Commit Graph

268 Commits (25c2334bc89a28812b1a3dc9ce4f3a8b502aeb0f)

Author SHA1 Message Date
SlowRiot fc5f729f01 adding jail conf for shellshock filter 2014-09-26 16:37:50 +01:00
Orion Poplawski 6b554fbe98 Fxi jail.conf to use more syslog macros 2014-08-08 13:27:32 -06:00
Yaroslav Halchenko f19c5fc939 Merge pull request #770 from eltrai/master
Forwards bantime to action scripts
2014-07-28 10:17:08 -04:00
Yaroslav Halchenko 2d7f2fa33f Merge pull request #756 from marclaporte/patch-1
typo
2014-07-27 21:49:24 -04:00
Yaroslav Halchenko 45c1095606 Merge pull request #750 from niorg/master
Added Directadmin filter, jail and log test
2014-07-27 21:47:07 -04:00
Pierre-Alain Dupont 3d7504c19e Forwards bantime to action scripts
That way, ipset and afctl will use a real timeout and not default to a fixed value for all jails
2014-07-20 16:25:59 +02:00
Yaroslav Halchenko 43950d8b7e BF: fix path to the exim log on Debian systems (/var/log/exim4) 2014-07-08 11:09:25 -04:00
Marc Laporte 3777591ab0 typo 2014-07-05 11:55:57 -04:00
Cyril Roos add8e61036 Added Directadmin filter, jail and log test 2014-07-02 13:52:06 +02:00
JoelSnyder 70ed93d8cc Update jail.conf for oracleims filter.
This is the jail.conf update.  Hopefully this will go into pull request #734.
2014-06-09 18:37:31 -07:00
Jason Martin 7d112430ca Block brute-force attempts against the Monit gui 2014-04-16 21:21:41 -07:00
Ruben Kerkhof 1695d5c076 Fix a few typos
Found with https://github.com/lucasdemarchi/codespell

Signed-off-by: Ruben Kerkhof <ruben@rubenkerkhof.com>
2014-03-24 13:16:52 +00:00
Manuel Rüger 5a1ad75114 Fix typo in comment 2014-03-18 03:07:19 +01:00
Daniel Black aa7e8fb9ce DOC: Credits. close gh-644 2014-03-14 22:30:44 +11:00
Daniel Black 415f187644 ENH: sendmail-reject for all smtp ports. 2014-03-14 07:12:12 +11:00
Steven Hiscocks a78a9d282c DOC: Document that badips.py action should be last action for jail 2014-03-13 20:04:30 +00:00
Steven Hiscocks 0222ff4677 Merge branch 'badips-blacklist' into 0.9
Conflicts:
	ChangeLog
        - entires added in both branches.

