood the log file, closes gh-991 and similar issues); restored auto-garbage, because of non-reference-counting python's (like pypy), otherwise it may leak there on objects like unix-socket, etc.
* DOC: minor typos spotted around comments etcYaroslav Halchenko2018-01-221-1/+1
|
* move extractOptions from JailReader to helpers (common usage server- / ↵sebres2017-12-051-0/+28
| | | | client-side);
* added new logtarget "SYSOUT" to log from fail2ban working in foreground as ↵sebres2017-11-261-2/+4
| | | | systemd-service (in opposite to "STDOUT" don't log time-stamps).
* avoid using "ANSI_X3.4-1968" as preferred encoding, if missing environment ↵sebres2017-08-181-0/+4
| | | | | | | | | variables 'LANGUAGE', 'LC_ALL', 'LC_CTYPE', and 'LANG' (especially critical if default value `encoding = auto` configured). As PoC and coverage (this case fails without this "fix"): $ env -i PATH="$PATH" bin/fail2ban-testcases --fast --no-network testAddBanInvalidEncoded
* code review, increase coverage, etc.sebres2017-03-131-0/+30
|
* [Important] Prohibit replacement of recursive "tags" in the action info ↵sebres2017-03-131-2/+4
| | | | | | | resp. calling map (very bad idea to do this): - the calling map contains normally dynamic values only (no recursive tags); - recursive replacement can be vulnerable, because can contain foreign (user) input captured from log (will be replaced in the shell arguments);
* [BF] prevents always converting of calling map items in replaceTag (without ↵sebres2017-03-131-0/+3
| | | | | | direct access of item): substituteRecursiveTags: ignore replacing callable items from calling map - should be converted on demand only (by get)
* small amend with several fixes and test coveragesebres2017-02-161-16/+19
|
* substituteRecursiveTags optimization + moved in helpers facilities (because ↵sebres2017-02-161-0/+99
| | | | currently used commonly in server and in client)
* standardize and normalize logging and verbosity formats, logging level etc ↵sebres2016-09-291-1/+13
| | | | | | | between command lines (server, client, test-cases); test cases could pass (so increase) verbosity to the client (and furthermore client to the server also), usable for debug purposes resp. simplifying read of the log-file; custom and precise numeric log-levels can be given in test cases now;
* switch down log level for some annoying messages to tracedebug or heavydebug ↵sebres2016-09-221-0/+10
| | | | | | | (to 7 or even 5); added verification of specified log-level before transmitting to the server; numeric log-level allowed now in server (resp. fail2ban.conf);
* normalize usage of preferred encoding (and decode any to string);sebres2016-09-091-0/+34
| | | | | python 3.x compatibility (used uni_decode for string representation of stdout/stderr, unified test cases) amend for #1542
* Merge branch 'master' into 0.10sebres2016-05-231-3/+3
|\ | | | | | | | | | | # Conflicts: # fail2ban/client/jailreader.py # fail2ban/helpers.py
| * splitwords: prevent to split to empty values by multiple separator ↵sebres2016-05-231-1/+1
| | | | | | | | characters together
| * ENH: splitcommaspace -> splitwords allow to split ignoreip entries with new ↵Yaroslav Halchenko2016-05-211-3/+3
| | | | | | | | | | | | lines Closes #1432
* | background servicing (temporally executed from failmanager): prevents memory ↵sebres2015-12-291-3/+53
|/ | | | | | leak on some platforms/python versions, using forced GC in periodic intervals (latency and threshold); Side effect: GC is disabled now inside fail2ban-server (to avoid multiple garbage collect)
* ENH: allow to split ignoreip by space and/or comma (Closes #1197)Yaroslav Halchenko2015-09-231-0/+10
| | | | Way too many people ran into this gotcha, so lets just do it
* Fix PEP8 E302 expected 2 blank lines, found XLee Clemens2015-07-041-0/+6
|
* BF: Fix getLogger for single level log level namesSteven Hiscocks2014-06-101-1/+3
|
* ENH: Rename fail2ban_excepthook to excepthookSteven Hiscocks2014-06-101-1/+1
|
* ENH: Tweak naming of getF2BLogger, and ensure consistent useSteven Hiscocks2014-06-101-2/+2
|
