github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
2,606 Commits
33 Branches
229 Tags
19 MiB
Commit Graph

628 Commits (1d23a4dc4fede8c0095472bfc3fbe317715a55b1)

Author SHA1 Message Date
Daniel Black 77fda9498c ENH: pull asterisk filter change to support syslog from 0.9 branch 2014-03-14 23:15:46 +11:00
Daniel Black 415f187644 ENH: sendmail-reject for all smtp ports. 2014-03-14 07:12:12 +11:00
Daniel Black 853bed8e4f ENH: more sendmail-reject filter items thanks to fab23 2014-03-02 14:04:27 +11:00
Daniel Black d0ec09a3b5 BF: move to right location 2014-03-01 15:50:30 +11:00
Daniel Black c10cc20928 ENH: rename sendmail-spam to sendmail-reject 2014-02-28 08:41:04 +11:00
Daniel Black d34569fb8d BF: email address as arg1 in sendmail filters 2014-02-27 11:38:23 +11:00
Daniel Black 72c84fe9b0 ENH: wider regex for RBL and sendmail-spam 2014-02-27 10:02:34 +11:00
Daniel Black fe1725c603 BF: add jail.conf definitions for sendmail* filters 2014-02-26 19:31:09 +11:00
Daniel Black 3d776afbb0 ENH: add filter for sendmail-{auth,spam}. Closes gh-20 2014-02-26 19:16:49 +11:00
Daniel Black 9be22a96a6 Merge pull request #614 from kwirk/complain-abusix 
BF: Use abusix Abuse Contact DB to get more accurate abuse addresses
 2014-02-20 09:17:23 +11:00
Steven Hiscocks 997729e274 BF: Fix complain action for multiple recipients and misplaced ";" 2014-02-18 15:05:06 +00:00
Steven Hiscocks 7c76f7f204 BF: $EUID not avilable in all shells, replaced with `id -u` in xt_recent 2014-02-16 17:56:06 +00:00
Steven Hiscocks 2a37ee2fb7 ENH: Add root user check in xt_recent, and add missing actionstop 
Thanks to Helmut Grohne on IRC for suggestion
 2014-02-16 16:52:30 +00:00
Steven Hiscocks 31f4ea59cb BF: Use abusix Abuse Contact DB to get more accurate abuse addresses 
Taken from xarf-login-attack action from 0.9 branch by Daniel Black
 2014-02-13 22:00:33 +00:00
Aarón Nieves Fernández 993b7d3dfb Duplicate jail "php-url-fopen" 2014-02-10 21:41:50 +01:00
Ivo Truxa c207ad6058 removing ignoreip at [nagios] 
I removed the ignoreip setting from the nagios section. As pointed out, it is redundant here. Nagios server, under normal circumstances should not trigger any access errors, and would be included in the global ignoreips anyway.
 2014-02-06 00:27:38 +01:00
Ivo Truxa f5f434f846 removing the second failregex 
The second failregex was supposed to catch an error concerning an ACL denial over IPv6, but this message is no more generated by the nrpe version (v2.15) that introduced the IPv6 support, so the first failregex seems to be sufficient.
 2014-02-06 00:22:05 +01:00
Ivo Truxa a71bb89ccd removing a dot (typo) 
The dot at the ignoregex did not belong there. Somehow it was added during the copying and pasting. Thanks for reporting it, I did not see it. Otherwise, empty ignoregexes are in all filters, and if they are missing, fail2ban client shows warnings when starting the filter, which I prefer avoiding.
 2014-02-03 23:12:56 +01:00
Ivo Truxa dac4dd465e ENH: Nagios filter 
added typical configuration settings for the nagios filter
 2014-02-03 21:51:49 +01:00
Ivo Truxa c91fda8619 ENH: Nagios filter 
Sample log for the first failregex is available in the testcases. No example available for the IPv6 denial yet.
 2014-02-03 21:46:07 +01:00
Daniel Black 273b2f45a3 MRG: remove the "no auth attempts" as per aseques gh-600 2014-01-29 20:43:51 +11:00
Daniel Black 9b614ce486 ENH: dovecot filter enhancements 2014-01-29 20:27:45 +11:00
Joan 84617fa6da Fixed a failing case 2014-01-28 16:19:35 +01:00
Joan 08171ba52f Removed the -no auth attempts- from the triggers because of lots of FP 2014-01-28 12:44:46 +01:00
Daniel Black 256c732bcd BF/ENH: filter pure-ftpd - re-add _daemon. Add translations 
_daemon was accidently removed in
89fd792dfb

