Commit Graph

4494 Commits (218905c924b4cde3408ebd7b399712f08ec33b19)

Author SHA1 Message Date
Yaroslav Halchenko aa0588dd1a Merge pull request #1250 from sebres/_sb/fail2ban-regex-coverage
RF: fail2ban-regex code moved into client/ codebase, unittested
2015-11-10 08:28:56 -05:00
sebres 689dfa1e6a debuggexURL fixed for wrong encoded character; test cases extended; 2015-11-10 13:29:54 +01:00
sebres 38f09b417a fail2ban-regex command line (after fail2ban-regex functionality moved to the client) 2015-11-10 13:26:34 +01:00
sebres 0877d66228 fail2ban-regex moved to the client + test cases for initial coverage added 2015-11-10 11:46:19 +01:00
sebres 46b116e86a filter test cases improved + log captured inside such tests + python 3.x compatibility;
changelog entry;
2015-11-09 22:02:05 +01:00
sebres a42aa726ab fixed fail2ban-regex reads invalid character (in sense of given encoding); continuing to process line ignoring invalid characters (still has no test cases).
filter test cases added for same issue inside fail2ban-server / fail2ban-testcases;
closes gh-1248
2015-11-09 20:47:15 +01:00
Yaroslav Halchenko b100ee6302 Merge pull request #1244 from opoplawski/typo
Fix typo
2015-11-02 17:55:30 -05:00
Orion Poplawski ba76f4ca2f Fix typo 2015-11-02 15:21:14 -07:00
sebres 94cffece12 New interpolation feature for definition config readers - `<known/parameter>`, as extension to interpolation `%(known/parameter)s`, that does not works for filter and action init parameters; 2015-11-02 21:45:03 +01:00
Simon Brown 69bb532db0 removed system.log 2015-11-02 09:26:45 -08:00
Simon Brown 3e16f33dbe Removed old svn revision comment 2015-11-02 09:08:47 -08:00
Simon Brown d16ad80597 removed false matches
For non-screensharingd related messages
2015-11-02 09:06:32 -08:00
Yaroslav Halchenko b40c6cbd9a ENH: .mailmap file to bring some names together for git shortlog -sn 2015-11-01 11:28:58 -05:00
sebres 5767191988 fixed misleading documentation of `banaction` 2015-11-01 17:08:00 +01:00
sebres fcf03790f4 fixed misleading documentation of `banaction` 2015-11-01 17:05:02 +01:00
Serg G. Brester eef7771b4e Merge pull request #1238 from sebres/fix/gh-1216
Fixed directly defined banaction for allports jails like pam-generic, recidive, etc
2015-10-31 13:17:04 +01:00
sebres e825e977cc Nginx log paths extended (prefixed with "*" wildcard)
closes gh-1237
2015-10-30 17:51:30 +01:00
sebres f359ed8c36 Fixed directly defined banaction for allports jails like pam-generic, recidive, etc with new default variable `banaction_allports` (+ man entries for both variables added);
closes gh-1216
2015-10-30 15:36:18 +01:00
Simon Brown 5839a3bd80 Removed includes comment for screensharing jail 2015-10-29 16:07:54 -07:00
sebres 53b39162a1 Shortly, much faster and stable version of regexp (possible because expression is start-anchored and does not contains closely to catch-all sub expressions) 2015-10-29 23:55:23 +01:00
sebres 6884593ab8 New filter `nginx-limit-req` ban hosts, that were failed through nginx by limit request processing rate (ngx_http_limit_req_module) 2015-10-29 23:15:20 +01:00
Orion Poplawski 0661aece46 Merge branch 'master' into journaldefault
Conflicts:
	ChangeLog
2015-10-29 15:22:37 -06:00
Simon Brown 65bc5cf6ba Now using a literal logpath for screensharing jail 2015-10-29 09:03:01 -07:00
Simon Brown cabd46f069 Fixed blatant typo in regex
However, still failing test, even though ```PYTHONPATH=. fail2ban-regex -v fail2ban/tests/files/logs/screensharingd  /etc/fail2ban/filter.d/screensharingd.conf``` gives desired result
2015-10-28 20:58:25 -07:00
Simon Brown bed28eaa62 clarified comments on sample log format 2015-10-28 15:32:58 -07:00
Simon Brown c936d19805 Fixed name (again?) 2015-10-28 15:30:31 -07:00
