5415 Commits (1ab996421377497a9e1396dc855547ac0c252589)

All Branches

Search

Author	SHA1	Message	Date
Łukasz Wąsikowski	a4f94d2619	Update pf.conf ... Fix comment, because current one won't work: cat /etc/pf.conf anchor f2b { sshd } # service pf reload Reloading pf rules. /etc/pf.conf:2: syntax error New version: cat /etc/pf.conf anchor f2b { anchor sshd } # service pf reload Reloading pf rules.	2017-10-17 12:39:25 +02:00
Serg G. Brester	c42dd6941c	Merge pull request #1921 from harry-wood/patch-1 ... typo	2017-10-16 10:50:11 +02:00
Harry Wood	ea1b663f85	typo ... spell "positive" (...but also somebody should finish this sentence)	2017-10-16 01:15:58 +01:00
sebres	028f32b74b	bump version (0.10.1 -> 0.10.2.dev1)	2017-10-12 14:00:41 +02:00
sebres	351abeb4ff	prepare release: bump version, update ChangeLog, man's and MANIFEST etc.	2017-10-12 13:46:46 +02:00
sebres	ceff489a46	amend to a4459765ef438db83a2898ba832ff7acba033e29: irrelevant condition removed	2017-10-04 14:24:21 +02:00
sebres	a4459765ef	pyinotify/polling: test filter reaction by delete of watching file, better detection of pending file (avoid errors in fail2ban.log during log-rotation). ... Closes gh-1865 for filterpyinotify ("cannot remove WD=2").	2017-10-04 14:17:00 +02:00
sebres	e71f16f6ba	Merge branch 'master' into 0.10 ... # Conflicts resolved: # config/filter.d/dovecot.conf	2017-10-04 09:57:18 +02:00
sebres	ea36e1b3fc	filter.d/dovecot.conf: fixed failregex to recognize pam_authenticate failures with "Permission denied" (gh-1897)	2017-10-04 09:55:37 +02:00
Serg G. Brester	32deb828a1	Merge pull request #1904 from sebres/no-dup-ignoreip-fix-1900 ... Avoid exact duplicates by addIgnoreIP (closes gh-1900)	2017-10-04 08:41:40 +02:00
sebres	d1fad22ac1	Avoid exact duplicates by addIgnoreIP (closes gh-1900)	2017-10-02 15:59:14 +02:00
sebres	8c804a2290	Merge branch 'master' into 0.10 ... # Conflicts resolved: # config/filter.d/postfix-rbl.conf # config/filter.d/postfix-sasl.conf # config/filter.d/postfix.conf # fail2ban/tests/files/logs/postfix-sasl	2017-10-02 15:41:30 +02:00
sebres	a2120a9de5	filter.d/postfix-*.conf - added optional port regex (closes gh-1902)	2017-10-02 15:31:55 +02:00
Serg G. Brester	6140a0f2d4	Merge pull request #1894 from sbraz/nftables-ipv6 ... Fix nftables actions for IPv6 addresses, fixes #1893	2017-09-13 09:14:39 +02:00
Serg G. Brester	6149df5216	Update ChangeLog	2017-09-12 09:27:16 +02:00
Louis Sautier	152c9d27d5	Fix nftables actions for IPv6 addresses, fixes #1893 ... * add [Init?family=inet6] to nftables-common.conf and make nftable expressions more modular * change "ip protocol" to "meta l4proto" in nftables-allports.conf since the former only works for IPv4	2017-09-11 23:32:53 +02:00
Serg G. Brester	fbd46f29f2	Merge pull request #1891 from sbraz/openrc ... Fix Gentoo init script's shebang	2017-09-11 12:24:10 +02:00
Serg G. Brester	72ad904f58	Update ChangeLog	2017-09-11 12:22:43 +02:00
Louis Sautier	2ce0ffb977	Fix Gentoo init script's shebang ... Use openrc-run instead of runscript. 5d5856c193	2017-09-11 12:19:33 +02:00
Serg G. Brester	8be4569d51	Update ChangeLog ... several fixes of 0.10th branch	2017-09-08 11:32:08 +02:00
sebres	b185e7cb04	Merge remote-tracking branch 'upstream/master' into 0.10	2017-09-08 11:11:05 +02:00
Serg G. Brester	983b128c54	Update ChangeLog ... several fixes of 0.9th branch	2017-09-08 11:07:48 +02:00
Serg G. Brester	5221693ce0	Merge pull request #1889 from sebres/0.10-small-optim-review ... 0.10 small optimization & review, config-reader, pretty-dump, etc.	2017-09-08 10:57:27 +02:00
sebres	462b534469	restrict saving of previous known values to section-related (don't overwrite with the values of other sections, especially like "INCLUDES", etc.)	2017-09-07 20:00:45 +02:00
