github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5968 Commits
32 Branches
229 Tags
17 MiB
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '07a7da8d8e'
${ noResults }
Commit Graph

1943 Commits (07a7da8d8eaf13d61777dabb0b840ba384b8f372)

Author SHA1 Message Date
sebres b639c8869c make several iptables actions more breakdown-safe: start wouldn't fail if chain or rule already exists (e. g. created by previous instance and doesn't get purged properly);
3 years ago
sebres 3d7e3bc2fb make ipset actions more breakdown-safe: start wouldn't fail if set with this name already exists (e. g. created by previous instance and don't deleted properly)
3 years ago
sebres 7db1c97a3e Merge remote-tracking branch 'remotes/sebres/1.0-breakdown-safe-actions' with master;
3 years ago
sebres 970573d1cb Merge branch '0.11'
3 years ago
sebres 35d73d9758 Merge branch '0.10' into 0.11
3 years ago
sebres bf689c27b8 filter.d/sshd.conf: `ddos` mode extended - recognizes messages "kex_exchange_identification: Connection closed / reset by pear" (fixed possible regression of f77398c49d);
3 years ago
sebres 8bf15db688 filter.d/sshd.conf: `ddos` mode extended - recognizes new message "banner exchange: invalid format" generated by port scanner, https payload on ssh port;
3 years ago
sebres 80805cabfc Merge branch '0.11'
3 years ago
sebres 0b3ad780fe Merge branch '0.10' into 0.11
3 years ago
sebres 4b54a07d71 Revert "`action.d/firewallcmd-*.conf` (multiport only): fixed port range selector, replacing `:` with `-`;"
3 years ago
Sylvestre Ledru 3245b8018b
Add the Debian path to roundcube error logs
3 years ago
Sergey G. Brester ba839af8ad
filter.d/lighttpd-auth.conf: adjusted to the current source code + avoiding catch-all's, etc (gh-3116)
3 years ago
sebres 10cd815525 merge 0.11 to 1.0 (GHSA-m985-3f3v-cwmm)
3 years ago
sebres c03fe6682c merge 0.10 to 0.11 (GHSA-m985-3f3v-cwmm)
3 years ago
sebres 410a6ce5c8 fixed possible RCE vulnerability, unset escape variable (default tilde) stops consider "~" char after new-line as composing escape sequence
3 years ago
sebres 579c6a94af filter.d/postfix.conf: mode `ddos` (and `aggressive`) extended to consider abusive handling of clients hitting command limit (gh-3040)
4 years ago
sebres 43f2923fbd filter.d/postfix.conf: matches rejects with "undeliverable address" (sender/recipient verification, gh-3039) additionally to "Unknown user";
4 years ago
Sergey G. Brester bbfff18280
action.d/ufw.conf: amend to #3018: parameter `kill-mode` extended with conntrack
4 years ago
sebres c7a86b4616 action.d/firewallcmd-ipset.conf: amend to #2620:
4 years ago
Sergey G. Brester 2a508da5a0
Merge pull request #2620 from mspolitaev/master
4 years ago
sebres 38535b0cca Merge branch '0.11' into master
4 years ago
sebres d2f5c7de09 Merge branch '0.10' into 0.11
4 years ago
sebres 92f90038fa filter.d/dovecot.conf: extended to match prefix like `conn unix:auth-worker (uid=143): auth-worker<13247>:` (authenticate from external service like exim), gh-2553
4 years ago
sebres 8b984a0135 filter.d\exim-common.conf: pid-prefix extended to match `mx1 exim[...]:` (gh-2553)
4 years ago
sebres 6be1a5a0b1 filter.d/dovecot.conf: fixed "Authentication failure" regex, matches "Password mismatch" in title case (gh-2880)
4 years ago
sebres 8afea37494 filter.d/sendmail-auth.conf: covering several "authentication failure" messages, sendmail 8.16.1 (gh-2757)
4 years ago
sebres c5f1598a21 filter.d/postfix.conf: extended to cover new vectors:
4 years ago
