
Copyright (c) 2022 Jim Seymour (jseymour+sshguard@LinxNet.com)

attack_parser_re ChangeLog

2022-03-19

    . Corrected erroneous documentation in .../examples/ config
      files.  The macro "<IPV_ANY_ADDR>" was mistakenly
      documented as "<IPV_ALL_ADDR>".

2022-03-12

    . Began working on improving portability between sshguard-1.7.0
      and 2.4.x.  (HowTo updated to reflect this.)
    . Expanded and improved commenting in code
    . Integration diff moved from .../examples to .../extras
    . HowTo build improvements
    . Added HowTo section on how to create parsing regexps
    . Added expanded -h (help) to atre-parser (atre_parser.c)

2022-03-10

    . Removed include of sshguard.h.  All it did for us was define
      DEFAULT_ATTACKS_DANGEROUSNESS, which is defined locally in
      later versions of sshguard's .../src/parser/attack_parser.c,
      anyway.  Now attack_parser_re.c does the same.
    . Removed include of sshguard_log.h.  Didn't need it anymore.
    . Removed include of address.h, as it's included by attack.h

2022-03-08

    . Completely re-worked atre-parser command-line interface to make
      it more sensible and flexible.

2022-03-08

    . Fixed bug in atre-parser not being able to tell the difference
      between an interrupted fgets() call (e.g.: Due to a SIGUSR1) and
      EOF.
    . atre-test removed

2022-03-06

    . Created atre-parser: A drop-in replacement for sshguard-2.4.2's
      default parser.
    . atre-test is now redundant, thus deprecated and will soon be
      removed.  (Actually, with some options it's now b0rk3d.)
    . Added a syslog abstraction function to attack_parser_re.c and a
      "use_syslog" flag.  Logging messages now go to either stderr or
      syslog as a run-time decision.
    . This version tested but not deployed

2022-02-30

    . Added IP address macros for regexp config
      files. (Tested but not deployed.)
    . Removed source_id parameter in parse_line_re().
      (Seemed to have no purpose and it was removed from parse_line()
      as of sshguard-2.4.2 [or before?].)

2022-02-30

    . Eliminated potential problem of a valid
      regexp being pruned for too few sub-strings being captured.
    . Added support for parsing IPv4mapped6 IP
      addresses

2022-03-29

    . Merged native PCRE development into
      POSIX/PCREPOSIX code
    . Began much-needed code cleanup
    . Fixed IPv4/IPv6 mis-parcing detection
    . Added pcre_fullinfo() check to regcomp() so
      attack regexp specification mistakes can be caught at config time,
      rather than runtime. (if USE_NATIVE_PCRE)

2022-03-27

    . Added stat() of running config file so it's only
      reloaded if the modification time changed since the last (re-)read.
    . Improved attack_parser_re_init(),
      reload_attack_parser_re_conf() and attack_parser_re_cleaner() for
      better support for re-loading config file.
    . attack_parser_re_init() no longer bails-out on a
      fatal config error if it's a running re-config.  Instead the prior
      config is retained.

2022-03-25

    . Found and eliminated setfault-y bugs in code that
      removes faulty regexp list elements in attack_parser_re()
    . Fixed attack_parser_re() return value

2022-03-23

    . Added dangerousness parameter to regex config file
      syntax
    . Added additional service lookups (from sshguard-2.4.2)
    . Added support for sshguard-2.4.2 style regression
      testing to atre-test.c
    . Expanded atre-test usage message

2022-03-21

    . Removed reload_attack_parser_re_conf() call from
      atre-test.c:main()
    . Moved test files to "test" directory
    . Created example config files in "examples" directory
    . atre-test now takes input from named file or stdin
    . Changed atre-test non-diagnostic/-debugging output to
      stdout

2022-03-20

    . Added support for building for PCRE regexps
    . Fixed bug in atre-test:main() switch/case statement

2022-03-18

    . Separated stand-alone debug code into atre-test.c
    . Removed "self-compile" lines in attack_parser_re.c
    . Various minor re-writes to facilitate the above
    . Re-wrote Makefile

2022-03-17

    . Happy St. Patrick's Day!
    . Removed extraneous newline from verbose logging
      in attack_parser_re()
    . Prefixed debug sshguard_log() messages with "log_"
      to distinguish from debug messages
    . Added file-global logging verbosity level
    . Added logging verbosity paramter to attack_parser_re_init()
    . Fixed config file path remembery
    . Expanded debug executable (main()) to include options
      for alternate config file, to specify input file, and added debugging
      and verbosity level options.

2022-03-14

    . Happy Pi Day!
    . Improved regexps in attack_parser_re.conf
    . Fixed fatal bug in fatal_n()  (how ironic, eh?)
    . Added detail for error in opening/reading config file
    . Added detection logging to attack_parser_re()
    . Made atre_service_to_name() global

2022-03-13

    . Replaced #if DEBUG/#endif with debugging flag test
    . Added sshg_debugging parameter to read_attack_parser_re_conf()
      (N.B.: Sets file-global variable for use by all atre funcs)
    . Added error-checking to attack_parser_re_cleaner()
    . Renamed
	read_attack_parser_re_conf() -> attack_parser_re_init()
	reread_attack_parser_re_conf() -> reload_attack_parser_re()
    . Changed ATRE config filename macros
    . Changed "dbg:" debug output prefixen to "func_name():"
    . Renamed service_to_name() -> atre_service_to_name() and
      made static/local to attack_parser_re.  (Obviously this can be
      replaced by service_to_name() in subsequent sshguard revisions.

2022-03-12

    . Added sshguard_log() calls in place of prior warn_n() messaging
      to stderr
    . fatal_n() now emits fatal error messages to sshguard_log()
      and stderr
    . Added pointer-to-pointer to regexp list head to
      read_attack_parser_conf() to allow for on-the-fly (runtime) re-config
      without restarting app
    . Added reread_attack_parser_conf() function
    . Added short-circuiting of list search to svc_name_to_code()
    . Added local service_to_name() for debugging
    . Added code to remove faulty regexp list entries from run-time
      config
    . Fixed declaration of main() in test code (Doh!)
    . Added #include <ctype.h> to attack_parser_re.c
    . Created Makefile . Created ChangeLog

2022-03-10

    . Now uses sshguard's address.h and attack.h defs
    . Added service name -> code mapping function
    . Added IP type/kind code
    . Added my own (for now) service_to_name() (only used for debug)

2022-03-09

    . Eleminated several FIXME's
    . Fixed a couple bugs-in-waiting
    . Improved logic flow in regex parsing code
    . Added more should-fail test expressions to example run-time
      config and test input data

2022-03-08

    . Original Created

