fail2ban

Commit Graph

Author	SHA1	Message	Date
sebres	1cefb7fdc6	setup.py: small amend to d2d3762ba9fa82b7983bae74cd567702e5c1b96c: allow build without tests also (both build and install accepting `--without-tests` option now)	4 years ago
sebres	adbfdc222d	Merge branch '0.10' into 0.11	4 years ago
sebres	ca4da9d1d3	actions: extend tags replacement in non ticket-based commands (actionstart, actionstop, etc); fixes regression by interpolation of tag `<bantime>` introduced in 0.11 with dynamic bantime (due to `bantime.increment`, see #2869)	4 years ago
Sergey G. Brester	9c8dcbd6eb	Merge pull request #2855 from benrubson/grafana Add Grafana jail	4 years ago
Sergey G. Brester	1c1a9b868c	no catch-alls, user name and error message stored in ticket	4 years ago
benrubson	840f0ff10a	Add Grafana jail	4 years ago
Sergey G. Brester	267cbf5861	Merge pull request #2778 from Mart124/bitwarden Add Bitwarden syslog support	4 years ago
sebres	25e006e137	review and small tweaks (more precise and safe RE)	4 years ago
Mart124	2a18b82f5f	Support alternative Bitwarden log format	4 years ago
Mart124	df659a0cbc	Add Bitwarden syslog support	4 years ago
Sergey G. Brester	472bdc437b	Merge pull request #2723 from benrubson/softether Add SoftEtherVPN jail	4 years ago
Sergey G. Brester	010e76406f	small tweaks (both 2nd time and facility are optional, avoid catch-all, etc)	4 years ago
sebres	66ff90408f	Merge branch '0.10' into 0.11	4 years ago
sebres	d4adec7797	Merge branch '0.9' into 0.10	4 years ago
sebres	5430091acb	jail `counter-strike`: removed link to site with redirect to malicious page (gh-2868)	4 years ago
benrubson	ec873e2dc3	Add SoftEtherVPN jail	4 years ago
sebres	e700ccc667	filter apache-modsecurity: added coverage for different log-format (apache 2.4 and php-fpm, gh-2717)	4 years ago
sebres	6ef69b48ca	Merge branch '0.10' into 0.11	4 years ago
sebres	55d6408b13	tweaks to speedup test-cases (test-suite seems to be time stable now, so we could shorten sleeping intervals)	4 years ago
sebres	7f0010be68	attempt to install systemd-python module	4 years ago
Sergey G. Brester	7cb6412f68	1st try of GH actions flow (CI only, no coverage atm)	4 years ago
Sergey G. Brester	a07e6fe1a2	reduce default `maxmatches` from 50 to 5: avoid too large memory consumption if `maxretry` is large and many failures don't cause ban (but accumulated in fail-manager with all the matched lines); closes gh-2843	4 years ago
sebres	02525d7b6f	filter.d/sshd.conf: mode `ddos` (and `aggressive`) extended with new rule closing flood attack vector, matching: error: kex_exchange_identification: Connection closed by remote host (gh-2850)	4 years ago
sebres	c8059bf9b3	ban/unban: increase responsiveness of actions thread by (un)banning process, better waiting timeout considering pending tickets for unban (_nextUnbanTime)	4 years ago
sebres	2817a8144c	`action.d/bsd-ipfw.conf`: small amend (gh-2836) simplifying awk condition/code (position starts from `<lowest_rule_num>` and increases whilst used)	4 years ago
sebres	1418bcdf5b	`action.d/bsd-ipfw.conf`: fixed selection of rule-no by large list or initial `lowest_rule_num`, exit code can't be larger than 255 (gh-2836)	4 years ago
sebres	d253e60a8b	Merge branch '0.10' into 0.11	4 years ago
sebres	24093de32d	small amend (simplifying formatted help and man)	4 years ago
Nathan Henrie	f518d42c59	Add a note about `journalflags` options to `systemd-journal` backend Also adds systemd backend configuration examples to jail.conf(5) Closes #2696	4 years ago
sebres	4c2539856c	Merge branch 'speedup-client-status' into 0.10	4 years ago
Sergey G. Brester	d977d81ef7	action.d/abuseipdb.conf: removed broken link, simplified usage example, fixed typos	4 years ago
