fail2ban

Commit Graph

Author	SHA1	Message	Date
Serg G. Brester	0effe76971	Merge pull request #1370 from theDogOfPavlov/patch-1 Added regex for LDAP authentication failures	9 years ago
jblachly	e9202fa0b2	Placed failure (illumos) at end of regex	9 years ago
theDogOfPavlov	fe1475be95	Additional exim regexes to cover common attacks...	9 years ago
theDogOfPavlov	cf2aa9c1c0	Added regex for LDAP authentication failures	9 years ago
jblachly	25c2334bc8	SmartOS PAM Authentication failed (not failURE) SmartOS (and likely other Illumos platforms) enter log entries for failed sshd logins of the form: `Authentication failed for USER from HOST` The current sshd.conf regex matches `failure` -- add to this a match for `failed` to support Illumos	9 years ago
Johannes Weberhofer	bd25a43417	define journalmatch setting for pure-ftps	9 years ago
Orion Poplawski	f3f813a925	- mysqld does not log login attempts to the journal. - Add /var/log/mysqld.log to mysql_log	9 years ago
sebres	37c9075fad	fixed monit filter: failregex find now both previous and new versions: - failregex of previous monit version merged as single expression; - extended failregex with new monit "access denied" version;	9 years ago
Orion Poplawski	dfc65018da	Fedora use mariadb by default, fix log path	9 years ago
sebres	d7e7b52013	Merge remote-tracking branch 'remotes/gh-upstream/master' into f2b-perfom-prepare-716	9 years ago
Yaroslav Halchenko	385b50e4a9	Merge pull request #1343 from denics/master adding wp-admin to bot search	9 years ago
Denix	ed0e572bfc	added wp-admin bot are very annoying and I am getting a lot of checks on wp-admin. This should calm them.	9 years ago
Yaroslav Halchenko	6ffbc1ffad	ENH: revert back to having detailed suffix anchored at the end for mysqld-auto.conf As discussed in https://github.com/fail2ban/fail2ban/pull/1333#discussion_r54100127	9 years ago
Yaroslav Halchenko	3e31145c33	Merge pull request #1331 from whyscream/postfix-multi-instance-support Add support for matching postfix multi-instance daemon names by default	9 years ago
sebres	667785b608	mysqld: failregex fixed (accepts different log level, more secure expression now); closes #1332	9 years ago
Tom Hendrikx	6c606cf98f	Add support for matching postfix multi-instance daemon names by default	9 years ago
Yaroslav Halchenko	905c87ca4a	Merge pull request #1310 from yarikoptic/pr-1288 NF: HAProxy HTTP Auth filter	9 years ago
sebres	d8e81eb417	regexp rewritten (few vulnerable as previous) + test case added	9 years ago
3eBoP	257b7049d8	Update asterisk filter: changed regex for "Call from ...". Sometimes extension can have a plus symbol (+) because they can be phone number. Closes #1309	9 years ago
Pierre GINDRAUD	b5a07741c8	Add new regex into postfix filter. The new regexp is able to detect bad formatted SMTP EHLO command	9 years ago
Yaroslav Halchenko	3f437b32db	Merge remote-tracking branch 'pr/1288/head' * pr/1288/head: Update haproxy-http-auth.conf Added HAProxy HTTP Auth filter Conflicts: config/jail.conf - resolved + removed unnecessary filter/enabled (defaults should be as good)	9 years ago
Yaroslav Halchenko	377ea32441	Merge pull request #1295 from obounaim/master The sender option is ignored by some actions	9 years ago
Serg G. Brester	fe14c8fa05	Merge pull request #1292 from albel727/master Add nftables actions	9 years ago
Jordan Moeser	d7b46509d8	Update haproxy-http-auth.conf Updated failregex to be more strict	9 years ago
local	40c0bed82c	action_mw, action_mwl, action_cf_mwl ignore the "sender" option when sending a notification email. This commit adds "sender="%(sender)s"" to the three actions to correct this issue.	9 years ago