sebres ae3e9b9149 filter.d/postfix.conf: extended to cover 2 new vectors:
4 years ago
sebres 87f717e0e0 filter.d/sendmail-reject.conf: fix reverse DNS for ... (gh-3012)
4 years ago
Sergey G. Brester 3d52fe3e4e
Merge pull request #2679 from mikaku/updated-to-latest-jail.conf
4 years ago
sebres 0a05dbdbfc Merge branch '0.11' into master
4 years ago
sebres 3312b8cb95 Merge branch '0.10' into 0.11
4 years ago
sebres 1627d4f573 filter.d/sendmail-auth.conf: user not found, closes gh-3030
4 years ago
Sergey G. Brester f07e0f7ade
Merge pull request #2984 from j-marz/zoneminder_filter_update
4 years ago
Sergey G. Brester ec4e0dd65b
padding with space, prefregex, regex review (simplifying, capture user name, consider possible space char in user name)
4 years ago
j-marz 2367ad115c fixed typo in comment
4 years ago
Sergey G. Brester 3f9cf27853
filter.d/apache-fakegooglebot.conf: better, more precise regex and datepattern (closes possible weakness like #3013)
4 years ago
usernamepi 4f8427178a
Missing comment "#" (#3022)
4 years ago
usernamepi 88f779ed24
ufw.conf, amend to #3018 - add missing option for comment (#3019)
4 years ago
Sergey G. Brester 8f6a8df3a4
added new options `kill-mode` and `kill`, which makes the drop of all connections optional
4 years ago
Sergey G. Brester 5debaa4cac
option "add", can be set to "insert <num>" instead of prepend (customization or backwards compat)
4 years ago
usernamepi e4e7a83cff
Update ufw.conf
4 years ago
sebres 71ce548117 Merge branch '0.11'
4 years ago
sebres b5b615731e Merge branch '0.10' into 0.11
4 years ago
sebres f0214b3d36 filter.d/sendmail-reject.conf: fixed regex to consider "Connection rate limit exceeded" with different combination of arguments
4 years ago
Sergey G. Brester ab0847e2d5
more precise anchored RE (also combining all 3 REs in a single regex)
4 years ago
Jordi Sanfeliu 7d173b7ce0
Merge branch 'master' into updated-to-latest-jail.conf
4 years ago
sebres 6893d5a8b7 Merge remote-tracking branch 'remotes/gh-upstream/0.11' into master
4 years ago
Sergey G. Brester d74dd9321b
Merge pull request #2565 from caronc/0.11
4 years ago
Sergey G. Brester b2f6a3a658
remove unneeded substitution
4 years ago
Sergey G. Brester dda70d60c0
Merge branch 'master' into master
4 years ago
Michele Mondelli 7579072e3b docs: fix typos
4 years ago
Sergey G. Brester 4eba9f2a4b
Merge pull request #2950 from sunweaver/pr/scanlogd-filter
4 years ago
Sergey G. Brester 2d51240b3e
correction for default log interpolation and added allports banaction
4 years ago
Sergey G. Brester 977dfe4bd7
small amend: sport after saddr is optional
4 years ago
Sergey G. Brester 14edeed310
fixed regex (don't need to match whole line, e. g. every port etc)
4 years ago
Sergey G. Brester 080dd12288
Merge pull request #2965 from oukb/patch-1
4 years ago
Sergey G. Brester a838deba7f
restore anchor (e. g. catch all in the middle), dot is optional now, RE rewritten a bit more precise
4 years ago
sebres 7f38b80d35 precise regex (left anchor and fewer catch-all's); fixed tests (added failJSON and more tests for some corner-cases around new RE)
4 years ago
Rüdiger Olschewsky 9eaa2322b0 Filter and Defaults for Microsoft SQL Server
4 years ago
Markus Felten 5aa20c30d8 fix: add journalmatch to nginx filters
4 years ago
j-marz 5d8f500471 updated formatting to pass tests
4 years ago
j-marz 2686811593 Updated zoneminder filter
4 years ago
oukb 529866b2bb
nsd.conf: fix for the current log format
4 years ago
Mike Gabriel f15ed35619 config/: Add support for filtering out detected port scans via scanlogd.