Change:
        config/action.d/badips.py
        - jail.getName() changed to jail.name
2014-03-13 20:01:15 +00:00
Steven Hiscocks 0c63d0061a DOC: Add documentation for badips.py action 2014-03-13 19:58:32 +00:00
Daniel Black df882feb16 ENH: expand sendmail-reject jail to 465,submission 2014-03-13 07:44:02 +11:00
Daniel Black ef29d7bd29 ENH: paths-{common,distro} normalisation 2014-03-12 20:32:41 +11:00
Daniel Black 666fd5eceb ENH: purge excessive jail variations 2014-03-02 16:11:53 +11:00
Daniel Black 69f5baae36 ENH: jail.conf to use syslog_mail 2014-03-02 15:18:41 +11:00
Daniel Black 2d45becb0e Merge branch '0.9' into distro-paths-gh-315 2014-03-02 15:17:21 +11:00
Daniel Black cc8ec826c5 MRG: from master 2014-03-02 2014-03-02 14:33:45 +11:00
Daniel Black c10cc20928 ENH: rename sendmail-spam to sendmail-reject 2014-02-28 08:41:04 +11:00
Daniel Black fe1725c603 BF: add jail.conf definitions for sendmail* filters 2014-02-26 19:31:09 +11:00
Daniel Black 79e6543eca Merge branch '0.9' into distro-paths-gh-315 2014-02-20 08:20:47 +11:00
Daniel Black 83266eb668 ENH: framework for distro paths 2014-02-20 08:20:02 +11:00
Steven Hiscocks f68d85a6ac Merge branch 'master' into 0.9
Conflicts:
	ChangeLog
                Spelling correction of 0.8.13 fixed in master
	config/jail.conf
                Added nagios and duplicate php-url removal in master
                Just nagios added, duplicate not issue in 0.9
2014-02-13 20:14:40 +00:00
Aarón Nieves Fernández 993b7d3dfb Duplicate jail "php-url-fopen" 2014-02-10 21:41:50 +01:00
Ivo Truxa c207ad6058 removing ignoreip at [nagios]
I removed the ignoreip setting from the nagios section. As pointed out, it is redundant here. Nagios server, under normal circumstances should not trigger any access errors, and would be included in the global ignoreips anyway.
2014-02-06 00:27:38 +01:00
Ivo Truxa dac4dd465e ENH: Nagios filter
added typical configuration settings for the nagios filter
2014-02-03 21:51:49 +01:00
Daniel Black 1a1e3bec86 ENH: framework for distro paths 2014-01-25 23:25:54 +11:00
Daniel Black 2063d96e59 MRG: import Lars' PR for tine20 2014-01-22 18:12:19 +11:00
Daniel Black 2333b2d5d9 MRG: from 0.9 2014-01-13 22:17:14 +11:00
Lars Kneschke 47dd8fb897 ENH: filter for Tine 2.0 2014-01-13 06:04:59 +01:00
Daniel Black 1e8ed55a36 MRG: from 0.9 2014-01-12 20:15:34 +11:00
Steven Hiscocks 0dd6533680 BF: Add ejabberd-auth to jail.conf 2014-01-09 23:22:12 +00:00
Daniel Black 8333abe420 Merge pull request #557 from grooverdan/apache-botsearch
ENH: Apache botsearch + BF: tag substition
2014-01-09 14:11:00 -08:00
Daniel Black d94efe719d ENH: jail.conf for counter-strike 2014-01-07 20:50:50 +11:00
Daniel Black 58ebf659e4 MRG: from 0.9 to make history cleaner 2014-01-07 16:07:58 +11:00
Daniel Black 809581ae99 ENH: jail.conf for apache-botsearch 2014-01-07 11:52:21 +11:00
Daniel Black ed9ed6d0cb TST/ENH: fix test case for ReadStockJailFilterComplete and add missing jails 2014-01-07 11:27:54 +11:00
Daniel Black 10fa5e3439 BF: fix jails for gssftpd and qmail 2014-01-07 10:49:11 +11:00
Daniel Black 549f64e86c BF: remove imap2 - not an IANA and probably not used 2014-01-07 10:25:29 +11:00
Daniel Black fa6a183e94 BF: typos in jail.conf corrected 2014-01-07 09:49:27 +11:00
Daniel Black a31c76f126 ENH: jail cleanup and fill in missing for 0.9 2014-01-07 09:34:39 +11:00
Daniel Black 755af0a51e Merge pull request #562 from grooverdan/jail.conf-complete_and_correct
ENH: Jail.conf now has all filters and TST: a mechanism to test this is truee
2014-01-06 12:08:45 -08:00
Daniel Black 90fdf5fc21 ENH: jail.conf entry for groupoffice 2014-01-07 06:55:38 +11:00
Daniel Black 03aba92238 ENH: add kerio filter 2014-01-05 23:41:49 +11:00
Daniel Black a9f804e443 ENH: complete stock jail.conf to contain all filters 2014-01-05 21:03:16 +11:00
Daniel Black d1faae3b3b BF: port not used in jail definition for freeswitch 2014-01-04 08:01:42 +11:00
Daniel Black 04d28fd2e1 ENH: add filter freeswitch - as raised on mailing list 2014-01-03 13:00:37 +11:00
Daniel Black 391b5fc883 MRG: from master again 2014-01-01 2014-01-01 19:28:38 +11:00
Daniel Black 856407379b ENH: add filter openwebmail. Closes gh-543. 2013-12-31 08:09:00 +11:00
Daniel Black c074773805 ENH: apache modsecurity from 0.9 branch 2013-12-29 07:06:13 +00:00
Daniel Black ea2a13946e TST: more test of filters 2013-12-29 05:29:59 +00:00
Daniel Black c9cfdca396 ENH: add filter for apache-modsecurity 2013-12-28 22:28:11 +00:00
Daniel Black ddac79c15c TST: include blank ignorecommand in jail.conf to indicate default value and to raise test coverage 2013-12-25 11:01:31 +00:00
bes.internal ebd89ec077 New ignorecommand that is added to the ignoreip list from output of an external program
ignorecommand update man and fix protocol help

ENH: run ignore command only after internal list has been examined. Change interface on ignorecommand to take IP as environment variable and return true if it is to be banned

ENH: ignore IP command to take tagged command

DOC: man pages for ingorecommand

TST: add test cases for ignorecommand
2013-12-24 23:55:35 +03:00
Daniel Black ed2f46759c MRG: restore accidently deleted pam comment in jail.conf 2013-12-19 09:21:12 +00:00
Daniel Black 7c0efc8ec8 MRG: merge so far - flushLogs not working yet 2013-12-16 15:08:34 +00:00
Steven Hiscocks f742ed0e4b DOC: when to use blocklist.de reporting
Taken from commit 1846056606
2013-12-05 18:06:53 +00:00
Steven Hiscocks e810ec009d ENH: Added blocklist.de reporting API action 2013-12-05 08:22:20 +00:00
Daniel Black 1846056606 DOC: when to use xarf messages to network owner 2013-12-03 20:40:42 +11:00
Daniel Black bfd435091d ENH: jail examples for xarf-login-attack 2013-12-01 20:29:43 +11:00
Daniel Black 04438cd1a1 BF/ENH: mysql jail - rename to mysql-syslog to be consistent with 0.8.13. Add port to syslog defination. Document mysql configuration required for mysql jails 2013-11-30 10:00:59 +11:00
Daniel Black 3f4d179612 BF: smtps not an IANA port - from #447 2013-11-30 09:52:32 +11:00
Daniel Black fe9e077acf BF: correct spelling of port for solid-pop3 jail in jail.conf 2013-11-30 09:51:30 +11:00
Yaroslav Halchenko 25e967f23b Merge branch 'mysqld-syslog-iptables-name-too-long' of https://github.com/grooverdan/fail2ban
* 'mysqld-syslog-iptables-name-too-long' of https://github.com/grooverdan/fail2ban:
  BF: jail name mysqld-syslog-iptables too long. removed -iptables. Thanks Stefan (#447)

