Commit Graph

811 Commits (1bf66364462ff0d4c224cce83315d1b29d41b06a)

Author SHA1 Message Date
Ross Brown 8d12dba245 Merge remote-tracking branch 'upstream/master' 2015-12-17 18:01:17 +00:00
Ross Brown 16aa2fa13e Updated ChangeLog to include new murmur jail. 2015-12-17 17:57:45 +00:00
Ross Brown ba535826a8 Updated ChangeLog to include new murmur filter. 2015-12-15 21:46:35 +00:00
Yaroslav Halchenko 5d6cead996 ENH: sshd filter -- match new "maximum auth attempts exceeded" (Closes #1269) 2015-12-13 23:21:04 -05:00
sebres 6d984717b5 ordered dict replaced with dict + change log entry fix
# Conflicts:
#	fail2ban/server/filter.py
2015-12-12 15:48:49 +01:00
sebres 3a179ec5d7 small code review: (much pretty) handling of filename as key - FileFilter contains (ordered) dict of files (not list), as discussed in gh-1265 2015-12-02 20:45:01 +01:00
Aleksandrs Ļedovskis fa59a6850f Add 'Sender address rejected: Domain not found' Postfix failregex
Signed-off-by: Aleksandrs Ļedovskis <aleksandrs@ledovskis.lv>
2015-11-22 12:01:15 +02:00
Orion Poplawski c656cb0d36 Merge branch 'master' into journaldefault
Conflicts:
	ChangeLog
2015-11-13 15:22:59 -07:00
Yaroslav Halchenko 6af6e40b62 Merge pull request #1241 from sebres/known/param-tag
New interpolation feature for definition config readers - `<known/parameter>`
2015-11-10 08:35:57 -05:00
sebres 46b116e86a filter test cases improved + log captured inside such tests + python 3.x compatibility;
changelog entry;
2015-11-09 22:02:05 +01:00
sebres 94cffece12 New interpolation feature for definition config readers - `<known/parameter>`, as extension to interpolation `%(known/parameter)s`, that does not works for filter and action init parameters; 2015-11-02 21:45:03 +01:00
Serg G. Brester eef7771b4e Merge pull request #1238 from sebres/fix/gh-1216
Fixed directly defined banaction for allports jails like pam-generic, recidive, etc
2015-10-31 13:17:04 +01:00
sebres e825e977cc Nginx log paths extended (prefixed with "*" wildcard)
closes gh-1237
2015-10-30 17:51:30 +01:00
sebres f359ed8c36 Fixed directly defined banaction for allports jails like pam-generic, recidive, etc with new default variable `banaction_allports` (+ man entries for both variables added);
closes gh-1216
2015-10-30 15:36:18 +01:00
sebres 6884593ab8 New filter `nginx-limit-req` ban hosts, that were failed through nginx by limit request processing rate (ngx_http_limit_req_module) 2015-10-29 23:15:20 +01:00
Orion Poplawski 0661aece46 Merge branch 'master' into journaldefault
Conflicts:
	ChangeLog
2015-10-29 15:22:37 -06:00
Simon Brown 3dd1c305ce added entry for new screensharingd filter 2015-10-27 21:20:12 -07:00
sebres eb87638ead ChangeLog entry for OpenHAB home automation filter (gh-1223) 2015-10-26 15:56:01 +01:00
Pablo Rodriguez Fernandez 2c576c64f8 Change domain filter regex
Change domain filter regex since there are other Google crawlers.
See "Google crawlers"
<https://support.google.com/webmasters/answer/1061943?hl=en>
2015-10-20 10:46:00 +02:00
Orion Poplawski 81a26266a9 Add changlog entry for postfix-rbl logpath change 2015-10-19 19:46:43 -06:00
Orion Poplawski 75d33c0f09 Add *_backend options for services to allow distros to set the default backend
per service.
Set default to systemd for Fedora as appropriate.
2015-10-18 20:18:50 -06:00
Pablo Rodriguez Fernandez a28e6b442e Add check in apache-fakegooglebot to protect against PTR fake record
An attacker may return a PTR record which fakes a Googlebot's domain
name. This modification resolves the PTR records to verify it.

See "Verifying Googlebot":
<https://support.google.com/webmasters/answer/80553?vid=1-635800030504666679-1963774919>
2015-10-13 17:11:49 +02:00
sebres 2696ede251 mysqld-auth: Updated "Access denied ..." regex for MySQL 5.6 and later
closes gh-1211
2015-10-07 14:34:13 +02:00
Kevin Locke 2a5c93cfb5 Update ChangeLog and THANKS for "Auth fail" changes
Document the changes from 36919d9f in the ChangeLog and add myself to
the THANKS file (at @sebres suggestion).