4 years ago
sebres fb08534ed7 Merge branch '0.11'
4 years ago
sebres 3eaefe8da0 Merge branch '0.10' into 0.11
4 years ago
sebres a45b1c974c filter.d/ignorecommands/apache-fakegooglebot: added timeout parameter (default 55 seconds) - avoid fail with timeout (default 1 minute) by reverse lookup on some slow DNS services (googlebots must be resolved fast);
4 years ago
sebres 63acc862b1 `action.d/nginx-block-map.conf`: reload nginx only if it is running (also avoid error in nginx-errorlog, gh-2949) and better test coverage for the action
4 years ago
sebres fb6315ea5e Merge branch '0.10' into 0.11
4 years ago
sebres 6f4b6ec8cc action.d/badips.* removed (badips.com is no longer active, gh-2889)
4 years ago
Sergey G. Brester a2f0dbad87
Merge pull request #2742 from aresxc/patch-1
4 years ago
Sergey G. Brester d678440658
more precise RE (avoids weakness with catch-all's and is injection safe)
4 years ago
sebres ea26509594 Merge branch '0.11'
4 years ago
sebres 6198b4566c Merge branch '0.10' into 0.11
4 years ago
Brian J. Murrell dc4ee5aa47 Add transport to asterisk RE
4 years ago
sebres c75748c5d3 fail2ban.conf: added new fail2ban configuration option "allowipv6" (default auto), can be used to allow or disallow IPv6 interface in fail2ban immediately by start (e. g. if fail2ban starts before network interfaces).
4 years ago
sebres 21dd317870 Merge branch '0.11'
4 years ago
sebres dbc77c47c3 Merge branch '0.10' into 0.11
4 years ago
Sergey G. Brester 5f3f4d1e2f
action.d/cloudflare.conf: better IPv6 capability
4 years ago
sebres 9df332fdef filter.d/apache-overflows.conf: extended to match AH00126 error (Invalid URI ...);
4 years ago
sebres 2c60d08b28 Merge '0.11' (fix gh-2899) into master
4 years ago
sebres fe334590cd Merge branch '0.10' into 0.11
4 years ago
sebres 73b39e0894 filter.d/named-refused.conf: fixes prefix for messages from systemd journal (no mandatory space ahead, because don't have timestamp)
4 years ago
defanor ba7daef86c Handle postscreen's PREGREET and HANGUP messages
4 years ago
stepodev cecc3d62ff add mode explanation to nginx-http-auth in jail.conf
4 years ago
stepodev d0ba27cf46 move nginx-tls-fallback rules to nginx-http-auth
4 years ago
Sergey G. Brester d959f6d199
Update nginx-tls-fallback.conf
4 years ago
stepodev c0256724a7 fix monitoring wrong error log. was access log, should be error.log
4 years ago
stepodev 27c40a77a3 add nginx-tls-downgrade
4 years ago
sebres a03109d096 Merge branch '0.11' into master (0.11.2 released)
4 years ago
sebres b78d1e439a Merge branch '0.10' into 0.11
4 years ago
Sergey G. Brester 753fff9c15
amend to #2750, add jail for new filter nginx-bad-request
4 years ago
Sergey G. Brester 071048b8f2
Merge pull request #2750 from janprzy/master
4 years ago
sebres 7965d652a1 filter.d/dovecot.conf: allow more verbose logging
4 years ago
sebres a6de9459fc typo
4 years ago
RyuaNerin bba8844af8 typo
4 years ago
mpoliwczak834 595ee7ed74 add submission
4 years ago
mpoliwczak834 0c12cb7970 add managesieve support dovecot filter
4 years ago
sebres cc64ef25f6 filter.d/apache-noscript.conf: extended to match "script not found" with error AH02811 (and cgi-bin path segment in script)
4 years ago
sebres adbfdc222d Merge branch '0.10' into 0.11
4 years ago
Sergey G. Brester 1c1a9b868c
no catch-alls, user name and error message stored in ticket
4 years ago
benrubson 840f0ff10a Add Grafana jail
4 years ago
sebres 25e006e137 review and small tweaks (more precise and safe RE)
4 years ago
Mart124 df659a0cbc Add Bitwarden syslog support
4 years ago
Sergey G. Brester 472bdc437b
Merge pull request #2723 from benrubson/softether
4 years ago
Sergey G. Brester 010e76406f
small tweaks (both 2nd time and facility are optional, avoid catch-all, etc)
4 years ago
sebres 66ff90408f Merge branch '0.10' into 0.11
4 years ago
sebres d4adec7797 Merge branch '0.9' into 0.10
4 years ago
sebres 5430091acb jail `counter-strike`: removed link to site with redirect to malicious page (gh-2868)
4 years ago
