0e1f8f7f39
RF: remove those two additional failregexes for the postfix
...
see comment
https://github.com/fail2ban/fail2ban/pull/804\#discussion_r17512426
2014-09-13 10:25:27 -04:00
96c20c8379
Merge pull request #804 from pleasantone/master
...
Add support for postfix/submission/smtpd matching.
2014-09-13 10:24:06 -04:00
c58c4de9bc
ENH: add empty ignoreregex to avoid a warning ( Close #805 )
2014-09-13 10:18:37 -04:00
8b2f0678a7
Merge commit '0.9.0a2-792-g1864f75' into debian-releases/experimental
...
* commit '0.9.0a2-792-g1864f75': (113 commits)
Credits and notes from #806
fixed encoding
fixed encoding
ENH: Ignore errors while unbaning in symbiosis firewall
ENH: just a bit more descriptive exception ;-)
ENH/BF(TST): making permissions restrictive is not sufficient -- really remove file to test
changelog entry for postfix-sasl fix
added systemd configuration for postfix-sasl.conf
1.5 version of Fail2ban logwatch file
minor typo
Fxi jail.conf to use more syslog macros
ENH: symbiosis-blacklist-allports action
Fix typos.
changelog and thanks for the preceding fix
Added entry for Cloudflare action
ChangeLog Added and entry about Cloudflare action
Changed to Cloudflare JSON API
Fix sieve filter to use correct option
changelog entries for already merged and upcoming merge
Update courier-smtp.conf
...
2014-09-12 14:14:24 -04:00
ba44ff312b
grep IP at the start of lines
...
I'm not sure if this regex works best, so I'm patching this single file as a sample.
Don't forget to update `mail-whois-lines.conf` after this patch got merged.
For the following logs, `grep '[^0-9]199.48.161.87[^0-9]'` will output nothing, while `grep '\([^0-9]\|^\)199.48.161.87[^0-9]'` works:
<pre>199.48.161.87 - - [09/Sep/2014:13:38:54 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:38:56 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:38:58 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:00 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:05 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:05 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:13 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:21 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:32 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:34 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:34 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:34 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:35 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:35 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:35 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com</pre>
2014-09-09 14:55:34 +08:00
249e169d8e
Update test cases and also suport smtps per request.
2014-09-08 11:53:51 -07:00
1864f75b3b
Credits and notes from #806
2014-09-08 19:02:37 +10:00
d2c086b187
fixed encoding
2014-09-08 10:26:08 +02:00
218ffe862e
fixed encoding
2014-09-08 10:23:07 +02:00
544cfaff2c
Add support for postfix/submission/smtpd matching.
2014-09-06 10:23:38 -07:00
0d9cfb84e3
Merge pull request #778 from yarikoptic/enh/symbiosis
...
ENH: symbiosis-blacklist-allports action
2014-08-20 23:00:11 -04:00
426ed7ff2f
Merge pull request #780 from opoplawski/logpath
...
Fxi jail.conf to use more syslog macros
2014-08-20 22:59:23 -04:00
b1c04f5fa2
ENH: print rebans stats even if no "Failures" are logged, and reduce indentation in output
2014-08-13 23:37:17 -04:00
decea64cf9
ENH: untabified and reindented entire script for sane formatting (no functional changes)
2014-08-13 23:28:03 -04:00
8b62353ab0
BF: logwatch -- fixing up regex for 'already banned'
2014-08-13 23:24:38 -04:00
3bd36ba40a
Sample logfiles to test logwatch services script
2014-08-13 23:15:31 -04:00
93243e7d57
ENH: Ignore errors while unbaning in symbiosis firewall
...
Fail2Ban at times "interfers" with the firewall reflashing thus leading
to the sporadic errors. IMHO should be safe to ignore
2014-08-12 11:57:07 -04:00
f756278fe5
ENH: just a bit more descriptive exception ;-)
2014-08-12 11:53:54 -04:00
12c3bf1058
Merge pull request #784 from yarikoptic/enh/testnologfile
...
ENH/BF(TST): making permissions restrictive is not sufficient
2014-08-12 11:49:51 -04:00
b2a1032f57
ENH/BF(TST): making permissions restrictive is not sufficient -- really remove file to test
2014-08-12 11:31:42 -04:00
3576c509f5
changelog entry for postfix-sasl fix
2014-08-12 11:08:39 -04:00
b4194fb1d1
Merge pull request #783 from maisonobe/master
...
added systemd configuration for postfix-sasl.conf
2014-08-12 11:05:55 -04:00
763115b1eb
added systemd configuration for postfix-sasl.conf
2014-08-11 21:54:27 +02:00
aee560b1c6
Merge branch 'master' of git://github.com/fail2ban/fail2ban
...