Signed-off-by: Kevin Locke <kevin@kevinlocke.name>
2015-10-05 00:31:13 -07:00
Yaroslav Halchenko ff06176e9e Merge remote-tracking branch 'origin/master' into enh-split-comma
* origin/master:
  DOC: changelog for the timeout change
  Set Timeout at urlopen to 3 seconds
  README :: init/service example mentions debian based systems as the example
  README :: fitted paragraph style
  BF: disable testing on python 3.2 until coverage gets a fix
  README :: Some style/grammar tweaks, and init/service script mention. Re: #1193
  Set Timeout at urlopen to 3 seconds
2015-09-27 00:52:14 -04:00
Yaroslav Halchenko 6c0f898ec7 DOC: changelog for the timeout change 2015-09-27 00:49:57 -04:00
Yaroslav Halchenko 8cf614e221 ENH: allow to split ignoreip by space and/or comma (Closes #1197)
Way too many people ran into this gotcha, so lets just do it
2015-09-23 12:13:52 -04:00
Yaroslav Halchenko 55e542b273 Merge remote-tracking branch 'pr/1170/head' -- opensuse paths
* pr/1170/head:
  Updated ChangeLog regarding openSUSE's path config
  Added configuration for opensuse path
2015-09-17 21:59:45 -04:00
Yaroslav Halchenko db1a3f17e1 ENH: new date pattern with year after day (not after entire entry) 2015-09-16 08:56:46 -04:00
Yaroslav Halchenko fbdd0b74a1 DOC: Changelog entry for this fix 2015-09-13 10:45:39 -04:00
Ville Skyttä 67a94733a9 logrotate: Do not rotate empty logs
As a useful side effect, prevents "Unable to contact server. Is it
running?" mails from cron when fail2ban hasn't been (intentionally)
running nor thus logging anything either.
2015-09-13 11:05:33 +03:00
Edward Beckett f5b88bd377 Updated Changelog 2015-09-11 10:12:57 -04:00
sebres 4cf3b576b9 Bugfix for dnsToIp resolver for fqdn with large list of IPs;
closes #1164
2015-09-08 18:20:48 +02:00
Edward Beckett 4bd7991573 Added apache-badbots.conf 2015-09-06 01:12:19 -04:00
weberho 2d69fd20ae Updated ChangeLog regarding openSUSE's path config 2015-08-26 15:37:14 +02:00
Yaroslav Halchenko 60fbf7d750 changelog for freshly merged PR (roundcube-auth definition of logpath) 2015-08-26 09:03:23 -04:00
Yaroslav Halchenko 9ebf01293b Post release tune ups 2015-08-01 09:17:31 -04:00
Yaroslav Halchenko 70ba5cb005 Release changes (too much of manual "labor"! ;)) 2015-07-31 21:32:13 -04:00
Yaroslav Halchenko 776322cea3 BF: realpath for /var/run/fail2ban Closes #1142 2015-07-31 10:12:14 -04:00
Yaroslav Halchenko c37009aec7 Merge branch 'grep-m1k' of github.com:szepeviktor/fail2ban
* 'grep-m1k' of github.com:szepeviktor/fail2ban:
  Limit the number of log lines in *-lines.conf actions

Conflicts:
  ChangeLog -- took both versions and adjusted the new one
  for -n 1000 change
2015-07-27 22:37:46 -04:00
Yaroslav Halchenko a80820e356 Changelog entry for killpg fix 2015-07-27 22:34:40 -04:00
Yaroslav Halchenko 38c320798d Merge pull request #1127 from yarikoptic/enh-iptables-w-close-1122
WIP ENH Add <lockingopt> (Close: #1122) and <iptables> to define the iptables call
2015-07-27 22:30:54 -04:00
Yaroslav Halchenko de69855157 Changelog entries for Serge's fixes 2015-07-27 10:35:14 -04:00
Yaroslav Halchenko 0041bc3770 DOC: Changelog for shorewall-ipset-proto6.conf + adjusted its description 2015-07-26 23:10:08 -04:00
Yaroslav Halchenko 65cd218e10 Merge remote-tracking branch 'origin/master'
* origin/master:
  ipjailmatches is on one line with its description in man jail.conf
  Added a space between IP address and the following colon
2015-07-26 22:47:43 -04:00
Yaroslav Halchenko 333dd842f9 DOC: moved and adjusted changelog entry from 0.9.2 within 0.9.3 to come 2015-07-26 22:44:52 -04:00
Viktor Szépe c8b3ee10a0 Limit the number of log lines in *-lines.conf actions 2015-07-27 02:35:21 +02:00
Yaroslav Halchenko 33b204a2ee DOC: Changelog for iptables -w change 2015-07-26 18:25:42 -04:00
Thomas Mayer a19cb1b2b9 Merge 923d807ef8 into cf2feea987 2015-07-25 01:23:39 +00:00
Viktor Szépe ebdfbae559 Added a space between IP address and the following colon 2015-07-24 09:33:47 +02:00
Viktor Szépe 586703dcc2 Test, changelog and fixes to pass2allow 2015-07-13 16:46:04 +02:00
Viktor Szépe 5d60700c0c Added pass2allow (knocking with fail2ban) 2015-07-10 16:22:43 +02:00
sebres 95c2a2976f unbanip always deletes ip from database (independent of bantime, also if currently not banned or persistent);
merged from #716 where it works;
closes gh-972, closes gh-768
2015-07-10 13:56:26 +02:00
Lee Clemens fc2b7f8012 Multiple Travis and coverage related changes
Reorganize .travis.yml
Separate coverage tests for Python 2 and Python 3
Execute setup.py install using the environment's Python exe
Sanitize Travis execution order
2015-07-09 10:12:40 -04:00
Yaroslav Halchenko c213d97d25 Moved recently added Changelog (on HEAD addition) to Enhancements 2015-07-07 14:01:24 -04:00
Viktor Szépe a3b8257b73 Add HEAD method verb to apache-badbots, nginx-badbots 2015-07-07 17:45:40 +02:00
Yaroslav Halchenko 052418a110 Merge pull request #1098 from yarikoptic/enh/man-testcases
DOC: rudimentary manpage for fail2ban-testcases (+updated other mans for consistency)
2015-07-06 23:43:30 -04:00
sebres 4a4fe7d76a extending test cases (increase coverage) + changelog entry for #1099 2015-07-06 22:09:13 +02:00
Yaroslav Halchenko 46510948a7 DOC: rudimentary manpage for fail2ban-testcases (+updated other mans for consistency) 2015-07-05 21:48:14 -04:00
Yaroslav Halchenko 38f8e1a82a DOC: added changelog for LC_ALL fix, tuned up other ChangeLog entries 2015-07-05 21:39:17 -04:00
Yaroslav Halchenko e38b4b8cb3 Merge pull request #1051 from leeclemens/bf/roundcube
Update regex to work with roundcube 1.0.5 and 1.1.1
2015-07-05 21:35:49 -04:00
Lee Clemens 423d5b761e Add changelog reference for socket error logging message 2015-07-04 12:37:52 -04:00
Lee Clemens f7444f16b8 Add optional session id prefix for roundcube 1.1.1 2015-07-04 11:06:51 -04:00
Lee Clemens 2796534a5d Update regex to work with roundcube 1.0.5 on CentOS 6 2015-07-04 11:02:04 -04:00
Yaroslav Halchenko e9e00d7599 DOC: ChangeLog -- a better description for cloudflare changes 2015-07-04 10:04:45 -04:00
Viktor Szépe a00ee15c06 Added Changelog entry 2015-07-04 14:12:38 +02:00
sebres f2d0230a67 reload in interactive mode appends all the jails twice (#825) 2015-06-22 17:57:01 +02:00
sebres 2f283079f8 reload server/jail failed if database used (but was not changed) and some jail active (#1072) 2015-06-22 17:56:39 +02:00
Yaroslav Halchenko 345820d2aa Merge pull request #1056 from ipoddubny/asterisk_security_log
Fix support for Asterisk security log
2015-05-25 12:50:13 -04:00
Yaroslav Halchenko eb091d9b8c Merge remote-tracking branch 'origin/master' into pr-1039
* origin/master:
  minor: no tripple empty lines
  add froxlor-auth filter and jail
  add froxlor-auth filter and jail 0
  add froxlor-auth filter and jail
  BF: Fix fail2ban-regex not parsing journalmatch correctly
2015-05-25 10:50:34 -04:00
Joern Muehlencord 4296d1a9a9 add froxlor-auth filter and jail 2015-05-25 13:51:06 +02:00
Ivan Poddubny 38d9f3e609 Asterisk security log: add tests and update ChangeLog 2015-05-25 08:32:49 +03:00
Steven Hiscocks 0c869910ea BF: Fix fail2ban-regex not parsing journalmatch correctly 2015-05-09 10:26:14 +01:00
Anton Shestakov 56e5821c06 Match unknown user in dovecot's passwd-file auth database 2015-04-30 16:53:10 +08:00
Yaroslav Halchenko fb336276d4 post-release tune ups
Conflicts:
	ChangeLog
	README.md
2015-04-29 09:02:48 -04:00
Yaroslav Halchenko acc4c2d104 Hope for release tomorrow 2015-04-28 23:52:48 -04:00
Yaroslav Halchenko 840fea9f71 Merge commit '0f75ed5e2ab1159e45a7771a7a4e90c877ec848e'
* commit '0f75ed5e2ab1159e45a7771a7a4e90c877ec848e':
  Just use a system wide python in the tests digest.py
  DOC: Slight tune up to RELEASE doc -- no need for PYTHONPATH to run tests
  MANIFEST: updated for some new files, sorted all entries, removed some duplicates
  Initial changes for the release -- simplified ChangeLog header etc
2015-04-28 23:51:32 -04:00
Aaron Brice 7ae0ef2408 Fix actions in ufw.conf
On Ubuntu 15.04 the ufw action was not working.
- With empty <application>, receiving errors:

2015-04-24 16:28:35,204 fail2ban.filter         [8527]: INFO    [sshd] Found 43.255.190.157
2015-04-24 16:28:35,695 fail2ban.actions        [8527]: NOTICE  [sshd] Ban 43.255.190.157
2015-04-24 16:28:35,802 fail2ban.action         [8527]: ERROR   [ -n "" ] && app="app " -- stdout: b''
2015-04-24 16:28:35,803 fail2ban.action         [8527]: ERROR   [ -n "" ] && app="app " -- stderr: b''
2015-04-24 16:28:35,803 fail2ban.action         [8527]: ERROR   [ -n "" ] && app="app " -- returned 1

- With action = ufw[application=OpenSSH], it was silently not doing
  anything (no errors after "Ban x.x.x.x", but no IP addresses in ufw
  status).

Re-arranged the bash commands on two lines, and it works with or without
<application>.
2015-04-28 11:39:00 -07:00
Lee Clemens 8f792f52fb Add drupal-auth filter and jail 2015-04-27 13:10:27 -04:00
Yaroslav Halchenko ca849b93dc Initial changes for the release -- simplified ChangeLog header etc 2015-04-26 21:39:54 -04:00
Lee Clemens b530d88eca Merge remote-tracking branch 'upstream/master' into bf/1000-asteriskBlocksSelf
Conflicts:
	ChangeLog
2015-04-26 15:13:59 -04:00
Markus Oesterle b9a09af914 Added changes to ChangeLog & updated sample test cases 2015-04-16 21:33:57 +02:00
Thomas Mayer c0cf3daac8 Add myself to the changelog 2015-03-27 18:20:25 +01:00
Thomas Mayer c9b24839e4 Character detection heuristics for whois output via optional setting in mail-whois*.conf (Closes #1003)
when set by user,
 - detects character set of whois output (which is undefined by RFC 3912) via heuristics of the file command
 - converts whois data to UTF-8 character set with iconv
 - sends the whois output in UTF-8 character set to mail program
 - avoids that heirloom mailx creates binary attachment for input with unknown character set
2015-03-27 14:27:41 +01:00
Lee Clemens 72f4bcfbff Match hacking attempt IP instead of asterisk server IP (closes #1000) 2015-03-24 19:03:26 -04:00
Yaroslav Halchenko 320a28a4a4 DOC: make a warning for recidive jail to increase dbpurgeage (Closes #964) 2015-03-21 20:50:03 -04:00
Yaroslav Halchenko 31d107d181 BF: asyncore.loop poll=True for recent (>=3.4) pythons too
should avoid
  File /usr/lib/python3.4/asyncore.py, line 208, in loop
    poll_fun(timeout, map)
  File /usr/lib/python3.4/asyncore.py, line 145, in poll
    r, w, e = select.select(r, w, e, timeout)
OSError: [Errno 9] Bad file descriptor
2015-03-05 22:52:40 -05:00
Yaroslav Halchenko daa2a9e5d8 Merge pull request #975 from sebres/gh-973-fix
BF: binding parameter error (unsupported type) (closes gh-973) ...
2015-03-05 22:47:45 -05:00
Teubel György 0254cbf7fb Flush logs at USR1 signal 2015-02-26 23:23:10 +01:00
sebres 2bfe22aa66 makes test case more precise; 2015-02-25 15:05:32 +01:00
sebres 6c788a32ee BF: binding parameter error (unsupported type) by writing json with invalid encoded lines into sqlite database (gh-973);
especially python < 3.0; try to prevent occurring such errors in the future;
2015-02-25 11:56:11 +01:00
Yaroslav Halchenko 83805ee5dc Changelog for preceding merge 2015-02-14 16:07:28 -05:00
Yaroslav Halchenko 54e182e017 Merge pull request #955 from sebres/fail2ban-regex-gh-954
BF: fail2ban-regex does not read '.local' file of given filter (Close #954)
2015-02-14 09:44:54 -05:00
Yaroslav Halchenko ae2af0d51b Minor tune up to changelog (we should eventually just make it into .md format) 2015-02-14 09:37:13 -05:00
Yaroslav Halchenko 07b0ab07ad Merge branch 'master' of https://github.com/rumple010/fail2ban
* 'master' of https://github.com/rumple010/fail2ban:
  Changed default TTL value to 60 seconds.
  Added a reminder to create an nsupdate.local file to set required options.
  Modified the ChangeLog and THANKS files to reflect the addition of action.d/nsupdate.conf.
  add nsupdate action