Yaroslav Halchenko	5d0d96a5cb	Merge pull request #1286 from yarikoptic/enh-jail ENH: harmonize jail.conf + 1 more test that passed bantime is non-degenerate and int	9 years ago
Alexander Belykh	985e8938a4	Refactor nftables actionstop into smaller parts	9 years ago
Alexander Belykh	9779eeb986	Add nftables_type/family/table parameters	9 years ago
Alexander Belykh	260c30535d	Escape curly braces in nftables actions	9 years ago
Alexander Belykh	1983e15580	Add empty line between parameters in nftables-common.conf	9 years ago
Alexander Belykh	f7f91a8bd4	Refactor common code out of nftables-multiport/allports.conf	9 years ago
sebres	69f5623f83	code simplifying (remove duplication): agent will be always supplied as parameter from jail.conf	9 years ago
Alexander Belykh	618e97bce8	Add nftables actions	9 years ago
sebres	ac31121432	amend to fix fail2ban-version: correct user-agent for badips.py "Fail2Ban/ver", changeable within jail/config now;	9 years ago
Jordan Moeser	e133762a28	Added HAProxy HTTP Auth filter	9 years ago
sebres	cf334421bd	Provides fail2ban version to jail (as interpolation variable during parse of jail.conf); BF: use `fail2ban_agent` as user-agent in actions badips, blocklist_de, etc. (closes #1271, closes #1272)	9 years ago
Yaroslav Halchenko	28c9832293	RF: harmonize jail.conf (no explicit enabled=false in jails, match filter name for screesharingd, etc)	9 years ago
Yaroslav Halchenko	69aa1feac0	Merge "Mac OS Screen Sharing filter" PR 1232 * pr/1232/head: removed system.log Removed old svn revision comment removed false matches Removed includes comment for screensharing jail Now using a literal logpath for screensharing jail Fixed blatant typo in regex clarified comments on sample log format Fixed name (again?) Made screensharing jail off by default Changed regex prequel added entry for new screensharingd filter name change & new sample data Added json metadata Sample log for test case Replaced .* with literal Update jail.conf Added new path variable for system.log Added in settings for screensharingd filter Created file Conflicts: ChangeLog - moved to New Features config/jail.conf - kept at the end	9 years ago
sebres	d22b2498d4	normalizing time config entries: use time abbreviation (str2seconds) for all time options such 'dbpurgeage', 'bantime', 'findtime', ex.: default '1d' instead '86400'; code review and test case extended;	9 years ago
Yaroslav Halchenko	26dd6d7425	Merge pull request #1258 from aleksandrs-ledovskis/feature/postfix-domain-not-found-failregex Add 'Sender address rejected: Domain not found' Postfix failregex	9 years ago
Ross Brown	8d12dba245	Merge remote-tracking branch 'upstream/master'	9 years ago
Ross Brown	ead2d509dc	Updated 'murmur' filter to use new double-anchored regex based on @yarikoptic's suggestions.	9 years ago
Yaroslav Halchenko	5d6cead996	ENH: sshd filter -- match new "maximum auth attempts exceeded" (Closes #1269 )	9 years ago
Ross Brown	106c3eab9a	Added filter and jail for murmur/mumble-server.	9 years ago
Aleksandrs Ļedovskis	fa59a6850f	Add 'Sender address rejected: Domain not found' Postfix failregex Signed-off-by: Aleksandrs Ļedovskis <aleksandrs@ledovskis.lv>	9 years ago
Orion Poplawski	c656cb0d36	Merge branch 'master' into journaldefault Conflicts: ChangeLog	9 years ago
Orion Poplawski	ba76f4ca2f	Fix typo	9 years ago
Simon Brown	69bb532db0	removed system.log	9 years ago
Simon Brown	3e16f33dbe	Removed old svn revision comment	9 years ago
Serg G. Brester	eef7771b4e	Merge pull request #1238 from sebres/fix/gh-1216 Fixed directly defined banaction for allports jails like pam-generic, recidive, etc	9 years ago
sebres	e825e977cc	Nginx log paths extended (prefixed with "*" wildcard) closes gh-1237	9 years ago
