github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
3,110 Commits
33 Branches
229 Tags
20 MiB
Commit Graph

3110 Commits (17502bd818a2396702dcf32713f97234da4bdb6d)

Author SHA1 Message Date
Ivan Poddubny 988d9a08da Asterisk security log: accept events containing Response/ExpectedResponse 
Event containing Challenge may come without ReceivedChallenge, but with
Response and ExpectedResponse.
Also Challenge now accepts '/' character, since it is used at least by PJSIP.
 2015-05-25 08:12:51 +03:00
Ivan Poddubny 189265a323 Asterisk security log: accept SessionID of PJSIP events 
Unlike chan_sip and manager, PJSIP populates SessionID using
Call-Id header of a related SIP message.
As Call-Id of a SIP message can contain almost anything,
the regular expression for SessionID has been loosened.
 2015-05-25 08:11:34 +03:00
Ivan Poddubny ab2ac1a367 Asterisk security log: accept <unknown> in AccountID 2015-05-24 12:47:55 +03:00
Ivan Poddubny 977f9955e7 Asterisk security log: accept EventTV in ISO8601 
Asterisk uses ISO8601 dates in security log since version 12.

Closes #988
 2015-05-24 12:46:54 +03:00
Steven Hiscocks 0c869910ea BF: Fix fail2ban-regex not parsing journalmatch correctly 2015-05-09 10:26:14 +01:00
Anton Shestakov a61cd4687e Merge 56e5821c06 into ab74a35b8a 2015-04-30 08:56:37 +00:00
Anton Shestakov 56e5821c06 Match unknown user in dovecot's passwd-file auth database 2015-04-30 16:53:10 +08:00
Yaroslav Halchenko ab74a35b8a Merge pull request #1038 from yarikoptic/bf-pypy 
BF: download/use 2.5.1 release of PyPy to avoid problems with dailies
 2015-04-29 10:23:30 -04:00
Yaroslav Halchenko 21b7dfcae9 BF: download/use 2.5.1 release of PyPy to avoid problems with dailies 2015-04-29 10:05:05 -04:00
Yaroslav Halchenko fb336276d4 post-release tune ups 
Conflicts:
	ChangeLog
	README.md
 2015-04-29 09:02:48 -04:00
Yaroslav Halchenko acc4c2d104 Hope for release tomorrow 2015-04-28 23:52:48 -04:00
Yaroslav Halchenko 840fea9f71 Merge commit '0f75ed5e2ab1159e45a7771a7a4e90c877ec848e' 
* commit '0f75ed5e2ab1159e45a7771a7a4e90c877ec848e':
  Just use a system wide python in the tests digest.py
  DOC: Slight tune up to RELEASE doc -- no need for PYTHONPATH to run tests
  MANIFEST: updated for some new files, sorted all entries, removed some duplicates
  Initial changes for the release -- simplified ChangeLog header etc
 2015-04-28 23:51:32 -04:00
Yaroslav Halchenko c0e1333fe6 BF: if no /dev/log on Linux -- don't expect setting syslog to work 2015-04-28 23:51:00 -04:00
Yaroslav Halchenko ced4852383 Merge pull request #1037 from ambrice/ufw 
Fix actions in ufw.conf
 2015-04-28 20:11:58 -04:00
Aaron Brice 7ae0ef2408 Fix actions in ufw.conf 
On Ubuntu 15.04 the ufw action was not working.
- With empty <application>, receiving errors:

2015-04-24 16:28:35,204 fail2ban.filter         [8527]: INFO    [sshd] Found 43.255.190.157
2015-04-24 16:28:35,695 fail2ban.actions        [8527]: NOTICE  [sshd] Ban 43.255.190.157
2015-04-24 16:28:35,802 fail2ban.action         [8527]: ERROR   [ -n "" ] && app="app " -- stdout: b''
2015-04-24 16:28:35,803 fail2ban.action         [8527]: ERROR   [ -n "" ] && app="app " -- stderr: b''
2015-04-24 16:28:35,803 fail2ban.action         [8527]: ERROR   [ -n "" ] && app="app " -- returned 1

- With action = ufw[application=OpenSSH], it was silently not doing
  anything (no errors after "Ban x.x.x.x", but no IP addresses in ufw
  status).

