github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
919 Commits
32 Branches
229 Tags
17 MiB
Commit Graph

248 Commits (21a7928c64a032fc28595791310ea4975bfe887c)

Author SHA1 Message Date
Yaroslav Halchenko 21a7928c64 Merge branch 'debian' into build 
* debian:
  2 new jails: xinetd-fail, apache-overflows added to jails.conf
  minor: adjusted comment for named jails to come closer to upstream
  BF: apache-* jails -- authentication failures are recorded in *error.log files, thus paths were adjusted
 2008-03-05 23:30:41 -05:00
Yaroslav Halchenko eede41f62b Changelog entries for 0.8.2-1 2008-03-05 23:30:31 -05:00
Yaroslav Halchenko a88fd271c4 2 new jails: xinetd-fail, apache-overflows added to jails.conf 2008-03-05 23:29:36 -05:00
Yaroslav Halchenko 5d6d07508d minor: adjusted comment for named jails to come closer to upstream 2008-03-05 23:18:04 -05:00
Yaroslav Halchenko 15ce210cd0 BF: apache-* jails -- authentication failures are recorded in *error.log files, thus paths were adjusted 2008-03-05 23:14:22 -05:00
Yaroslav Halchenko 9ab6db30c7 Merge branch 'debian' into build 
* debian: (56 commits)
  Imported upstream version 0.8.2
  debian/watch: switched to git-import-orig
  - Tag for 0.8.2
  - Updated for 0.8.2
  - Updated e-mail
  - Changed homepage and e-mail
  - Updated copyright.
  - readline is now optional in fail2ban-client (not needed in fail2ban-server).
  - Added svn:keywords
  - Fixed Debian bug #461426
  - Fixed Debian bug #462060
  - Fixed Debian bug #468477
  - Fixed Debian bug #456567
  - Added revision.
  - Added "reload <JAIL>"
  - Replaced "reject" with "drop" in shorwall action. Fix #1854875
  - Replaced "echo" with "printf" in actions. Fix #1839673
  - Catch Exception instead of AttributeError.
  - Absorbed some Debian patches. Thanks to Yaroslav Halchenko.
  - Updated.
  ...

Conflicts:

	config/fail2ban.conf
	config/filter.d/proftpd.conf
	config/filter.d/sshd.conf
	man/fail2ban-client.1
	man/fail2ban-server.1
	server/datestrptime.py
	server/server.py
 2008-03-05 22:30:10 -05:00
Yaroslav Halchenko 940d7fa430 debian/watch: switched to git-import-orig 2008-03-05 20:18:50 -05:00
Yaroslav Halchenko e43ea8e1b3 releasing -5 2008-02-28 19:52:37 -05:00
Yaroslav Halchenko 0392274daf added 0.8.1-4 changelog entry. 2008-02-09 22:09:50 -05:00
Yaroslav Halchenko b8d97d0983 Merge branches 'debian', 'deb/specifics', 'up/0.9-0.8', 'up/apache_noscript_extend', 'up/ipmasq', 'up/log_examples', 'up/mail_whois_lines', 'up/named_refused_fixed', 'up/pam_generic', 'up/proftpd_fix+extend', 'up/sshd_refused_connect' and 'up/vsftpd_optional_user' into build 
* debian:
  Confirms to policy 3.7.3 (no changes)
  Bye Bye dpatch: now everything is handled in git branches
  removing patches from dpatch system since they are in branches now
  added a  comment to README.Debian and to the list of examples for ipmasq example file
  Fixed == bashism (Closes: #464647). Thanks Raphael Geisser

* deb/specifics:
  slight tune ups in upstream sources destined only for debian are kept in this branch

* up/0.9-0.8:

* up/apache_noscript_extend:
  Extended apache-noscript filter with more file extensions and to react to "script not found or unable to stat" log message (closes: #456565). Thanks Tim Connors

