Commit Graph

1846 Commits (246d0e1100943e35c9e799463f152621bd35a2b2)

Author SHA1 Message Date
sebres a2431158f6 implements new interpolation variable `%(fail2ban_confpath)s` (automatically substituted from config-reader path, default `/etc/fail2ban` or `/usr/local/etc/fail2ban` depending on distribution); `ignorecommands_dir` is unneeded anymore, thus removed from `paths-common.conf`;
3 years ago
sebres 13520a0494 Merge branch '0.11'
3 years ago
sebres 8ac49b5858 Merge branch '0.10' into 0.11
3 years ago
László Károlyi f380d6202d cherry pick #3210 from master
3 years ago
sebres 498e473a10 filter.d/courier-auth.conf: consider optional port after IP, regex is rewritten without catch-all's and right anchor, so it is more stable against further modifications now;
3 years ago
sebres 810386a265 filter.d/dovecot.conf: parse everything in parenthesis by auth-worker info, e. g. can match (pid=...,uid=...) too
3 years ago
Sergey G. Brester dfc866ea41
improve RE to solve conflict with expected another open parenthesis
3 years ago
László Károlyi 0f1706d4a1
Adjusting for updated dovecot log format
3 years ago
sebres 06d2623c5e iptables and iptables-ipset actions extended to support multiple protocols with single action for multiport or oneport type (back-ported from nftables action);
3 years ago
sebres b639c8869c make several iptables actions more breakdown-safe: start wouldn't fail if chain or rule already exists (e. g. created by previous instance and doesn't get purged properly);
3 years ago
sebres 3d7e3bc2fb make ipset actions more breakdown-safe: start wouldn't fail if set with this name already exists (e. g. created by previous instance and don't deleted properly)
3 years ago
sebres 7db1c97a3e Merge remote-tracking branch 'remotes/sebres/1.0-breakdown-safe-actions' with master;
3 years ago
sebres 970573d1cb Merge branch '0.11'
3 years ago
sebres 35d73d9758 Merge branch '0.10' into 0.11
3 years ago
sebres bf689c27b8 filter.d/sshd.conf: `ddos` mode extended - recognizes messages "kex_exchange_identification: Connection closed / reset by pear" (fixed possible regression of f77398c49d);
3 years ago
sebres 8bf15db688 filter.d/sshd.conf: `ddos` mode extended - recognizes new message "banner exchange: invalid format" generated by port scanner, https payload on ssh port;
3 years ago
sebres 80805cabfc Merge branch '0.11'
3 years ago
sebres 0b3ad780fe Merge branch '0.10' into 0.11
3 years ago
sebres 4b54a07d71 Revert "`action.d/firewallcmd-*.conf` (multiport only): fixed port range selector, replacing `:` with `-`;"
3 years ago
Sylvestre Ledru 3245b8018b
Add the Debian path to roundcube error logs
3 years ago
Sergey G. Brester ba839af8ad
filter.d/lighttpd-auth.conf: adjusted to the current source code + avoiding catch-all's, etc (gh-3116)
3 years ago
sebres 10cd815525 merge 0.11 to 1.0 (GHSA-m985-3f3v-cwmm)
3 years ago
sebres c03fe6682c merge 0.10 to 0.11 (GHSA-m985-3f3v-cwmm)
3 years ago
sebres 410a6ce5c8 fixed possible RCE vulnerability, unset escape variable (default tilde) stops consider "~" char after new-line as composing escape sequence
3 years ago
sebres 579c6a94af filter.d/postfix.conf: mode `ddos` (and `aggressive`) extended to consider abusive handling of clients hitting command limit (gh-3040)
4 years ago
sebres 43f2923fbd filter.d/postfix.conf: matches rejects with "undeliverable address" (sender/recipient verification, gh-3039) additionally to "Unknown user";
4 years ago
Sergey G. Brester bbfff18280
action.d/ufw.conf: amend to #3018: parameter `kill-mode` extended with conntrack
4 years ago
sebres c7a86b4616 action.d/firewallcmd-ipset.conf: amend to #2620:
4 years ago
Sergey G. Brester 2a508da5a0
Merge pull request #2620 from mspolitaev/master
4 years ago
sebres 38535b0cca Merge branch '0.11' into master
4 years ago
sebres d2f5c7de09 Merge branch '0.10' into 0.11
4 years ago
sebres 92f90038fa filter.d/dovecot.conf: extended to match prefix like `conn unix:auth-worker (uid=143): auth-worker<13247>:` (authenticate from external service like exim), gh-2553
4 years ago
sebres 8b984a0135 filter.d\exim-common.conf: pid-prefix extended to match `mx1 exim[...]:` (gh-2553)
4 years ago
sebres 6be1a5a0b1 filter.d/dovecot.conf: fixed "Authentication failure" regex, matches "Password mismatch" in title case (gh-2880)
4 years ago
sebres 8afea37494 filter.d/sendmail-auth.conf: covering several "authentication failure" messages, sendmail 8.16.1 (gh-2757)
4 years ago
sebres c5f1598a21 filter.d/postfix.conf: extended to cover new vectors:
4 years ago
sebres ae3e9b9149 filter.d/postfix.conf: extended to cover 2 new vectors:
4 years ago
sebres 87f717e0e0 filter.d/sendmail-reject.conf: fix reverse DNS for ... (gh-3012)
4 years ago
Sergey G. Brester 3d52fe3e4e
Merge pull request #2679 from mikaku/updated-to-latest-jail.conf
4 years ago
sebres 0a05dbdbfc Merge branch '0.11' into master
4 years ago
sebres 3312b8cb95 Merge branch '0.10' into 0.11
4 years ago
sebres 1627d4f573 filter.d/sendmail-auth.conf: user not found, closes gh-3030
4 years ago
Sergey G. Brester f07e0f7ade
Merge pull request #2984 from j-marz/zoneminder_filter_update
4 years ago
Sergey G. Brester ec4e0dd65b
padding with space, prefregex, regex review (simplifying, capture user name, consider possible space char in user name)
4 years ago
j-marz 2367ad115c fixed typo in comment
4 years ago
Sergey G. Brester 3f9cf27853
filter.d/apache-fakegooglebot.conf: better, more precise regex and datepattern (closes possible weakness like #3013)
4 years ago
usernamepi 4f8427178a
Missing comment "#" (#3022)
4 years ago
usernamepi 88f779ed24
ufw.conf, amend to #3018 - add missing option for comment (#3019)
4 years ago
Sergey G. Brester 8f6a8df3a4
added new options `kill-mode` and `kill`, which makes the drop of all connections optional
4 years ago
Sergey G. Brester 5debaa4cac
option "add", can be set to "insert <num>" instead of prepend (customization or backwards compat)
4 years ago