SlowRiot
fc5f729f01
adding jail conf for shellshock filter
2014-09-26 16:37:50 +01:00
Orion Poplawski
6b554fbe98
Fxi jail.conf to use more syslog macros
2014-08-08 13:27:32 -06:00
Yaroslav Halchenko
f19c5fc939
Merge pull request #770 from eltrai/master
...
Forwards bantime to action scripts
2014-07-28 10:17:08 -04:00
Yaroslav Halchenko
2d7f2fa33f
Merge pull request #756 from marclaporte/patch-1
...
typo
2014-07-27 21:49:24 -04:00
Yaroslav Halchenko
45c1095606
Merge pull request #750 from niorg/master
...
Added Directadmin filter, jail and log test
2014-07-27 21:47:07 -04:00
Pierre-Alain Dupont
3d7504c19e
Forwards bantime to action scripts
...
That way, ipset and afctl will use a real timeout and not default to a fixed value for all jails
2014-07-20 16:25:59 +02:00
Yaroslav Halchenko
43950d8b7e
BF: fix path to the exim log on Debian systems (/var/log/exim4)
2014-07-08 11:09:25 -04:00
Marc Laporte
3777591ab0
typo
2014-07-05 11:55:57 -04:00
Cyril Roos
add8e61036
Added Directadmin filter, jail and log test
2014-07-02 13:52:06 +02:00
JoelSnyder
70ed93d8cc
Update jail.conf for oracleims filter.
...
This is the jail.conf update. Hopefully this will go into pull request #734 .
2014-06-09 18:37:31 -07:00
Jason Martin
7d112430ca
Block brute-force attempts against the Monit gui
2014-04-16 21:21:41 -07:00
Ruben Kerkhof
1695d5c076
Fix a few typos
...
Found with https://github.com/lucasdemarchi/codespell
Signed-off-by: Ruben Kerkhof <ruben@rubenkerkhof.com>
2014-03-24 13:16:52 +00:00
Manuel Rüger
5a1ad75114
Fix typo in comment
2014-03-18 03:07:19 +01:00
Daniel Black
aa7e8fb9ce
DOC: Credits. close gh-644
2014-03-14 22:30:44 +11:00
Daniel Black
415f187644
ENH: sendmail-reject for all smtp ports.
2014-03-14 07:12:12 +11:00
Steven Hiscocks
a78a9d282c
DOC: Document that badips.py action should be last action for jail
2014-03-13 20:04:30 +00:00
Steven Hiscocks
0222ff4677
Merge branch 'badips-blacklist' into 0.9
...
Conflicts:
ChangeLog
- entires added in both branches.
Change:
config/action.d/badips.py
- jail.getName() changed to jail.name
2014-03-13 20:01:15 +00:00
Steven Hiscocks
0c63d0061a
DOC: Add documentation for badips.py action
2014-03-13 19:58:32 +00:00
Daniel Black
df882feb16
ENH: expand sendmail-reject jail to 465,submission
2014-03-13 07:44:02 +11:00
Daniel Black
ef29d7bd29
ENH: paths-{common,distro} normalisation
2014-03-12 20:32:41 +11:00
Daniel Black
666fd5eceb
ENH: purge excessive jail variations
2014-03-02 16:11:53 +11:00
Daniel Black
69f5baae36
ENH: jail.conf to use syslog_mail
2014-03-02 15:18:41 +11:00
Daniel Black
2d45becb0e
Merge branch '0.9' into distro-paths-gh-315
2014-03-02 15:17:21 +11:00
Daniel Black
cc8ec826c5
MRG: from master 2014-03-02
2014-03-02 14:33:45 +11:00
Daniel Black
c10cc20928
ENH: rename sendmail-spam to sendmail-reject
2014-02-28 08:41:04 +11:00
Daniel Black
fe1725c603
BF: add jail.conf definitions for sendmail* filters
2014-02-26 19:31:09 +11:00
Daniel Black
79e6543eca
Merge branch '0.9' into distro-paths-gh-315
2014-02-20 08:20:47 +11:00
Daniel Black
83266eb668
ENH: framework for distro paths
2014-02-20 08:20:02 +11:00
Steven Hiscocks
f68d85a6ac
Merge branch 'master' into 0.9
...
Conflicts:
ChangeLog
Spelling correction of 0.8.13 fixed in master
config/jail.conf
Added nagios and duplicate php-url removal in master
Just nagios added, duplicate not issue in 0.9
2014-02-13 20:14:40 +00:00
Aarón Nieves Fernández
993b7d3dfb
Duplicate jail "php-url-fopen"
2014-02-10 21:41:50 +01:00
Ivo Truxa
c207ad6058
removing ignoreip at [nagios]
...
I removed the ignoreip setting from the nagios section. As pointed out, it is redundant here. Nagios server, under normal circumstances should not trigger any access errors, and would be included in the global ignoreips anyway.
