fail2ban

Commit Graph

Author	SHA1	Message	Date
Jose	07a7da8d8e	Remove greedy catch-all before HOST	4 months ago
Jose	ca45671db2	Add support to Proxmox Web GUI	4 months ago
sebres	93810fff75	consider CONNECT and other rejected commands as a valid `_pref`; closes gh-3800	4 months ago
Sergey G. Brester	50ff131a0f	filter.d/sshd.conf: ungroup (unneeded for _daemon)	5 months ago
Fabian Dellwing	2fed408c05	Adjust sshd filter for OpenSSH 9.8 new daemon name	5 months ago
sebres	59c5e78ce9	`filter.d/apache-overflows.conf` - consider AH10244: invalid URI path; closes gh-3778	5 months ago
sebres	a7f3a04b0e	`filter.d/recidive.conf` - restore possibility to set jail name in the filter, _jailname is positive now (but by default it uses now negative lookahead to exclude recidive jail); closes gh-3769	5 months ago
Sergey G. Brester	6fce23e7ba	`filterd./sshd.conf`: fixed journalmatch (sshd.service seems to be renamed to ssh.service) closes gh-3747	6 months ago
sebres	2533526827	extend ipset actions with new parameter `ipsettype` for the type of set (gh-3760), affected actions: `action.d/firewallcmd-ipset.conf`, `action.d/iptables-ipset.conf`, `action.d/shorewall-ipset-proto6.conf`	6 months ago
sebres	17daf0ec78	`action.d/firewallcmd-ipset.conf`: rename `ipsettype` to `ipsetbackend` (`ipsettype` will be used now to the real set type); amend to #2620	6 months ago
by	21bf636056	Update abuseipdb.conf Corrected link for HP helper (see https://shaunc.com/blog/article/reporting-to-abuseipdb.com-with-fail2ban~kDoa-Hml95wW)	6 months ago
sebres	c04e12dd8d	Merge remote-tracking branch 'remotes/gh-upstream/0.11'	7 months ago
Sergey G. Brester	1434e3089c	Merge pull request #2455 from Thermi/improved-action-blocklist-de Improved blocklist_de action to not resend bans that were already reported	7 months ago
sebres	d0d0728523	cherry-pick from debian: debian default banactions are nftables, systemd backend for sshd closes gh-3292	7 months ago
sebres	2c13cba73d	loosening for denied suffix (would match no matter which reason in parenthesis); add coverage for denied with "(allow-query-cache did not match)"	8 months ago
Rudimar Remontti	fd7657f9a9	Update named-refused.conf	8 months ago
sebres	1ec9237e53	bypass additional pid in prefix (may be logged by syslog-ng, gh-3060); matches protocol error with authentication mechanism not supported	8 months ago
sebres	c80908837f	`filter.d/exim.conf`: - messages are prefiltered by `prefregex` now - filter can bypass additional timestamp that may be logged via systemd-journal (gh-3060)	8 months ago
Vladimir Varlamov	8da0a99cde	pid part may contain full hostname	8 months ago
Vladimir Varlamov	806a27cb4f	final `<HOST>` to `<ADDR>` conversion	8 months ago
sebres	e605415f61	simplify fields-group a bit (everything up to 4 chars long but H), so it'll be faster (no multiple branches) as well as would theoretically accept future enhancements of logged fields.	8 months ago
sebres	c22a83933b	let's use `<ADDR>` instead `<HOST>` - only IPs expected, since host-name bypassed before it (directly after H=)	8 months ago
Vladimir Varlamov	df94ec4c52	filter.d/exim.conf: rewrite host line regex for all varied exim's log_selector states Depending on Exim's log_selector settings, log lines may contain additional information about the connection. And also the line itself with the address of the remote host can vary greatly. But fortunately, all states can be found in the Exim code itself and taken into account. Makes it easier to add new regexps. Closes #3263	8 months ago
