github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
2,438 Commits
34 Branches
229 Tags
21 MiB
Commit Graph

764 Commits (212d05dc0bbea7c776adbc0a9a506cb7e86ae3b9)

Author SHA1 Message Date
Daniel Black cc463aa60d Merge pull request #620 from kwirk/xarf-tweaks 
BF: Fix misplaced ";", and duplicate {ip,}matches
 2014-02-20 09:16:11 +11:00
Daniel Black a044517cb7 MRG: from master to 0.9 2014-02-20 2014-02-20 08:35:24 +11:00
Steven Hiscocks 8c5525163b BF: Fix misplaced ";", and duplicate {ip,}matches 2014-02-18 15:13:02 +00:00
Steven Hiscocks 7c76f7f204 BF: $EUID not avilable in all shells, replaced with `id -u` in xt_recent 2014-02-16 17:56:06 +00:00
Steven Hiscocks 2a37ee2fb7 ENH: Add root user check in xt_recent, and add missing actionstop 
Thanks to Helmut Grohne on IRC for suggestion
 2014-02-16 16:52:30 +00:00
Steven Hiscocks f68d85a6ac Merge branch 'master' into 0.9 
Conflicts:
	ChangeLog
                Spelling correction of 0.8.13 fixed in master
	config/jail.conf
                Added nagios and duplicate php-url removal in master
                Just nagios added, duplicate not issue in 0.9
 2014-02-13 20:14:40 +00:00
Daniel Black c701ac9276 DOC: document LogLevel requirement for "Connection from" regex" 2014-02-13 16:20:36 +11:00
Daniel Black 5f4d0ed576 ENH: ssh filter - "Disconnecting: Too many authentication failures.." matching Connection log message 2014-02-13 09:13:46 +11:00
Aarón Nieves Fernández 993b7d3dfb Duplicate jail "php-url-fopen" 2014-02-10 21:41:50 +01:00
Ivo Truxa c207ad6058 removing ignoreip at [nagios] 
I removed the ignoreip setting from the nagios section. As pointed out, it is redundant here. Nagios server, under normal circumstances should not trigger any access errors, and would be included in the global ignoreips anyway.
 2014-02-06 00:27:38 +01:00
Ivo Truxa f5f434f846 removing the second failregex 
The second failregex was supposed to catch an error concerning an ACL denial over IPv6, but this message is no more generated by the nrpe version (v2.15) that introduced the IPv6 support, so the first failregex seems to be sufficient.
 2014-02-06 00:22:05 +01:00
Ivo Truxa a71bb89ccd removing a dot (typo) 
The dot at the ignoregex did not belong there. Somehow it was added during the copying and pasting. Thanks for reporting it, I did not see it. Otherwise, empty ignoregexes are in all filters, and if they are missing, fail2ban client shows warnings when starting the filter, which I prefer avoiding.
 2014-02-03 23:12:56 +01:00
Ivo Truxa dac4dd465e ENH: Nagios filter 
added typical configuration settings for the nagios filter
 2014-02-03 21:51:49 +01:00
Ivo Truxa c91fda8619 ENH: Nagios filter 
Sample log for the first failregex is available in the testcases. No example available for the IPv6 denial yet.
 2014-02-03 21:46:07 +01:00
Daniel Black ef82eac790 DOC: openssh real protection is pubkey 2014-02-02 15:16:40 +11:00
Daniel Black 59b9045e88 MRG: from master 2014-02-02 2014-02-02 13:21:16 +11:00
Daniel Black 273b2f45a3 MRG: remove the "no auth attempts" as per aseques gh-600 2014-01-29 20:43:51 +11:00
Daniel Black 9b614ce486 ENH: dovecot filter enhancements 2014-01-29 20:27:45 +11:00
Joan 84617fa6da Fixed a failing case 2014-01-28 16:19:35 +01:00
Joan 08171ba52f Removed the -no auth attempts- from the triggers because of lots of FP 2014-01-28 12:44:46 +01:00
Daniel Black a749a2780e Merge pull request #593 from grooverdan/tine 
ENH: Tine20 filter
 2014-01-26 18:50:42 -08:00
Daniel Black 256c732bcd BF/ENH: filter pure-ftpd - re-add _daemon. Add translations 
_daemon was accidently removed in
89fd792dfb