Conflicts:
	ChangeLog
2015-02-14 09:32:05 -05:00
sebres 74c6f6ac4b BF: fail2ban-regex does not read '.local' file of given filter (gh-954) 2015-02-13 15:36:00 +01:00
Yaroslav Halchenko 3fb2becddb Merge pull request #949 from leeclemens/enh/configSyslogSocket
Configure Syslog Socket Path (closes #814)
2015-02-06 20:08:15 -05:00
Yaroslav Halchenko 119a7bbb16 Merge pull request #939 from szepeviktor/geoip
Added sendmail-geoip-lines.conf
2015-02-06 11:32:41 -05:00
Lee Clemens d676a9fd4f update ChangeLog with syslogsocket config enhancement 2015-02-05 23:48:18 -05:00
Yaroslav Halchenko 40068f5f31 Merge pull request #933 from mrc0mmand/nginx-botsearch
Add jail nginx-botsearch and refactor common with apache-botsearch regexes into botsearch-common
2015-02-04 09:27:43 -05:00
Yaroslav Halchenko eaca33e227 Merge branch 'enh/clarifyDnsUtilsMethods' of https://github.com/leeclemens/fail2ban
* 'enh/clarifyDnsUtilsMethods' of https://github.com/leeclemens/fail2ban:
  Update ChangeLog
  Clarify filter.DNSUtils functions' terminology and add unittests

Conflicts:
	ChangeLog -- rephrased a bit as well
2015-02-03 20:29:03 -05:00
Lee Clemens ed71a7cd22 Update ChangeLog 2015-02-03 20:23:25 -05:00
František Šumšal 9bd25f51c1 Added ChangeLog and THANKS entry 2015-02-04 02:19:15 +01:00
Lee Clemens 4091fdde27 Update ChangeLog from PR 930 2015-02-03 19:54:23 -05:00
Orion Poplawski e7ff7e90b7 [postfix-sasl] update regexes
- Add : to match "SASL LOGIN authentication failed: Password:"
- Add ignoreregex to ignore system authentication issues:
  "warning: unknown[1.1.1.1]: SASL LOGIN authentication failed: Connection lost to authentication server"
- Add test log messages for both
2015-02-03 11:30:16 -07:00
Yaroslav Halchenko 646c799231 Changelog for above merge 2015-02-02 21:46:38 -05:00
Yaroslav Halchenko 73af02ffc6 Merge pull request #940 from leeclemens/ENH/ApacheFakeGoogleBot
New jail: apache-fakegooglebot
2015-02-02 21:44:04 -05:00
Yaroslav Halchenko 7f2d1a7269 minor changelog entry reformatting 2015-02-02 21:37:24 -05:00
Yaroslav Halchenko 7ada96b4e9 Merge pull request #932 from opoplawski/dovecot
Dovecot - dovecot auth failure from EL7
2015-02-02 21:37:28 -05:00
Yaroslav Halchenko 8f6d9c6a5a Merge branch 'enh/local_time_zone' of https://github.com/yarikoptic/fail2ban
* 'enh/local_time_zone' of https://github.com/yarikoptic/fail2ban:
  fixed typos, thanks szepeviktor for review
  ENH: use non-UTC date invocation (without -u) and report offset for localzone (%z)

Conflicts:
	ChangeLog
2015-02-02 21:21:44 -05:00
Yaroslav Halchenko 96ae041132 fixed typos, thanks szepeviktor for review 2015-02-02 21:21:37 -05:00
Lee Clemens 00961d5281 Remove ignorecommand addition from ChangeLog 2015-02-02 11:36:21 -05:00
Lee Clemens af078532ac New jail: apache-fakegooglebot
Detects fake googlebot user agents in apache access log
2015-02-02 00:42:01 -05:00
Viktor Szépe 0430e0dacc Changelog entry for sendmail-geoip-lines 2015-02-01 00:24:40 +01:00
Yaroslav Halchenko ec6a30efcf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
Orion Poplawski b4776a1ba0 Match dovecot unknown user line 2015-01-29 09:37:37 -07:00
Orion Poplawski ee5c5b34d6 Add ChangeLog and THANKS entry 2015-01-29 09:14:41 -07:00
Yaroslav Halchenko 64feb0fd16 Merge pull request #924 from leeclemens/ENH/StatusExtendedInfo
Add extended info to status output using Cymru
2015-01-26 22:55:12 -05:00
Lee Clemens 486214585e Update extended status to accept additional argument, flavor
Default to as-in behavior, or flavor=="basic"
2015-01-26 19:38:06 -05:00
Andrew St. Jean e0f11ae722 Modified the ChangeLog and THANKS files to reflect the addition of action.d/nsupdate.conf. 2015-01-26 11:30:41 -05:00
Yaroslav Halchenko 085d0f72ed ENH: use non-UTC date invocation (without -u) and report offset for localzone (%z) 2015-01-26 09:19:44 -05:00
Yaroslav Halchenko 65980a70fc Merge branch 'enh/recidive-allports' of https://github.com/yarikoptic/fail2ban
* 'enh/recidive-allports' of https://github.com/yarikoptic/fail2ban:
  use iptables-allports for recidive

