github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
605 Commits
34 Branches
229 Tags
21 MiB
Commit Graph

605 Commits (_tent/ipv6_via_aInfo)

Author SHA1 Message Date
Yaroslav Halchenko b14257f27f BF: Thanks to insights from Rogerio -- handle both aInfo and cInfo and replicate cmds if no key provided 2011-04-28 23:06:27 -04:00
Yaroslav Halchenko 28b44d2655 NF: Mockup for handling complex additional Init parameters in actions 
So we could have substitutions tags chosen according to values of other tags,
e.g. in this case ipv (IP version) tag would be added by fail2ban
internally

novo# grep  -e '^[^#]' /etc/fail2ban/action.d/iptables-multiport.conf
[Definition]
actionstart = <actioncmd> -N fail2ban-<name>
              <actioncmd> -A fail2ban-<name> -j RETURN
              <actioncmd> -I <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
actionstop = <actioncmd> -D <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
             <actioncmd> -F fail2ban-<name>
             <actioncmd> -X fail2ban-<name>
actioncheck = <actioncmd> -n -L <chain> | grep -q fail2ban-<name>
actionban = <actioncmd> -I fail2ban-<name> 1 -s <ip> -j DROP
actionunban = <actioncmd> -D fail2ban-<name> -s <ip> -j DROP

[Init]
name = default
port = ssh
protocol = tcp
chain = INPUT
actioncmd/ipv = 4="iptables", 6="ip6tables"
 2011-04-27 22:54:03 -04:00
Yaroslav Halchenko 6d25310e28 ENH: Adding author for dovecot filter and prunning unneeded space in the regexp 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@776 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 21:38:26 +00:00
Yaroslav Halchenko eab9af9caa BF: proftpd filter -- if login failed -- count regardless of the reason for failure 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@775 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:37:19 +00:00
Yaroslav Halchenko d4b89d8404 BF: Allow for trailing spaces in proftpd logs 
See http://bugs.debian.org/507986

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@774 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:37:10 +00:00
Yaroslav Halchenko 1cb48bbc96 BF: escaping () in pure-ftpd filter. Thanks Teodor 
See http://bugs.debian.org/544744

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@773 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:37:00 +00:00
Yaroslav Halchenko 02e7dfb099 BF: allow space in the trailing of failregex for sasl.conf: see http://bugs.debian.org/573314 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@772 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:36:50 +00:00
Yaroslav Halchenko 3831fbf98b ENH: add <chain> to action.d/iptables*. Thanks Matthijs Kooijman: see http://bugs.debian.org/515599 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@771 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:36:41 +00:00
Yaroslav Halchenko 6558c03f8e NF: Adding found on a drive filter.d/dovecot.conf 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@770 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:36:28 +00:00
Yaroslav Halchenko 10faba5163 ENH: make filter.d/apache-overflows.conf catch more: see http://bugs.debian.org/574182 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@769 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:36:17 +00:00
Yaroslav Halchenko 0073ba3838 ENH: dropbear filter: see http://bugs.debian.org/546913 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@768 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:36:08 +00:00
Yaroslav Halchenko 638bb66523 BF: Use /var/run/fail2ban instead of /tmp for temp files in actions: see http://bugs.debian.org/544232 
It should be robust since /var/run/fail2ban is guaranteed to exist to carry the
socket file, and it will be owned by root (or some other dedicated fail2ban
user) thus avoiding possibility for the exploit

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@767 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:35:56 +00:00
Yaroslav Halchenko 7b54c7b33b spellcheck jail.conf. Thanks Christoph Anton Mitterer 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@766 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2010-09-27 13:18:32 +00:00
Yaroslav Halchenko 521631cfcc default ignoreip to ignore entire loopback zone (/8): see http://bugs.debian.org/598200 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@765 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2010-09-27 13:10:48 +00:00
Yaroslav Halchenko 12304f7a3e Tai64N stores time in GMT, we need to convert to local time before returning 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@764 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2010-09-27 13:10:40 +00:00
Yaroslav Halchenko 2a38820ed6 debug entry for lines ignored due to falling below findtime (v2) 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@763 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2010-09-21 17:52:44 +00:00
Yaroslav Halchenko dabe3aeae1 disabling entirely named-refused-udp jail with a big fat warning 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@761 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2010-06-29 01:34:08 +00:00
Arturo 'Buanzo' Busleiman 7aad6685af added time module. bug reported in buanzo's blog at http://blogs.buanzo.com.ar/2009/04/fail2ban-patch-ban-ip-address-manually.html 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@758 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2010-03-04 17:15:12 +00:00
Cyril Jaquier 8007a02539 - Patch to make log file descriptors cloexec to stop leaking file descriptors on 
fork/exec. Thanks to Jonathan Underwood. https://bugzilla.redhat.com/show_bug.cgi?id=230191#c24

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@757 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-12-15 22:57:54 +00:00
Cyril Jaquier 46313ca7e5 - Changed to SVN version. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@756 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-12-15 22:54:57 +00:00
Cyril Jaquier 0bc43bde31 - Release 0.8.4. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@754 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-09-07 19:13:45 +00:00
Cyril Jaquier 6c2ce35f8c - Oups... Forgot the ChangeLog... 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@753 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-09-01 21:29:13 +00:00
Cyril Jaquier a3d6ae19f6 - Check the inode number for rotation in addition to checking the first line of the file. Thanks to Jonathan Kamens. 
- Red Hat Bugzilla - Bug 503852
- SF.net Bug #2800279.

