Viktor Szépe
2063ce4b23
All the arguments must be listed in [Init]
2015-07-01 14:48:44 +02:00
Viktor Szépe
79457112e9
Updated CF action
2015-07-01 09:38:36 +02:00
Yaroslav Halchenko
345820d2aa
Merge pull request #1056 from ipoddubny/asterisk_security_log
...
Fix support for Asterisk security log
2015-05-25 12:50:13 -04:00
Yaroslav Halchenko
f41872f034
Merge pull request #1013 from szepeviktor/patch-4
...
Non-US locale warning for proftpd
2015-05-25 10:51:51 -04:00
Yaroslav Halchenko
eb091d9b8c
Merge remote-tracking branch 'origin/master' into pr-1039
...
* origin/master:
minor: no tripple empty lines
add froxlor-auth filter and jail
add froxlor-auth filter and jail 0
add froxlor-auth filter and jail
BF: Fix fail2ban-regex not parsing journalmatch correctly
2015-05-25 10:50:34 -04:00
Yaroslav Halchenko
8c4d4aa7fb
minor: no tripple empty lines
2015-05-25 10:42:19 -04:00
Joern Muehlencord
4296d1a9a9
add froxlor-auth filter and jail
2015-05-25 13:51:06 +02:00
Joern Muehlencord
964cdb5d9b
add froxlor-auth filter and jail
2015-05-25 13:44:50 +02:00
Ivan Poddubny
7a4e6fa6e5
Asterisk security log: add support for websocket protocol events
...
Thanks to @kcormier.
2015-05-25 08:13:30 +03:00
Ivan Poddubny
988d9a08da
Asterisk security log: accept events containing Response/ExpectedResponse
...
Event containing Challenge may come without ReceivedChallenge, but with
Response and ExpectedResponse.
Also Challenge now accepts '/' character, since it is used at least by PJSIP.
2015-05-25 08:12:51 +03:00
Ivan Poddubny
189265a323
Asterisk security log: accept SessionID of PJSIP events
...
Unlike chan_sip and manager, PJSIP populates SessionID using
Call-Id header of a related SIP message.
As Call-Id of a SIP message can contain almost anything,
the regular expression for SessionID has been loosened.
2015-05-25 08:11:34 +03:00
Ivan Poddubny
ab2ac1a367
Asterisk security log: accept <unknown> in AccountID
2015-05-24 12:47:55 +03:00
Ivan Poddubny
977f9955e7
Asterisk security log: accept EventTV in ISO8601
...
Asterisk uses ISO8601 dates in security log since version 12.
Closes #988
2015-05-24 12:46:54 +03:00
Anton Shestakov
56e5821c06
Match unknown user in dovecot's passwd-file auth database
2015-04-30 16:53:10 +08:00
Aaron Brice
7ae0ef2408
Fix actions in ufw.conf
...
On Ubuntu 15.04 the ufw action was not working.
- With empty <application>, receiving errors:
2015-04-24 16:28:35,204 fail2ban.filter [8527]: INFO [sshd] Found 43.255.190.157
2015-04-24 16:28:35,695 fail2ban.actions [8527]: NOTICE [sshd] Ban 43.255.190.157
2015-04-24 16:28:35,802 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- stdout: b''
2015-04-24 16:28:35,803 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- stderr: b''
2015-04-24 16:28:35,803 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- returned 1
- With action = ufw[application=OpenSSH], it was silently not doing
anything (no errors after "Ban x.x.x.x", but no IP addresses in ufw
status).
Re-arranged the bash commands on two lines, and it works with or without
<application>.
2015-04-28 11:39:00 -07:00
Lee Clemens
8f792f52fb
Add drupal-auth filter and jail
2015-04-27 13:10:27 -04:00
Lee Clemens
b530d88eca
Merge remote-tracking branch 'upstream/master' into bf/1000-asteriskBlocksSelf
...