* ENH: Log unhandled exceptions to Fail2Ban logSteven Hiscocks2014-06-091-0/+7
|
* ENH: Realign and harmonise log messages with getF2BLogger helperSteven Hiscocks2014-06-091-0/+5
|
* ENH: Move traceback formatter to from tests.utils to helpersSteven Hiscocks2014-04-181-1/+82
| | | | Now allows for tests to be removed from package if desired
* MRG: 0.8.11 to 0.9Daniel Black2013-11-021-15/+3
| | | | | | Epnoc of selinux is now true UTC Merge multiline support and date detection in filter
* Merge tag '0.8.9' into 0.9 (quite a bit of conflicts "resolved")Yaroslav Halchenko2013-05-131-5/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Release 0.8.9 * tag '0.8.9': BF: add missing files to MANIFEST (I think we shoult not rely on sdist anyways -- 'git tag' tarballs are more thorough ;) ) All the (version) updates for the release of 0.8.9 BF: (travis) relax the test for needed to be presented installed directories -- allow new BF: (travis) if tests ran under coverage -- there is a traceback parts to report (thus > would be present) ENH: also print the failing traceback line in case of failure ENH: include explicit list of new files which should not be there upon "install --root" ENH: now we know that logging handlers closing was still buggy in 2.6.2 ENH: issue a warning if jail name is longer than 19 symbols (Close #222) DOC: inline commends with ';' are in effect only if ';' follows as space BF: Fix for filterpoll incorrectly checking for jailless state ENH: strengthen detection of working pyinotify ENH: use the same python executable for setup.py test ENH: actually tune up TraceBack to determine "unittest" portions of the stack across all python releases TST: Some primarily smoke tests for tests utils TST: cover few more lines in fail2banreader.py ENH: basic test for setup.py itself (when applicable, should greatly improve coverage ;) ) ENH: consistent operation of formatExceptionInfo + unittest for it ENH: point to the status of master branch on travis Conflicts: ChangeLog MANIFEST README.md fail2ban/version.py -- all of the above obvious version changes below files primarily needed just a bit of help in resolution config/jail.conf fail2ban/server/filterpoll.py fail2ban/server/server.py fail2ban/tests/servertestcase.py and following were more difficult -- git wasn't able to track renames/moves of the code fail2ban-testcases -- needed to introduce those changes to tests/utils.py testcases/clientreadertestcase.py -- manually applied patch from master testcases/utils.py -- manually applied patch from master
* Merge branch 'master' into 0.9Yaroslav Halchenko2013-05-081-2/+0
| | | | | | | | | | * master: ENH: close files in _test_move_into_file ENH: remove use of $Revision and $Date SVN tags Add README.Solaris into distribution Conflicts: client/actionreader.py
* Merge branch 'master' into 0.9Yaroslav Halchenko2013-05-081-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * master: (51 commits) ENH: Use real (resolving) example.com instead of test.example.com DOC: Slight tune ups to ChangeLog -- we must release! Changelog entries for the latest merges BF: add bash-completion to MANIFEST DOC: ChangeLog for default action type change ENH: consolidate where blocktype is defined for iptables rules BF: default type to unreachable ENH: separate out regex and escape a . ENH: logs/sshd -- have ":" after [daemon] (other uses are uncommon) ENH: logs/sshd -- use example.com as the resolved hostname in sample log lines ENH: filter.d/sshd.conf -- allow for trailing "via IP" in logs DOC: Drop sudo from bash-completion DOC: Added bash-completion script ENH: add blocktype to all relevant actions. Also default the rejection to a ICMP reject rather than a drop ENH: Removed unused log line ENH: logrotate file BF: missed MANIFEST include BF: missed MANIFEST include BF: missed MANIFEST include ENH: some form of logrotate based on what distros are doing ... Conflicts: ChangeLog MANIFEST client/actionreader.py config/jail.conf fail2ban/server/datedetector.py fail2ban/tests/datedetectortestcase.py
View Lorry Controller Status