Added translations from source code
 2014-01-25 12:19:46 +11:00
Daniel Black 1e1261ccb4 MRG: from master 2014-01-23 2014-01-23 17:45:18 +11:00
Daniel Black ca57427080 BF: firewallcmd-ipset had non-working actioncheck 2014-01-23 17:41:13 +11:00
Daniel Black c8ae064b79 ENH: tighten regex and change failJSON to support timezone. Closes gh-583 2014-01-22 22:16:03 +11:00
Daniel Black 2063d96e59 MRG: import Lars' PR for tine20 2014-01-22 18:12:19 +11:00
Steven Hiscocks 8221c7ca71 TST+BF: Add tests for python actions, including test for smtp.py 
Also fix bug when specifying multiple recipients for smtp.py action
 2014-01-20 23:10:43 +00:00
Steven Hiscocks a0f39255bc BF: Kerio log datepattern fix for recent datepattern full regex merge 2014-01-20 23:00:38 +00:00
Daniel Black a650178bd1 MRG: merge from master 2014-01-19 2014-01-19 14:48:29 +11:00
Daniel Black 263ac32730 ENH: test log samples for kerio thanks to 
Tony Lawrence
 2014-01-18 23:18:33 +11:00
Daniel Black 1452be4a3a Merge pull request #588 from grooverdan/badips 
ENH: Badips action (reporting)
 2014-01-17 23:10:29 -08:00
Daniel Black f566cab766 Merge branch 'master' into badips 2014-01-15 09:37:11 +11:00
Daniel Black 657da2041c BF: dovecot filters, session characters and order of session/tls in log messages 2014-01-15 08:02:47 +11:00
Daniel Black 2333b2d5d9 MRG: from 0.9 2014-01-13 22:17:14 +11:00
Daniel Black c7f887642d Merge branch '0.9' into master_to_0.9 2014-01-13 21:23:42 +11:00
Daniel Black 3de80545e0 MRG: from master 2014/01/13 2014-01-13 21:23:39 +11:00
Daniel Black 01e5ae1234 Merge pull request #584 from grooverdan/exim-auth 
ENH: Exim auth
 2014-01-13 02:20:47 -08:00
Daniel Black 08b4f3e5f2 Merge branch 'patch-5' of https://github.com/truxoft/fail2ban into exim-auth 2014-01-13 19:26:12 +11:00
Lars Kneschke 47dd8fb897 ENH: filter for Tine 2.0 2014-01-13 06:04:59 +01:00
Ivo Truxa 2d8c0b26e4 Matching any Exim authentication name 
As explained in https://github.com/grooverdan/fail2ban/pull/4, in Exim there can be used plenty of other standard authentication names, and in fact the names can be custom. The failregex in Exim filter should catch authentication errors regardless of the name of the authentication. Hence replacing the plain|login with the general \w+
 2014-01-13 01:38:49 +01:00
Daniel Black 6b0e6b9bca ENH: add improper command pipelining postfix filter 2014-01-13 06:59:59 +11:00
Daniel Black a443b8b4d3 BF: remove second jail definition 2014-01-12 21:45:39 +11:00
Daniel Black cd3e94140c MRG: complete merge 2014-01-12 21:16:55 +11:00
Daniel Black f2e55e8499 ENH: add filter for squirrelmail. Closes gh-261 2014-01-12 20:27:36 +11:00
Daniel Black 1e8ed55a36 MRG: from 0.9 2014-01-12 20:15:34 +11:00
Tomas Pihl b52a4441fd Support ACL-events without AccountID. Typically happens when a registration 
from an unknown domain is performed.

Add credits
 2014-01-12 01:28:55 +01:00
Steven Hiscocks 0dd6533680 BF: Add ejabberd-auth to jail.conf 2014-01-09 23:22:12 +00:00
Steven Hiscocks 128112d51c ENH: ejabberd filter 2014-01-09 22:47:17 +00:00
Daniel Black 8333abe420 Merge pull request #557 from grooverdan/apache-botsearch 
ENH: Apache botsearch + BF: tag substition
 2014-01-09 14:11:00 -08:00
Daniel Black b0baab3a0e ENH: more test cases and wider regex 2014-01-10 08:40:24 +11:00