github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
1,005 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

1005 Commits (0c2900e458f642ae2772526700c0888a187084bd)

Author SHA1 Message Date
Yaroslav Halchenko 8cf006827e BF: remove path from grep call in sendmail-whois-lines.conf Closes: gh-118 2013-02-12 08:48:05 -05:00
ArndRa 6cd358ee95 Update config/filter.d/sogo-auth.conf 
Comment line in the top altered to fit file name. My local file was named differently...
 2013-02-12 10:45:37 +01:00
Yaroslav Halchenko 6004fe7a94 just trailing spaces in setup.py 2013-02-11 16:17:52 -05:00
ArndRa 35bf84abad Create sogo-auth.conf 
Regexp works with SOGo 2.0.5 or newer, following new feature implemented here: http://www.sogo.nu/bugs/view.php?id=2229
 2013-02-11 08:19:48 -08:00
ArndRa 52f952e645 Update config/jail.conf 
Update to use the new sogo-auth filter
 2013-02-11 17:14:29 +01:00
Yaroslav Halchenko f8983872ad BF: return str(host) to avoid spurious characters in the logs (Close gh-113) 
thanks to opoplawski@github
 2013-02-01 16:24:04 -05:00
Yaroslav Halchenko 5f2d3832f7 NF: roundcube-auth filter (to close Debian #699442, needing debian/jail.conf section) 2013-01-31 14:41:34 -05:00
Steven Hiscocks 9c2e0cbbc8 Fix up for warning/error for inaccessible config files 2013-01-31 18:36:23 +00:00
Steven Hiscocks bf5f46c3d5 Warn if config file present but unreadable 2013-01-30 19:57:03 +00:00
Yaroslav Halchenko d561a4c2bb BF: do not rely on scripts being under /usr -- might differ eg on Fedora -- rely on import of common.version (Closes gh-112) 
This is also not ideal, since if there happens to be some systemwide common.version -- we are doomed

but otherwise, we cannot keep extending comparison check to /bin, /sbin whatelse
 2013-01-28 09:54:12 -05:00
Yaroslav Halchenko acab23bdfe RF: move exceptions used by both client and server into common/exceptions.py 
this prevents importing of server while operating with client only
 2013-01-28 09:46:50 -05:00
Yaroslav Halchenko f8c8a5583e Merge remote-tracking branch 'gh-yarikoptic/master' 
* gh-yarikoptic/master:
  BF: pyinotify - use bitwise op on masks and do not try tracking newly created directories
 2013-01-26 12:36:49 -05:00
Yaroslav Halchenko c900c08eed Merge pull request #111 from opoplawski/nonettest 
Initial support for --no-network option for fail2ban-testcases (Closes gh-110)
 2013-01-25 16:45:01 -08:00
Orion Poplawski 431489c9b9 Remove unneeded setting of opts.no_network 2013-01-25 14:19:10 -07:00
Yaroslav Halchenko 6b2e76ba7f BF: pyinotify - use bitwise op on masks and do not try tracking newly created directories 2013-01-25 16:06:41 -05:00
Orion Poplawski fdd9dfb4b5 Initial support for --no-network option for fail2ban-testcases 2013-01-25 12:56:00 -07:00
Yaroslav Halchenko b8a861d012 Merge remote-tracking branch 'gh-yarikoptic/master' 
* gh-yarikoptic/master:
  ENH: Added login authenticator failed regexp for exim filter
  DOC: Mention that logrotate configuration needs to be adjusted if logtarget is changed (Closes: #697333)
 2013-01-25 13:27:30 -05:00
Yaroslav Halchenko 4a48844027 Merge pull request #107 from opoplawski/master 
sshd filter - avoid banning on pam failures since might be too early. Close gh-106

If desired to ban on pam -- enable pam-generic filter, possibly even tuning in pam-generic.local the value for caught ttys in case of more detailed control needed

Provided example was:

 Jan 18 12:47:34 host sshd[23755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.123.123.123  user=myuser
 Jan 18 12:47:34 host sshd[23755]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.123.123.123 user=myuser
 Jan 18 12:47:34 host sshd[23755]: Accepted password for myuser from 123.123.123.123 port 50615 ssh2
 2013-01-25 08:24:44 -08:00
Yaroslav Halchenko 7d630cb0de Merge pull request #109 from blotus/master 
Escape ' and " in matches
 2013-01-25 08:11:04 -08:00
blotus 96eb8986cc Escape ' and " in matches tag 2013-01-25 13:37:22 +01:00
Orion Poplawski bb7628591c Update config/filter.d/sshd.conf 
Do not trigger sshd bans on pam_unix authentication failures, this will trigger on successful logins on systems that use non-pam_unix authentication (sssd, ldap, etc.).
 2013-01-18 14:44:49 -07:00
Yaroslav Halchenko 9a39292813 ENH: Added login authenticator failed regexp for exim filter 2013-01-04 15:23:05 -05:00
Yaroslav Halchenko b3d8ba146b DOC: Mention that logrotate configuration needs to be adjusted if logtarget is changed (Closes: #697333) 2013-01-04 15:23:05 -05:00
Yaroslav Halchenko 3ce53e8798 ENH: Added login authenticator failed regexp for exim filter 2013-01-04 15:22:18 -05:00
Yaroslav Halchenko 8f0c533d64 DOC: Mention that logrotate configuration needs to be adjusted if logtarget is changed (Closes: #697333) 2013-01-04 10:55:14 -05:00
Michael Gebetsroither 03433f79cd add example jail.conf for blocking through blackhole routes for ssh 2013-01-04 16:09:04 +01:00
Michael Gebetsroither f9b78ba927 add support for blocking through blackhole routes 2013-01-03 18:46:31 +01:00
Yaroslav Halchenko be06b1b914 Merge pull request #102 from grooverdan/ipset 
Ipset
 2012-12-30 19:51:15 -08:00
Daniel Black da0ba8ab4c ENH: add example jail for ipset 2012-12-31 14:38:51 +11:00
Daniel Black 9221886df6 more documentation and optimisations/fixes based on testing 2012-12-31 14:31:37 +11:00
Daniel Black abd5984234 base ipset support 2012-12-31 14:31:37 +11:00
Yaroslav Halchenko 05af52e833 ENH: fail2ban-regex -- __str__ for RegexStat + modeline 2012-12-24 11:05:44 -05:00
Yaroslav Halchenko 21e966e4bb example logs should carry the same name as the filter they are devised for 2012-12-13 08:24:02 -05:00
Yaroslav Halchenko f96ea013bb Merge pull request #99 from pigsyn/patch-2 
Update config/filter.d/webmin-auth.conf for trailing spaces
 2012-12-13 05:22:43 -08:00
pigsyn 123d457924 Update testcases/files/logs/Webmin 2012-12-13 08:33:07 +01:00
pigsyn 38dd1506cc Sample Webmin logs 2012-12-12 23:25:31 -08:00
pigsyn f336d9f876 Update config/filter.d/webmin-auth.conf 
Added '\s*$' to the regular expression to match the space written by webmin logs at line-endings
 2012-12-13 08:14:49 +01:00
pigsyn dc67b24270 Update config/filter.d/webmin-auth.conf 
Added a trailing '.*$' to each regex so they can find expressions in targeted log files.
 2012-12-12 23:07:39 +01:00
Yaroslav Halchenko 3969e3f77b ENH: dovecot.conf - require space(s) before rip/rhost log entry 2012-12-12 09:16:52 -05:00
Yaroslav Halchenko 68c1defb76 ENH: added dovecot example from Daniel Black + example with DoS attempt via injected rhost 2012-12-12 09:16:27 -05:00
Yaroslav Halchenko 6d804df504 Merge branch 'patch-2' of https://github.com/hamilton5/fail2ban (dovecot log examples) 
* 'patch-2' of https://github.com/hamilton5/fail2ban:
  Update testcases/files/logs/dovecot
  Update testcases/files/logs/dovecot
 2012-12-12 09:11:34 -05:00
Yaroslav Halchenko d7b7d7d491 Merge branch 'patch-1' of https://github.com/hamilton5/fail2ban 
* 'patch-1' of https://github.com/hamilton5/fail2ban:
  Update config/filter.d/dovecot.conf
  Update config/filter.d/dovecot.conf
  Update config/filter.d/dovecot.conf
 2012-12-12 09:10:44 -05:00
Yaroslav Halchenko 46e2de98ff Merge pull request #97 from grooverdan/simplefix 
name -> IP is a normal DNS lookup not a reverse
 2012-12-12 06:08:14 -08:00
Yaroslav Halchenko 620d6015ac Merge pull request #98 from grooverdan/gitignore 
ignore build directory and compiled python bits
 2012-12-12 06:07:09 -08:00
Daniel Black fd7929863b name -> IP is a normal DNS lookup not a reverse 2012-12-12 21:59:01 +11:00
Daniel Black b95dc592b9 ignore build directory and compiled python bits 2012-12-12 21:43:27 +11:00
hamilton5 266cdc29a6 Update config/filter.d/dovecot.conf 
even tho not on the fail2ban site..
suggested to not be greedy by yarikoptic
 2012-12-11 12:09:28 -05:00
hamilton5 ccc62ddbf3 Update testcases/files/logs/dovecot 2012-12-11 12:05:01 -05:00
Yaroslav Halchenko 67145d8b78 ENH: assure that all date templates have unique names 2012-12-11 11:18:52 -05:00
Yaroslav Halchenko d1625253eb ENH: debug msgs on which template was taken (+ use "is" for None comparisons) 2012-12-11 11:18:52 -05:00