Conflicts:
ChangeLog
2015-04-26 15:13:59 -04:00
Markus Oesterle
f8c7247f42
added \s after host
2015-04-17 10:22:01 +02:00
Markus Oesterle
5f2807b41f
replaced .* before rhost with regex matching all the previous fields
2015-04-17 10:04:35 +02:00
Markus Oesterle
8825a5f31b
updated filter.d/sshd.conf
...
Added line to match sshd auth errors on OpenSuSE systems
2015-04-16 19:48:28 +02:00
Viktor Szépe
e776a4e1ab
Update proftpd.conf
2015-04-08 15:57:39 +02:00
Viktor Szépe
f9e8a99a79
Non-US locale warning for proftpd
2015-04-06 17:04:41 +02:00
Thomas Mayer
923d807ef8
use human-readable variable names (issue #1003 )
2015-03-29 18:18:30 +02:00
Thomas Mayer
675c3a7c95
use printf instead of echo for POSIX compatibility (issue #1003 )
2015-03-29 18:08:47 +02:00
Thomas Mayer
ac1e41ea70
Revert "remove '-ne' option as it's not interpreted any way (issue #1003 )"
...
This reverts commit 4a598070c8
.
2015-03-29 17:54:25 +02:00
Thomas Mayer
4a598070c8
remove '-ne' option as it's not interpreted any way (issue #1003 )
2015-03-28 06:58:01 +01:00
Thomas Mayer
80f11a4d28
Add empty Init Section to pass tests (issue #1003 )
2015-03-27 18:36:09 +01:00
Thomas Mayer
c9b24839e4
Character detection heuristics for whois output via optional setting in mail-whois*.conf ( Closes #1003 )
...
when set by user,
- detects character set of whois output (which is undefined by RFC 3912) via heuristics of the file command
- converts whois data to UTF-8 character set with iconv
- sends the whois output in UTF-8 character set to mail program
- avoids that heirloom mailx creates binary attachment for input with unknown character set
2015-03-27 14:27:41 +01:00
Csaba Tóth
0720c831b7
Fix of LC_TIME usage, it should be LC_ALL
2015-03-26 03:02:02 +01:00
Lee Clemens
72f4bcfbff
Match hacking attempt IP instead of asterisk server IP ( closes #1000 )
2015-03-24 19:03:26 -04:00
Yaroslav Halchenko
d28880fdca
Merge pull request #997 from yarikoptic/bf/long-purge-for-recidive
...
DOC: make a warning for recidive jail to increase dbpurgeage (Closes #964 )
2015-03-23 21:30:04 -04:00
ediazrod
5fdd1d1ded
Update shorewall-ipset-proto6.conf
2015-03-23 00:56:37 +01:00
ediazrod
e26a1ad6b6
Update shorewall-ipset-proto6.conf
2015-03-23 00:55:06 +01:00
Yaroslav Halchenko
56aacf872c
Merge pull request #952 from ache/master
...
Update bsd-ipfw.conf
2015-03-21 21:46:54 -04:00
Yaroslav Halchenko
02836b599c
Added a comment about systemd backend for jails with logs outside of journal ( Closes #959 )
2015-03-21 21:25:50 -04:00
Yaroslav Halchenko
320a28a4a4
DOC: make a warning for recidive jail to increase dbpurgeage ( Closes #964 )
2015-03-21 20:50:03 -04:00
ediazrod
d0887f3234
This is a especific configuration for shorewall ipset proto6
...
Use ipset proto6 in shorewall. You must follow the rules to enable ipset in you blacklist
if you have a lot of spam (my case) is better use ipset rather than shorewall command line (is my firewall)
stop fail2ban with shorewall on one list of 1000 Ips takes 5 min with ipset in shorewall 10 sec.
2015-02-26 18:48:31 +01:00
Yaroslav Halchenko
e788e3823e
Merge pull request #965 from TorontoMedia/master
...
Split output of firewallcmd list into separate lines for grepping (Close #908 )
2015-02-14 16:06:10 -05:00
TorontoMedia
b4f1f613bb
Update firewallcmd-allports.conf
2015-02-14 12:32:36 -05:00
TorontoMedia
0fac7e40b6
Update firewallcmd-multiport.conf
2015-02-14 12:31:33 -05:00
Yaroslav Halchenko
07b0ab07ad
Merge branch 'master' of https://github.com/rumple010/fail2ban
...