sebres	f359ed8c36	Fixed directly defined banaction for allports jails like pam-generic, recidive, etc with new default variable `banaction_allports` (+ man entries for both variables added); closes gh-1216	9 years ago
Simon Brown	5839a3bd80	Removed includes comment for screensharing jail	9 years ago
sebres	53b39162a1	Shortly, much faster and stable version of regexp (possible because expression is start-anchored and does not contains closely to catch-all sub expressions)	9 years ago
sebres	6884593ab8	New filter `nginx-limit-req` ban hosts, that were failed through nginx by limit request processing rate (ngx_http_limit_req_module)	9 years ago
Orion Poplawski	0661aece46	Merge branch 'master' into journaldefault Conflicts: ChangeLog	9 years ago
Simon Brown	65bc5cf6ba	Now using a literal logpath for screensharing jail	9 years ago
Simon Brown	cabd46f069	Fixed blatant typo in regex However, still failing test, even though ```PYTHONPATH=. fail2ban-regex -v fail2ban/tests/files/logs/screensharingd /etc/fail2ban/filter.d/screensharingd.conf``` gives desired result	9 years ago
Simon Brown	acee68a9ee	Made screensharing jail off by default Also added note about requiring paths-osx.conf.	9 years ago
Simon Brown	4b4d5a95b7	Changed regex prequel Use standard prefix macro instead of literal daemon name.	9 years ago
Simon Brown	4c3f778b82	Replaced .* with literal Per Serg's suggestions. Possible I'm missing some auth attempt types, but I couldn't find anything where literal wasn't sufficient.	9 years ago
Simon Brown	d17d837b8c	Update jail.conf Added logencoding to screensharing jail to avoid encoding error messages in fail2ban log	9 years ago
Simon Brown	de14946542	Added new path variable for system.log Logging location for the majority of Mac OS daemons.	9 years ago
Simon Brown	80546c6164	Added in settings for screensharingd filter	9 years ago
Simon Brown	3ec725a2ba	Created file From https://github.com/beezwax/filemaker-fail2ban/blob/master/fail2ban/filter.d/screensharingd.conf	9 years ago
1technophile	2861a957a9	filter for openhab domotic software authentication failure with the rest api and web interface + test cases; closes gh-1223	9 years ago
Pablo Rodriguez Fernandez	2c576c64f8	Change domain filter regex Change domain filter regex since there are other Google crawlers. See "Google crawlers" <https://support.google.com/webmasters/answer/1061943?hl=en>	9 years ago
Pablo Rodriguez Fernandez	74fcb219ab	Enhanced Google domain detection in apache-fakegooglebot Previously, an attacker could fake a domain like crawl-1-1-1-1.googlebot.com.fake.net and get resolved. This change avoids to resolve fake Google domains.	9 years ago
Orion Poplawski	3a9cf2b3da	Add and use default_backend to set individual backend defaults to auto	9 years ago
Orion Poplawski	ced7be94b2	Fix postfix_log typo	9 years ago
Orion Poplawski	75d33c0f09	Add *_backend options for services to allow distros to set the default backend per service. Set default to systemd for Fedora as appropriate.	9 years ago
Pablo Rodriguez Fernandez	a28e6b442e	Add check in apache-fakegooglebot to protect against PTR fake record An attacker may return a PTR record which fakes a Googlebot's domain name. This modification resolves the PTR records to verify it. See "Verifying Googlebot": <https://support.google.com/webmasters/answer/80553?vid=1-635800030504666679-1963774919>	9 years ago
agentmoller001	617302fcc2	Updated route.conf to clear warnings Does not throw warnings when starting/restarting by adding three lines of code.	9 years ago
sebres	2696ede251	mysqld-auth: Updated "Access denied ..." regex for MySQL 5.6 and later closes gh-1211	9 years ago
