Commit Graph

5572 Commits (1e8ce20b325e1a60c92025e0512fe0a547552293)

Author SHA1 Message Date
sebres 061fab898a Merge branch '0.10' into 0.11 2021-03-22 00:58:03 +01:00
sebres e587526ede tests: add missing constraint (causing incomplete comparison in below cycle if fewer lines as expected was found) 2021-03-22 00:56:40 +01:00
sebres 343ccd7e8a small optimization 2021-03-21 23:35:38 +01:00
sebres 9bdc4be6cc stability: better recognition of rotation (e. g. on hash collision, consider current size and last known position now), no hash of empty file (or not fulfilled line), etc;
performance: avoid unnecessary seek to start of file and hash calculation - now it occurs only if file really rotated (ino changing or size shrinking), otherwise not earlier than in 30 seconds;
avoid unneeded log-rotation in tests
2021-03-21 23:35:09 +01:00
sebres 725354c793 action info extended with new members for jail info (usable as tags in command actions):
`jail.found`, `jail.found_total` - current and total found failures
  `jail.banned`, `jail.banned_total` - current and total bans
closes #10
2021-03-20 22:33:31 +01:00
oukb 529866b2bb
nsd.conf: fix for the current log format
New nsd 4.3.5 log format:

|  [2021-03-05 05:25:14.562] nsd[160800]: info: axfr for example.com. from 192.35.168.32 refused, no acl matches
|  [2021-03-06 05:24:33.223] nsd[356033]: info: axfr for localhost. from 192.35.168.160 refused, no acl matches
|  [2021-03-07 05:23:26.641] nsd[547893]: info: axfr for example.com. from 192.35.168.64 refused, no acl matches
|  [2021-03-08 05:18:54.067] nsd[739606]: info: axfr for example.com. from 192.35.168.32 refused, no acl matches
2021-03-08 19:14:28 +03:00
Mike Gabriel f15ed35619 config/: Add support for filtering out detected port scans via scanlogd. 2021-03-05 16:35:13 +01:00
Sergey G. Brester 08393f9d82
Update filter_request.md 2021-03-03 20:28:27 +01:00
sebres df5e024fb8 new issue templates 2021-03-03 20:16:34 +01:00
sebres fb08534ed7 Merge branch '0.11' 2021-03-03 18:17:35 +01:00
sebres 3eaefe8da0 Merge branch '0.10' into 0.11 2021-03-03 18:16:47 +01:00
sebres 04aba6168c fixed typo, `--` is not expected in options declaration, so `--dump-pretty` did never work (only `--dp` is working) 2021-03-03 13:02:00 +01:00
sebres a45b1c974c filter.d/ignorecommands/apache-fakegooglebot: added timeout parameter (default 55 seconds) - avoid fail with timeout (default 1 minute) by reverse lookup on some slow DNS services (googlebots must be resolved fast);
closes gh-2951
2021-03-02 19:35:27 +01:00
sebres 63acc862b1 `action.d/nginx-block-map.conf`: reload nginx only if it is running (also avoid error in nginx-errorlog, gh-2949) and better test coverage for the action 2021-02-24 18:21:42 +01:00
sebres fb6315ea5e Merge branch '0.10' into 0.11 2021-02-24 13:16:36 +01:00
sebres 6f4b6ec8cc action.d/badips.* removed (badips.com is no longer active, gh-2889) 2021-02-24 13:05:04 +01:00
sebres e3d43d1241 Merge branch 'fix-rc-on-too-many-failures' into 0.10: resolves RC with uncontrolled growth of failure list (jail with too many matches that did not cause ban, gh-2945) 2021-02-24 12:45:15 +01:00
sebres 92a2242174 amend fixing journal tests (systemd backend only) 2021-02-23 15:54:48 +01:00
sebres e353fb8024 fixed test cases (ban ASAP also followed in test suite now, so failure reached maxretry causes immediate ban now) 2021-02-23 02:46:44 +01:00
sebres 55d7d9e214 *WiP* try to solve RC on jails with too many failures without ban, gh-2945 ... 2021-02-22 18:39:58 +01:00
sebres 884cbbd6e1 Merge branch '0.11' 2021-02-17 19:04:23 +01:00
sebres abc5a4e062 ChangeLog (#2742) 2021-02-17 19:02:22 +01:00
sebres a0352182e8 Merge branch '0.10' into 0.11 2021-02-17 18:57:38 +01:00
sebres 294ec73f62 Merge branch 'py-3-10-alpha-5' into 0.10 2021-02-17 18:49:06 +01:00
Sergey G. Brester 9f1d1f4fbd amend for `Mapping` (jails) 2021-02-17 18:47:42 +01:00
Sergey G. Brester 42dee38ad2 amend for `Mapping` 2021-02-17 18:47:40 +01:00
Sergey G. Brester 2b6bb2c1be follow bpo-37324: :ref:`collections-abstract-base-classes` moved to the :mod:`collections.abc` module
(since 3.10-alpha.5 `MutableMapping` is missing in collections module)
2021-02-17 18:47:38 +01:00
Sergey G. Brester 8ae9208454 try to provide coverage for 3.10-alpha.5 (#2931) 2021-02-17 18:47:32 +01:00
Sergey G. Brester a2f0dbad87
Merge pull request #2742 from aresxc/patch-1
Update  drupal-auth.conf
2021-02-11 19:10:55 +01:00
Sergey G. Brester f4f92aa72d
more tests covering different cases, injections attempt etc 2021-02-11 18:56:53 +01:00
Sergey G. Brester d678440658
more precise RE (avoids weakness with catch-all's and is injection safe) 2021-02-11 18:32:32 +01:00
sebres ea26509594 Merge branch '0.11' 2021-02-03 14:59:00 +01:00
sebres 6198b4566c Merge branch '0.10' into 0.11 2021-02-03 14:47:56 +01:00
sebres 366c64cb9d extractOptions: ensure options are parsed completely - avoids unexpected skip or truncate of parameters, produces more verbose error message in case of incorrect syntax; added more tests covering several cases
WARN: potential incompatibility (since it doesn't silently ignore wrong syntax anymore)
2021-02-03 14:45:30 +01:00
sebres 409348394e Merge pull request #2913
Add transport to asterisk RE
2021-02-03 12:41:29 +01:00
Brian J. Murrell 7f185a828e Update date in failJSON
The date format in failJSON is specific, so convert the date to use that format.
2021-01-31 15:22:16 +01:00
Brian J. Murrell 69c96c00c0 Log entries for updated failregex
Add a sample failregex.