* 'master' of https://github.com/rumple010/fail2ban :
Changed default TTL value to 60 seconds.
Added a reminder to create an nsupdate.local file to set required options.
Modified the ChangeLog and THANKS files to reflect the addition of action.d/nsupdate.conf.
add nsupdate action
Conflicts:
ChangeLog
2015-02-14 09:32:05 -05:00
Yaroslav Halchenko
d5e68abf95
ENH: check badips.com response on presence of "categories" in it
...
As https://travis-ci.org/fail2ban/fail2ban/jobs/50609529 query might fail in
that response would not contain "categories". With this change we will handle
it explicitly and will spit out ValueError, providing information about
the response so it could be troubleshooted
2015-02-13 08:55:35 -05:00
Ache
ae1451b29f
Update bsd-ipfw.conf
...
Deleting not existent is not error.
Adding already present is not error.
Otherwise all those entries becomes stale forever, not removed and its number increases over time.
2015-02-08 15:55:32 +03:00
Yaroslav Halchenko
3fb2becddb
Merge pull request #949 from leeclemens/enh/configSyslogSocket
...
Configure Syslog Socket Path (closes #814 )
2015-02-06 20:08:15 -05:00
Lee Clemens
6268eb32be
Use syslogsocket value "auto" to determine syslog socket's path
2015-02-06 19:14:09 -05:00
Luke Hollins
549ab24e70
Fixed grammatical error in emails sent
2015-02-06 11:47:03 -05:00
Yaroslav Halchenko
119a7bbb16
Merge pull request #939 from szepeviktor/geoip
...
Added sendmail-geoip-lines.conf
2015-02-06 11:32:41 -05:00
Viktor Szépe
4c88a00c28
Line notes implemented
2015-02-06 17:22:30 +01:00
Lee Clemens
445fd7367f
Configure Syslog Socket Path
2015-02-05 23:44:57 -05:00
František Šumšal
eb0d086ed0
Merge branch 'master' into nginx-botsearch
2015-02-04 02:13:33 +01:00
František Šumšal
1c6d2074fb
Changed default settings for nginx-botseach filter
2015-02-04 01:48:59 +01:00
Orion Poplawski
e7ff7e90b7
[postfix-sasl] update regexes
...
- Add : to match "SASL LOGIN authentication failed: Password:"
- Add ignoreregex to ignore system authentication issues:
"warning: unknown[1.1.1.1]: SASL LOGIN authentication failed: Connection lost to authentication server"
- Add test log messages for both
2015-02-03 11:30:16 -07:00
František Šumšal
fb0f463eac
Include consistency
2015-02-03 15:54:05 +01:00
František Šumšal
705718be52
Filter apache-botsearch.conf now loads variables from botsearch-common.conf
2015-02-03 04:44:33 +01:00
František Šumšal
18778d9174
Created botsearch-common.conf
...
File contains variables used in -botsearch filters
2015-02-03 04:25:47 +01:00
Yaroslav Halchenko
73af02ffc6
Merge pull request #940 from leeclemens/ENH/ApacheFakeGoogleBot
...
New jail: apache-fakegooglebot
2015-02-02 21:44:04 -05:00
Yaroslav Halchenko
df581fe6e2
Merge pull request #929 from opoplawski/pam_auth
...
Add filter variable __pam_auth to allow customize for setups with multiple authorization schemes (Close #928 )
2015-02-02 21:42:10 -05:00
Yaroslav Halchenko
7ada96b4e9
Merge pull request #932 from opoplawski/dovecot
...
Dovecot - dovecot auth failure from EL7
2015-02-02 21:37:28 -05:00
František Šumšal
f8fe165cd2
Switched from tabs to spaces for indents
2015-02-03 03:35:22 +01:00
Yaroslav Halchenko
8f6d9c6a5a
Merge branch 'enh/local_time_zone' of https://github.com/yarikoptic/fail2ban
...