Conflicts:
	ChangeLog
2013-11-29 10:02:31 -05:00
Daniel Black b9b2ddf996 BF: smtps not IANA standard. Closes #447 2013-11-29 21:47:53 +11:00
Daniel Black cade746307 BF: jail name mysqld-syslog-iptables too long. removed -iptables. Thanks Stefan (#447) 2013-11-29 21:45:11 +11:00
Daniel Black 13223c33f5 MRG: recidive-protocol-all 2013-11-25 08:22:09 +11:00
Daniel Black 98eacdf333 MRG/BF: merge from master. Fix bugs in iso8601 2013-11-24 16:36:06 +11:00
Daniel Black dab2ddb9da ENH: recidive jail to block all protocols. Closes #440 2013-11-18 07:57:16 +11:00
Daniel Black b3b9ea4559 ENH: jail for solid-pop3d 2013-11-18 07:42:45 +11:00
Daniel Black 1ac7b53cad MRG: merge from master 2013-11-13 09:16:45 +11:00
Daniel Black ab9d921162 BF: missed action in nginx-http-auth 2013-11-08 10:09:19 +11:00
Daniel Black a148d35d70 ENH: add filter.d/nginx-http-auth. Partially forfills #405 2013-11-08 10:06:40 +11:00
Daniel Black cb982ef921 ENH: multiline filter for sendmail-spam. Closes gh-418 2013-11-08 08:55:45 +11:00
Daniel Black 47d35c9d80 MRG: 0.8.11 to 0.9
Epnoc of selinux is now true UTC

Merge multiline support and date detection in filter
2013-11-02 15:59:05 +11:00
Daniel Black 93de46ac72 BF: maxretry=5 for ssh as per DEVELOP. align = in jail.conf 2013-10-31 00:52:47 +11:00
Daniel Black de9977441a DOC: move named and mysql instructions into the filters from jail.conf 2013-10-30 21:12:16 +11:00
Daniel Black 7ab909d056 DOC: space out jail.conf consistantly 2013-10-30 20:34:06 +11:00
Daniel Black 95f3f38682 MRG: merge ChangeLog and jail.conf 2013-10-30 20:19:41 +11:00
Daniel Black e3150044fd BF: fix selinux
TST: ignore *common.conf files in test cases as these are included
BF: Remove USER_LOGIN from selinux-ssh as its a duplicate message
ENH: add sample jail.conf
2013-10-30 20:05:49 +11:00
Daniel Black a991adb83f ENH: add submission, smtps and sieve to blocked ports since this also typically rely on dovecot auth 2013-10-29 14:33:45 +11:00
Daniel Black 8412303131 ENH: dovecot jail examples 2013-10-29 10:17:45 +11:00
Daniel Black 0c14707201 ENH: add dovecot jail 2013-10-26 10:01:04 +11:00
Daniel Black b61fe0f12d Merge pull request #378 from grooverdan/sasl
ENH: filter.d/postfix-sasl - anchor regex at start and rename from filter.d/sasl
2013-10-22 04:51:24 -07:00
Daniel Black 4ecc063bd0 ENH: rename filter.d/sasl -> filter.d/postfix-sasl 2013-10-22 22:40:29 +11:00
Daniel Black 123ad1cc9c MRG: Merge branch 'asterisk-common-jail' 2013-10-14 22:29:56 +11:00
Daniel Black 8421007f32 MRG: merge man/jail.conf.5 entries 2013-10-14 22:28:34 +11:00
Daniel Black 8fe542ca9f DOC: reintroduce comment on comments 2013-10-11 06:48:31 +11:00
Daniel Black 6b6169178f ENH: mysql syslog jail.conf base 2013-10-10 10:00:20 +11:00
Daniel Black ee58696531 DOC: try to encourage jail.local jail.d/*.local a lot more 2013-10-10 09:56:52 +11:00
Daniel Black 6ef33981e3 ENH: new asterisk jail to replace asterisk-(tcp|udp) (now that gh-37 is fixed) 2013-10-10 09:41:05 +11:00
Daniel Black 2d1bd54439 Merge pull request #379 from grooverdan/webmin
ENH: filter.d/webmin anchor at start and use syslog
2013-10-08 20:13:14 -07:00
Daniel Black 2a1d629d88 BF: webmin -> webmin-auth 2013-10-09 11:08:44 +11:00
Daniel Black ab457acc4d BF: fix name in action for uwimap-auth 2013-10-09 11:06:38 +11:00