fail2ban

Commit Graph

Author	SHA1	Message	Date
sebres	a1b863fcf6	action.d/pf.conf: extended with bulk-unban, command `actionflush` in order to flush all bans at once (by stop jail, resp. shutdown of fail2ban)	7 years ago
sebres	8726c9fb0a	pf.conf: enclose ports in braces, multiple ports expecting this syntax `... any port {http, https}`. Note this would be backwards-incompatible change (for the people already enclosing multiports in braces in jail.local). closes gh-1915	7 years ago
Łukasz Wąsikowski	a4f94d2619	Update pf.conf Fix comment, because current one won't work: cat /etc/pf.conf anchor f2b { sshd } # service pf reload Reloading pf rules. /etc/pf.conf:2: syntax error New version: cat /etc/pf.conf anchor f2b { anchor sshd } # service pf reload Reloading pf rules.	7 years ago
Louis Sautier	152c9d27d5	Fix nftables actions for IPv6 addresses, fixes #1893 * add [Init?family=inet6] to nftables-common.conf and make nftable expressions more modular * change "ip protocol" to "meta l4proto" in nftables-allports.conf since the former only works for IPv4	7 years ago
sebres	1d5fbb95ae	Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10	7 years ago
Serg G. Brester	b0e5efb631	bsd-ipfw.conf: sh-compliant redirect of stderr together with stdout	7 years ago
sebres	3be32adefb	Replace not posix-compliant grep option: fgrep with `-q` option can cause 141 exit code in some cases (see gh-1389).	7 years ago
Jacques Distler	f84e58e769	Tweaks to action.d/pf.conf Document recent changes. Add an option to customize the pf block rule (surely, what the user really wants, here, is "block quick").	7 years ago
sebres	33874d6e53	action.d/pf.conf: anchored call arguments combined as `<pfctl>` parameter; test cases fixed;	7 years ago
Alexander Köppe	f6ccede2f1	Update pf.conf fixing #1863 Fix #1863 Introduce own PF anchors for fail2ban rules.	7 years ago
sebres	30219b54c4	Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10	7 years ago
Serg G. Brester	c0eb7752a8	Merge pull request #1651 from szepeviktor/patch-9 Introduce Cloudflare API v4	7 years ago
Serg G. Brester	2ed8a38eca	Update cloudflare.conf Switch to API v1 to API v4 per default	7 years ago
Serg G. Brester	5b7375c614	Merge pull request #1638 from roedie/shorewall-ipv6 Add shorewall IPv6 support	7 years ago
Bigard Florian	f4551d02c9	Fix empty logfile.log in xarf login attack action Fix empty 3rd MIME part which contains the attack evidence (logfile.log).	7 years ago
Serg G. Brester	6c030c5e10	Merge pull request #1717 from szepeviktor/patch-11 Updated xarf-specification repo URL in xarf action	7 years ago
sebres	33fcf8d809	Merge branch 'master' into 0.10	8 years ago
Serg G. Brester	f27e053592	Update bsd-ipfw.conf increased starting rule number (lowest_rule_num = 111)	8 years ago
Serg G. Brester	80cc47b75f	Update helpers-common.conf fixed grep pattern: escape dot-char in search-IP and more restrictive boundaries (IPv6-capable)	8 years ago
Viktor Szépe	5bb6be0163	IPv6 address may overlap	8 years ago
sebres	99344d28c8	Introduces new tags with hostname: - `<fq-hostname>` - fully-qualified name of host (the same as `$(hostname -f)`) - `<sh-hostname>` - short hostname (the same as `$(uname -n)`) Execution of `uname -n` replaced in all mail actions with most interesting fully-qualified `<fq-hostname>`.	8 years ago
Peter van der Does	bb79e7f413	Parameter not needed The parameter '-s' causes an error as the <mailcmd> already has the parameter.	8 years ago
sebres	97e8b42d34	dummy action extended with more examples and test-covered now	8 years ago
sebres	d03872fbbf	bulk unban: add new command `actionflush` default for several iptables/iptables-ipset actions (and common include): iptables-common iptables iptables-allports iptables-multiport-log iptables-multiport iptables-new iptables-ipset-proto4 iptables-ipset-proto6 iptables-ipset-proto6-allports executing `actionflush` command covered for this actions now	8 years ago