* 'enh/local_time_zone' of https://github.com/yarikoptic/fail2ban :
fixed typos, thanks szepeviktor for review
ENH: use non-UTC date invocation (without -u) and report offset for localzone (%z)
Conflicts:
ChangeLog
2015-02-02 21:21:44 -05:00
Lee Clemens
841c476045
Merge branch 'enh/fakegooglebot' of https://github.com/yarikoptic/fail2ban into yarikoptic-enh/fakegooglebot
...
Conflicts:
config/filter.d/ignorecommands/apache-fakegooglebot
2015-02-02 13:01:23 -05:00
Yaroslav Halchenko
15b65c7ad2
NF: apache-fakegooglebot ignorecommand + DNSUtils.ipToName
2015-02-02 12:19:20 -05:00
Lee Clemens
7e94ba6f0c
Remove implementation specific suffix
2015-02-02 11:43:05 -05:00
Lee Clemens
854915920f
Remove implementation specific suffix
2015-02-02 11:38:23 -05:00
Lee Clemens
af078532ac
New jail: apache-fakegooglebot
...
Detects fake googlebot user agents in apache access log
2015-02-02 00:42:01 -05:00
Viktor Szépe
1619ab3145
Added sendmail-geoip-lines.conf
2015-02-01 00:06:56 +01:00
Yaroslav Halchenko
ec6a30efcf
ENH: define ignoreregex for all filters explicitly, to avoid warnings ( Closes #934 )
2015-01-30 10:38:28 -05:00
František Šumšal
c8e82f18b6
Add jail nginx-botsearch
...
Jail blocks requests for predefined non-existent folders. Based on
apache-botsearch jail.
2015-01-29 17:57:52 +01:00
Orion Poplawski
b4776a1ba0
Match dovecot unknown user line
2015-01-29 09:37:37 -07:00
Orion Poplawski
3bc92610f7
Add dovecot auth failure from EL7
2015-01-29 09:11:59 -07:00
Andrew St. Jean
6bdfe756cf
Changed default TTL value to 60 seconds.
2015-01-28 22:46:43 -05:00
Orion Poplawski
79b5a2617f
Add filter variable __pam_auth to allow easier changing of pam auth backend
2015-01-27 14:34:27 -07:00
Andrew St. Jean
43732acae1
Added a reminder to create an nsupdate.local file to set required options.
2015-01-26 21:48:16 -05:00
Yaroslav Halchenko
085d0f72ed
ENH: use non-UTC date invocation (without -u) and report offset for localzone (%z)
2015-01-26 09:19:44 -05:00
Yaroslav Halchenko
65980a70fc
Merge branch 'enh/recidive-allports' of https://github.com/yarikoptic/fail2ban
...
* 'enh/recidive-allports' of https://github.com/yarikoptic/fail2ban :
use iptables-allports for recidive
Conflicts:
ChangeLog
2015-01-26 09:04:42 -05:00
rumple010
eb76dcd5a0
add nsupdate action
...
Adds a new action file that uses nsupdate to dynamically update a BIND
zone file with a TXT resource record representing a banned IP address.
Resource record is deleted from the zone when the ban expires.
2015-01-25 23:15:07 -05:00
sebres
12e3cca3f2
port[s] typo fixed in jail.conf/nginx-http-auth, issue gh-913
2015-01-19 10:28:53 +01:00
Yaroslav Halchenko
083031524d
BF: adding missing Definition section header to firewallcmd-allports
2015-01-08 21:14:50 -05:00
TorontoMedia
d7b7f4bc91
Update firewallcmd-allports.conf
2015-01-08 21:06:43 -05:00
Lee Clemens
77677e43df
Merge branch 'master' of github.com:fail2ban/fail2ban into ENH/PostfixRBL
2015-01-07 20:39:04 -05:00
Lee Clemens
bda8dc1926
Merge branch 'master' of github.com:fail2ban/fail2ban into ENH/PostfixRBL
2015-01-03 15:29:42 -05:00
TorontoMedia
7eed55266b
Created firewallcmd-multiport
2015-01-01 12:46:48 -05:00
TorontoMedia
9f91cb2fd8
Created firewallcmd-allports
2015-01-01 12:44:34 -05:00
TorontoMedia
50e5fd9ed7
Create firewallcmd-multiport.conf
2015-01-01 05:32:41 -05:00
TorontoMedia
591e444753
Create firewallcmd-allports.conf
2015-01-01 05:32:06 -05:00
Lee Clemens
0f48cf4284
loosen up regex for spamhaus (spamcop says "Blocked" as part of url)
2014-12-30 19:14:39 -05:00
Lee Clemens
fe72a5585c
Create Jail for Postfix based on RBL
...
