github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5,948 Commits
33 Branches
229 Tags
18 MiB
Commit Graph

5948 Commits (17daf0ec7887a3c436093b56c8720645ef4ccf62)

Author SHA1 Message Date
sebres 17daf0ec78 `action.d/firewallcmd-ipset.conf`: rename `ipsettype` to `ipsetbackend` (`ipsettype` will be used now to the real set type); 
amend to #2620
 2024-06-09 23:32:03 +02:00
sebres 304c3cd566 improve fix with fallback to local async libraries - add path to compat folder (pyinotify module may have dependency to asyncore module, see https://github.com/fail2ban/fail2ban/issues/3487#issuecomment-2133529081); 
amend to 054e1d89ca
 2024-05-27 16:18:26 +02:00
sebres 7d2fffbe19 .codespellrc: silence codespell flow on assertIn 2024-05-27 15:38:32 +02:00
sebres 8bbdb7b5a7 GHA: output current preferred encoding of fail2ban 2024-05-27 15:32:17 +02:00
Sergey G. Brester 246a617cd6
Merge pull request #3749 from by/patch-1 
abuseipdb.conf: update link
 2024-05-21 13:24:32 +02:00
by 21bf636056
Update abuseipdb.conf 
Corrected link for HP helper (see https://shaunc.com/blog/article/reporting-to-abuseipdb.com-with-fail2ban~kDoa-Hml95wW)
 2024-05-20 15:34:24 +02:00
Sergey G. Brester 65e9c411ef
README.md: typos 
closes gh-3746
 2024-05-14 11:46:49 +02:00
sebres ecb9771123 GHA: 3.13.0-alpha.6 2024-05-07 13:26:11 +02:00
Sergey G. Brester 4da56cf4bc
Update README.md 
distutils support removed
 2024-05-07 13:18:08 +02:00
Sergey G. Brester ac62658c10
Merge pull request #3728 from branchvincent/distutils 
distutils removal
 2024-05-07 13:14:57 +02:00
sebres 0185e1c7d5 setup.py: no distutils anymore 2024-05-07 13:06:50 +02:00
sebres ed20a9a5b9 there is no systemd < 204 and pyinotify < 0.8.3 for supported python3 versions anymore 2024-05-07 12:53:54 +02:00
sebres c04e12dd8d Merge remote-tracking branch 'remotes/gh-upstream/0.11' 2024-04-29 11:03:33 +02:00
Sergey G. Brester 1434e3089c
Merge pull request #2455 from Thermi/improved-action-blocklist-de 
Improved blocklist_de action to not resend bans that were already reported
 2024-04-28 21:12:49 +02:00
Branch Vincent a763fbbdfd
replace distutils for python 3.12 2024-04-27 10:24:01 -07:00
sebres d0d0728523 cherry-pick from debian: debian default banactions are nftables, systemd backend for sshd 
closes gh-3292
 2024-04-26 02:26:55 +02:00
sebres c14327565d version bump 2024-04-26 02:06:09 +02:00
sebres 61799e15e1 release 1.1.0 -- object-found--norad-59479-cospar-2024-069a--altitude-36267km 2024-04-25 23:08:13 +02:00
sebres 22ffe12abb preparing release 2024-04-25 22:43:51 +02:00
sebres 7b528a6da6 example.com seemed to switch its IPs, replace them everywhere (and use test IP-range instead where it is possible) 2024-04-24 19:30:48 +02:00
sebres 3ca3646472 implemented `fail2ban-client stats` (or alias `fail2ban-client statistic[s]`) for tabulated output of fail2ban stats 
amend to #2975
 2024-04-24 18:49:59 +02:00
sebres bdba42edd9 implemented `fail2ban-client status --all [flavor]` 
closes #2975
 2024-04-24 16:29:49 +02:00
sebres 921d9a5a40 Merge branch 'gh-2655--f2b-regex-4-jail': implemented loading of jail settings in fail2ban-regex; 
amend to RFE gh-2655
 2024-04-02 18:04:52 +02:00
sebres 3b97182f62 amend to 781321d6092d415e079439389e6e6588b8feaaa7: better regex to detect jail name (it could contain dot etc) 2024-04-02 18:02:07 +02:00
Sergey G. Brester b59fd2e7b5
Merge pull request #3697 from remontti/patch-1 
named-refused.conf: denied allows any reason in parenthesis as suffix
 2024-03-25 16:41:11 +01:00
sebres 44f32d6132 changelog 2024-03-25 16:36:21 +01:00
sebres 2c13cba73d loosening for denied suffix (would match no matter which reason in parenthesis); 
add coverage for denied with "(allow-query-cache did not match)"
