github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5,032 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

1600 Commits (03b2b79c417e62e7e50eec6cd92aee929a616a34)

Author SHA1 Message Date
sebres 0ed3a63151 Merge branch '0.10' into 0.11 2019-06-07 16:29:38 +02:00
sebres e5ae113215 filter.d/postfix.conf: extended with new postfix filter mode `errors` to match "too many errors" (gh-2439), 
also included within modes `normal`, `more` (`extra` and `aggressive`), since postfix
  parameter `smtpd_hard_error_limit` is default 20 (additionally consider `maxretry`)
 2019-06-07 16:14:02 +02:00
sebres 3b2f75414c filter.d/postfix.conf: extended regexp's to accept variable suffix code in status of postfix for precise messages (gh-2442) 2019-06-07 15:40:55 +02:00
sebres 3d4044084a Merge branch '0.10' into 0.11 2019-06-07 14:48:10 +02:00
Sergey G. Brester 7dbd3a07eb cut comment to limit documented on abuseipdb, additionally use curl in quiet mode 2019-06-07 14:39:55 +02:00
Carlos Ferreira 7b73cb7639 Switch to AbuseIPDB API v2 2019-06-07 14:39:52 +02:00
sebres 5137cd2ec8 Merge branch '0.10' into 0.11 2019-05-14 21:40:50 +02:00
sebres 49bf6132cc amend for 3036ed18893b6aae6619e53201aa53deb701b94f: eliminate "invalid sequence" warnings 2019-05-14 21:40:33 +02:00
sebres f69a8693fc Merge branch '0.10' into 0.11 2019-05-14 20:19:29 +02:00
sebres 0426a24719 filter.d/postfix.conf: (closes gh-2426) filter extended to catch "5.1.1" (Recipient address rejected: User unknown in local recipient table) with RCPT (and some session-id instead of "NOQUEUE") 2019-05-14 15:27:20 +02:00
sebres ca85ddc866 Merge branch '0.10' into 0.11 2019-05-10 16:23:50 +02:00
sebres d8d71c5a22 action.d/helpers-common.conf: grep arguments are rewritten - using options `-wF` to match only whole words and fixed string (not as pattern) 2019-05-10 16:17:13 +02:00
chtheis fa727586ff Fix grep pattern to deal with Apache's error log 
Apache's error log appends the port to the IP address, other logs don't.
 2019-05-10 16:04:27 +02:00
sebres 74eac6c94f Merge branch '0.10' into 0.11 2019-05-02 15:28:44 +02:00
sebres 23d2281e57 action.d/nginx-block-map.conf: small fix with better RE-rule for removal of ID (token/session) via sed (anchored now) 2019-05-02 15:22:45 +02:00
Sergey G. Brester b318eb7e33
closes gh-2408: prevent execution of action `abuseipdb` for restored tickets 2019-04-29 10:45:37 +02:00
sebres c47bb523b7 Merge branch '0.10' into 0.11 2019-04-24 21:58:27 +02:00
Holston 422a2de7fe updated 2019-04-24 21:35:19 +02:00
Holston a581bf3f08 Fixed filter for Apache mod_security 2019-04-24 21:35:17 +02:00
Holston 5d6a84ba78 Updated to correct logging option 2019-04-24 21:35:15 +02:00
sebres f0c5bd56f4 Merge branch '0.10' into 0.11 (conflicts resolved) 2019-04-19 13:20:38 +02:00
sebres 25f1aa334e fail2ban.conf: move default settings into DEFAULT section (to be more similar to jail.conf, Definition section overwrites the options, so it is backwards compatible) 2019-04-18 20:53:11 +02:00
sebres 0386df0042 introduced new options: `dbmaxmatches` (fail2ban.conf) and `maxmatches` (jail.conf); 
setting `maxmatches` and `dbmaxmatches` to 0 saves memory usage and database size (closes gh-2118).
