fail2ban

Commit Graph

Author	SHA1	Message	Date
sebres	2817a8144c	`action.d/bsd-ipfw.conf`: small amend (gh-2836) simplifying awk condition/code (position starts from `<lowest_rule_num>` and increases whilst used)	4 years ago
sebres	1418bcdf5b	`action.d/bsd-ipfw.conf`: fixed selection of rule-no by large list or initial `lowest_rule_num`, exit code can't be larger than 255 (gh-2836)	4 years ago
Sergey G. Brester	d977d81ef7	action.d/abuseipdb.conf: removed broken link, simplified usage example, fixed typos	4 years ago
sebres	a038fd5dfe	`action.d/firewallcmd-*.conf` (multiport only): fixed port range selector, replacing `:` with `-`; small optimizations on `firewallcmd-rich-rules.conf` and `firewallcmd-rich-logging.conf` simplifying both and provide a dependency (rich-logging is a derivative of rich-rules); closes gh-2821	4 years ago
sebres	9100d07c03	Merge branch '0.10-ipset-tout' into 0.10, amend to #2703 : resolves names conflict (command action timeout and ipset timeout); closes #2790	4 years ago
sebres	73a8175bb0	resolves names conflict (command action timeout and ipset timeout); closes gh-2790	4 years ago
sebres	309c8dddd7	action.d/nftables.conf (type=multiport only): fixed port range selector (replacing `:` with `-`)	4 years ago
Sergey G. Brester	01e92ce4a6	added fallback using tr and sed (jq is optional now)	5 years ago
Sergey G. Brester	1c1b671c74	Update cloudflare.conf	5 years ago
Sergey G. Brester	5b8fc3b51a	cloudflare: fixes ip to id conversion by unban using jq normalized URIs and parameters, notes gets a jail-name (should be possible to differentiate the same IP across several jails)	5 years ago
Viktor Szépe	852670bc99	CloudFlare started to indent their API responses We need to use https://github.com/stedolan/jq to parse it.	5 years ago
Ilya	8b3b9addd1	Change tool from 'cut' to 'sed' Sed regex was tested - it works.	5 years ago
Ilya	5da2422f61	Fix actionunban Add command to remove new line character. Needed for working removing rule from cloudflare firewall.	5 years ago
sebres	87a1a2f1a1	action.d/-ipset.conf: several ipset actions fixed (no timeout per default anymore), so no discrepancy between ipset and fail2ban (removal from ipset will be managed by fail2ban only)	5 years ago
sebres	ec37b1942c	action.d/nginx-block-map.conf: fixed backslash substitution (different echo behavior in some shells, gh-2596)	5 years ago
sebres	85ec605358	nftables: amend to gh-2254 - implemented shutdown of action (proper clean-up) - at stop it checks now the last set was deleted and removes table completely (if table does not contain any set); this is avoided if some sets were added manually or can be avoided via overwriting of parameter `_nft_shutdown_table`, for example: banaction = nftables[_nft_shutdown_table=''][...]	5 years ago
sebres	51af193402	nftables: add options allowing to specify own table (default `f2b-table`) and chain (default `f2b-chain`)	5 years ago
sebres	955d690e56	regrouping expressions with curly braces, added more escapes (better handling in posix shell)	5 years ago
sebres	8ea00c1d5d	fixed mistake in config (semicolon after space as comment in configs?) and coverage, suppress errors by unsupported flush, better space handling in helper _nft_get_handle_id, etc	5 years ago
sebres	492205d30e	action.d/nftables.conf: implemented `actionflush` (allows flushing nftables sets resp. fast unban of all jail tickets at all)	5 years ago
sebres	abc4d9fe37	allow to use multiple protocols in multiport (single set with multiple rules in chain): `banaction = nftables[type=multiport]` with `protocol="tcp,udp,sctp"` in jail replace 3 separate actions. more robust if deleting multiple references to set (rules in chain)	5 years ago