2014-02-06 00:27:38 +01:00
Ivo Truxa
dac4dd465e
ENH: Nagios filter
...
added typical configuration settings for the nagios filter
2014-02-03 21:51:49 +01:00
Daniel Black
1a1e3bec86
ENH: framework for distro paths
2014-01-25 23:25:54 +11:00
Daniel Black
2063d96e59
MRG: import Lars' PR for tine20
2014-01-22 18:12:19 +11:00
Daniel Black
2333b2d5d9
MRG: from 0.9
2014-01-13 22:17:14 +11:00
Lars Kneschke
47dd8fb897
ENH: filter for Tine 2.0
2014-01-13 06:04:59 +01:00
Daniel Black
1e8ed55a36
MRG: from 0.9
2014-01-12 20:15:34 +11:00
Steven Hiscocks
0dd6533680
BF: Add ejabberd-auth to jail.conf
2014-01-09 23:22:12 +00:00
Daniel Black
8333abe420
Merge pull request #557 from grooverdan/apache-botsearch
...
ENH: Apache botsearch + BF: tag substition
2014-01-09 14:11:00 -08:00
Daniel Black
d94efe719d
ENH: jail.conf for counter-strike
2014-01-07 20:50:50 +11:00
Daniel Black
58ebf659e4
MRG: from 0.9 to make history cleaner
2014-01-07 16:07:58 +11:00
Daniel Black
809581ae99
ENH: jail.conf for apache-botsearch
2014-01-07 11:52:21 +11:00
Daniel Black
ed9ed6d0cb
TST/ENH: fix test case for ReadStockJailFilterComplete and add missing jails
2014-01-07 11:27:54 +11:00
Daniel Black
10fa5e3439
BF: fix jails for gssftpd and qmail
2014-01-07 10:49:11 +11:00
Daniel Black
549f64e86c
BF: remove imap2 - not an IANA and probably not used
2014-01-07 10:25:29 +11:00
Daniel Black
fa6a183e94
BF: typos in jail.conf corrected
2014-01-07 09:49:27 +11:00
Daniel Black
a31c76f126
ENH: jail cleanup and fill in missing for 0.9
2014-01-07 09:34:39 +11:00
Daniel Black
755af0a51e
Merge pull request #562 from grooverdan/jail.conf-complete_and_correct
...
ENH: Jail.conf now has all filters and TST: a mechanism to test this is truee
2014-01-06 12:08:45 -08:00
Daniel Black
90fdf5fc21
ENH: jail.conf entry for groupoffice
2014-01-07 06:55:38 +11:00
Daniel Black
03aba92238
ENH: add kerio filter
2014-01-05 23:41:49 +11:00
Daniel Black
a9f804e443
ENH: complete stock jail.conf to contain all filters
2014-01-05 21:03:16 +11:00
Daniel Black
d1faae3b3b
BF: port not used in jail definition for freeswitch
2014-01-04 08:01:42 +11:00
Daniel Black
04d28fd2e1
ENH: add filter freeswitch - as raised on mailing list
2014-01-03 13:00:37 +11:00
Daniel Black
391b5fc883
MRG: from master again 2014-01-01
2014-01-01 19:28:38 +11:00
Daniel Black
856407379b
ENH: add filter openwebmail. Closes gh-543.
2013-12-31 08:09:00 +11:00
Daniel Black
c074773805
ENH: apache modsecurity from 0.9 branch
2013-12-29 07:06:13 +00:00
Daniel Black
ea2a13946e
TST: more test of filters
2013-12-29 05:29:59 +00:00
Daniel Black
c9cfdca396
ENH: add filter for apache-modsecurity
2013-12-28 22:28:11 +00:00
Daniel Black
ddac79c15c
TST: include blank ignorecommand in jail.conf to indicate default value and to raise test coverage
2013-12-25 11:01:31 +00:00
bes.internal
ebd89ec077
New ignorecommand that is added to the ignoreip list from output of an external program
...
ignorecommand update man and fix protocol help
ENH: run ignore command only after internal list has been examined. Change interface on ignorecommand to take IP as environment variable and return true if it is to be banned
ENH: ignore IP command to take tagged command
DOC: man pages for ingorecommand
TST: add test cases for ignorecommand
2013-12-24 23:55:35 +03:00
Daniel Black
ed2f46759c
MRG: restore accidently deleted pam comment in jail.conf
2013-12-19 09:21:12 +00:00
Daniel Black
7c0efc8ec8
MRG: merge so far - flushLogs not working yet
2013-12-16 15:08:34 +00:00
Steven Hiscocks
f742ed0e4b
DOC: when to use blocklist.de reporting
...
Taken from commit 1846056606
2013-12-05 18:06:53 +00:00
Steven Hiscocks
e810ec009d
ENH: Added blocklist.de reporting API action
2013-12-05 08:22:20 +00:00
Daniel Black
1846056606
DOC: when to use xarf messages to network owner
2013-12-03 20:40:42 +11:00
Daniel Black
bfd435091d
ENH: jail examples for xarf-login-attack
2013-12-01 20:29:43 +11:00
Daniel Black
04438cd1a1
BF/ENH: mysql jail - rename to mysql-syslog to be consistent with 0.8.13. Add port to syslog defination. Document mysql configuration required for mysql jails
2013-11-30 10:00:59 +11:00
Daniel Black
3f4d179612
BF: smtps not an IANA port - from #447
2013-11-30 09:52:32 +11:00
Daniel Black
fe9e077acf
BF: correct spelling of port for solid-pop3 jail in jail.conf
2013-11-30 09:51:30 +11:00
Yaroslav Halchenko
25e967f23b
Merge branch 'mysqld-syslog-iptables-name-too-long' of https://github.com/grooverdan/fail2ban
...