Anton Samets	0c125ec9c9	filter.d/postfix.conf: add Sender address rejected: Malformed DNS server reply (#3590 ) * add Sender address rejected: Malformed DNS server reply	8 months ago
Sergey G. Brester	f63868b3e8	filter.d/apache-common.conf: remote besides client, gh-3622	9 months ago
Sergey G. Brester	529eb79ddb	Merge pull request #3692 from pingou2712/postfixSystemd Change journalmatch postfix	9 months ago
Vincent Laffargue	d260ed31d2	Maintain backward compatibility Postfix SYSTEMD_UNIT	9 months ago
Sergey G. Brester	dd3c78ecab	filter.d/recidive.conf: conditional RE depending on logtype (for file or journal)	9 months ago
Vincent Laffargue	0b63fc312d	Change Regex Recidive and journalmatch For Systemd Match	9 months ago
Vincent Laffargue	93082ead79	Change journalmatch postfix	9 months ago
Sergey G. Brester	45d7f3cb97	no space in any case	9 months ago
László Károlyi	ff701e94c3	Add to postfix syslog daemon format	9 months ago
sebres	4f679a56e0	filter.d/sshd.conf: ddos/aggressive mode extended to match new messages caused by port scanner, wrong payload on ssh port: - message authentication code incorrect [preauth] - connection corrupted [preauth] - timeout before authentication closes gh-3486	10 months ago
Logic-32	b161e55ca7	Adding STARTTLS test with the help of aiosmtp. Make sure SMTP specifies host/port in addition to connect() due to bug with starttls.	11 months ago
Sergey G. Brester	6fb3198a41	attempt to fix action for 2.x self.host cannot be supplied to SMTP because it can contain port (but `connect` takes place few lines below)	11 months ago
Logic-32	6a1da5e164	Removing logging in favor of just throwing. Removing user from message as it doesn't add any value.	11 months ago
Logic-32	419e380870	Add support for TLS SMTP connections.	11 months ago
sebres	3190febb27	IPv6 fix (second IP logged in form for IPv6); pam authentication failure (part of gh-3410)	11 months ago
sebres	093cd763ce	filter.d/postfix.conf: "rejected" extended to match "Access denied" too; closes gh-3474	12 months ago
sebres	ff4a2a12fc	filter.d/postfix.conf: avoid double counting ('lost connection after AUTH' together with message 'disconnect ...'); closes gh-3505	12 months ago
Sergey G. Brester	5277e91013	Merge pull request #3503 from repcsi/pf_allproto BSD Pf allproto actiontype to block all communication from source on IP level	12 months ago
sebres	0abba5dc6e	more filters for nginx error-log supporting journal format now, added generalized include and __prefix_line	12 months ago
sebres	b245225b13	filter.d/nginx-http-auth.conf: added optional prefix to support systemd-journal format and additional timestamp (optionally) in prefix	12 months ago
repcsi	199759f0ba	added pf[protocol=all] options as recommended by sebres	12 months ago
Yaroslav Halchenko	8ef0d3c7a9	[DATALAD RUNCMD] run codespell throughout fixing typo automagically === Do not change lines below === { "chain": [], "cmd": "codespell -w", "exit": 0, "extra_inputs": [], "inputs": [], "outputs": [], "pwd": "." } ^^^ Do not change lines above ^^^	1 year ago
Yaroslav Halchenko	81b2eb32d6	Add pragma to ignore a codespell-detected typoin postfix.conf	1 year ago
Sergey G. Brester	eed319e896	gh-3604: filter.d/slapd.conf - switched to single-line processing closes gh-3604	1 year ago
Sergey G. Brester	183f805ae3	amend	1 year ago
Sergey G. Brester	7931b67325	mysqld-auth.conf: better RE, optional suffix, non-capturing groups	1 year ago
Aliaksandr Yurchyk	c55e9949dc	Fix issue with Mariadb 10.3 failed message	1 year ago

1 2 3 4 5 ...

1943 Commits (07a7da8d8eaf13d61777dabb0b840ba384b8f372)