github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge remote-tracking branch 'origin/master' 

* origin/master:
  ipjailmatches is on one line with its description in man jail.conf
  Added a space between IP address and the following colon
pull/1050/merge
Yaroslav Halchenko 2015-07-26 22:47:20 -04:00
parent 333dd842f9 b566f992a6
commit 65cd218e10
10 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -50,6 +50,8 @@ ver. 0.9.3 (2015/XX/XXX) - wanna-be-released
* filter.d/apache-badbots.conf, filter.d/nginx-botsearch.conf - add * filter.d/apache-badbots.conf, filter.d/nginx-botsearch.conf - add
HEAD method verb HEAD method verb
* Revamp of Travis and coverage automated testing * Revamp of Travis and coverage automated testing
* Added a space between IP address and the following colon
in notification emails for easier text selection
* Character detection heuristics for whois output via optional setting * Character detection heuristics for whois output via optional setting
in mail-whois*.conf. Thanks Thomas Mayer. in mail-whois*.conf. Thanks Thomas Mayer.
Not enabled by default, if _whois_command is set to be Not enabled by default, if _whois_command is set to be

2
config/action.d/mail-whois-lines.conf
View File

@ -43,7 +43,7 @@ actioncheck =
actionban = printf %%b "Hi,\n actionban = printf %%b "Hi,\n
The IP <ip> has just been banned by Fail2Ban after The IP <ip> has just been banned by Fail2Ban after
<failures> attempts against <name>.\n\n <failures> attempts against <name>.\n\n
Here is more information about <ip>:\n Here is more information about <ip> :\n
`%(_whois_command)s`\n\n `%(_whois_command)s`\n\n
Lines containing IP:<ip> in <logpath>\n Lines containing IP:<ip> in <logpath>\n
`grep -E '(^|[^0-9])<ip>([^0-9]|$)' <logpath>`\n\n `grep -E '(^|[^0-9])<ip>([^0-9]|$)' <logpath>`\n\n

2
config/action.d/mail-whois.conf
View File

@ -43,7 +43,7 @@ actioncheck =
actionban = printf %%b "Hi,\n actionban = printf %%b "Hi,\n
The IP <ip> has just been banned by Fail2Ban after The IP <ip> has just been banned by Fail2Ban after
<failures> attempts against <name>.\n\n <failures> attempts against <name>.\n\n
Here is more information about <ip>:\n Here is more information about <ip> :\n
`%(_whois_command)s`\n `%(_whois_command)s`\n
Regards,\n Regards,\n
Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from `uname -n`" <dest> Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from `uname -n`" <dest>

2
config/action.d/sendmail-geoip-lines.conf
View File

@ -26,7 +26,7 @@ actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
Hi,\n Hi,\n
The IP <ip> has just been banned by Fail2Ban after The IP <ip> has just been banned by Fail2Ban after
<failures> attempts against <name>.\n\n <failures> attempts against <name>.\n\n
Here is more information about <ip>:\n Here is more information about <ip> :\n
http://bgp.he.net/ip/<ip> http://bgp.he.net/ip/<ip>
http://www.projecthoneypot.org/ip_<ip> http://www.projecthoneypot.org/ip_<ip>
http://whois.domaintools.com/<ip>\n\n http://whois.domaintools.com/<ip>\n\n

2
config/action.d/sendmail-whois-ipjailmatches.conf
View File

@ -23,7 +23,7 @@ actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
Hi,\n Hi,\n
The IP <ip> has just been banned by Fail2Ban after The IP <ip> has just been banned by Fail2Ban after
<failures> attempts against <name>.\n\n <failures> attempts against <name>.\n\n
Here is more information about <ip>:\n Here is more information about <ip> :\n
`/usr/bin/whois <ip>`\n\n `/usr/bin/whois <ip>`\n\n
Matches for <name> with <ipjailfailures> failures IP:<ip>\n Matches for <name> with <ipjailfailures> failures IP:<ip>\n
<ipjailmatches>\n\n <ipjailmatches>\n\n

2
config/action.d/sendmail-whois-ipmatches.conf
View File

@ -23,7 +23,7 @@ actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
Hi,\n Hi,\n
The IP <ip> has just been banned by Fail2Ban after The IP <ip> has just been banned by Fail2Ban after
<failures> attempts against <name>.\n\n <failures> attempts against <name>.\n\n
Here is more information about <ip>:\n Here is more information about <ip> :\n
`/usr/bin/whois <ip>`\n\n `/usr/bin/whois <ip>`\n\n
Matches with <ipfailures> failures IP:<ip>\n Matches with <ipfailures> failures IP:<ip>\n
<ipmatches>\n\n <ipmatches>\n\n

2
config/action.d/sendmail-whois-lines.conf
View File

@ -23,7 +23,7 @@ actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
Hi,\n Hi,\n
The IP <ip> has just been banned by Fail2Ban after The IP <ip> has just been banned by Fail2Ban after
<failures> attempts against <name>.\n\n <failures> attempts against <name>.\n\n
Here is more information about <ip>:\n Here is more information about <ip> :\n
`/usr/bin/whois <ip> || echo missing whois program`\n\n `/usr/bin/whois <ip> || echo missing whois program`\n\n
Lines containing IP:<ip> in <logpath>\n Lines containing IP:<ip> in <logpath>\n
`grep -E '(^|[^0-9])<ip>([^0-9]|$)' <logpath>`\n\n `grep -E '(^|[^0-9])<ip>([^0-9]|$)' <logpath>`\n\n

2
config/action.d/sendmail-whois-matches.conf
View File

@ -23,7 +23,7 @@ actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
Hi,\n Hi,\n
The IP <ip> has just been banned by Fail2Ban after The IP <ip> has just been banned by Fail2Ban after
<failures> attempts against <name>.\n\n <failures> attempts against <name>.\n\n
Here is more information about <ip>:\n Here is more information about <ip> :\n
`/usr/bin/whois <ip>`\n\n `/usr/bin/whois <ip>`\n\n
Matches:\n Matches:\n
<matches>\n\n <matches>\n\n

2
config/action.d/sendmail-whois.conf
View File

@ -23,7 +23,7 @@ actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
Hi,\n Hi,\n
The IP <ip> has just been banned by Fail2Ban after The IP <ip> has just been banned by Fail2Ban after
<failures> attempts against <name>.\n\n <failures> attempts against <name>.\n\n
Here is more information about <ip>:\n Here is more information about <ip> :\n
`/usr/bin/whois <ip> || echo missing whois program`\n `/usr/bin/whois <ip> || echo missing whois program`\n
Regards,\n Regards,\n
Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest> Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>

2
man/jail.conf.5
View File

@ -279,7 +279,7 @@ concatenated string of the log file lines of the matches that generated the ban.
.B ipmatches .B ipmatches
As per \fBmatches\fR, but includes all lines for the IP which are contained with the fail2ban persistent database. Therefore the database must be set for this tag to function. As per \fBmatches\fR, but includes all lines for the IP which are contained with the fail2ban persistent database. Therefore the database must be set for this tag to function.
.TP .TP
.B ipjailmatches\ .B ipjailmatches
As per \fBipmatches\fR, but matches are limited for the IP and for the current jail. As per \fBipmatches\fR, but matches are limited for the IP and for the current jail.
.SH "PYTHON ACTION FILES" .SH "PYTHON ACTION FILES"