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@752 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-09-01 21:21:30 +00:00
Cyril Jaquier c480304c8e - Fixed typo. Thanks to Dudi Goldenberg. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@751 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-09-01 20:25:32 +00:00
Arturo 'Buanzo' Busleiman 3e3a68f9de added traceback to asyncserver.py's import. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@750 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-09-01 17:33:04 +00:00
Arturo 'Buanzo' Busleiman 6d1fa0cf1d Added item about logging subsystem shutdown being moved, to Changelog. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@749 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-08-31 14:42:45 +00:00
Arturo 'Buanzo' Busleiman 5945ca09ae moved logging shutdown out of quit(), into end of start() in server.py 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@748 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-08-31 14:14:02 +00:00
Arturo 'Buanzo' Busleiman b91595dd11 Disabled jail lighttpd-fastcgi by default. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@747 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-08-31 13:57:32 +00:00
Cyril Jaquier 833c5413af - Added entry for "Ban IP" command. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@746 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-08-30 21:07:37 +00:00
Arturo 'Buanzo' Busleiman a1a106a27e added "Ban IP" command to fail2ban branch 0.8 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@745 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-08-30 18:26:15 +00:00
Cyril Jaquier a354050913 - Added two new filters: lighttpd-fastcgi and php-url-fopen. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@744 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-08-30 14:49:16 +00:00
Cyril Jaquier f0f96a6cfd - Moved last entries in the config/ part. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@743 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-08-30 14:21:41 +00:00
Arturo 'Buanzo' Busleiman dde7afe1f3 added two new filter files (PHP url_fopen, lighttpd fastcgi alerts), updated MANIFEST and jail.conf accordingly 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@742 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-08-30 14:17:29 +00:00
Cyril Jaquier 9c05632dd8 - Added svn:keywords property. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@741 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-08-30 14:13:04 +00:00
Cyril Jaquier b88956e898 - Added helper module in common. 
- Moved formatExceptionInfo by Buanzo to common/helpers.py.

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@740 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-08-30 14:03:18 +00:00
Arturo 'Buanzo' Busleiman 81e2fe8306 added 'unexpected communication error' fix to ChangeLog. Added formatExceptionInfo to server/asyncserver.py 
We should move that function to a helpers module.


git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@739 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-08-30 13:51:17 +00:00
Arturo 'Buanzo' Busleiman b2f0bfe751 added missing import sys to asyncserver.py 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@738 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-08-30 13:36:04 +00:00
Arturo 'Buanzo' Busleiman 08a36ca657 more readable code for python version comparison 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@737 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-08-30 13:32:19 +00:00
Arturo 'Buanzo' Busleiman fd898c9eac added python version detection to asyncore.loop(use_poll=True|False) 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@736 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-08-30 13:27:52 +00:00
Arturo 'Buanzo' Busleiman e09fad559a Fix for python 2.6 / 3.0 incompatibility 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@735 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-08-30 00:36:40 +00:00
Cyril Jaquier 53886e91b3 - Use 80 columns. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@732 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-02-09 22:36:11 +00:00
Cyril Jaquier 0cf733e878 - Fixed maxretry/findtime rate. Many thanks to Christos Psonis. Tracker #2019714. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@731 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-02-09 22:08:21 +00:00
Cyril Jaquier 55fd21ec4b - Made the named-refused regex a bit less restrictive in order to match logs with "view". Thanks to Stephen Gildea. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@730 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-02-09 20:27:35 +00:00
Cyril Jaquier 3155bc8f03 - Use timetuple instead of utctimetuple for ISO 8601. Maybe not a 100% correct fix but seems to work. Tracker #2500276. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@729 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-02-08 19:50:44 +00:00
Cyril Jaquier abd061bad8 - Changed <HOST> template to be more restrictive. Debian bug #514163. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@728 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-02-08 17:31:24 +00:00
Cyril Jaquier 7fd0300a73 - Added cyrus-imap and sieve filters. Thanks to Jan Wagner. Debian bug #513953. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@727 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-02-03 22:37:46 +00:00
Cyril Jaquier 376f348823 - Pull a commit from Yaroslav git repo. BF: addressing added bang to ssh log (closes: #512193). 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@726 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-02-03 21:56:03 +00:00
Cyril Jaquier e86e7d002e - Added missing semi-colon in the bind9 example. Thanks to Yaroslav Halchenko. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@725 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-02-03 21:51:32 +00:00
Cyril Jaquier e16c18d091 - Added NetBSD ipfilter (ipf command) action. Thanks to Ed Ravin. Tracker #2484115. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@724 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-01-27 23:39:38 +00:00
Cyril Jaquier e46e8ed32e - Improved SASL filter. Thanks to Loic Pefferkorn. Tracker #2310410. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@723 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-01-27 23:35:46 +00:00