Kevin Locke	36919d9f97	ssh.conf: Fix disconnect "Auth fail" matching The regex for matching against "Auth fail" disconnect log message does not match against current versions of ssh. OpenSSH 5.9 introduced privilege separation of the pre-auth process, which included [logging through monitor.c](http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/monitor.c.diff?r1=1.113&r2=1.114) which adds " [preauth]" to the end of each message and causes the log level to be prepended to each message. It also fails to match against clients which send a disconnect message with a description that is either empty or includes a space, since this is the content in the log message after the disconnect code, per [packet.c:1785](http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/packet.c?annotate=1.215), which was matched by \S+. Although I have not observed this yet, I couldn't find anything which would preclude it in [RFC 4253](https://tools.ietf.org/html/rfc4253#section-11.1) and since the message is attacker-controlled it provides a way to avoid getting banned. This commit fixes both issues. Signed-off-by: Kevin Locke <kevin@kevinlocke.name>	9 years ago
Viktor Szépe	0d8968daa9	Added CloudFlare API error codes URL	9 years ago
Yaroslav Halchenko	ff06176e9e	Merge remote-tracking branch 'origin/master' into enh-split-comma * origin/master: DOC: changelog for the timeout change Set Timeout at urlopen to 3 seconds README :: init/service example mentions debian based systems as the example README :: fitted paragraph style BF: disable testing on python 3.2 until coverage gets a fix README :: Some style/grammar tweaks, and init/service script mention. Re: #1193 Set Timeout at urlopen to 3 seconds	9 years ago
M. Maraun	2895d981fa	Set Timeout at urlopen to 3 seconds	9 years ago
Yaroslav Halchenko	8cf614e221	ENH: allow to split ignoreip by space and/or comma (Closes #1197 ) Way too many people ran into this gotcha, so lets just do it	9 years ago
Yaroslav Halchenko	55e542b273	Merge remote-tracking branch 'pr/1170/head' -- opensuse paths * pr/1170/head: Updated ChangeLog regarding openSUSE's path config Added configuration for opensuse path	9 years ago
Edward Beckett	835b3ff483	Update apache-badbots.conf Useragent strings including `+http` need to be escaped to be valid.	9 years ago
weberho	f7af93a677	Added configuration for opensuse path	9 years ago
weberho	d278fbca30	Fixed line suspected to be faulty	9 years ago
Yaroslav Halchenko	c37009aec7	Merge branch 'grep-m1k' of github.com:szepeviktor/fail2ban * 'grep-m1k' of github.com:szepeviktor/fail2ban: Limit the number of log lines in *-lines.conf actions Conflicts: ChangeLog -- took both versions and adjusted the new one for -n 1000 change	9 years ago
Yaroslav Halchenko	38c320798d	Merge pull request #1127 from yarikoptic/enh-iptables-w-close-1122 WIP ENH Add <lockingopt> (Close: #1122) and <iptables> to define the iptables call	9 years ago
Yaroslav Halchenko	0041bc3770	DOC: Changelog for shorewall-ipset-proto6.conf + adjusted its description	9 years ago
Yaroslav Halchenko	de2f9504c0	Merge pull request #978 from ediazrod/patch-2 shorewall-ipset-proto6.conf for shorewall	9 years ago
Yaroslav Halchenko	65cd218e10	Merge remote-tracking branch 'origin/master' * origin/master: ipjailmatches is on one line with its description in man jail.conf Added a space between IP address and the following colon	9 years ago
Viktor Szépe	c8b3ee10a0	Limit the number of log lines in *-lines.conf actions	9 years ago
Thomas Mayer	a19cb1b2b9	Merge `923d807ef8` into `cf2feea987`	9 years ago
Yaroslav Halchenko	3c0d7f5a4c	BF: do not wrap iptables into itself. Thanks Lee	9 years ago
Viktor Szépe	ebdfbae559	Added a space between IP address and the following colon	9 years ago
