github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
6,149 Commits
34 Branches
230 Tags
21 MiB
Commit Graph

6149 Commits (0265df854e0db07d79da735e2a9bf4aee86f7975)

Author SHA1 Message Date
sebres 0265df854e silence skipping tests output for python versions that basically can not have the modules 2025-08-23 22:00:03 +02:00
sebres a3d181c973 `filter.d/dovecot.conf`: new matches in `aggressive` mode: 
- new variant for `no auth attempts in X secs` with `Login aborted` and `(no_auth_attempts)`;
- covered `disconnected during TLS handshake` with `no application protocol` and `no shared cipher`.
 2025-08-23 20:22:08 +02:00
sebres 002719dca4 ChangeLog update 2025-08-23 20:18:59 +02:00
sebres c26fda9dbb `filter.d/dovecot.conf`: new matches in `aggressive` mode: 
- new variant for `no auth attempts in X secs` with `Login aborted` and `(no_auth_attempts)`;
- covered `disconnected during TLS handshake` with `no application protocol` and `no shared cipher`.
 2025-08-23 20:16:40 +02:00
sebres bdb5d99906 Log `Repeal Ban` instead of `Unban` on stop action, jail or fail2ban, because the tickets are "unbanned" temporary (till restart); 
closes gh-4057
 2025-08-19 11:37:01 +02:00
sebres 4e22c20559 fixes `ignoreip` prefix `file://` - it shall resolve absolute file name (starting with `/`) unless it starts with `./`; 
relative paths are based relative the working dir;
to use it relative current config root (normally `/etc/fail2ban`), one can use interpolation `%(fail2ban_confpath)s`, e.g.:
  file://%(fail2ban_confpath)s/ignore-ipaddr-file
 2025-08-12 23:46:10 +02:00
sebres 3ce6f344e3 fixes beautifier `get` `ignoreip` (explicit convert to string) 2025-08-12 23:26:42 +02:00
Sergey G. Brester bf4903538d
update ChangeLog (enhancement from #3291) 2025-08-08 10:29:02 +02:00
Sergey G. Brester 77ba28bae1
Merge pull request #3291 from ttyS4/patch-1 
nftables.conf - add support for cidr notation and address ranges
 2025-08-08 10:23:08 +02:00
Sergey G. Brester dc3268ce5d
servertestcase.py: adjust test coverage 2025-08-08 10:16:01 +02:00
Sergey G. Brester eb80b895d1
provides flags interval as `addr_options` now 2025-08-08 10:10:40 +02:00
Bill 6120a731d9
update nginx limit-req filter again (#4048) 
amend to #4047 - removes unused ngx_limit_con_zones parameter.
 2025-08-04 21:16:26 +02:00
Sergey G. Brester e16e982a45
Merge pull request #4047 from billfor/nginx 
Update nginx-limit-req filter (extended to ban hosts failed by limit connection in ngx_http_limit_conn_module);
closes gh-3674
 2025-08-04 11:34:35 +02:00
Sergey G. Brester dd58d440bc
Update ChangeLog 2025-08-04 11:32:10 +02:00
Sergey G. Brester e6516fd2b3
combine 2 REs to single regex 
closes gh-3674
 2025-08-04 11:24:51 +02:00
bill 0a91bf69a5 add filter for delayed requests and connection limiting 2025-08-04 00:27:45 -04:00
sebres d86a7aecca amend to #3979: removed mistaken double pipes in group matches 2025-07-31 17:38:28 +02:00
sebres ff3eca1d61 * Merge pull request #3527 from vafgoettlich/master 
(partial merge, only postfix-backend)
 2025-07-24 11:17:05 +02:00
sebres 0b255a8723 Merge pull request #3527 from vafgoettlich/master 
(partial merge, only postfix-backend)
 2025-07-24 11:14:03 +02:00
Sergey G. Brester 793d0c6555
Merge pull request #4037 from kusaka-0107/fix/asterisk-conf-regex 
filter.d/asterisk: fix regex to match "No matching endpoint found" with retry info (like `after X tries in Y ms`)
 2025-07-20 15:17:17 +02:00
Sergey G. Brester 7bb86822d0
Update ChangeLog 2025-07-20 15:15:38 +02:00
Sergey G. Brester 6d3bfa8781
revert RE back, but relive the end-anchor a bit (ignore any text without single quote, so also preventing false match by injection on foreign data) 2025-07-20 15:04:15 +02:00
177ac b309cf6b3c Add test line 2025-07-20 18:06:33 +09:00
177ac e97df4672a filter.d/asterisk: fix regex to match "No matching endpoint found" with retry info 2025-07-20 18:05:35 +09:00
sebres 1c2ace2958 GHA: update python 3.14.0-beta.4 2025-07-13 01:08:50 +02:00
sebres b710d5b6c7 `filter.d/sendmail-reject.conf` - also recognize "Domain of sender address ... does not resolve"; 
closes gh-4035
 2025-07-13 01:03:53 +02:00
sebres dc899e438f avoid error "Unable to get failures" by stop (if file gets removed from filter, but filter already entered getFailures for the file); 
closes gh-4032
 2025-07-07 01:04:35 +02:00
sebres 86b9adb2f5 workflows/publish.yml: amend (allow manual trigger for publishing) 2025-06-16 22:09:46 +02:00
sebres 85faeab644 workflows/publish.yml: flow to publish package on pypi 2025-06-16 21:55:58 +02:00
Sergey G. Brester 9ef134c17d
Merge pull request #4016 from nabbi/dovecot-2.4 
add Dovecot 2.4 support
 2025-06-15 18:09:40 +02:00
Sergey G. Brester 8a4f373617
integrate new RE in already existing (combine new and old format) 2025-06-15 18:07:43 +02:00
Nic Boet 646832d5bd dovecot 2.4 into changelog 
Signed-off-by: Nic Boet <nic@boet.cc>
 2025-06-13 17:00:47 -05:00
Nic Boet 04ff4c060c Dovecot 2.4 filter support 
Dovecot 2.4 release is a major upgrade
Logger event structure has changed, all messages are now
prefixed with:

        "Login aborted: " <reason> "auth failed"

Maintain 2.3 support as many folks have yet to migrate,
community edition is still receiving cretial security patches

Dovecot 2.4.1
Python 3.12.10

Signed-off-by: Nic Boet <nic@boet.cc>
 2025-06-13 16:44:57 -05:00
Sergey G. Brester cfa3356e0f
Merge pull request #4001 from sebres/f2b-regex--inverted-out 
fail2ban-regex: new feature `-i` or `--invert` to output not-matched lines by `-o` or `--out`
 2025-06-03 22:23:19 +02:00
sebres 4254d6bcd3 man and changelog 2025-06-03 22:19:54 +02:00
Sergey G. Brester afe9bc08ec
Merge pull request #4006 from pzl/smtp-py-wrap 
Line-wrap long messages in smtp.py
 2025-06-02 12:40:45 +02:00
pzl a5d7127109
construct smtp.py email wrap long lines 
RFC 5322 2.1.1 requires <=998 chars per line.
If matches are included, and are very long lines,
the email will be rejected. Constructing the mail
as a message instead of a subpart (mimetext) fixes this
 2025-05-20 14:55:03 -04:00
sebres cca2de984f fail2ban-regex: implemented new feature `-i` or `--invert` - inverting the sense of matching, to output non-matching lines. 2025-05-06 18:15:05 +02:00
Sergey G. Brester f7aaaf50b8
`filter.d/exim.conf`: colon must be outside of F-RCPT group 2025-04-27 23:00:09 +02:00
sebres f0a083449a coverage for non zero journalflags 2025-04-24 00:12:26 +02:00
sebres 9ecf6150c8 increase max wait time a bit - some (systemd) tests may fail occasionally in fast mode 2025-04-24 00:11:45 +02:00
sebres cbc3cb431c amend to a0093b557e (systemd-review): flags cannot be specified simultaneously with files too; 2025-04-24 00:04:37 +02:00
Sergey G. Brester d731b385f9
Merge pull request #3909 from avcbvamorec/patch-1 
Enhancement on iptables: allow bans to be effective on multiple chains at the same time
 2025-04-17 12:46:51 +02:00
Sergey G. Brester 52d239483d
typo 2025-04-16 17:18:36 +02:00
sebres 0d4a926029 ChangeLog (enhancement and compat entries) 2025-04-16 17:13:58 +02:00
sebres cbe14c70c5 iptables.conf rewritten to affect all derivative actions (multiple chains are also supported by `iptables-ipset` etc); 
iptables-xt_recent-echo.conf adjusted to be compatible to new syntax of inherited iptables.conf;
test coverage fixed to new handling
 2025-04-16 16:56:46 +02:00
Arnaud 37f72f88ef Reverting chains to chain in order to preserve backward compatibilityu 
backing to the option named "chain", using "iteredchain" a new variable to iterate over.
 2025-04-16 16:06:29 +02:00
Arnaud 139151ec81 Update iptables.conf - allow bans to be efective on multiple chains at the same time 
This patch allows the ban to be applied on the INPUT and the FORWARD chain at the time. May be useful at least on routing devices and on docker hosting machines.
 2025-04-16 16:06:28 +02:00
sebres c76e90fbb1 * Merge pull request #3940 from exim-pr-mode-more 
`filter.d/exim.conf` - fewer REs by default, introduces mode `more`
 2025-04-02 15:11:38 +02:00
Sergey G. Brester 6538d43a8e
Update ChangeLog 2025-04-02 14:57:03 +02:00