 2024-03-25 16:35:20 +01:00
Rudimar Remontti fd7657f9a9 Update named-refused.conf 2024-03-25 16:35:16 +01:00
sebres 4550e3ad27 ChangeLog: reorder (filters after actions) 2024-03-25 16:34:12 +01:00
sebres a4ca2e83bd Merge branch 'gh-3060': adjusted `filter.d/exim.conf` and `filter.d/exim-spam.conf`: 
- messages are prefiltered by `prefregex` now
- filter can bypass additional timestamp or pid that may be logged via systemd-journal or syslog-ng (gh-3060)
closes #3060
 2024-03-25 15:56:10 +01:00
sebres 1ec9237e53 bypass additional pid in prefix (may be logged by syslog-ng, gh-3060); matches protocol error with authentication mechanism not supported 2024-03-25 15:52:06 +01:00
sebres c80908837f `filter.d/exim.conf`: 
- messages are prefiltered by `prefregex` now
  - filter can bypass additional timestamp that may be logged via systemd-journal (gh-3060)
 2024-03-25 15:31:23 +01:00
Sergey G. Brester e0f1a1e02a
Merge pull request #3702 from bes-internal/exim 
exim: final `<HOST>` to `<ADDR>` conversion
 2024-03-22 22:52:11 +01:00
Vladimir Varlamov 8da0a99cde pid part may contain full hostname 2024-03-22 22:38:33 +03:00
Vladimir Varlamov 806a27cb4f final `<HOST>` to `<ADDR>` conversion 2024-03-22 22:38:33 +03:00
Sergey G. Brester 5ecc26d3ba
Merge pull request #3701 from bes-internal/exim 
filter.d/exim.conf: rewrite host line regex for all varied exim's log_selector states
 2024-03-22 16:52:33 +01:00
sebres e605415f61 simplify fields-group a bit (everything up to 4 chars long but H), so it'll be faster (no multiple branches) as well as would theoretically accept future enhancements of logged fields. 2024-03-22 16:47:54 +01:00
sebres c22a83933b let's use `<ADDR>` instead `<HOST>` - only IPs expected, since host-name bypassed before it (directly after H=) 2024-03-22 16:35:46 +01:00
Vladimir Varlamov df94ec4c52 filter.d/exim.conf: rewrite host line regex for all varied exim's log_selector states 
Depending on Exim's log_selector settings, log lines may contain additional information about the connection. And also the line itself with the address of the remote host can vary greatly. But fortunately, all states can be found in the Exim code itself and taken into account. Makes it easier to add new regexps.
Closes #3263
 2024-03-22 00:16:41 +03:00
Anton Samets 0c125ec9c9
filter.d/postfix.conf: add Sender address rejected: Malformed DNS server reply (#3590) 
* add Sender address rejected: Malformed DNS server reply
 2024-03-19 20:30:45 +01:00
sebres 77b052fdea amend to df9584505aea0e8570fb53dd5a8e43f8b3af994a (for gh-3487): setup must install fail2ban.compat 2024-03-18 14:22:39 +01:00
sebres 5a59b0bae2 filter.d/apache-common.conf: accepts remote instead of client 
(closes gh-3622)
 2024-03-15 22:40:26 +01:00
Sergey G. Brester f63868b3e8
filter.d/apache-common.conf: remote besides client, gh-3622 2024-03-15 22:36:40 +01:00
Sergey G. Brester 9ca137b42b
test for apache-auth with remote, gh-3622 2024-03-15 22:23:45 +01:00
Sergey G. Brester 529eb79ddb
Merge pull request #3692 from pingou2712/postfixSystemd 
Change journalmatch postfix
 2024-03-13 02:34:03 +01:00
Vincent Laffargue d260ed31d2 Maintain backward compatibility Postfix SYSTEMD_UNIT 2024-03-12 04:42:36 +01:00
Sergey G. Brester 8be16f1c1c
Merge pull request #3693 from pingou2712/ModifRecidive 
Change Regex Recidive and journalmatch For Systemd Match
 2024-03-11 19:12:16 +01:00
Sergey G. Brester f12917c491
recidive: test case for journal log-format 2024-03-11 17:50:09 +01:00
Sergey G. Brester dd3c78ecab
filter.d/recidive.conf: conditional RE depending on logtype (for file or journal) 2024-03-11 17:49:06 +01:00
Vincent Laffargue 0b63fc312d Change Regex Recidive and journalmatch For Systemd Match 2024-03-10 10:56:35 +01:00