Use RBL blocks to ban addresses, unique Jail so maxretry can be set to 1 (vs postfix.conf)
2014-12-30 19:06:17 -05:00
Lee Clemens
2d7429c47c
Add 'Client host rejected error message' regex
...
Not sure if it was reworded (using Postfix 2.6) or a slightly different error, but I only have "Client host rejected: cannot find your hostname"
2014-12-30 18:05:19 -05:00
Viktor Szépe
81b3dbde1d
postfix-sasl failregex case insensitive
2014-12-11 00:10:37 +01:00
bes-internal
ccc986b7d8
exim filter: correct failregex for exim with extended log options
...
incoming_interface, incoming_port, outgoing_port
2014-12-04 13:34:44 +03:00
Orion Poplawski
d8867807f5
Separate php-url-fopen logpath by newline
2014-11-28 22:04:09 -07:00
Guillaume FRANCOIS
a6a2dc868b
Add ignoreregex to avoid warning on start
2014-11-12 11:05:56 +01:00
Guillaume FRANCOIS
9269664350
Add ignoreregex to avoid warning on start
2014-11-12 10:30:28 +01:00
Yaroslav Halchenko
2a3790f8e8
use iptables-allports for recidive
2014-11-04 13:24:54 -05:00
Yaroslav Halchenko
967485c2d0
improving grepping
2014-10-29 23:14:47 -04:00
Yaroslav Halchenko
efbf5064a1
Merge pull request #807 from xslidian/patch-1
...
grep IP at the start of lines
2014-10-29 23:07:10 -04:00
Orion Poplawski
01b2673e34
Use multiport for firewallcmd-new
2014-10-29 16:27:37 -06:00
Yaroslav Halchenko
36abb5ed96
BF: fix $ for % in jail.conf. Debian bug #767255
2014-10-29 13:08:51 -04:00
pacop
e3a037ee3f
merge master
2014-10-25 18:15:34 +02:00
pacop
ce4f2d1c88
added filter for PortSentry with jail and samples
2014-10-04 15:08:12 +02:00
SlowRiot
fc5f729f01
adding jail conf for shellshock filter
2014-09-26 16:37:50 +01:00
SlowRiot
4f636eb0e3
adding filter to detect Shellshock attack attempts against bash scripts through apache. See http://seclists.org/oss-sec/2014/q3/650
2014-09-26 16:25:07 +01:00
Nick Weeds
2c158fe168
Add apache filter for AH01630 client denied by server configuration
2014-09-14 21:54:05 +01:00
Yaroslav Halchenko
0e1f8f7f39
RF: remove those two additional failregexes for the postfix
...
see comment
https://github.com/fail2ban/fail2ban/pull/804\#discussion_r17512426
2014-09-13 10:25:27 -04:00
Yaroslav Halchenko
96c20c8379
Merge pull request #804 from pleasantone/master
...
Add support for postfix/submission/smtpd matching.
2014-09-13 10:24:06 -04:00
Yaroslav Halchenko
c58c4de9bc
ENH: add empty ignoreregex to avoid a warning ( Close #805 )
2014-09-13 10:18:37 -04:00
Dean Lee
ba44ff312b
grep IP at the start of lines
...
I'm not sure if this regex works best, so I'm patching this single file as a sample.
Don't forget to update `mail-whois-lines.conf` after this patch got merged.