Conflicts:
	ChangeLog
2015-01-26 09:04:42 -05:00
Lee Clemens 60ac0a1a17 Add extended info to status output using Cyrmu 2015-01-24 12:45:42 -05:00
sebres 33e9e2174a recursive/embedded version of issue/907;
test cases merged from remote-tracking branch 'yarikoptic:enh/embedded_tags' into issue/907
infinite busy loop on _escapedTags match in substituteRecursiveTags gh-907
2015-01-20 17:18:25 +01:00
sebres b04a51246f infinite busy loop on _escapedTags match in substituteRecursiveTags gh-907 2015-01-20 11:32:15 +01:00
sebres 12e3cca3f2 port[s] typo fixed in jail.conf/nginx-http-auth, issue gh-913 2015-01-19 10:28:53 +01:00
Yaroslav Halchenko c7edd9e67f Merge pull request #901 from leeclemens/ENH/PostfixRBL
Create Jail for Postfix based on RBL
2015-01-07 21:45:36 -05:00
Yaroslav Halchenko 995b1d18df Merge pull request #906 from leeclemens/BF/755-strptime
Fix strptime thread safety issue
2015-01-07 20:40:14 -05:00
Lee Clemens 77677e43df Merge branch 'master' of github.com:fail2ban/fail2ban into ENH/PostfixRBL 2015-01-07 20:39:04 -05:00
Lee Clemens 4714028c69 Change case and tense for consistency 2015-01-03 16:16:23 -05:00
Lee Clemens bda8dc1926 Merge branch 'master' of github.com:fail2ban/fail2ban into ENH/PostfixRBL 2015-01-03 15:29:42 -05:00
Lee Clemens 2f360ce447 Update Changelog with strptime fix 2015-01-03 15:26:34 -05:00
Lee Clemens 38641e741a Merge branch 'master' of github.com:fail2ban/fail2ban into BF/755-strptime
Conflicts:
	ChangeLog
2015-01-03 15:25:54 -05:00
Lee Clemens 541a747d79 Update Changelog with strptime fix 2015-01-03 15:19:58 -05:00
TorontoMedia 74c3d5d96c Updated ChangeLog 2015-01-01 13:26:11 -05:00
TorontoMedia 948eec6425 Upd 2015-01-01 12:56:17 -05:00
TorontoMedia a47001ea0e Updated ChangeLog 2015-01-01 12:41:31 -05:00
TorontoMedia c2bb3253ad Update ChangeLog 2015-01-01 05:27:18 -05:00
Yaroslav Halchenko acfa83229b Merge branch 'master' of git://github.com/fail2ban/fail2ban
* 'master' of git://github.com/fail2ban/fail2ban:
  Update year in postfix logs test file
  Add 'Client host rejected error message' regex Not sure if it was reworded (using Postfix 2.6) or a slightly different error, but I only have "Client host rejected: cannot find your hostname"
2014-12-31 01:12:56 -05:00
Lee Clemens fe72a5585c Create Jail for Postfix based on RBL
Use RBL blocks to ban addresses, unique Jail so maxretry can be set to 1 (vs postfix.conf)
2014-12-30 19:06:17 -05:00
Lee Clemens 2d7429c47c Add 'Client host rejected error message' regex
Not sure if it was reworded (using Postfix 2.6) or a slightly different error, but I only have "Client host rejected: cannot find your hostname"
2014-12-30 18:05:19 -05:00
Yaroslav Halchenko d65c4f8f5d moved debian's initd file to files/debian-initd from debian branch 2014-12-30 16:45:35 -05:00
Yaroslav Halchenko bcfcefa203 Merge branch 'patch-2' of https://github.com/szepeviktor/fail2ban
* 'patch-2' of https://github.com/szepeviktor/fail2ban:
  downcase example
  Added an item to "Fixes"
  postfix-sasl failregex case insensitive
2014-12-30 16:35:09 -05:00
Viktor Szépe 10f68f4946 Update ChangeLog 2014-12-24 15:00:25 +01:00
Viktor Szépe 190f55b06e Added an item to "Fixes" 2014-12-11 01:34:20 +01:00
bes-internal ccc986b7d8 exim filter: correct failregex for exim with extended log options
incoming_interface, incoming_port, outgoing_port
2014-12-04 13:34:44 +03:00
sebres 80fb48c5b0 Merge remote-tracking branch 'remotes/upstream/master' into sebres:addfailregex-gh-867 2014-12-01 13:14:42 +01:00
sebres effdb450fc better and scalable solution for gh-867 (and gh-868), using only name convention like %(known/failregex)s to add custom expressions, so no interface changes in jail.conf are necessary (for example see test-known-interp in test cases); 2014-11-29 20:33:32 +01:00
Yaroslav Halchenko 9bab6d0009 Changelog entry for preceding fix 2014-11-29 09:52:25 -05:00
sebres d63b125877 interpolation of config readers extended with `%(known/parameter)s`.
(means last known option with name `parameter`).
2014-11-28 19:06:17 +01:00
sebres 1439152121 test cases extended (now correct) 2014-11-28 14:52:12 +01:00
sebres cad09d2df3 BF: failregex declared direct in jail was joined to single line, (specifying of multiple expressions was not possible);
feature request (gh-867): new options for jail introduced addfailregex/addignoreregex: extends regex specified in filter (opposite to failregex/ignoreregex that overwrites it);
2014-11-28 03:17:47 +01:00
Yaroslav Halchenko 2a3790f8e8 use iptables-allports for recidive 2014-11-04 13:24:54 -05:00
Yaroslav Halchenko a44cfba9ae Merge pull request #841 from opoplawski/firewallcmd-multiport
ChangeLog for firewallcmd-new multiport support
2014-10-30 18:32:26 -04:00
Orion Poplawski 21be983620 ChangeLog for firewallcmd-new multiport support 2014-10-30 16:11:34 -06:00
Yaroslav Halchenko 967485c2d0 improving grepping 2014-10-29 23:14:47 -04:00
Yaroslav Halchenko 36abb5ed96 BF: fix $ for % in jail.conf. Debian bug #767255 2014-10-29 13:08:51 -04:00
Yaroslav Halchenko 7acddcbe4a Post-release boost to .dev 2014-10-27 23:45:51 -04:00
Yaroslav Halchenko 987356d6c0 Changes for the 0.9.1 release versioning 2014-10-27 21:43:17 -04:00
pacop b60e2bf42f Add portsentry to changelog 2014-10-25 18:17:57 +02:00
Yaroslav Halchenko e2f49b7334 DOC: very minor (tabs/spaces) 2014-10-23 14:44:10 -04:00
sebres 7d3e6e9935 code review, change log entries added; 2014-10-10 20:06:58 +02:00
SlowRiot 7b5dc9f24f adding test case, changelog and thanks entries for apache shellshock filter 2014-09-26 18:48:56 +01:00
Nick Weeds 2c158fe168 Add apache filter for AH01630 client denied by server configuration 2014-09-14 21:54:05 +01:00
Yaroslav Halchenko 8f521b8551 DOC: Changelog and THANKS for previous changes 2014-09-13 10:27:37 -04:00
Daniel Black 1864f75b3b Credits and notes from #806 2014-09-08 19:02:37 +10:00
Yaroslav Halchenko 0d9cfb84e3 Merge pull request #778 from yarikoptic/enh/symbiosis
ENH: symbiosis-blacklist-allports action
2014-08-20 23:00:11 -04:00
Yaroslav Halchenko 3576c509f5 changelog entry for postfix-sasl fix 2014-08-12 11:08:39 -04:00
Yaroslav Halchenko 6fc04c2256 Merge branch 'bf+enh/cyrus-imap' of https://github.com/yarikoptic/fail2ban (with some tune up to Changelog entry)
* 'bf+enh/cyrus-imap' of https://github.com/yarikoptic/fail2ban:
  ENH: cyrus-imap -- catch also 'user not found' attempts
  BF: cyrus-imaps -- catch also for secured daemons