benrubson ec873e2dc3 Add SoftEtherVPN jail
4 years ago
sebres 6ef69b48ca Merge branch '0.10' into 0.11
4 years ago
sebres 02525d7b6f filter.d/sshd.conf: mode `ddos` (and `aggressive`) extended with new rule closing flood attack vector, matching:
4 years ago
sebres 2817a8144c `action.d/bsd-ipfw.conf`: small amend (gh-2836) simplifying awk condition/code (position starts from `<lowest_rule_num>` and increases whilst used)
4 years ago
sebres 1418bcdf5b `action.d/bsd-ipfw.conf`: fixed selection of rule-no by large list or initial `lowest_rule_num`, exit code can't be larger than 255 (gh-2836)
4 years ago
sebres d253e60a8b Merge branch '0.10' into 0.11
4 years ago
Sergey G. Brester d977d81ef7
action.d/abuseipdb.conf: removed broken link, simplified usage example, fixed typos
4 years ago
sebres 74b73bce8a Merge branch '0.10' into 0.11
4 years ago
sebres a038fd5dfe `action.d/firewallcmd-*.conf` (multiport only): fixed port range selector, replacing `:` with `-`;
4 years ago
Sergey G. Brester 70c601e9e5
involve config parameter (replaces hard-coded path); fixed typo in actionban (looks like copy&paste from trimmed tty)
4 years ago
sebres 4d2734dd86 Merge branch '0.10' into 0.11
4 years ago
sebres ed20d457b2 jail.conf: removed action parameter `name` that set on jail-name (`name=%(__name__)s` is default in action reader)
4 years ago
sebres db1f3477cc amend to 3f04cba9f92a1827d0cb3dcb51e57d9f60900b4a: sendmail-auth has 2 failregex now, so rewritten with prefregex
4 years ago
sebres 3f04cba9f9 filter `sendmail-auth` extended to follow new authentication failure message introduced in sendmail 8.16.1, AUTH_FAIL_LOG_USER (gh-2757)
4 years ago
sebres 07fa9f2912 fixes gh-2787: allow to match `did not issue MAIL/EXPN/VRFY/ETRN during connection` non-anchored with extra mode (default names may deviate);
4 years ago
sebres e9071b642a Merge branch '0.10' into 0.11
4 years ago
benrubson 1707560df8 Enhance Guacamole jail
4 years ago
Chris Caron 2216fd8da4 Add Apprise Support (50+ Notifications)
4 years ago
sebres 067b76fc9e Merge branch '0.10' into 0.11
4 years ago
sebres 9100d07c03 Merge branch '0.10-ipset-tout' into 0.10, amend to #2703: resolves names conflict (command action timeout and ipset timeout); closes #2790
4 years ago
sebres 62a6771b33 Merge remote-tracking branch 'sebres:0.10' into 0.10; closes gh-2763
4 years ago
sebres 73a8175bb0 resolves names conflict (command action timeout and ipset timeout); closes gh-2790
4 years ago
Sergey G. Brester 08dbe4abd5
fixed comment for loglevel, default is INFO
4 years ago
sebres 309c8dddd7 action.d/nftables.conf (type=multiport only): fixed port range selector (replacing `:` with `-`)
4 years ago
Jan Przybylak a5ab4406d8 Removed unnecessary escape sequence
4 years ago
Jan Przybylak d7ef5d166d Removed vulnerable catchall & anchor
5 years ago
sebres 1da9ab78be Merge branch '0.10' into 0.11
5 years ago
sebres 5a0edf61c9 filter.d/sshd.conf: normalizing of user pattern in all RE's, allowing empty user (gh-2749)
5 years ago
Jan Przybylak 3c83c19070 Added filter nginx-bad-request
5 years ago
aresdr 412120ac3c
Update drupal-auth.conf
5 years ago
sebres 1588200274 Merge branch '0.10' into 0.11
5 years ago
Sergey G. Brester 43f699b872
grammar / typos
5 years ago
Sergey G. Brester 368aa9e775
Merge pull request #2689 from benrubson/gitlab
5 years ago
Sergey G. Brester 01e92ce4a6 added fallback using tr and sed (jq is optional now)
5 years ago
Sergey G. Brester 1c1b671c74 Update cloudflare.conf
5 years ago
Sergey G. Brester 5b8fc3b51a cloudflare: fixes ip to id conversion by unban using jq
5 years ago
Viktor Szépe 852670bc99 CloudFlare started to indent their API responses
5 years ago
Ilya 8b3b9addd1 Change tool from 'cut' to 'sed'
5 years ago
Ilya 5da2422f61 Fix actionunban
5 years ago
sebres 87a1a2f1a1 action.d/*-ipset*.conf: several ipset actions fixed (no timeout per default anymore), so no discrepancy between ipset and fail2ban (removal from ipset will be managed by fail2ban only)
5 years ago