Yaroslav Halchenko	749d3c160c	BF: symbiosis-blacklist-allports now also requires iptables-common.conf	9 years ago
Yaroslav Halchenko	916937bb6a	RF: use <iptables> to take effect of it being a parameter	9 years ago
Yaroslav Halchenko	31dc4e2263	ENH: added lockingopt option for iptables actions, made iptables cmd itself a parameter	9 years ago
Yaroslav Halchenko	7a011fca1b	DOC: adjusted comment in pass2allow-ftp to my suggested wording	10 years ago
Viktor Szépe	948b12e5df	Fixed definition of knocking_url for pass2allow	10 years ago
Viktor Szépe	b638e807ad	Explicitly stating that knocking_url needs to be customized	10 years ago
Viktor Szépe	586703dcc2	Test, changelog and fixes to pass2allow	10 years ago
Viktor Szépe	5b7e1de2f4	Instead of allow-iptables-multiport actions swap blocktype and (new) returntype	10 years ago
Viktor Szépe	5d60700c0c	Added pass2allow (knocking with fail2ban)	10 years ago
Viktor Szépe	a3b8257b73	Add HEAD method verb to apache-badbots, nginx-badbots	10 years ago
Yaroslav Halchenko	8c4c17a880	Merge pull request #1004 from tsabi/fix-lc_time Fix of LC_TIME usage, it should be LC_ALL	10 years ago
Yaroslav Halchenko	e38b4b8cb3	Merge pull request #1051 from leeclemens/bf/roundcube Update regex to work with roundcube 1.0.5 and 1.1.1	10 years ago
Lee Clemens	3e902d7b3a	Define roundcube_errors_log in paths-common.conf Remove from paths-debian	10 years ago
Lee Clemens	fdc3172aec	Fix PEP8 E302 expected 2 blank lines, found X	10 years ago
Lee Clemens	f7444f16b8	Add optional session id prefix for roundcube 1.1.1	10 years ago
Lee Clemens	2796534a5d	Update regex to work with roundcube 1.0.5 on CentOS 6	10 years ago
Viktor Szépe	b65a8b065d	Other actions do not dive into this gory descriptions, but we do.	10 years ago
Viktor Szépe	2063ce4b23	All the arguments must be listed in [Init]	10 years ago
Viktor Szépe	79457112e9	Updated CF action	10 years ago
Yaroslav Halchenko	345820d2aa	Merge pull request #1056 from ipoddubny/asterisk_security_log Fix support for Asterisk security log	10 years ago
Yaroslav Halchenko	f41872f034	Merge pull request #1013 from szepeviktor/patch-4 Non-US locale warning for proftpd	10 years ago
Yaroslav Halchenko	eb091d9b8c	Merge remote-tracking branch 'origin/master' into pr-1039 * origin/master: minor: no tripple empty lines add froxlor-auth filter and jail add froxlor-auth filter and jail 0 add froxlor-auth filter and jail BF: Fix fail2ban-regex not parsing journalmatch correctly	10 years ago
Yaroslav Halchenko	8c4d4aa7fb	minor: no tripple empty lines	10 years ago
Joern Muehlencord	4296d1a9a9	add froxlor-auth filter and jail	10 years ago
Joern Muehlencord	964cdb5d9b	add froxlor-auth filter and jail	10 years ago
Ivan Poddubny	7a4e6fa6e5	Asterisk security log: add support for websocket protocol events Thanks to @kcormier.	10 years ago
Ivan Poddubny	988d9a08da	Asterisk security log: accept events containing Response/ExpectedResponse Event containing Challenge may come without ReceivedChallenge, but with Response and ExpectedResponse. Also Challenge now accepts '/' character, since it is used at least by PJSIP.	10 years ago
Ivan Poddubny	189265a323	Asterisk security log: accept SessionID of PJSIP events Unlike chan_sip and manager, PJSIP populates SessionID using Call-Id header of a related SIP message. As Call-Id of a SIP message can contain almost anything, the regular expression for SessionID has been loosened.	10 years ago
Ivan Poddubny	ab2ac1a367	Asterisk security log: accept <unknown> in AccountID	10 years ago
Ivan Poddubny	977f9955e7	Asterisk security log: accept EventTV in ISO8601 Asterisk uses ISO8601 dates in security log since version 12. Closes #988	10 years ago