sebres	e20f6204d3	don't put parameters starting with `known/` to the ready stream (intermediate options only), makes streams and dumps of configuration shorter and better readable	2017-09-07 19:32:14 +02:00
sebres	b698a74902	introduces new command-line options `--dp`, `--dump-pretty` to dump the configuration using more human readable representation; ... allow dump of configuration, also if log-file is not available (warning only)	2017-09-07 19:31:38 +02:00
Serg G. Brester	fd83260bd8	jail "pass2allow-ftp" should supply blocktype to action ... closes gh-1884	2017-09-07 18:51:08 +02:00
Serg G. Brester	bb97e66627	Merge pull request #1882 from coderua/patch-1 ... Add Jorgee Vulnerability Scanner protect	2017-09-07 15:52:31 +02:00
Serg G. Brester	99a9a9136e	Merge pull request #1887 from fail2ban/exim-gh-1886 ... filter.d/exim.conf: fixed failregex for case of flood attempts with `D=0s`	2017-09-07 15:47:20 +02:00
Serg G. Brester	db121a6f85	Update exim ... Test case covers flood attempts with `D=0s`	2017-09-07 15:32:35 +02:00
Serg G. Brester	2cd02b731b	filter.d/exim.conf: fixed failregex for case of `D=0s` ... Closes gh-1886	2017-09-07 15:28:46 +02:00
sebres	4bc226a692	optimized regex	2017-09-05 10:59:16 +02:00
Vladimir Chumak	fafefc0293	Add Jorgee Vulnerability Scanner protect ... Details for Jorgee Vulnerability Scanner: https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=30164	2017-09-05 10:56:43 +02:00
sebres	acd9e8155b	Merge pull request #1376 from j-marz/master: ... Added ZoneMinder filter	2017-09-04 11:52:10 +02:00
sebres	4163f32968	small review, prefix replaced with `%(_apache_error_client)s` from apache-common.conf include	2017-09-04 11:48:01 +02:00
john	ac95449bbb	changed zoneminder regex as per Sebres and yarikoptic recommendations	2017-09-04 11:37:09 +02:00
john	7013729a1f	removed redundant options for zoneminder from jail.conf	2017-09-04 11:37:05 +02:00
john	5c3a666380	fixed incomplete regex after adding anchors	2017-09-04 11:37:03 +02:00
john	3d45fd2713	implemented yarikoptic's suggestions in fail2ban pull request #1376	2017-09-04 11:37:00 +02:00
john	776d463e92	added missing colon to failJSON	2017-09-04 11:36:58 +02:00
john	4d8ba7b668	fixed test log file	2017-09-04 11:36:55 +02:00
john	44c4496e49	added sample log files	2017-09-04 11:36:53 +02:00
john	08878d22dd	added zoneminder.conf filter	2017-09-04 11:36:50 +02:00
john	a90f6c4ae8	added zoneminder jail and filter ... # Conflicts: # config/jail.conf	2017-09-04 11:36:47 +02:00
sebres	c312962029	filter.d/dovecot.conf: partially cherry-pick to 0.9 PR #1880 from sebres/0.10-fix-dovecot-regex (d926e11a5c) ... fixed failregex (without new mode aggressive)	2017-09-01 10:57:41 +02:00
Serg G. Brester	d926e11a5c	Merge pull request #1880 from sebres/0.10-fix-dovecot-regex ... filter.d/dovecot.conf: fixed failregex + new mode aggressive	2017-09-01 10:36:22 +02:00
sebres	2cfc53c08e	remove capturing groups	2017-09-01 10:25:09 +02:00
sebres	9b8563f35e	- fixes regex for message `imap-login: Disconnected (auth failed, X attempts) ...` has to many variations on additional info after `<HOST>`, ... leave it end-anchored because variable part `user=<[^>]*>` (before `<HOST>`) to avoid injecting, but can be safe rewritten using `[^>]*` in opposite to "greedy" `user=<[^>]*>`. - introduces mode `aggressive` and extends regex for this mode to match: * no auth attempts (previously removed in gh-601, because of lots of false positives on misconfigured MTAs) * disconnected before auth was ready * client didn't finish SASL auth	2017-09-01 09:56:21 +02:00
Serg G. Brester	a287d0a05c	Merge pull request #1872 from kmzby/master ... Added filter for phpMyAdmin+syslog	2017-08-25 12:22:58 +02:00
Serg G. Brester	569283063b	Merge pull request #1874 from sebres/fix-f2b-setup ... setup.py: fix several setup facilities	2017-08-25 12:22:31 +02:00