Commit Graph

327 Commits (136781d627aa70ab88f3fac3b6df398c21dc7387)

Author SHA1 Message Date
Sergey G. Brester 34d63fccfe
close gh-2629 - jail.conf (action_blocklist_de interpolation): replace service parameter (use jail name instead of filter, which can be empty) 2020-02-10 13:03:55 +01:00
sebres 67fd75c88e pass2allow-ftp: inverted handling - action should prohibit access per default for any IP, so reset start on demand parameter for this action (will be started immediately). 2020-01-06 21:13:40 +01:00
sebres 8f6ba15325 avoid unhandled exception during flush, better invariant check (and repair), avoid repair by unban/stop etc... 2019-12-27 21:30:41 +01:00
Mart124 30e742a849
Update jail.conf 2019-11-25 21:57:41 +01:00
Mart124 ef394b3cf0
Update jail.conf 2019-11-25 21:55:45 +01:00
Sergey G. Brester e4c2f303bd
Merge pull request #2550 from CPbN/centreonjail
Add Centreon jail
2019-11-15 01:53:20 +01:00
sebres 5cf064a112 monit: accepting both logpath's: monit and monit.log, closes gh-2495 2019-11-04 12:18:12 +01:00
CPbN 9e699646f8 Add Centreon jail 2019-10-24 14:37:18 +02:00
CPbN 18ba714f97 Add Centreon jail 2019-10-23 09:14:26 +02:00
girst b288ccd6b6 new filter: znc-adminlog 2019-06-12 16:25:50 +02:00
Holston 5d6a84ba78 Updated to correct logging option 2019-04-24 21:35:15 +02:00
sebres 0386df0042 introduced new options: `dbmaxmatches` (fail2ban.conf) and `maxmatches` (jail.conf);
setting `maxmatches` and `dbmaxmatches` to 0 saves memory usage and database size (closes gh-2118).
2019-04-18 20:31:39 +02:00
Sergey G. Brester d3f6d6ffdd
Merge pull request #2286 from crazy-max/0.10
New filter `traefik-auth`
2019-02-21 22:27:04 +01:00
Sergey G. Brester dcede9b3f1
comment rewritten (belongs to the filter) 2019-02-21 22:26:28 +01:00
sebres e651bc7866 amend to #1622: jail-reader supports now multi-line option for multi-line action parameter:
logpath = a.log
            b.log
            c.log
  action  = ban[...]
          = log[logpath="%(logpath)s"]
closes gh-2341, ultimate fix for gh-976
2019-02-11 11:54:58 +01:00
CrazyMax a51f82770b
New filter `traefik-auth` 2018-11-24 22:44:44 +01:00
sebres e2a255d104 fixed typo in comments by "ignoreself" parameter 2018-08-14 11:11:19 +02:00
sebres ffd6b9f6de jail.conf: extended with new parameter `mode` for the filters supporting it; 2017-12-05 16:09:18 +01:00
sebres 7e756da2b9 Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10 2017-11-06 18:56:31 +01:00
Serg G. Brester 9876dd44f9 replace port imap3 with imap everywhere, since imap3 is not a standard port and old rarely (if ever) used and missing on some systems
(see gh-1942)
2017-11-03 14:03:06 +01:00
Jeff Potter 4a2fc8b7e8 Include imap (port 143) in courier-auth ports
imap was missing from the list of ports, preventing fail2ban from blocking connections on standard IMAP port 143.
2017-11-03 14:01:19 +01:00
sebres b615a98540 jail.conf: avoid overwriting of default value of the parameter `chain` of several actions (where default chain != INPUT);
test-cases extended to cover the same logic (use `<known/chain>` instead of fix value `INPUT`);
Closes gh-1949
2017-10-30 13:32:52 +01:00
Serg G. Brester e07a8cda07 Update jail.conf
Documentation of parameters for action blocklist_de, closes gh-1940
2017-10-27 15:26:17 +02:00
sebres b185e7cb04 Merge remote-tracking branch 'upstream/master' into 0.10 2017-09-08 11:11:05 +02:00
Serg G. Brester fd83260bd8 jail "pass2allow-ftp" should supply blocktype to action
closes gh-1884
2017-09-07 18:51:08 +02:00
john 7013729a1f removed redundant options for zoneminder from jail.conf 2017-09-04 11:37:05 +02:00
john 3d45fd2713 implemented yarikoptic's suggestions in fail2ban pull request #1376 2017-09-04 11:37:00 +02:00
john a90f6c4ae8 added zoneminder jail and filter
# Conflicts:
#	config/jail.conf
2017-09-04 11:36:47 +02:00
Pavel Mihadyuk d09304b897 phpmyadmin-syslog: added default jail config 2017-08-22 19:00:48 +03:00
sebres e26cc5de45 restore backwards compatibility (jail postfix-sasl); changelog update 2017-07-11 11:57:48 +02:00
sebres aa92b68d4a filter.d/postfix.conf: normalized several postfix-filters using parameter `mode` (as discussed in gh-1813);
introduced parameter `mode`: more (default, combines normal and rbl), auth, normal, rbl, ddos, extra or aggressive (combines all)
replacement for gh-1239, gh-1697, gh-1764; closes gh-1245, gh-1297.
2017-07-10 20:49:28 +02:00
sebres d3ae70beb6 filter.d/roundcube-auth.conf: Use the same filter-file and jail also when logging errors to journal instead to a local file.
Additionally fixes more complex injections on username.
2017-06-19 18:12:13 +02:00
Johannes Weberhofer 691c080dc7 Added roundcube authentication filter, new jail and log-examples 2017-06-19 16:52:42 +02:00
sebres 99344d28c8 Introduces new tags with hostname:
- `<fq-hostname>` - fully-qualified name of host (the same as `$(hostname -f)`)
- `<sh-hostname>` - short hostname (the same as `$(uname -n)`)