Added translations from source code
 2014-01-25 12:19:46 +11:00
Daniel Black ca57427080 BF: firewallcmd-ipset had non-working actioncheck 2014-01-23 17:41:13 +11:00
Daniel Black 1452be4a3a Merge pull request #588 from grooverdan/badips 
ENH: Badips action (reporting)
 2014-01-17 23:10:29 -08:00
Daniel Black f566cab766 Merge branch 'master' into badips 2014-01-15 09:37:11 +11:00
Daniel Black 657da2041c BF: dovecot filters, session characters and order of session/tls in log messages 2014-01-15 08:02:47 +11:00
Daniel Black 01e5ae1234 Merge pull request #584 from grooverdan/exim-auth 
ENH: Exim auth
 2014-01-13 02:20:47 -08:00
Daniel Black 08b4f3e5f2 Merge branch 'patch-5' of https://github.com/truxoft/fail2ban into exim-auth 2014-01-13 19:26:12 +11:00
Ivo Truxa 2d8c0b26e4 Matching any Exim authentication name 
As explained in https://github.com/grooverdan/fail2ban/pull/4, in Exim there can be used plenty of other standard authentication names, and in fact the names can be custom. The failregex in Exim filter should catch authentication errors regardless of the name of the authentication. Hence replacing the plain|login with the general \w+
 2014-01-13 01:38:49 +01:00
Daniel Black 6b0e6b9bca ENH: add improper command pipelining postfix filter 2014-01-13 06:59:59 +11:00
Tomas Pihl b52a4441fd Support ACL-events without AccountID. Typically happens when a registration 
from an unknown domain is performed.

Add credits
 2014-01-12 01:28:55 +01:00
Steven Hiscocks 0dd6533680 BF: Add ejabberd-auth to jail.conf 2014-01-09 23:22:12 +00:00
Steven Hiscocks 128112d51c ENH: ejabberd filter 2014-01-09 22:47:17 +00:00
Yaroslav Halchenko 9a8b449086 DOC: some typos, fixes from Vincent Lefevre 2014-01-06 23:38:52 -05:00
Daniel Black 755af0a51e Merge pull request #562 from grooverdan/jail.conf-complete_and_correct 
ENH: Jail.conf now has all filters and TST: a mechanism to test this is truee
 2014-01-06 12:08:45 -08:00
Daniel Black 90fdf5fc21 ENH: jail.conf entry for groupoffice 2014-01-07 06:55:38 +11:00
Daniel Black 50eab4df81 ENH: add filter groupoffice. Closes gh-566 2014-01-06 21:56:22 +11:00
Steven Hiscocks 6c301ae210 Merge pull request #563 from grooverdan/gh-289-ssh 
BF: add expression for ssh filter for code 3: SSH2_DISCONNECT_KEY_EXCHAN...
 2014-01-05 09:55:05 -08:00
Daniel Black a8e0498389 BF: add expression for ssh filter for code 3: SSH2_DISCONNECT_KEY_EXCHANGE_FAILED. closes gh-289 2014-01-05 21:26:26 +11:00
Daniel Black a9f804e443 ENH: complete stock jail.conf to contain all filters 2014-01-05 21:03:16 +11:00
Daniel Black c37ee4cc52 DOC: filter.d/vsftpd doco from wiki 2014-01-05 11:30:56 +11:00
Daniel Black 6602937ee1 DOC: filter.d./pure-ftpd doco from wiki 2014-01-05 11:24:20 +11:00
Daniel Black d7666c8942 DOC: bit more on how to use freeswitch 2014-01-04 12:39:48 +11:00
Daniel Black 23f0b854da MRG: merge in freeswitch 2014-01-04 12:24:40 +11:00
Daniel Black 69b3a1cf64 BF: catchin DEBUG messages will result in duplicates 2014-01-04 12:10:51 +11:00
Daniel Black 5fe75436cc DOC: DEV NOTES before author names 2014-01-04 08:53:45 +11:00
Daniel Black 477f30665a DOC: ignoreip for internal ips on freeswitch 2014-01-04 08:31:42 +11:00