* up/ipmasq:
  Added ipmasq rule file to restart fail2ban when iptables are wiped out (closes: #461417). Thanks Guido Bozzetto

* up/log_examples:
  up/log_examples: moved vsftpd log from up/vsftpd_optional_user
  added examples of log lines (for named-refused, pam-generic, sshd) under files/logs for easy testing

* up/mail_whois_lines:
  mail-whois-lines: moved fix for proper names from dpatch

* up/named_refused_fixed:
  named_refused: moved fix for proper config+filters from dpatch

* up/pam_generic:
  added pam-generic from dpatch

* up/proftpd_fix+extend:
  Fix/extension of proftpd failrexes (Closes: #461412). Thanks Guido Bozzetto

* up/sshd_refused_connect:

* up/vsftpd_optional_user:
  up/vsftpd_optional_user: moving examples into up/examples branch
  BF: vsftp anchoring
 2008-02-09 22:02:21 -05:00
Yaroslav Halchenko fc3a57b6c1 Confirms to policy 3.7.3 (no changes) 2008-02-08 01:23:34 -05:00
Yaroslav Halchenko 4b2bd7e776 Bye Bye dpatch: now everything is handled in git branches 2008-02-08 00:52:04 -05:00
Yaroslav Halchenko a832ede291 removing patches from dpatch system since they are in branches now 2008-02-08 00:46:00 -05:00
Yaroslav Halchenko 996da9a3f0 added a comment to README.Debian and to the list of examples for ipmasq example file 2008-02-07 23:43:21 -05:00
Yaroslav Halchenko 0da36545d3 Fixed == bashism (Closes: #464647). Thanks Raphael Geisser 2008-02-07 23:43:21 -05:00
Yaroslav Halchenko 24d8b44c2a * Moved iptables into recommends since fail2ban can work without iptables 
using some other action (e.g hosts.deny)
 2007-11-23 12:50:39 -05:00
Yaroslav Halchenko fa21222c63 * Moved iptables into recommends since fail2ban can work without iptables 
using some other action (e.g hosts.deny)
 2007-11-23 12:49:15 -05:00
Yaroslav Halchenko ee25282f34 releasing 0.8.1-3 2007-11-23 11:43:41 -05:00
Yaroslav Halchenko 6b913aafa2 Merge branch 'debian' into build: Vcs fields 
Conflicts:

	debian/changelog
 2007-11-23 11:10:35 -05:00
Yaroslav Halchenko f8b17f3859 * Added Vcs- fields, moved Homepage into source header's field 2007-11-23 11:09:34 -05:00
Yaroslav Halchenko 4b95233acb Merge branches 'debian' and 'up/sshd_refused_connect' into build: NF: refused connect sshd failregex 2007-11-23 09:02:58 -05:00
Yaroslav Halchenko 46cfc2bbd6 added example for "refused connect" 2007-11-23 09:00:08 -05:00
Yaroslav Halchenko d82257b2f2 Merge branch 'debian' into build: BF: no sftp in ssh jails 2007-11-22 14:34:59 -05:00
Yaroslav Halchenko 1cedd8e02b BF: removed sftp from ssh jails 2007-11-22 14:32:17 -05:00
Yaroslav Halchenko 4aa9bca7ca Merge branch 'up/0.9-0.8' into build and provided debian/changelog 2007-11-11 01:21:44 -05:00
Yaroslav Halchenko 2553e2717a * Added force-start action to init script, so it could be forced 
to start if previous run crashed and left a socket file. Must to be
  used with caution.
 2007-10-18 22:03:37 -04:00
Yaroslav Halchenko 8d9aca4e20 * Fixed named-refused filter. 2007-10-16 17:02:35 -04:00
Yaroslav Halchenko 99dbe90ad2 releasing 2007-10-16 17:02:35 -04:00
Yaroslav Halchenko 413ec5317e first pre-release version of 0.8.1 2007-10-16 17:02:35 -04:00
Yaroslav Halchenko 0012f9ff92 * (NOT RELEASED YET) New upstream release. 
Patches absorbed upstream:
    00_daemon_pids.dpatch
    00_iptables_allports.dpatch
    00_vsftp_filter_spaces.dpatch
    00_resolve_all_names.dpatch
    00_HOST_ignoreregex.dpatch
   Patches which needed some tune-up:
    00_ssh_strong_re.dpatch
    00_mail-whois-lines.dpatch
    00_named_refused.dpatch
 2007-10-16 17:02:35 -04:00
Yaroslav Halchenko e10a8616b4 fetched fresh upstream 0.8.1 2007-10-16 17:02:35 -04:00
Yaroslav Halchenko 922b5035ea actually we never released pre-release 2007-10-16 17:02:35 -04:00
Yaroslav Halchenko 85b75c77fb * Resolve all "names" which became a part of <HOST>. Previousely only fqdn's 
were resolved
 2007-08-13 21:13:59 +00:00
Yaroslav Halchenko c5202ce696 * Added optional spaces at the end of failregex for vsftpd. 2007-08-06 01:39:30 +00:00
Yaroslav Halchenko 58ae2a5a75 * Added new time template matching named log entries 2007-07-30 02:31:35 +00:00
Yaroslav Halchenko 95d17ee318 * Adjusted failregex for sshd filter: 
- anchored properly at the end of line, and source code has .examples
    files to perform testing of the rules.
  - added new explicit rule for users not in the AllowUsers lists
 2007-07-29 17:20:23 +00:00
Yaroslav Halchenko 3aef16b773 * jail.conf has specification of protocol (default to tcp) to be provided to 
banaction
 2007-07-25 03:47:32 +00:00
Yaroslav Halchenko 990bd15dd5 specified default protocol (tcp) and specified udp for jail for named 2007-07-25 03:46:41 +00:00
Yaroslav Halchenko ac7e1696d4 fixed named filter to account for optional (cache) 2007-07-24 20:04:20 +00:00
Yaroslav Halchenko 14d3ffc6de * Added a filter for named to catch refused/denied queries 2007-07-24 18:10:05 +00:00
Yaroslav Halchenko 2a3d710cad adjusted pam_generic patch in example to catch ftp 2007-07-24 17:25:38 +00:00
Yaroslav Halchenko d63bea24f5 tuned pam_generic to catch some weird log lines 2007-07-21 02:29:45 +00:00
Yaroslav Halchenko a843d0da04 tuned pam_generic to catch some weird log lines 2007-07-21 02:27:30 +00:00
Yaroslav Halchenko f58421eabf * Use /var/run to keep socket file (closes: #425746) 2007-07-05 17:12:17 +00:00
Yaroslav Halchenko a9ecd98ffe Added port param in jail since otherwise -- crashes 2007-06-25 17:08:49 +00:00
Yaroslav Halchenko 2e55bc57c7 * Added a filter pam_generic to catch any login errors. 
* Added iptables-allports.
 2007-06-25 16:51:05 +00:00
Yaroslav Halchenko bc0806d459 * Moved <HOST> expansion into regex.py (closes: #429263). Thanks James 
Andrewartha.
* Added optional regexp entry for process PID in some entries (closes:
  #426050). Thanks Roderick Schertler.
 2007-06-21 01:47:02 +00:00
Yaroslav Halchenko cc5ec4dcde releasing 2007-05-16 18:14:13 +00:00
Yaroslav Halchenko e55dfeaf3a untabified last entry 2007-05-15 14:37:09 +00:00
Yaroslav Halchenko cc1ed23b40 * Applied changes submitted by Bernd Zeimetz (thanks Bernd): 
- Removed obsolete Build-Depends-Indep on help2man, python-dev
	- Explicit removal of *.pyc files compiled during build
	- Invoke 'python setup.py clean' in clean target, which required also
	  to move python into Build-Depends
* Minor clean up of debian/rules
 2007-05-15 14:26:28 +00:00