Execution of `uname -n` replaced in all mail actions with most interesting fully-qualified `<fq-hostname>`.
2017-04-24 21:17:55 +02:00
sebres 5e93bf9bd3 Introduced new option "ignoreself", specifies whether the local resp. own IP addresses should be ignored (default is true).
Fail2ban will not ban a host which matches such addresses.

Option "ignoreip" affects additionally to "ignoreself" and don't need to include the DNS resp. IPs of the host self.
2017-03-23 15:52:31 +01:00
sebres 0c1707afda filter.d/sshd.conf:
- optional parameter `mode` rewritten: normal (default), ddos, extra or aggressive (combines all), see sshd for regex details);

test cases reformatted (since "filterOptions", we don't need multiple test log-files anymore);
2017-03-10 22:09:11 +01:00
Serg G. Brester d042981954 Merge pull request #1655 from ajcollett/0.10
Added config for AbuseIPDB
2017-03-09 15:15:26 +01:00
Serg G. Brester 62fa02241f Update jail.conf 2017-03-09 13:31:40 +01:00
sebres e8a1556562 Merge remote-tracking branch 'master' into 0.10
# Conflicts:
#	fail2ban/tests/samplestestcase.py
2017-01-21 16:59:41 +01:00
sebres 628789f9a9 sshd: conditional parameter "mode" for sshd jail (normal, ddos, aggressive)
filter sshd-ddos and new filter sshd-aggressive are both derivation of sshd-filter
2017-01-21 15:54:49 +01:00
Christian Brandlehner a4d8426401 Support for IBM Domino SMTP task (#1603)
filter.d/domino-smtp.conf
2017-01-20 08:44:20 +01:00
sebres c9f32f75e6 Merge branch '0.9-fix-regex-using-journal' into 0.10-fix-regex-using-journal (merge point against 0.9 after back-porting gh-1660 from 0.10) 2017-01-10 11:25:41 +01:00
Andrew James Collett 3991f51f30 Update jail.conf
Sigh, added a space back that I somehow missed in Vim, despite it being a rebase...
2017-01-08 09:45:35 +02:00
Andrew James Collett 10d61e0779 Fixed the spaces again 2017-01-08 09:42:15 +02:00
Andrew James Collett b35391e768 Update jail.conf
Fixing spacing
2017-01-08 09:30:00 +02:00
Andrew James Collett 1c41390f7c Restructured the way the catagories work.
Jail.conf is cleaner and abuseipdb.conf is more flexible.
2017-01-08 09:26:11 +02:00
Andrew James Collett 55e107310f Added config for AbuseIPDB, ony tested on Ubuntu 16.04 2017-01-07 14:24:54 +02:00
sebres 45f1d811c9 Merge branch 'alex1702-1586' 2016-11-28 18:54:02 +01:00
sebres 67c14afd8e ChangeLog entry added + jail.conf review 2016-11-28 18:51:23 +01:00
Serg G. Brester 4f5389fee5 Update jail.conf 2016-11-24 19:30:10 +01:00