For the following logs, `grep '[^0-9]199.48.161.87[^0-9]'` will output nothing, while `grep '\([^0-9]\|^\)199.48.161.87[^0-9]'` works:
<pre>199.48.161.87 - - [09/Sep/2014:13:38:54 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:38:56 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:38:58 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:00 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:05 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:05 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:13 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:21 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:32 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:34 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:34 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:34 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:35 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:35 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com
199.48.161.87 - - [09/Sep/2014:13:39:35 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com</pre>
2014-09-09 14:55:34 +08:00
Paul Traina
249e169d8e
Update test cases and also suport smtps per request.
2014-09-08 11:53:51 -07:00
Daniel Black
1864f75b3b
Credits and notes from #806
2014-09-08 19:02:37 +10:00
weberho
d2c086b187
fixed encoding
2014-09-08 10:26:08 +02:00
weberho
218ffe862e
fixed encoding
2014-09-08 10:23:07 +02:00
Paul Traina
544cfaff2c
Add support for postfix/submission/smtpd matching.
2014-09-06 10:23:38 -07:00
Yaroslav Halchenko
0d9cfb84e3
Merge pull request #778 from yarikoptic/enh/symbiosis
...
ENH: symbiosis-blacklist-allports action
2014-08-20 23:00:11 -04:00
Yaroslav Halchenko
426ed7ff2f
Merge pull request #780 from opoplawski/logpath
...
Fxi jail.conf to use more syslog macros
2014-08-20 22:59:23 -04:00
Yaroslav Halchenko
93243e7d57
ENH: Ignore errors while unbaning in symbiosis firewall
...
Fail2Ban at times "interfers" with the firewall reflashing thus leading
to the sporadic errors. IMHO should be safe to ignore
2014-08-12 11:57:07 -04:00
Luc Maisonobe
763115b1eb
added systemd configuration for postfix-sasl.conf
2014-08-11 21:54:27 +02:00
Yaroslav Halchenko
aee560b1c6
Merge branch 'master' of git://github.com/fail2ban/fail2ban
...
* 'master' of git://github.com/fail2ban/fail2ban:
1.5 version of Fail2ban logwatch file
Fix typos.
2014-08-11 13:10:02 -04:00
Yaroslav Halchenko
6fc04c2256
Merge branch 'bf+enh/cyrus-imap' of https://github.com/yarikoptic/fail2ban (with some tune up to Changelog entry)
...
* 'bf+enh/cyrus-imap' of https://github.com/yarikoptic/fail2ban :
ENH: cyrus-imap -- catch also 'user not found' attempts
BF: cyrus-imaps -- catch also for secured daemons
Conflicts:
ChangeLog
2014-08-11 13:09:43 -04:00
Yaroslav Halchenko
f403bad0ab
Merge pull request #775 from alimony/patch-1
...
Fix typos.
2014-08-11 13:08:30 -04:00
Yaroslav Halchenko
b79a82ebdd
minor typo
2014-08-08 15:57:41 -04:00
Orion Poplawski
6b554fbe98
Fxi jail.conf to use more syslog macros
2014-08-08 13:27:32 -06:00
Yaroslav Halchenko
818dd59d65
ENH: symbiosis-blacklist-allports action
2014-08-08 11:57:30 -04:00
Markus Amalthea Magnuson
7b76322898
Fix typos.
2014-08-02 12:21:59 +02:00
Yaroslav Halchenko
4a23a7dcf1
Merge pull request #766 from leftyfb/master
...
Added cloudflare action
2014-07-28 15:34:09 -04:00
leftyfb
6dbd449f77
Changed to Cloudflare JSON API
2014-07-28 11:10:50 -04:00
Jisoo Park
2e7b8adb3b
Fix sieve filter to use correct option
2014-07-28 23:42:02 +09:00
Yaroslav Halchenko
f19c5fc939
Merge pull request #770 from eltrai/master
...
