github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5998 Commits
32 Branches
229 Tags
34 MiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Commit Graph

1016 Commits (master)

Author SHA1 Message Date
sebres 54c0effceb filter.d/sshd.conf: amend to #3747/#3812 (new ssh version would log with `_COMM=sshd-session`)
3 months ago
sebres c769046a1f Revert "`filterd./sshd.conf`: fixed journalmatch (sshd.service seems to be renamed to ssh.service)" - it'd patched in debian branch.
3 months ago
sebres 8e0a2366f0 Fixes unmatched tag (caused unmatched brace); review: combined to single regex, simple case without injection attempts faster, `<HOST>` replaced with `<ADDR>` (faster and fewer vulnerable on complex cases, since doesn't match text as hostname) etc.
3 months ago
Maksim Usmanov | Maks 35afe20ea0
Roundcube 1.4 change log format
3 months ago
sebres 9a558589d7 review (anchoring RE, etc)
4 months ago
Jose 83f2d59eee match numbers
4 months ago
Jose 07a7da8d8e Remove greedy catch-all before HOST
4 months ago
Jose ca45671db2 Add support to Proxmox Web GUI
4 months ago
sebres 93810fff75 consider CONNECT and other rejected commands as a valid `_pref`;
4 months ago
Sergey G. Brester 50ff131a0f
filter.d/sshd.conf: ungroup (unneeded for _daemon)
5 months ago
Fabian Dellwing 2fed408c05 Adjust sshd filter for OpenSSH 9.8 new daemon name
5 months ago
sebres 59c5e78ce9 `filter.d/apache-overflows.conf` - consider AH10244: invalid URI path;
5 months ago
sebres a7f3a04b0e `filter.d/recidive.conf` - restore possibility to set jail name in the filter, _jailname is positive now (but by default it uses now negative lookahead to exclude recidive jail);
5 months ago
Sergey G. Brester 6fce23e7ba
`filterd./sshd.conf`: fixed journalmatch (sshd.service seems to be renamed to ssh.service)
6 months ago
sebres 2c13cba73d loosening for denied suffix (would match no matter which reason in parenthesis);
8 months ago
Rudimar Remontti fd7657f9a9 Update named-refused.conf
8 months ago
sebres 1ec9237e53 bypass additional pid in prefix (may be logged by syslog-ng, gh-3060); matches protocol error with authentication mechanism not supported
8 months ago
sebres c80908837f `filter.d/exim.conf`:
8 months ago
Vladimir Varlamov 8da0a99cde pid part may contain full hostname
8 months ago
Vladimir Varlamov 806a27cb4f final `<HOST>` to `<ADDR>` conversion
8 months ago
sebres e605415f61 simplify fields-group a bit (everything up to 4 chars long but H), so it'll be faster (no multiple branches) as well as would theoretically accept future enhancements of logged fields.
8 months ago
sebres c22a83933b let's use `<ADDR>` instead `<HOST>` - only IPs expected, since host-name bypassed before it (directly after H=)
8 months ago
Vladimir Varlamov df94ec4c52 filter.d/exim.conf: rewrite host line regex for all varied exim's log_selector states
8 months ago
Anton Samets 0c125ec9c9
filter.d/postfix.conf: add Sender address rejected: Malformed DNS server reply (#3590)
8 months ago
Sergey G. Brester f63868b3e8
filter.d/apache-common.conf: remote besides client, gh-3622
8 months ago
Vincent Laffargue d260ed31d2 Maintain backward compatibility Postfix SYSTEMD_UNIT
9 months ago
Sergey G. Brester dd3c78ecab
filter.d/recidive.conf: conditional RE depending on logtype (for file or journal)
9 months ago
Vincent Laffargue 0b63fc312d Change Regex Recidive and journalmatch For Systemd Match
9 months ago
Vincent Laffargue 93082ead79 Change journalmatch postfix
9 months ago
Sergey G. Brester 45d7f3cb97
no space in any case
9 months ago
László Károlyi ff701e94c3
Add to postfix syslog daemon format
9 months ago
sebres 4f679a56e0 filter.d/sshd.conf: ddos/aggressive mode extended to match new messages caused by port scanner, wrong payload on ssh port:
9 months ago
sebres 3190febb27 IPv6 fix (second IP logged in form for IPv6); pam authentication failure (part of gh-3410)
11 months ago
sebres 093cd763ce filter.d/postfix.conf: "rejected" extended to match "Access denied" too;
11 months ago
sebres ff4a2a12fc filter.d/postfix.conf: avoid double counting ('lost connection after AUTH' together with message 'disconnect ...');
11 months ago
sebres 0abba5dc6e more filters for nginx error-log supporting journal format now, added generalized include and __prefix_line
12 months ago
sebres b245225b13 filter.d/nginx-http-auth.conf: added optional prefix to support systemd-journal format and additional timestamp (optionally) in prefix
12 months ago
Yaroslav Halchenko 8ef0d3c7a9 [DATALAD RUNCMD] run codespell throughout fixing typo automagically
1 year ago
Yaroslav Halchenko 81b2eb32d6 Add pragma to ignore a codespell-detected typoin postfix.conf
1 year ago
Sergey G. Brester eed319e896
gh-3604: filter.d/slapd.conf - switched to single-line processing
1 year ago
Sergey G. Brester 183f805ae3
amend
1 year ago
Sergey G. Brester 7931b67325
mysqld-auth.conf: better RE, optional suffix, non-capturing groups
1 year ago
Aliaksandr Yurchyk c55e9949dc
Fix issue with Mariadb 10.3 failed message
1 year ago
sebres eebef0089c avoid double counting for "maximum authentication attempts exceeded" ("Disconnecting ..." is no failure anymore, now it's helper only);
1 year ago
Sergey G. Brester 809b904106
filter.d/exim.conf: fixes "dropped: too many ..." regex and also matches unrecognized commands new vector
2 years ago
Sergey G. Brester 9cbf59c827
anchored datepattern and added journalmatch (if monitoring systemd journal)
2 years ago
Vít Kabele a2c77429b9 New filter: routeros-auth.conf (Closes #3469)
2 years ago
Sergey G. Brester efbbcb41ea
non capturing group
2 years ago
Sergey G. Brester 996553f330
review, simplify regex and capture user name
2 years ago
Andrey Alekseenko df91b047d2 Dante SOCKS server: handle "1 byte/second" case
2 years ago