Anton Shestakov	56e5821c06	Match unknown user in dovecot's passwd-file auth database	10 years ago
Aaron Brice	7ae0ef2408	Fix actions in ufw.conf On Ubuntu 15.04 the ufw action was not working. - With empty <application>, receiving errors: 2015-04-24 16:28:35,204 fail2ban.filter [8527]: INFO [sshd] Found 43.255.190.157 2015-04-24 16:28:35,695 fail2ban.actions [8527]: NOTICE [sshd] Ban 43.255.190.157 2015-04-24 16:28:35,802 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- stdout: b'' 2015-04-24 16:28:35,803 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- stderr: b'' 2015-04-24 16:28:35,803 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- returned 1 - With action = ufw[application=OpenSSH], it was silently not doing anything (no errors after "Ban x.x.x.x", but no IP addresses in ufw status). Re-arranged the bash commands on two lines, and it works with or without <application>.	10 years ago
Lee Clemens	8f792f52fb	Add drupal-auth filter and jail	10 years ago
Lee Clemens	b530d88eca	Merge remote-tracking branch 'upstream/master' into bf/1000-asteriskBlocksSelf Conflicts: ChangeLog	10 years ago
Markus Oesterle	f8c7247f42	added \s after host	10 years ago
Markus Oesterle	5f2807b41f	replaced .* before rhost with regex matching all the previous fields	10 years ago
Markus Oesterle	8825a5f31b	updated filter.d/sshd.conf Added line to match sshd auth errors on OpenSuSE systems	10 years ago
Viktor Szépe	e776a4e1ab	Update proftpd.conf	10 years ago
Viktor Szépe	f9e8a99a79	Non-US locale warning for proftpd	10 years ago
Thomas Mayer	923d807ef8	use human-readable variable names (issue #1003 )	10 years ago
Thomas Mayer	675c3a7c95	use printf instead of echo for POSIX compatibility (issue #1003 )	10 years ago
Thomas Mayer	ac1e41ea70	Revert "remove '-ne' option as it's not interpreted any way (issue #1003 )" This reverts commit `4a598070c8`.	10 years ago
Thomas Mayer	4a598070c8	remove '-ne' option as it's not interpreted any way (issue #1003 )	10 years ago
Thomas Mayer	80f11a4d28	Add empty Init Section to pass tests (issue #1003 )	10 years ago
Thomas Mayer	c9b24839e4	Character detection heuristics for whois output via optional setting in mail-whois*.conf (Closes #1003 ) when set by user, - detects character set of whois output (which is undefined by RFC 3912) via heuristics of the file command - converts whois data to UTF-8 character set with iconv - sends the whois output in UTF-8 character set to mail program - avoids that heirloom mailx creates binary attachment for input with unknown character set	10 years ago
Csaba Tóth	0720c831b7	Fix of LC_TIME usage, it should be LC_ALL	10 years ago
Lee Clemens	72f4bcfbff	Match hacking attempt IP instead of asterisk server IP (closes #1000 )	10 years ago
Yaroslav Halchenko	d28880fdca	Merge pull request #997 from yarikoptic/bf/long-purge-for-recidive DOC: make a warning for recidive jail to increase dbpurgeage (Closes #964)	10 years ago
ediazrod	5fdd1d1ded	Update shorewall-ipset-proto6.conf	10 years ago
ediazrod	e26a1ad6b6	Update shorewall-ipset-proto6.conf	10 years ago
Yaroslav Halchenko	56aacf872c	Merge pull request #952 from ache/master Update bsd-ipfw.conf	10 years ago
Yaroslav Halchenko	02836b599c	Added a comment about systemd backend for jails with logs outside of journal (Closes #959 )	10 years ago
Yaroslav Halchenko	320a28a4a4	DOC: make a warning for recidive jail to increase dbpurgeage (Closes #964 )	10 years ago
ediazrod	d0887f3234	This is a especific configuration for shorewall ipset proto6 Use ipset proto6 in shorewall. You must follow the rules to enable ipset in you blacklist if you have a lot of spam (my case) is better use ipset rather than shorewall command line (is my firewall) stop fail2ban with shorewall on one list of 1000 Ips takes 5 min with ipset in shorewall 10 sec.	10 years ago
