sebres
a03109d096
Merge branch '0.11' into master (0.11.2 released)
2020-11-24 12:41:10 +01:00
sebres
b78d1e439a
Merge branch '0.10' into 0.11
2020-11-23 21:35:32 +01:00
Sergey G. Brester
753fff9c15
amend to #2750 , add jail for new filter nginx-bad-request
2020-11-23 18:38:41 +01:00
Sergey G. Brester
071048b8f2
Merge pull request #2750 from janprzy/master
...
Added filter nginx-bad-request
2020-11-23 18:28:07 +01:00
sebres
7965d652a1
filter.d/dovecot.conf: allow more verbose logging
...
closes #2573
2020-11-23 18:17:29 +01:00
sebres
a6de9459fc
typo
2020-11-23 18:08:38 +01:00
RyuaNerin
bba8844af8
typo
2020-11-23 18:07:49 +01:00
mpoliwczak834
595ee7ed74
add submission
2020-11-23 17:42:12 +01:00
mpoliwczak834
0c12cb7970
add managesieve support dovecot filter
2020-11-23 17:42:11 +01:00
sebres
cc64ef25f6
filter.d/apache-noscript.conf: extended to match "script not found" with error AH02811 (and cgi-bin path segment in script)
...
closes gh-2805
2020-11-23 17:25:41 +01:00
sebres
adbfdc222d
Merge branch '0.10' into 0.11
2020-11-11 11:17:15 +01:00
Sergey G. Brester
1c1a9b868c
no catch-alls, user name and error message stored in ticket
2020-11-09 15:36:30 +01:00
benrubson
840f0ff10a
Add Grafana jail
2020-11-09 15:31:06 +01:00
sebres
25e006e137
review and small tweaks (more precise and safe RE)
2020-11-09 13:43:59 +01:00
Mart124
df659a0cbc
Add Bitwarden syslog support
2020-11-09 13:34:39 +01:00
Sergey G. Brester
472bdc437b
Merge pull request #2723 from benrubson/softether
...
Add SoftEtherVPN jail
2020-11-09 13:23:25 +01:00
Sergey G. Brester
010e76406f
small tweaks (both 2nd time and facility are optional, avoid catch-all, etc)
2020-11-09 13:19:25 +01:00
sebres
66ff90408f
Merge branch '0.10' into 0.11
2020-11-09 12:45:29 +01:00
sebres
d4adec7797
Merge branch '0.9' into 0.10
2020-11-09 12:44:07 +01:00
sebres
5430091acb
jail `counter-strike`: removed link to site with redirect to malicious page (gh-2868)
2020-11-09 12:43:34 +01:00
benrubson
ec873e2dc3
Add SoftEtherVPN jail
2020-11-05 23:56:30 +01:00
sebres
6ef69b48ca
Merge branch '0.10' into 0.11
2020-11-05 16:12:31 +01:00
sebres
02525d7b6f
filter.d/sshd.conf: mode `ddos` (and `aggressive`) extended with new rule closing flood attack vector, matching:
...
error: kex_exchange_identification: Connection closed by remote host
(gh-2850)
2020-10-08 21:07:51 +02:00
sebres
2817a8144c
`action.d/bsd-ipfw.conf`: small amend (gh-2836) simplifying awk condition/code (position starts from `<lowest_rule_num>` and increases whilst used)
2020-09-29 13:33:40 +02:00
sebres
1418bcdf5b
`action.d/bsd-ipfw.conf`: fixed selection of rule-no by large list or initial `lowest_rule_num`, exit code can't be larger than 255 (gh-2836)
2020-09-29 12:35:49 +02:00
sebres
d253e60a8b
Merge branch '0.10' into 0.11
2020-09-23 19:39:50 +02:00
Sergey G. Brester
d977d81ef7
action.d/abuseipdb.conf: removed broken link, simplified usage example, fixed typos
2020-09-17 12:39:08 +02:00
sebres
74b73bce8a
Merge branch '0.10' into 0.11
2020-09-04 13:09:47 +02:00
sebres
a038fd5dfe
`action.d/firewallcmd-*.conf` (multiport only): fixed port range selector, replacing `:` with `-`;
...