Conflicts:
	ChangeLog
2014-08-11 13:09:43 -04:00
Yaroslav Halchenko 818dd59d65 ENH: symbiosis-blacklist-allports action 2014-08-08 11:57:30 -04:00
Yaroslav Halchenko 4a23a7dcf1 Merge pull request #766 from leftyfb/master
Added cloudflare action
2014-07-28 15:34:09 -04:00
Yaroslav Halchenko 2756bbe12a changelog and thanks for the preceding fix
Conflicts:
	ChangeLog
	THANKS
2014-07-28 12:48:50 -04:00
leftyfb 2179c8293c ChangeLog Added and entry about Cloudflare action 2014-07-28 11:24:38 -04:00
Yaroslav Halchenko a35b62500f changelog entries for already merged and upcoming merge 2014-07-28 10:18:33 -04:00
Yaroslav Halchenko effa1bc757 Merge branch 'master' of github.com:fail2ban/fail2ban
* 'master' of github.com:fail2ban/fail2ban:
  Update courier-smtp.conf
  I don't understand those years.
  added Jul 3 & Jul 4
  Update courier-smtp.conf
  named users + smtp atuh probes
  BF: Remove manually unbanned IPs from persistent database
  typo
2014-07-28 10:14:40 -04:00
Yaroslav Halchenko edfdeecfe6 DOC: Changelog for recent merge 2014-07-27 21:48:55 -04:00
Yaroslav Halchenko 3339dc8d84 ENH: cyrus-imap -- catch also 'user not found' attempts 2014-07-25 10:13:04 -04:00
Yaroslav Halchenko 3e5c598b79 BF: cyrus-imaps -- catch also for secured daemons 2014-07-25 10:02:40 -04:00
Steven Hiscocks 01d02ca5e6 BF: Remove manually unbanned IPs from persistent database
Stops them being restored when Fail2Ban is restarted. Particularly this
is an issue with bantime < 0

Fixes gh-768
2014-07-19 15:17:32 +01:00
Steven Hiscocks e301d6c840 DOC: Update ChangeLog for change in b73ed9b 2014-07-19 15:15:38 +01:00
Yaroslav Halchenko 78d8ea2e50 Merge pull request #760 from yarikoptic/enh/exim4_debian_path
BF: fix path to the exim log on Debian and Fedora systems
2014-07-18 09:59:08 -04:00
Sean DuBois 84b7e93a47 ENH: Add version command to protocol
TST: Add test for version server command
2014-07-15 06:19:13 +00:00
Yaroslav Halchenko 6cddc65cee BF: path to exim's mainlog on Fedora (Thanks Frantisek Sumsal) + changelog entry 2014-07-14 12:16:12 -04:00
Yaroslav Halchenko c7de888cd3 DOC: Changelog for previous merge (pass a copy of aInfo) 2014-06-22 10:59:43 -04:00
Yaroslav Halchenko 305b31ae1c DOC: ChangeLog -- Added an entry about iptables-common.conf 2014-06-22 10:29:23 -04:00
Steven Hiscocks 2d54161696 Merge branch 'kwirk/harmonize-log-msgs'
Conflicts:
	ChangeLog - Keep all additions
2014-06-22 12:57:49 +01:00
Steven Hiscocks 76a5633ff9 Merge pull request #739 from ranvis/enh-iptables-ipsets
ENH: Add <chain> to iptables-ipsets.
2014-06-21 22:48:49 +01:00
Yaroslav Halchenko 4190a4030c Merge branch 'sebres-strptime-bug' of https://github.com/kwirk/fail2ban
* 'sebres-strptime-bug' of https://github.com/kwirk/fail2ban:
  DOC: Tweak ChangeLog and THANKS
  DOC: Update docs in reference to time zone related fix
  TST: Fix tests due to @sebres fix and based from gh-349 reverts
  strptime bug fix: if gmtoff is None we have 1 hour increment of time (through utctimetuple), compare: >>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().timetuple())).strftime("%Y-%m-%d %H:%M:%S") '2014-04-29 17:26:31' >>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().utctimetuple())).strftime("%Y-%m-%d %H:%M:%S") '2014-04-29 18:26:37'