sebres	8bf79fa483	implemented execution of `actionstart` on demand, if action depends on `family` (closes gh-1741); new action parameter "actionstart_on_demand" (bool) can be set to prevent/allow starting action on demand (default retrieved automatically, if some conditional parameter `param?family=...` presents in action properties);	8 years ago
Viktor Szépe	d79267c424	Updated xarf-specification repo URL in xarf action	8 years ago
Serg G. Brester	d042981954	Merge pull request #1655 from ajcollett/0.10 Added config for AbuseIPDB	8 years ago
Serg G. Brester	b1f5ac9484	Update abuseipdb.conf	8 years ago
sebres	6a2c95da95	`action.d/sendmail-geoip-lines.conf` fixed using new tag `<ip-host>` (dns-cache and without external command execution); changelog updated;	8 years ago
sebres	d2a3d093c6	rewritten CallingMap: performance optimized, immutable, self-referencing, template possibility (used in new ActionInfo objects); new ActionInfo handling: saves content between actions, without interim copying (save original on demand, recoverable via reset); test cases extended	8 years ago
Serg G. Brester	2fa18a74c4	Merge branch 'master' into master	8 years ago
sebres	4bf09bf297	provides new tag `<ip-rev>` for PTR reversed representation of IP address; [action.d/complain.conf] fixed using this new tag;	8 years ago
Christoph Theis	861ce4177c	#1689 : Make lowest rule number in action.d/bsd-ipfw.conf configurable	8 years ago
Jan Grewe	58c68b75f0	Remove double-quotes from email addresses	8 years ago
Jan Grewe	1bcf0de7c1	Update complain.conf	8 years ago
Jan Grewe	901eeff53d	Make Abusix lookup compatible with Dash	8 years ago
sebres	e8a1556562	Merge remote-tracking branch 'master' into 0.10 # Conflicts: # fail2ban/tests/samplestestcase.py	8 years ago
Juliano Jeziorny	1fe554dd25	Introduced Citrix Netscaler action	8 years ago
sebres	74a6afadd5	Mail-actions switched to use new option "norestored" instead of checking of variable `restored` during shell execution (prevents executing of such actions at all).	8 years ago
sebres	ee3c787cc6	Recognize restored (from database) tickets after restart (tell action restored state of the ticket); Prevent executing of several actions (e.g. mail, send-mail etc) on restart (bans were already notified). Test cases extended (smtp and by restart in ServerReloadTest). Closes gh-1141 Closes gh-921	8 years ago
sebres	c9f32f75e6	Merge branch '0.9-fix-regex-using-journal' into 0.10-fix-regex-using-journal (merge point against 0.9 after back-porting gh-1660 from 0.10)	8 years ago
Andrew James Collett	1c41390f7c	Restructured the way the catagories work. Jail.conf is cleaner and abuseipdb.conf is more flexible.	8 years ago
Andrew James Collett	55e107310f	Added config for AbuseIPDB, ony tested on Ubuntu 16.04	8 years ago
Viktor Szépe	81c1810f10	Introduce Cloudflare API v4 In the cloudflare action everyone is suggested to use API v4. And I don't dare to contribute any actual change.	8 years ago
roedie	3adc16d266	Shorewall IPv6 suggested changes. Change files as suggested by sebres.	8 years ago
Yaroslav Halchenko	31a1560eaa	minor typos (thanks Vincent Lefevre, Debian #847785 )	8 years ago
roedie	6e18508a07	Add shorewall IPv6 support Small patch which allow fail2ban to use shorewall for IPv6 bans.	8 years ago
sebres	a2af19c9f0	fixed several actions, that could not work with jails using multiple logpath; additionally repaired execution in default shell (bad substitution by `${x//...}` executing in `/bin/sh`); added helper "action.d/helpers-common.conf", and `_grep_logs` part-command for actions needed grep logs from multiple log-files test cases: executing of some complex actions covered	8 years ago
sebres	c809c3e61e	Merge branch 'master' into 0.10	8 years ago
Nils	d08db22b92	Create npf.conf for the NPF packet filter This file adds support for the NPF packet filter, available on NetBSD since version 6.0	8 years ago

1 2 3 4 5 ...

349 Commits (100b531affe5bb3e6b3ee8f1aa59d3a1f5a74aeb)