github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5,032 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

5032 Commits (03b2b79c417e62e7e50eec6cd92aee929a616a34)

Author SHA1 Message Date
sebres 0707695146 Merge branch '0.10' into 0.11, version bump 
# Conflicts resolved:
#	fail2ban/server/database.py
 2018-04-05 12:58:11 +02:00
sebres 8069eef50c badips: try to fix sporadic test errors if badips-server timed out resp. not available (502 bad gateway or similar). 2018-04-05 12:31:29 +02:00
sebres 414469c102 Merge '0.10.3.fix1' into 0.10 2018-04-05 00:41:29 +02:00
sebres ac0d441fd6 0.10.3.fix1: version bump 2018-04-05 00:21:30 +02:00
sebres cb0f4cbb32 test_badips.py: amend to 2ff65f5d3ce1a4bd107cb4dbbd5343f7146a0677: 
increase timeout in normal mode + catch timeout exceptions to skip the test (avoid sporadic CI errors if badips gets slowly).
 2018-04-05 00:17:00 +02:00
sebres c1923f9644 update ChangeLog 2018-04-04 23:32:22 +02:00
sebres 34b586b51e fix for JSON serialization bug for set object (gh-2103): currently there are only users, so simply serialized as a list. 2018-04-04 23:28:44 +02:00
sebres 187514eda7 bump version (0.10.3 -> 0.10.4.dev1) 2018-04-04 20:17:26 +02:00
sebres 0a50f2e19e next release of 0.10: bump version, update ChangeLog, man's and MANIFEST etc. 2018-04-04 19:44:09 +02:00
sebres 70d099bbd6 Merge branch '0.10' into 0.11 2018-04-04 18:59:44 +02:00
sebres 5dfba17663 Merge pull request #2064 from mgrant0/0.11 (rebased) 
Sendmail logs IPv6 addresses with the prefix 'IPv6:'.  Changed <HOST> to (?:IPv6:<IP6>|<IP4>)
 2018-04-04 18:59:13 +02:00
sebres 4a8506fcca update ChangeLog 2018-04-04 18:57:41 +02:00
Michael Grant 57bc502d5c Update sendmail-reject.conf 2018-04-04 18:52:36 +02:00
Michael Grant 2ab6a5ae62 Update sendmail-auth.conf 2018-04-04 18:52:35 +02:00
Michael Grant 87520e8008 Sendmail logs IPv6 addresses with the prefix 'IPv6:'. Added (IPv6:)? before all <HOST> regexes to match the IPv6 address (but not the prefix). 2018-04-04 18:52:33 +02:00
sebres aac6398517 Merge branch '0.10' into 0.11 2018-04-04 18:02:05 +02:00
sebres 2ff65f5d3c test_badips.py: increase timeout in normal mode (avoid sporadic CI errors if badips gets slowly). 2018-04-04 18:01:51 +02:00
sebres 1fdad90b4d Merge branch '0.10' into 0.11 2018-04-04 16:49:57 +02:00
Sergey G. Brester 521de5edfd
Merge pull request #2101 from mercurytoxic/mercurytoxic-patch-1 
Fixes abuseipdb curl cypher error and comment $f2bV_matches
 2018-04-04 16:48:56 +02:00
Sergey G. Brester d9525ad3aa
Update ChangeLog 2018-04-04 16:47:18 +02:00
Luis Aranguren fc76ccf192 Fixes abuseipdb curl cypher error and comment $f2bV_matches 
Fixed https://github.com/fail2ban/fail2ban/issues/2044 #2044
and used https://github.com/fail2ban/fail2ban/issues/2039 to fix comment in abuseipdb.com only showing $f2bV_matches
 2018-04-04 16:39:16 +02:00
Sergey G. Brester 7bbc26d67e
Merge pull request #2097 from benrubson/sni 
Detect Apache SNI error / misredirect attempts
 2018-04-04 16:31:38 +02:00
Sergey G. Brester 28ae32f0ca
Update ChangeLog 2018-04-04 16:31:14 +02:00
sebres f877980da9 Merge branch '0.10' into 0.11 2018-04-04 15:55:59 +02:00
sebres 02bae2962d fixed test cases: www.epfl.ch seems to change again the static IP address, tests rewritten using dynamic mechanism (via resolver). 2018-04-04 15:24:59 +02:00
benrubson bd74f7ba8b Detect Apache SNI error / misredirect attempts, typos 2018-04-04 00:20:58 +02:00
sebres e786dbf132 New logging parameter `padding`, default enabled, excepting the SYSLOG (for backwards compatibility purposes); 
Closes gh-2099.