sebres	c753ffb11d	combine nftables actions to single action: - nftables-common is removed - nftables-allports is obsolete, replaced by nftables[type=allports] - nftables-multiport is obsolete, replaced by nftables[type=multiport]	5 years ago
sebres	c59d49da22	nftables-allports: support multiple protocols in single rule; tests/servertestcase.py: added coverage for nftables actions	5 years ago
Ririsoft	dde51b4682	fix actionban/unban ip definition syntax	5 years ago
Monson Shao	1cda50ce05	Rewrite nftables variables based on nftables' logic. Add an example for redirecting.	5 years ago
benrubson	8b171f7d25	Badips key is only used to retrieve list	6 years ago
sebres	e751be2c13	normalize, simplify and fix several mail actions (mail and sendmail actions are more similar now, sendmail is configurable via parameter `mailcmd`, etc); added test covering sendmail-whois-lines	6 years ago
sebres	22b9304562	action.d/badips.py: fix start of banaction on demand (which may be IP-family related), supplied action info with ticket instead of simulating it with dict; (closes gh-2390)	6 years ago
Sergey G. Brester	7dbd3a07eb	cut comment to limit documented on abuseipdb, additionally use curl in quiet mode	6 years ago
Carlos Ferreira	7b73cb7639	Switch to AbuseIPDB API v2	6 years ago
sebres	d8d71c5a22	action.d/helpers-common.conf: grep arguments are rewritten - using options `-wF` to match only whole words and fixed string (not as pattern)	6 years ago
chtheis	fa727586ff	Fix grep pattern to deal with Apache's error log Apache's error log appends the port to the IP address, other logs don't.	6 years ago
sebres	23d2281e57	action.d/nginx-block-map.conf: small fix with better RE-rule for removal of ID (token/session) via sed (anchored now)	6 years ago
Sergey G. Brester	b318eb7e33	closes gh-2408: prevent execution of action `abuseipdb` for restored tickets	6 years ago
sebres	e8401a7e65	action.d/xarf-login-attack.conf: fixes gh-2372, correction for split of addresses, interpolation is shell-independent now, etc; extended with option `boundary`, additionally dynamic boundary part is used (is not so predictable as it was previously);	6 years ago
sebres	5126068099	loglevel and shortloglevel combined to single parameter loglevel, below an example logging summary with NOTICE and rest with DEBUG log-levels: action = badips.py[... , loglevel="debug, notice"]	6 years ago
benrubson	689938ee99	Add a shortloglevel badips.py option	6 years ago
sebres	140243328f	coverage: try to avoid sporadic "coverage decreased" in CI	6 years ago
sebres	555b29e8e6	Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10	6 years ago
dienteperro	0df221b54b	"be" instead of "me" in shorewall.conf	6 years ago
Sergey G. Brester	1752c19b6f	Merge pull request #2205 from benrubson/patch-1 Add loglevel option to badips.py	6 years ago
Sergey G. Brester	65676baf8c	fixed py3 incompatibility (for some reasons this file seems to be excluded from 2to3), anyway not needed, because int-type is already checked in str2LogLevel	6 years ago
Sergey G. Brester	4b751c84c3	badips.py: Rewrite new bool option "log" as "loglevel" and revert default to log-level (DEBUG).	6 years ago
sebres	d01fe9d22a	action.d/*.conf: correct comments for actionstart/actionstop	6 years ago
Ben RUBSON	9d7c0e00c1	Also log number of IPs removed/added	6 years ago
Ben RUBSON	70e53b55c5	Typo	6 years ago
Ben RUBSON	ec4c4b12c1	Add yes/no log option to badips.py	6 years ago
sebres	6ce67a6d21	coverage	6 years ago
sebres	8cbe1e6b13	Merge pull request #2155	7 years ago
cheese1	43db4411de	small typo	7 years ago

1 2 3 4 5 ...

423 Commits (267cbf5861edbf7a2e944d9ed1334baa7a373b10)