 2019-04-18 20:31:39 +02:00
sebres 337be4b36c Merge remote-tracking branch 'remotes/gh-upstream/0.10' into 0.11 2019-04-18 13:47:44 +02:00
Sergey G. Brester 28c1da33dc
Merge pull request #2387 from sebres/logtype-option-journal 
New backend-related option `logtype` (`journal` or `file`)
 2019-04-18 13:27:42 +02:00
Sergey G. Brester 6c7093c66d
minor amend, refolding branches (SP|SA -> S[PA]) 2019-04-04 02:28:50 +02:00
Amir Caspi ffd5d0db78
Update sendmail-reject.conf 
On some distros (e.g., CentOS 7), sendmail default config labels port 465 as TLSMTA and port 587 as MSA. Update failregex to reflect. Relevant loglines included in 9e1fa4ff73
 2019-03-29 17:39:27 -06:00
sebres ced9828d04 filter.d/sendmail-reject.conf: fixed gh-2385 for some systems (e. g. CentOS): if only identifier set to `sm-mta` (no unit `sendmail`) for some messages. 2019-03-29 14:24:06 +01:00
sebres ec681a3363 backend `systemd` sets `logtype` to `journal` automatically; 
sshd-journal: new test covering sshd journal logging format (matches short prefix-line simulating output of formatJournalEntry);
samplestestcase-factory extended with new option `fileOptions` to set common filter/test options for whole test-file
 2019-03-29 14:24:00 +01:00
sebres e268bf97d4 introduces new configuration parameter "logtype" (default "file" for file-backends, and "journal" for journal-backends); 
common.conf: differentiate "__prefix_line" for file/journal logtype's (speedup and fix parsing of systemd-journal);
samplestestcase.py: extends testSampleRegexsFactory to allow coverage of journal logtype;
closes gh-2383: asterisk can log timestamp if logs into systemd-journal (regex extended with optional part matching this)
 2019-03-29 14:23:57 +01:00
sebres 17a4f81e23 Merge branch '0.10' into 0.11 2019-03-27 13:46:56 +01:00
sebres e8401a7e65 action.d/xarf-login-attack.conf: fixes gh-2372, correction for split of addresses, interpolation is shell-independent now, etc; 
extended with option `boundary`, additionally dynamic boundary part is used (is not so predictable as it was previously);
 2019-03-16 00:05:06 +01:00
sebres 4e2c7b9fdd Merge branch '0.10' into 0.11 2019-03-12 17:01:03 +01:00
sebres 741cf8fb0e Merge branch 'master-0.9' into 0.10 2019-03-12 16:58:08 +01:00
sebres 1a9527e6a4 fixed catch-all on user (and simplifying) 2019-03-12 16:53:36 +01:00
jim a7f3ba87f6 filter.d/sogo-auth.conf: fixes gh-2289 - matching auth-failures when behind a proxy; 
(broken by commit 72b06479a5), replacement for gh-2290.
 2019-03-12 16:50:04 +01:00
sebres 324f0ed7cc Merge branch '0.10' into 0.11 2019-03-01 12:36:07 +01:00
sebres 3c70fe298a closes gh-969: introduces new section `[Thread]` and option `stacksize` to configure default stack-size of the threads running in fail2ban. Example: 
```ini
[Thread]
stacksize = 32
```
 2019-02-24 16:45:14 +01:00
sebres 5126068099 loglevel and shortloglevel combined to single parameter loglevel, below an example logging summary with NOTICE and rest with DEBUG log-levels: 
action = badips.py[... , loglevel="debug, notice"]
 2019-02-22 14:05:19 +01:00
benrubson 689938ee99 Add a shortloglevel badips.py option 2019-02-22 13:32:46 +01:00
sebres a3b7a0525a Merge branch '0.10' into 0.11 2019-02-22 13:22:52 +01:00
sebres 140243328f coverage: try to avoid sporadic "coverage decreased" in CI 2019-02-22 13:20:40 +01:00
Sergey G. Brester d3f6d6ffdd
Merge pull request #2286 from crazy-max/0.10 
New filter `traefik-auth`
 2019-02-21 22:27:04 +01:00
Sergey G. Brester dcede9b3f1
comment rewritten (belongs to the filter) 2019-02-21 22:26:28 +01:00
Sergey G. Brester d84fb8a4b1
regex rewritten (more secure now, resolves catch-all vulni) 2019-02-21 22:19:04 +01:00
sebres 9ed35c423a Merge branch '0.9' into 0.10 (gh-2317) 2019-02-21 20:13:54 +01:00
Yaroslav Halchenko 31e6ec3c5b
Merge pull request #2323 from todgru/fix-spelling-abuseipdb-conf 
fix: correct spelling category
 2019-02-15 17:08:45 -05:00
sebres 1647d0090e Merge branch '0.10' into 0.11 2019-02-11 19:19:44 +01:00
sebres e651bc7866 amend to #1622: jail-reader supports now multi-line option for multi-line action parameter: 
logpath = a.log
            b.log
            c.log
  action  = ban[...]
          = log[logpath="%(logpath)s"]
closes gh-2341, ultimate fix for gh-976
 2019-02-11 11:54:58 +01:00
todgru 39ed016a1e fix: correct spelling category 2019-01-14 22:08:38 -08:00