Re-arranged the bash commands on two lines, and it works with or without
<application>.
 2015-04-28 11:39:00 -07:00
Yaroslav Halchenko 4aafb2d4ac Merge pull request #1035 from leeclemens/add-drupal-filter 
Add drupal-auth filter and jail
 2015-04-27 14:39:21 -04:00
Lee Clemens 8f792f52fb Add drupal-auth filter and jail 2015-04-27 13:10:27 -04:00
Yaroslav Halchenko 0f75ed5e2a Just use a system wide python in the tests digest.py 
to stay inline with the other scripts
 2015-04-26 21:57:13 -04:00
Yaroslav Halchenko 1784205ff8 DOC: Slight tune up to RELEASE doc -- no need for PYTHONPATH to run tests 2015-04-26 21:49:58 -04:00
Yaroslav Halchenko 1fb867b839 MANIFEST: updated for some new files, sorted all entries, removed some duplicates 2015-04-26 21:47:28 -04:00
Yaroslav Halchenko ca849b93dc Initial changes for the release -- simplified ChangeLog header etc 2015-04-26 21:39:54 -04:00
Yaroslav Halchenko 23d9e22477 Merge pull request #1001 from leeclemens/bf/1000-asteriskBlocksSelf 
Match hacking attempt IP instead of asterisk server IP (closes #1000)
 2015-04-26 21:02:04 -04:00
Lee Clemens b530d88eca Merge remote-tracking branch 'upstream/master' into bf/1000-asteriskBlocksSelf 
Conflicts:
	ChangeLog
 2015-04-26 15:13:59 -04:00
Yaroslav Halchenko 878cbd008e Merge pull request #1024 from themanwhosold/master 
updated filter.d/sshd.conf
 2015-04-17 08:06:25 -04:00
Markus Oesterle f8c7247f42 added \s after host 2015-04-17 10:22:01 +02:00
Markus Oesterle 5f2807b41f replaced .* before rhost with regex matching all the previous fields 2015-04-17 10:04:35 +02:00
Markus Oesterle 6ba389c70c Fixed typo in filter description authentification instead of authentication 2015-04-16 23:43:57 +02:00
Markus Oesterle 7a1f1c6b0c Fixed the UTC -> CEST difference... 2015-04-16 21:54:57 +02:00
Markus Oesterle b9a09af914 Added changes to ChangeLog & updated sample test cases 2015-04-16 21:33:57 +02:00
Markus Oesterle 8825a5f31b updated filter.d/sshd.conf 
Added line to match sshd auth errors on OpenSuSE systems
 2015-04-16 19:48:28 +02:00
Viktor Szépe e776a4e1ab Update proftpd.conf 2015-04-08 15:57:39 +02:00
Yaroslav Halchenko 13d56af981 Merge pull request #1018 from opoplawski/no_network 
Do not run smtp tests if no_network set
 2015-04-07 21:33:09 -04:00
Orion Poplawski aa8113c128 Do not run smtp tests if no_network set 2015-04-07 15:52:29 -06:00
Viktor Szépe f9e8a99a79 Non-US locale warning for proftpd 2015-04-06 17:04:41 +02:00
Csaba Tóth 0720c831b7 Fix of LC_TIME usage, it should be LC_ALL 2015-03-26 03:02:02 +01:00
Yaroslav Halchenko c926af1fce Merge pull request #1002 from sebres/_bf/fix-invalid-ip 
fix test for invalid IP (use TEST-NET-1 according to RFC 5737)
 2015-03-25 14:02:00 -04:00
Yaroslav Halchenko b2c1673d28 BF: if install pypy -- come back to original directory 2015-03-25 12:56:25 -04:00
Yaroslav Halchenko eb05cd7bd5 BF(OSX): apparently exceptions could not be compared for identity, use repr 2015-03-25 11:27:22 -04:00
sebres 6da0c4ad48 very long time resolving IP for address "abcdef" on some PDC, under NAT etc. - replaced via "abcdef.abcdef" to prevent searching in local domains; 2015-03-25 01:50:51 +01:00
sebres c5ba76aab8 fix test for invalid IP (use TEST-NET-1 according to RFC 5737): 
since fef031b3cd failed, because on some platforms like vm:debian 10.0.0.0 returns 'localhost' (intern network).
 2015-03-25 01:24:33 +01:00
Lee Clemens 72f4bcfbff Match hacking attempt IP instead of asterisk server IP (closes #1000) 2015-03-24 19:03:26 -04:00
Yaroslav Halchenko d28880fdca Merge pull request #997 from yarikoptic/bf/long-purge-for-recidive 
DOC: make a warning for recidive jail to increase dbpurgeage (Closes #964)
 2015-03-23 21:30:04 -04:00
Yaroslav Halchenko 54f111429d BF: fixing up version comparison for pypy. Issue appeared in 2.5.0 
00:11  yoh: upgraded to 2.5.0 from debianexperimental and now reproduced locally
00:12  yoh: why pypy --version  directs output to stderr?  thereis no error
00:12  mattip: ok, can you try with a nightly from http://buildbot.pypy.org/nightly/trunk ?
00:15 * yoh running with 2.6.0-alpha0...
00:16  yoh: clean -- no crash
 2015-03-23 21:28:16 -04:00
Yaroslav Halchenko 9339293413 ENH: minor formatting, no functional changes 2015-03-23 21:26:17 -04:00
Yaroslav Halchenko 4a83741397 BF: do not expect setting logtarget to SYSLOG to work on non-Linuxes 
I have no BSD buildbots available for *BSDs etc, so can't speak for all, but
http://nipy.bic.berkeley.edu/builders/fail2ban-py2.6-osx-10.6_master/builds/151/steps/shell_1/logs/stdio
suggests that logically fails on OSX
 2015-03-21 22:30:58 -04:00
Yaroslav Halchenko 56aacf872c Merge pull request #952 from ache/master 
Update bsd-ipfw.conf
 2015-03-21 21:46:54 -04:00
Yaroslav Halchenko 02836b599c Added a comment about systemd backend for jails with logs outside of journal (Closes #959) 2015-03-21 21:25:50 -04:00
Yaroslav Halchenko 320a28a4a4 DOC: make a warning for recidive jail to increase dbpurgeage (Closes #964) 2015-03-21 20:50:03 -04:00
Yaroslav Halchenko 938e6343ea Merge pull request #996 from yarikoptic/bf/no-dns-module 
BF/TST: expect ['error'] as a value if no dns module available
 2015-03-21 20:27:15 -04:00
Yaroslav Halchenko d5d8bc8134 Merge pull request #986 from yarikoptic/bf/pypy-2.4.0 
BF: use daily build of pypy until next one gets released
 2015-03-21 20:26:45 -04:00