* 'master' of git://github.com/fail2ban/fail2ban:
1.5 version of Fail2ban logwatch file
Fix typos.
2014-08-11 13:10:02 -04:00
6fc04c2256
Merge branch 'bf+enh/cyrus-imap' of https://github.com/yarikoptic/fail2ban (with some tune up to Changelog entry)
...
* 'bf+enh/cyrus-imap' of https://github.com/yarikoptic/fail2ban :
ENH: cyrus-imap -- catch also 'user not found' attempts
BF: cyrus-imaps -- catch also for secured daemons
Conflicts:
ChangeLog
2014-08-11 13:09:43 -04:00
f403bad0ab
Merge pull request #775 from alimony/patch-1
...
Fix typos.
2014-08-11 13:08:30 -04:00
b0f26fa391
Adjusting fail2ban logwatch script to match lines from 0.9 as well
...
File itself includes additional log information about changes
2014-08-11 12:45:50 -04:00
7e902a1320
1.5 version of Fail2ban logwatch file
...
as copied from Debian package 7.4.0+svn20131108rev175-1
2014-08-11 12:44:46 -04:00
b79a82ebdd
minor typo
2014-08-08 15:57:41 -04:00
6b554fbe98
Fxi jail.conf to use more syslog macros
2014-08-08 13:27:32 -06:00
818dd59d65
ENH: symbiosis-blacklist-allports action
2014-08-08 11:57:30 -04:00
7b76322898
Fix typos.
2014-08-02 12:21:59 +02:00
d8c7cc2832
Merge pull request #764 from craneworks/master
...
Adding vagrant support
2014-08-01 10:41:09 -04:00
4a23a7dcf1
Merge pull request #766 from leftyfb/master
...
Added cloudflare action
2014-07-28 15:34:09 -04:00
2756bbe12a
changelog and thanks for the preceding fix
...
Conflicts:
ChangeLog
THANKS
2014-07-28 12:48:50 -04:00
31ee26e72f
Merge pull request #774 from guersam/tmp/fix-sieve-filter
...
Fix sieve filter to use correct option
2014-07-28 12:44:01 -04:00
1101021896
Added entry for Cloudflare action
2014-07-28 11:26:08 -04:00
2179c8293c
ChangeLog Added and entry about Cloudflare action
2014-07-28 11:24:38 -04:00
6dbd449f77
Changed to Cloudflare JSON API
2014-07-28 11:10:50 -04:00
2e7b8adb3b
Fix sieve filter to use correct option
2014-07-28 23:42:02 +09:00
2b59a211ee
Merge branch 'master' of github.com:fail2ban/fail2ban
...
* 'master' of github.com:fail2ban/fail2ban:
Forwards bantime to action scripts
2014-07-28 10:18:40 -04:00
a35b62500f
changelog entries for already merged and upcoming merge
2014-07-28 10:18:33 -04:00
f19c5fc939
Merge pull request #770 from eltrai/master
...
Forwards bantime to action scripts
2014-07-28 10:17:08 -04:00
effa1bc757
Merge branch 'master' of github.com:fail2ban/fail2ban
...
* 'master' of github.com:fail2ban/fail2ban:
Update courier-smtp.conf
I don't understand those years.
added Jul 3 & Jul 4
Update courier-smtp.conf
named users + smtp atuh probes
BF: Remove manually unbanned IPs from persistent database
typo
2014-07-28 10:14:40 -04:00
f9cfbd66e6
Merge pull request #771 from szepeviktor/patch-1
...
named users + smtp auth probes
2014-07-28 10:14:18 -04:00
143a55bf26
Update courier-smtp.conf
2014-07-28 12:51:38 +02:00
81c98f77ca
Merge pull request #769 from kwirk/unban-database
...
BF: Remove manually unbanned IPs from persistent database
2014-07-27 21:54:44 -04:00
2d7f2fa33f
Merge pull request #756 from marclaporte/patch-1
...
typo
2014-07-27 21:49:24 -04:00
edfdeecfe6
DOC: Changelog for recent merge
2014-07-27 21:48:55 -04:00
45c1095606
Merge pull request #750 from niorg/master
...
Added Directadmin filter, jail and log test
2014-07-27 21:47:07 -04:00
Yaroslav Halchenko