Forwards bantime to action scripts
2014-07-28 10:17:08 -04:00
Yaroslav Halchenko
f9cfbd66e6
Merge pull request #771 from szepeviktor/patch-1
...
named users + smtp auth probes
2014-07-28 10:14:18 -04:00
Szépe Viktor
143a55bf26
Update courier-smtp.conf
2014-07-28 12:51:38 +02:00
Yaroslav Halchenko
2d7f2fa33f
Merge pull request #756 from marclaporte/patch-1
...
typo
2014-07-27 21:49:24 -04:00
Yaroslav Halchenko
45c1095606
Merge pull request #750 from niorg/master
...
Added Directadmin filter, jail and log test
2014-07-27 21:47:07 -04:00
Yaroslav Halchenko
3339dc8d84
ENH: cyrus-imap -- catch also 'user not found' attempts
2014-07-25 10:13:04 -04:00
Yaroslav Halchenko
3e5c598b79
BF: cyrus-imaps -- catch also for secured daemons
2014-07-25 10:02:40 -04:00
Szépe Viktor
d757ef584f
Update courier-smtp.conf
2014-07-20 21:09:10 +02:00
Szépe Viktor
a786e8a29b
named users + smtp atuh probes
2014-07-20 19:59:54 +02:00
Pierre-Alain Dupont
3d7504c19e
Forwards bantime to action scripts
...
That way, ipset and afctl will use a real timeout and not default to a fixed value for all jails
2014-07-20 16:25:59 +02:00
leftyfb
cba570cabd
Updated comments
2014-07-17 23:49:35 -04:00
leftyfb
5471e99ebe
Added cloudflare action
2014-07-17 22:54:30 -04:00
Yaroslav Halchenko
6cddc65cee
BF: path to exim's mainlog on Fedora (Thanks Frantisek Sumsal) + changelog entry
2014-07-14 12:16:12 -04:00
Yaroslav Halchenko
43950d8b7e
BF: fix path to the exim log on Debian systems (/var/log/exim4)
2014-07-08 11:09:25 -04:00
Marc Laporte
3777591ab0
typo
2014-07-05 11:55:57 -04:00
Cyril Roos
add8e61036
Added Directadmin filter, jail and log test
2014-07-02 13:52:06 +02:00
Yaroslav Halchenko
0adb10f653
Merge branch 'ainfo-copy' of https://github.com/kwirk/fail2ban
...
* 'ainfo-copy' of https://github.com/kwirk/fail2ban :
TST: actions modifying aInfo test more robust
TST: Test for actions modifying (un)ban aInfo
BF: aInfo could be modified by actions, causing unexpected behaviour
2014-06-22 10:53:30 -04:00
Steven Hiscocks
2d54161696
Merge branch 'kwirk/harmonize-log-msgs'
...
Conflicts:
ChangeLog - Keep all additions
2014-06-22 12:57:49 +01:00
Steven Hiscocks
76a5633ff9
Merge pull request #739 from ranvis/enh-iptables-ipsets
...
ENH: Add <chain> to iptables-ipsets.
2014-06-21 22:48:49 +01:00
SATO Kentaro
65ff3e9604
ENH: Introduce iptables-common.conf.
2014-06-18 19:04:57 +09:00
Steven Hiscocks
94232d7c31
Merge pull request #726 from pmarrapese/master
...
Minor improvement to sshd filter
2014-06-17 23:43:42 +01:00
Steven Hiscocks
8268c1641f
BF: aInfo could be modified by actions, causing unexpected behaviour
...
A separate copy of aInfo is passed to each action
2014-06-17 23:24:23 +01:00
Yaroslav Halchenko
93d5c363ca
Merge branch 'enh/oracle_msg_server'
...
* enh/oracle_msg_server:
ENH: make oracleims failregex better anchored (more explicit)
Update oracleims.conf to be 'less greedy'
Update THANKS
Update jail.conf for oracleims filter.
Create test for oracleims filter
Create oracleims.conf in filter.d for new filter
2014-06-16 09:22:42 -04:00
SATO Kentaro
1e1c4ac62a
ENH: Add <chain> to iptables-ipsets.
2014-06-16 21:30:13 +09:00