Conflicts:
	ChangeLog
2014-06-16 09:28:41 -04:00
SATO Kentaro 1e1c4ac62a ENH: Add <chain> to iptables-ipsets. 2014-06-16 21:30:13 +09:00
Steven Hiscocks f7da091437 ENH: Log unhandled exceptions to Fail2Ban log 2014-06-09 22:27:51 +01:00
Steven Hiscocks e8131475cd ENH: Realign and harmonise log messages with getF2BLogger helper 2014-06-09 22:17:00 +01:00
Steven Hiscocks 1fa8f9fa70 DOC: Tweak ChangeLog and THANKS 2014-05-15 22:18:07 +01:00
Steven Hiscocks fc4b69a282 DOC: Update ChangeLog fix for ip{,jail}failures action tags 2014-05-15 22:15:12 +01:00
Steven Hiscocks 1c20fd88d4 DOC: Update docs in reference to time zone related fix 2014-05-14 23:04:48 +01:00
Yaroslav Halchenko 2526dbae92 Merge branch 'recursive-tag-fix' of https://github.com/kwirk/fail2ban
* 'recursive-tag-fix' of https://github.com/kwirk/fail2ban:
  ENH: explicitly define tags which should be escaped
  DOC: ChangeLog update for recursive tag bug fix
  BF: Tags not fully recursively substituted

Conflicts:
	ChangeLog -- kept all as is
2014-05-13 11:23:30 -04:00
Yaroslav Halchenko c619202d6f Merge branch 'master' of github.com:fail2ban/fail2ban
* 'master' of github.com:fail2ban/fail2ban:
  ENH: Match non "Bye Bye" for sshd locked accounts failregex
  Even stricter monit regex, now covers entire line
  Tidy up filter.d/monit.conf, make regex more complete. Add ChangeLog / THANKS entry. Add test cases.
  ENH: Move traceback formatter to from tests.utils to helpers
  Block brute-force attempts against the Monit gui
2014-05-10 20:02:47 -04:00
Steven Hiscocks 904b362215 DOC: ChangeLog update for recursive tag bug fix
Also minor typo fixes in comments
2014-05-09 20:25:44 +01:00
Steven Hiscocks 77ba065571 Merge pull request #697 from jhmartin/monit_admin_hack
Block brute-force attempts against the Monit gui
2014-05-07 22:23:01 +01:00
Yaroslav Halchenko 1f8b554d31 Merge branch 'database-persistent-bans' of https://github.com/kwirk/fail2ban
* 'database-persistent-bans' of https://github.com/kwirk/fail2ban:
  BF: bantime < 0 database should return all bans, as they are persistent

Conflicts:
	ChangeLog - kept all ;)
2014-05-05 23:29:35 -04:00
Yaroslav Halchenko 3eabf4a7bd Merge pull request #708 from kwirk/ssh-bye-bye
ENH: Match non "Bye Bye" for sshd locked accounts failregex
2014-05-05 23:22:57 -04:00
Yaroslav Halchenko 65269365ee minor 2014-05-05 23:16:18 -04:00
Steven Hiscocks 1e8402cb99 DOC: ChangeLog entry for Python 3.4.0 persistent "/dev/urandom" fix 2014-05-03 12:51:15 +01:00
Steven Hiscocks bc10b64c69 ENH: Match non "Bye Bye" for sshd locked accounts failregex 2014-04-27 13:35:55 +01:00
Steven Hiscocks 7cc64a14e0 BF: fail2ban-regex assertion error caused by miscounted "missed" lines
Caused when removing lines as part of multiline regex, which had been
previously considered missed.
2014-04-27 13:27:11 +01:00
Steven Hiscocks bbcbefd494 BF: bantime < 0 database should return all bans, as they are persistent 2014-04-22 19:20:44 +01:00
Jason Martin 72bfd14330 Tidy up filter.d/monit.conf, make regex more complete.
Add ChangeLog / THANKS entry.
Add test cases.
2014-04-19 13:04:03 -07:00
Steven Hiscocks 03d90c2f42 BF: recidive filter and samples at wrong log level: WARNING->NOTICE 2014-04-19 18:07:23 +01:00
Yaroslav Halchenko af07b2edf8 very minor 2014-04-18 23:59:24 -04:00
Steven Hiscocks abfa7fa7e3 DOC: Update ChangeLog 2014-04-03 18:47:38 +01:00
Daniel Black e3be822245 DOC: nginx-http-auth filter 2014-04-03 21:30:45 +11:00
Steven Hiscocks dc24d3d494 BF: On jail restart reinstatement of bans, fetch one ticket per IP
Closes gh-664
2014-03-29 21:44:39 +00:00
Ruben Kerkhof 1695d5c076 Fix a few typos
Found with https://github.com/lucasdemarchi/codespell