Simon Brown acee68a9ee Made screensharing jail off by default
Also added note about requiring paths-osx.conf.
2015-10-28 15:11:11 -07:00
Simon Brown 4b4d5a95b7 Changed regex prequel
Use standard prefix macro instead of literal daemon name.
2015-10-27 21:30:20 -07:00
Simon Brown 3dd1c305ce added entry for new screensharingd filter 2015-10-27 21:20:12 -07:00
Simon Brown 6a5f10ee72 name change & new sample data
changed name to match daemon, log samples with year
2015-10-27 16:27:14 -07:00
Simon Brown 3e4a77a568 Added json metadata 2015-10-27 12:31:51 -07:00
Simon Brown b3a18631e2 Sample log for test case 2015-10-27 10:43:43 -07:00
Simon Brown 4c3f778b82 Replaced .* with literal
Per Serg's suggestions. Possible I'm missing some auth attempt types, but I couldn't find anything where literal wasn't sufficient.
2015-10-27 10:33:30 -07:00
Simon Brown d17d837b8c Update jail.conf
Added logencoding to screensharing jail to avoid encoding error messages in fail2ban log
2015-10-27 10:28:07 -07:00
Simon Brown de14946542 Added new path variable for system.log
Logging location for the majority of Mac OS daemons.
2015-10-26 18:02:07 -07:00
Simon Brown 80546c6164 Added in settings for screensharingd filter 2015-10-26 17:50:49 -07:00
Simon Brown 3ec725a2ba Created file
From https://github.com/beezwax/filemaker-fail2ban/blob/master/fail2ban/filter.d/screensharingd.conf
2015-10-26 17:35:38 -07:00
sebres eb87638ead ChangeLog entry for OpenHAB home automation filter (gh-1223) 2015-10-26 15:56:01 +01:00
1technophile 2861a957a9 filter for openhab domotic software authentication failure with the rest api and web interface + test cases;
closes gh-1223
2015-10-26 15:48:23 +01:00
Serg G. Brester 26517b0464 Merge pull request #1226 from pablorf-dev/master
Minor fix and enhancement (fake google domains)
2015-10-22 14:23:47 +02:00
Pablo Rodriguez Fernandez 2c576c64f8 Change domain filter regex
Change domain filter regex since there are other Google crawlers.
See "Google crawlers"
<https://support.google.com/webmasters/answer/1061943?hl=en>
2015-10-20 10:46:00 +02:00
Pablo Rodriguez Fernandez 74fcb219ab Enhanced Google domain detection in apache-fakegooglebot
Previously, an attacker could fake a domain like
crawl-1-1-1-1.googlebot.com.fake.net and get resolved. This change
avoids to resolve fake Google domains.
2015-10-20 10:45:53 +02:00
Orion Poplawski 3a9cf2b3da Add and use default_backend to set individual backend defaults to auto 2015-10-19 19:50:03 -06:00
Orion Poplawski 81a26266a9 Add changlog entry for postfix-rbl logpath change 2015-10-19 19:46:43 -06:00
Orion Poplawski ced7be94b2 Fix postfix_log typo 2015-10-19 19:43:10 -06:00
Orion Poplawski 75d33c0f09 Add *_backend options for services to allow distros to set the default backend
per service.
Set default to systemd for Fedora as appropriate.
2015-10-18 20:18:50 -06:00
Pablo 7e6964dd9d Fix section jail.conf.5 manpage
The section of jail.conf manpage is wrong, should be 5, not 10
2015-10-15 10:40:56 +02:00
Serg G. Brester 3a5d4fdd26 Merge pull request #1221 from pablorf-dev/master
Add check in apache-fakegooglebot to protect against PTR fake record (gh-1221)
2015-10-14 11:33:06 +02:00
Pablo Rodriguez Fernandez a28e6b442e Add check in apache-fakegooglebot to protect against PTR fake record
An attacker may return a PTR record which fakes a Googlebot's domain
name. This modification resolves the PTR records to verify it.

See "Verifying Googlebot":
<https://support.google.com/webmasters/answer/80553?vid=1-635800030504666679-1963774919>
2015-10-13 17:11:49 +02:00
Yaroslav Halchenko 16443f7b05 Merge pull request #1219 from agentmoller001/patch-1
Updated route.conf to clear warnings (Closes #1026)
2015-10-09 21:26:53 -04:00