 2018-04-03 17:58:17 +02:00
sebres 7dfd61f462 Merge branch '0.10' into 0.11-2 2018-04-03 14:14:44 +02:00
sebres 8423f017e7 Merge branch 'sshd-ddos-mode-closed-preauth' into 0.10 2018-04-03 14:12:35 +02:00
Sergey G. Brester 4ee7af742a
Merge pull request #2090 from sebres/fix-sshd-filter-suff 
sshd, multi-line failures, alternate groups capture, etc.
 2018-04-03 14:08:46 +02:00
sebres 4ee07adde6 Merge branch '0.10' into fix-sshd-filter-suff 
# Conflicts resolved:
#	fail2ban/server/filter.py
 2018-04-03 13:30:57 +02:00
sebres 50d7c649ba Skip several test-cases of systemd backend, if journal seems to be not available (e. g. no rights to read journal); 
Closes gh-2100
 2018-04-03 12:39:37 +02:00
sebres fd0471927d badips: increase age for /list/cat in the test-cases (default 24h is too short, so the tests can sporadic fail) 2018-04-03 11:53:03 +02:00
sebres 4963295729 Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10 2018-04-03 11:43:58 +02:00
benrubson 30dc22fb2e Detect Apache SNI error / misredirect attempts 2018-03-29 11:36:49 +02:00
Sergey G. Brester 088192ea9f
Merge pull request #1960 from comradekingu/patch-1 
https, "Fail2Ban", other language improvements
 2018-03-22 11:44:50 +01:00
Sergey G. Brester 9710c8c996
minor fix with reindent 2018-03-22 11:43:15 +01:00
Sergey G. Brester 02114ea073
Merge pull request #1912 from alxnorden/patch-1 
Update README.md with clarifications
 2018-03-22 11:10:06 +01:00
Sergey G. Brester 1b8840d333
Update README.md 2018-03-22 11:09:49 +01:00
Sergey G. Brester 8796c3b27e
Merge pull request #2093 from ravage84/patch-1 
Improve wording
 2018-03-22 11:02:50 +01:00
sebres 218905c924 performance optimization: findFailure, search regex etc, handling with buffer/tuple-lines optimized (especially multi-regex resp. multi-lines filters) 2018-03-22 10:16:40 +01:00
Marc Würth 077f58b228
Improve wording 2018-03-21 17:53:05 +01:00
Sergey G. Brester 67df796f93
Merge pull request #2088 from sebres/fix-gh-2073 
filter.d/apache-noscript.conf: extended to match "Primary script unknown", got from php-fpm module
 2018-03-21 09:56:38 +01:00
sebres 79019967a7 datepattern: fix epoch/long-epoch name, if custom pattern specified 2018-03-20 23:34:18 +01:00
Sergey G. Brester 6dc9c23a25
fixed typo in pragma-comment 2018-03-20 23:14:43 +01:00
Sergey G. Brester 80725ae870
Update sshd 
comment/minimalistic: no functional change
 2018-03-20 19:02:44 +01:00
sebres e5735b9951 ChangeLog updated 2018-03-20 18:54:25 +01:00
sebres 4f6532f810 filter.d/sshd.conf: mode `ddos` (and `aggressive`) extended to catch `Connection closed by ... [preauth]`, so in DDOS mode it causes failure now on closed within preauth stage; 
at least using both modes can ban port-scanners and prevent for other annoying "intruders", closing connection within preauth-stage (see gh-2085 for example).
 2018-03-20 18:54:22 +01:00
sebres cd7f1354c6 remove end-anchors for expressions that are precise enough (with clear flow, simple branches, without catch-all's, etc.) 2018-03-20 18:47:42 +01:00
sebres ed7d5d8ea1 ChangeLog updated 2018-03-20 16:04:42 +01:00