Yaroslav Halchenko	e788e3823e	Merge pull request #965 from TorontoMedia/master Split output of firewallcmd list into separate lines for grepping (Close #908)	10 years ago
TorontoMedia	b4f1f613bb	Update firewallcmd-allports.conf	10 years ago
TorontoMedia	0fac7e40b6	Update firewallcmd-multiport.conf	10 years ago
Yaroslav Halchenko	07b0ab07ad	Merge branch 'master' of https://github.com/rumple010/fail2ban * 'master' of https://github.com/rumple010/fail2ban: Changed default TTL value to 60 seconds. Added a reminder to create an nsupdate.local file to set required options. Modified the ChangeLog and THANKS files to reflect the addition of action.d/nsupdate.conf. add nsupdate action Conflicts: ChangeLog	10 years ago
Yaroslav Halchenko	d5e68abf95	ENH: check badips.com response on presence of "categories" in it As https://travis-ci.org/fail2ban/fail2ban/jobs/50609529 query might fail in that response would not contain "categories". With this change we will handle it explicitly and will spit out ValueError, providing information about the response so it could be troubleshooted	10 years ago
Ache	ae1451b29f	Update bsd-ipfw.conf Deleting not existent is not error. Adding already present is not error. Otherwise all those entries becomes stale forever, not removed and its number increases over time.	10 years ago
Yaroslav Halchenko	3fb2becddb	Merge pull request #949 from leeclemens/enh/configSyslogSocket Configure Syslog Socket Path (closes #814)	10 years ago
Lee Clemens	6268eb32be	Use syslogsocket value "auto" to determine syslog socket's path	10 years ago
Luke Hollins	549ab24e70	Fixed grammatical error in emails sent	10 years ago
Yaroslav Halchenko	119a7bbb16	Merge pull request #939 from szepeviktor/geoip Added sendmail-geoip-lines.conf	10 years ago
Viktor Szépe	4c88a00c28	Line notes implemented	10 years ago
Lee Clemens	445fd7367f	Configure Syslog Socket Path	10 years ago
František Šumšal	eb0d086ed0	Merge branch 'master' into nginx-botsearch	10 years ago
František Šumšal	1c6d2074fb	Changed default settings for nginx-botseach filter	10 years ago
Orion Poplawski	e7ff7e90b7	[postfix-sasl] update regexes - Add : to match "SASL LOGIN authentication failed: Password:" - Add ignoreregex to ignore system authentication issues: "warning: unknown[1.1.1.1]: SASL LOGIN authentication failed: Connection lost to authentication server" - Add test log messages for both	10 years ago
František Šumšal	fb0f463eac	Include consistency	10 years ago
František Šumšal	705718be52	Filter apache-botsearch.conf now loads variables from botsearch-common.conf	10 years ago
František Šumšal	18778d9174	Created botsearch-common.conf File contains variables used in -botsearch filters	10 years ago
Yaroslav Halchenko	73af02ffc6	Merge pull request #940 from leeclemens/ENH/ApacheFakeGoogleBot New jail: apache-fakegooglebot	10 years ago
Yaroslav Halchenko	df581fe6e2	Merge pull request #929 from opoplawski/pam_auth Add filter variable __pam_auth to allow customize for setups with multiple authorization schemes (Close #928)	10 years ago
Yaroslav Halchenko	7ada96b4e9	Merge pull request #932 from opoplawski/dovecot Dovecot - dovecot auth failure from EL7	10 years ago
František Šumšal	f8fe165cd2	Switched from tabs to spaces for indents	10 years ago
Yaroslav Halchenko	8f6d9c6a5a	Merge branch 'enh/local_time_zone' of https://github.com/yarikoptic/fail2ban * 'enh/local_time_zone' of https://github.com/yarikoptic/fail2ban: fixed typos, thanks szepeviktor for review ENH: use non-UTC date invocation (without -u) and report offset for localzone (%z) Conflicts: ChangeLog	10 years ago