sebres	f381b98246	introduces new flavor `short` for `fail2ban-client status $jail short`: output total and current counts only, without banned IPs list in order to speedup it and to provide more clear output (gh-2819), flavor `basic` (still default) is unmodified for backwards compatibility; it can be changed later to `short`, so for full list of IPs in newer version one should better use: - `fail2ban-client status $jail basic` - `fail2ban-client get $jail banned` or `fail2ban-client banned`	4 years ago
sebres	e8ee3ba544	resolves a bottleneck within transmitting of large data between server and client: speedup search of communications end-marker and increase max buffer size (up to 32KB)	4 years ago
sebres	5abc4ba4ae	amend to `39d4bb3c35` (#2758 ): better reaction on broken pipe (on long output), don't close stdout explicitly (allows usage of modules like cProfile, which outputs result on exit), just flush it before exit.	4 years ago
sebres	f555ff45e9	attempt to speedup ban- and fail-manager (e. g. fail2ban-client status, see gh-2819), remove unneeded lock (GIL is enough here)	4 years ago
sebres	74b73bce8a	Merge branch '0.10' into 0.11	4 years ago
sebres	a038fd5dfe	`action.d/firewallcmd-*.conf` (multiport only): fixed port range selector, replacing `:` with `-`; small optimizations on `firewallcmd-rich-rules.conf` and `firewallcmd-rich-logging.conf` simplifying both and provide a dependency (rich-logging is a derivative of rich-rules); closes gh-2821	4 years ago
sebres	4d2734dd86	Merge branch '0.10' into 0.11	4 years ago
sebres	ed20d457b2	jail.conf: removed action parameter `name` that set on jail-name (`name=%(__name__)s` is default in action reader)	4 years ago
sebres	f09ba1b399	action in jail-config extended to consider space as separator now (splitWithOptions separates by space between mains words, but not in options), so defining `action = a b` would specify 2 actions `a` and `b`; it is additionally more precise now (see fixed typo with closed bracket `]` instead of comma in testServerReloadTest)	4 years ago
sebres	a3a148078e	fail2ban-regex: more informative output for `datepattern` (e. g. set from filter) - pattern : description, example: Use datepattern : ^%Y-%m-%d %H:%M:%S : ^Year-Month-Day 24hour:Minute:Second	4 years ago
sebres	17a6ba44b3	fail2ban-regex: speedup formatted output (bypass unneeded stats creation); fail2ban-regex: extended with prefregex statistic	4 years ago
sebres	db1f3477cc	amend to 3f04cba9f92a1827d0cb3dcb51e57d9f60900b4a: sendmail-auth has 2 failregex now, so rewritten with prefregex	4 years ago
sebres	3f04cba9f9	filter `sendmail-auth` extended to follow new authentication failure message introduced in sendmail 8.16.1, AUTH_FAIL_LOG_USER (gh-2757)	4 years ago
sebres	07fa9f2912	fixes gh-2787: allow to match `did not issue MAIL/EXPN/VRFY/ETRN during connection` non-anchored with extra mode (default names may deviate); additionally provides common addr-tag for IPv4/IPv6 (`(?:IPv6:<IP6>\|<IP4>)`) and test-coverage for IPv6	4 years ago
sebres	d0d1f8c362	improve result for get/set prefregex	4 years ago
sebres	be3115cda0	fix year overflow (9999) by format of datetime (time2str for end of ban of persistent ticket); closes gh-2817	4 years ago
sebres	b2036c1d62	Merge branch '0.10' into 0.11	4 years ago
sebres	e569281d6b	avoids overwrite of `known/option` with unmodified (not available) value of `option` from .local config file, so it wouldn't cause self-recursion if `option` already has a reference to `known/option` (from some include) in .conf file; closes gh-2751	4 years ago
sebres	5a2cc4e1c5	substituteRecursiveTags: more precise self- or cyclic-recursion prevention (don't clear replacement counts of tags, rather consider replacement count by tax X in tag Y)	4 years ago

1 2 3 4 5 ...

5345 Commits (1cefb7fdc6f160c300bfb7fe329b4402703cb2a7) All Branches Search

5345 Commits (1cefb7fdc6f160c300bfb7fe329b4402703cb2a7)

All Branches