small optimizations on `firewallcmd-rich-rules.conf` and `firewallcmd-rich-logging.conf` simplifying both and provide a dependency (rich-logging is a derivative of rich-rules);
closes gh-2821
2020-09-03 16:41:23 +02:00
sebres
4d2734dd86
Merge branch '0.10' into 0.11
2020-09-02 20:23:07 +02:00
sebres
ed20d457b2
jail.conf: removed action parameter `name` that set on jail-name (`name=%(__name__)s` is default in action reader)
2020-09-02 20:14:31 +02:00
sebres
db1f3477cc
amend to 3f04cba9f92a1827d0cb3dcb51e57d9f60900b4a: sendmail-auth has 2 failregex now, so rewritten with prefregex
2020-08-27 18:07:42 +02:00
sebres
3f04cba9f9
filter `sendmail-auth` extended to follow new authentication failure message introduced in sendmail 8.16.1, AUTH_FAIL_LOG_USER (gh-2757)
2020-08-27 17:44:25 +02:00
sebres
07fa9f2912
fixes gh-2787: allow to match `did not issue MAIL/EXPN/VRFY/ETRN during connection` non-anchored with extra mode (default names may deviate);
...
additionally provides common addr-tag for IPv4/IPv6 (`(?:IPv6:<IP6>|<IP4>)`) and test-coverage for IPv6
2020-08-27 17:04:19 +02:00
sebres
e9071b642a
Merge branch '0.10' into 0.11
2020-08-25 18:28:18 +02:00
benrubson
1707560df8
Enhance Guacamole jail
2020-08-25 13:01:50 +02:00
sebres
067b76fc9e
Merge branch '0.10' into 0.11
2020-08-04 15:40:59 +02:00
sebres
9100d07c03
Merge branch '0.10-ipset-tout' into 0.10, amend to #2703 : resolves names conflict (command action timeout and ipset timeout); closes #2790
2020-08-04 13:53:21 +02:00
sebres
62a6771b33
Merge remote-tracking branch 'sebres:0.10' into 0.10; closes gh-2763
...
action.d/nftables.conf (type=multiport only): fixed port range selector (replacing `:` with `-`)
2020-08-04 13:51:20 +02:00
sebres
73a8175bb0
resolves names conflict (command action timeout and ipset timeout); closes gh-2790
2020-08-04 13:22:02 +02:00
Sergey G. Brester
08dbe4abd5
fixed comment for loglevel, default is INFO
2020-07-03 13:45:29 +02:00
sebres
309c8dddd7
action.d/nftables.conf (type=multiport only): fixed port range selector (replacing `:` with `-`)
2020-06-24 19:20:36 +02:00
Jan Przybylak
a5ab4406d8
Removed unnecessary escape sequence
...
This commit also contains changes to match requests that are 100% empty (by using "*" instead of "+" in the regex)
2020-06-21 18:24:09 +02:00
Jan Przybylak
d7ef5d166d
Removed vulnerable catchall & anchor
2020-06-11 16:44:48 +02:00
sebres
1da9ab78be
Merge branch '0.10' into 0.11
2020-06-11 12:52:13 +02:00
sebres
5a0edf61c9
filter.d/sshd.conf: normalizing of user pattern in all RE's, allowing empty user (gh-2749)
2020-06-08 14:38:26 +02:00
Jan Przybylak
3c83c19070
Added filter nginx-bad-request
2020-06-06 19:51:46 +02:00
sebres
1588200274
Merge branch '0.10' into 0.11
2020-05-25 18:58:05 +02:00
Sergey G. Brester
43f699b872
grammar / typos
2020-05-06 17:32:13 +02:00
Sergey G. Brester
368aa9e775
Merge pull request #2689 from benrubson/gitlab
...
New Gitlab jail
2020-05-04 19:19:13 +02:00