Signed-off-by: Ruben Kerkhof <ruben@rubenkerkhof.com>
2014-03-24 13:16:52 +00:00
Steven Hiscocks 7046388291 Merge branch 'database-no-sqlite'
Conflicts:
	ChangeLog
        - Entries added in both branches, both kept
2014-03-22 17:34:38 +00:00
Steven Hiscocks 1470e3c01d BF: fail2ban.conf reader expected "int" type for `loglevel`
Closes #657
2014-03-19 19:09:07 +00:00
Steven Hiscocks 8c129cc283 DOC: Update ChangeLog fixes 2014-03-19 18:59:00 +00:00
Daniel Black e3839777d1 DOC: ChangeLog for gh-652 2014-03-18 08:02:39 +11:00
Yaroslav Halchenko 65628e303c Merge commit '0.8.13-1-ga8d0cc9'
* commit '0.8.13-1-ga8d0cc9':
  DOC: remove duplicate update of Fail2ban_Version
  DOC: DEVELOP release note changes
  PKG: version release
  PKG: include nagios filter/log
  DOC/ENH: update man pages for release

Conflicts:
	ChangeLog
	DEVELOP
	MANIFEST
	fail2ban/version.py
	man/fail2ban-client.1
	man/fail2ban-regex.1
	man/fail2ban-server.1
2014-03-17 10:25:12 -04:00
Steven Hiscocks 8f4a99f81f DOC: Document recent changes 2014-03-16 21:59:50 +00:00
Steven Hiscocks b89d05c57d DOC: Document recent fixes 2014-03-16 21:55:41 +00:00
Daniel Black 755e35fdfe DOC: syntax 2014-03-17 08:43:34 +11:00
Daniel Black c602dea3c3 DOC: new ChangeLog header 2014-03-17 08:43:00 +11:00
Daniel Black cee3414029 PKG: version release 2014-03-15 19:06:37 +11:00
Daniel Black 9bee8b3257 Merge branch '0.9' 2014-03-15 18:41:34 +11:00
Daniel Black 77fda9498c ENH: pull asterisk filter change to support syslog from 0.9 branch 2014-03-14 23:15:46 +11:00
Daniel Black 8671b73958 DOC: versioning and release/readme notes 2014-03-14 23:08:25 +11:00
Daniel Black aa7e8fb9ce DOC: Credits. close gh-644 2014-03-14 22:30:44 +11:00
Daniel Black 476d79d3cc ENH: asterisk filter to support syslog format 2014-03-14 09:03:27 +11:00
Steven Hiscocks 0222ff4677 Merge branch 'badips-blacklist' into 0.9
Conflicts:
	ChangeLog
        - entires added in both branches.

Change:
        config/action.d/badips.py
        - jail.getName() changed to jail.name
2014-03-13 20:01:15 +00:00
Steven Hiscocks 0c63d0061a DOC: Add documentation for badips.py action 2014-03-13 19:58:32 +00:00
Steven Hiscocks 406fe0f5b6 DOC: Additional entries to ChangeLog 2014-03-12 21:20:24 +00:00
Steven Hiscocks 742e52269a DOC: Added jail.conf(5) and ChangeLog for "logencoding" 2014-03-12 21:00:25 +00:00
Steven Hiscocks 725a8261fe DOC: Add items to ChangeLog and readded jail.conf(5) for logpath tail
jail.conf change merged from 6a395f4cf7
2014-03-12 20:48:52 +00:00
Daniel Black cc8ec826c5 MRG: from master 2014-03-02 2014-03-02 14:33:45 +11:00
Daniel Black c10cc20928 ENH: rename sendmail-spam to sendmail-reject 2014-02-28 08:41:04 +11:00
Daniel Black 3d776afbb0 ENH: add filter for sendmail-{auth,spam}. Closes gh-20 2014-02-26 19:16:49 +11:00
Steven Hiscocks f68d85a6ac Merge branch 'master' into 0.9
Conflicts:
	ChangeLog
                Spelling correction of 0.8.13 fixed in master
	config/jail.conf
                Added nagios and duplicate php-url removal in master
                Just nagios added, duplicate not issue in 0.9
2014-02-13 20:14:40 +00:00
Daniel Black 5f4d0ed576 ENH: ssh filter - "Disconnecting: Too many authentication failures.." matching Connection log message 2014-02-13 09:13:46 +11:00
Yaroslav Halchenko c424e4032d DOC: minor - replace tabs with spaces for consistent formatting 2014-02-07 00:41:22 -05:00
Daniel Black 1c740636e3 Merge pull request #603 from truxoft/master
ENH: Nagios filter
2014-02-06 11:09:49 +11:00
Chris Markle 20886288e5 Correct spelling error in changelog
I know it's a nit but still... ;)
2014-02-05 10:44:46 -08:00
Ivo Truxa a8a43e8f38 ENH: Nagios filter
new filter Nagios added
2014-02-03 22:01:22 +01:00
Daniel Black 59b9045e88 MRG: from master 2014-02-02 2014-02-02 13:21:16 +11:00
Daniel Black 9b614ce486 ENH: dovecot filter enhancements 2014-01-29 20:27:45 +11:00
Daniel Black a749a2780e Merge pull request #593 from grooverdan/tine
ENH: Tine20 filter
2014-01-26 18:50:42 -08:00
Daniel Black 3c48e3f035 DOC: changelog for pure-ftpd filter fixes 2014-01-25 12:22:27 +11:00
Daniel Black 1e1261ccb4 MRG: from master 2014-01-23 2014-01-23 17:45:18 +11:00
Daniel Black ca57427080 BF: firewallcmd-ipset had non-working actioncheck 2014-01-23 17:41:13 +11:00
Daniel Black 2063d96e59 MRG: import Lars' PR for tine20 2014-01-22 18:12:19 +11:00
Daniel Black 499b33f8a6 DOC: post release versioning 2014-01-22 08:37:51 +11:00
Daniel Black 33dd1733fb DOC: version and release date to 0.8.12 on 2014-01-22 2014-01-19 16:25:23 +11:00