* 'mysqld-syslog-iptables-name-too-long' of https://github.com/grooverdan/fail2ban :
BF: jail name mysqld-syslog-iptables too long. removed -iptables. Thanks Stefan (#447 )
Conflicts:
ChangeLog
2013-11-29 10:02:31 -05:00
Daniel Black
b9b2ddf996
BF: smtps not IANA standard. Closes #447
2013-11-29 21:47:53 +11:00
Daniel Black
cade746307
BF: jail name mysqld-syslog-iptables too long. removed -iptables. Thanks Stefan ( #447 )
2013-11-29 21:45:11 +11:00
Daniel Black
13223c33f5
MRG: recidive-protocol-all
2013-11-25 08:22:09 +11:00
Daniel Black
98eacdf333
MRG/BF: merge from master. Fix bugs in iso8601
2013-11-24 16:36:06 +11:00
Daniel Black
dab2ddb9da
ENH: recidive jail to block all protocols. Closes #440
2013-11-18 07:57:16 +11:00
Daniel Black
b3b9ea4559
ENH: jail for solid-pop3d
2013-11-18 07:42:45 +11:00
Daniel Black
1ac7b53cad
MRG: merge from master
2013-11-13 09:16:45 +11:00
Daniel Black
ab9d921162
BF: missed action in nginx-http-auth
2013-11-08 10:09:19 +11:00
Daniel Black
a148d35d70
ENH: add filter.d/nginx-http-auth. Partially forfills #405
2013-11-08 10:06:40 +11:00
Daniel Black
cb982ef921
ENH: multiline filter for sendmail-spam. Closes gh-418
2013-11-08 08:55:45 +11:00
Daniel Black
47d35c9d80
MRG: 0.8.11 to 0.9
...
Epnoc of selinux is now true UTC
Merge multiline support and date detection in filter
2013-11-02 15:59:05 +11:00
Daniel Black
93de46ac72
BF: maxretry=5 for ssh as per DEVELOP. align = in jail.conf
2013-10-31 00:52:47 +11:00
Daniel Black
de9977441a
DOC: move named and mysql instructions into the filters from jail.conf
2013-10-30 21:12:16 +11:00
Daniel Black
7ab909d056
DOC: space out jail.conf consistantly
2013-10-30 20:34:06 +11:00
Daniel Black
95f3f38682
MRG: merge ChangeLog and jail.conf
2013-10-30 20:19:41 +11:00
Daniel Black
e3150044fd
BF: fix selinux
...
TST: ignore *common.conf files in test cases as these are included
BF: Remove USER_LOGIN from selinux-ssh as its a duplicate message
ENH: add sample jail.conf
2013-10-30 20:05:49 +11:00
Daniel Black
a991adb83f
ENH: add submission, smtps and sieve to blocked ports since this also typically rely on dovecot auth
2013-10-29 14:33:45 +11:00
Daniel Black
8412303131
ENH: dovecot jail examples
2013-10-29 10:17:45 +11:00
Daniel Black
0c14707201
ENH: add dovecot jail
2013-10-26 10:01:04 +11:00
Daniel Black
b61fe0f12d
Merge pull request #378 from grooverdan/sasl
...
ENH: filter.d/postfix-sasl - anchor regex at start and rename from filter.d/sasl
2013-10-22 04:51:24 -07:00
Daniel Black
4ecc063bd0
ENH: rename filter.d/sasl -> filter.d/postfix-sasl
2013-10-22 22:40:29 +11:00
Daniel Black
123ad1cc9c
MRG: Merge branch 'asterisk-common-jail'
2013-10-14 22:29:56 +11:00
Daniel Black
8421007f32
MRG: merge man/jail.conf.5 entries
2013-10-14 22:28:34 +11:00
Daniel Black
8fe542ca9f
DOC: reintroduce comment on comments
2013-10-11 06:48:31 +11:00
Daniel Black
6b6169178f
ENH: mysql syslog jail.conf base
2013-10-10 10:00:20 +11:00
Daniel Black
ee58696531
DOC: try to encourage jail.local jail.d/*.local a lot more
2013-10-10 09:56:52 +11:00
Daniel Black
6ef33981e3
ENH: new asterisk jail to replace asterisk-(tcp|udp) (now that gh-37 is fixed)
2013-10-10 09:41:05 +11:00
Daniel Black
2d1bd54439
Merge pull request #379 from grooverdan/webmin
...
ENH: filter.d/webmin anchor at start and use syslog
2013-10-08 20:13:14 -07:00
Daniel Black
2a1d629d88
BF: webmin -> webmin-auth
2013-10-09 11:08:44 +11:00
Daniel Black
ab457acc4d
BF: fix name in action for uwimap-auth
2013-10-09 11:06:38 +11:00