Lee Clemens	841c476045	Merge branch 'enh/fakegooglebot' of https://github.com/yarikoptic/fail2ban into yarikoptic-enh/fakegooglebot Conflicts: config/filter.d/ignorecommands/apache-fakegooglebot	10 years ago
Yaroslav Halchenko	15b65c7ad2	NF: apache-fakegooglebot ignorecommand + DNSUtils.ipToName	10 years ago
Lee Clemens	7e94ba6f0c	Remove implementation specific suffix	10 years ago
Lee Clemens	854915920f	Remove implementation specific suffix	10 years ago
Lee Clemens	af078532ac	New jail: apache-fakegooglebot Detects fake googlebot user agents in apache access log	10 years ago
Viktor Szépe	1619ab3145	Added sendmail-geoip-lines.conf	10 years ago
Yaroslav Halchenko	ec6a30efcf	ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934 )	10 years ago
František Šumšal	c8e82f18b6	Add jail nginx-botsearch Jail blocks requests for predefined non-existent folders. Based on apache-botsearch jail.	10 years ago
Orion Poplawski	b4776a1ba0	Match dovecot unknown user line	10 years ago
Orion Poplawski	3bc92610f7	Add dovecot auth failure from EL7	10 years ago
Andrew St. Jean	6bdfe756cf	Changed default TTL value to 60 seconds.	10 years ago
Orion Poplawski	79b5a2617f	Add filter variable __pam_auth to allow easier changing of pam auth backend	10 years ago
Andrew St. Jean	43732acae1	Added a reminder to create an nsupdate.local file to set required options.	10 years ago
Yaroslav Halchenko	085d0f72ed	ENH: use non-UTC date invocation (without -u) and report offset for localzone (%z)	10 years ago
Yaroslav Halchenko	65980a70fc	Merge branch 'enh/recidive-allports' of https://github.com/yarikoptic/fail2ban * 'enh/recidive-allports' of https://github.com/yarikoptic/fail2ban: use iptables-allports for recidive Conflicts: ChangeLog	10 years ago
rumple010	eb76dcd5a0	add nsupdate action Adds a new action file that uses nsupdate to dynamically update a BIND zone file with a TXT resource record representing a banned IP address. Resource record is deleted from the zone when the ban expires.	10 years ago
sebres	12e3cca3f2	port[s] typo fixed in jail.conf/nginx-http-auth, issue gh-913	10 years ago
Yaroslav Halchenko	083031524d	BF: adding missing Definition section header to firewallcmd-allports	10 years ago
TorontoMedia	d7b7f4bc91	Update firewallcmd-allports.conf	10 years ago
Lee Clemens	77677e43df	Merge branch 'master' of github.com:fail2ban/fail2ban into ENH/PostfixRBL	10 years ago
Lee Clemens	bda8dc1926	Merge branch 'master' of github.com:fail2ban/fail2ban into ENH/PostfixRBL	10 years ago
TorontoMedia	7eed55266b	Created firewallcmd-multiport	10 years ago
TorontoMedia	9f91cb2fd8	Created firewallcmd-allports	10 years ago
TorontoMedia	50e5fd9ed7	Create firewallcmd-multiport.conf	10 years ago
TorontoMedia	591e444753	Create firewallcmd-allports.conf	10 years ago
Lee Clemens	0f48cf4284	loosen up regex for spamhaus (spamcop says "Blocked" as part of url)	10 years ago
Lee Clemens	fe72a5585c	Create Jail for Postfix based on RBL Use RBL blocks to ban addresses, unique Jail so maxretry can be set to 1 (vs postfix.conf)	10 years ago
Lee Clemens	2d7429c47c	Add 'Client host rejected error message' regex Not sure if it was reworded (using Postfix 2.6) or a slightly different error, but I only have "Client host rejected: cannot find your hostname"	10 years ago
Viktor Szépe	81b3dbde1d	postfix-sasl failregex case insensitive	10 years ago
bes-internal	ccc986b7d8	exim filter: correct failregex for exim with extended log options incoming_interface, incoming_port, outgoing_port	10 years ago
Orion Poplawski	d8867807f5	Separate php-url-fopen logpath by newline	10 years ago

... 2 3 4 5 6 ...

1242 Commits (1e6787877a98ab21d9a09287b132a5256b9373f6)