Signed-off-by: Brian J. Murrell <brian@interlinx.bc.ca>
2021-01-31 15:22:16 +01:00
Brian J. Murrell dc4ee5aa47 Add transport to asterisk RE
Call rejection messages from Asterisk can have the transport prefixed to the IP address.

Signed-off-by: Brian J. Murrell <brian@interlinx.bc.ca>
2021-01-31 15:22:16 +01:00
sebres c75748c5d3 fail2ban.conf: added new fail2ban configuration option "allowipv6" (default auto), can be used to allow or disallow IPv6 interface in fail2ban immediately by start (e. g. if fail2ban starts before network interfaces).
closes gh-2804
2021-01-27 17:06:14 +01:00
sebres 3700a9e523 invalidate IP/DNS caches by reload, so inter alia would allow to recognize IPv6IsAllowed immediately, previously retarded up to cache max-time (5m);
closes gh-2804
2021-01-26 20:35:14 +01:00
sebres 21dd317870 Merge branch '0.11' 2021-01-21 19:13:13 +01:00
sebres dbc77c47c3 Merge branch '0.10' into 0.11 2021-01-21 19:11:01 +01:00
sebres 913c37db80 more fixes and optimizations, better RE's for patterns, allow parse date without time with such a datepattern (assume 00:00:00 then), etc 2021-01-21 19:00:56 +01:00
sebres 0f44a3408a amend to 747d4683221b5584f9663695fb48145689b42ceb:
fail2ban-regex: loosen up date patterns %ExY, %Exy - let accept every year from 19xx up to current century (+3 years)
2021-01-21 19:00:53 +01:00
Sergey G. Brester 164105fab1
added new parameter `namespace` for systemd backend
closes gh-2910
2021-01-16 17:10:12 +01:00
Sergey G. Brester 5f3f4d1e2f
action.d/cloudflare.conf: better IPv6 capability
closes gh-2891
2021-01-11 15:23:40 +01:00
sebres 9df332fdef filter.d/apache-overflows.conf: extended to match AH00126 error (Invalid URI ...);
closes gh-2908
2021-01-11 15:10:53 +01:00
Michael Haro 2781e7b9d1 Add blank line so markdown renders correctly 2021-01-09 13:38:33 +01:00
Sergey G. Brester 2d4c3edeb6
Merge pull request #2906 from fail2ban/ci-py-3.10
CI: add python 3.10 (alpha) to github actions
2021-01-06 14:45:11 +01:00
Sergey G. Brester c9907bef0d
CI: 3.10.0-alpha.4 2021-01-06 14:37:34 +01:00