github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
1,193 Commits
33 Branches
229 Tags
19 MiB
Commit Graph

1193 Commits (2974cac40cc7709909fcb11a510f164c88e7db46)

Author SHA1 Message Date
Yaroslav Halchenko 2974cac40c RF: log all logging output from fail2ban-client to stderr. Close #264 
otherwise it
1. 'interferes' with meaninful output of the client
2. if ERROR is logged it better go to stderr and separating ERROR from other levels is not that transparent with python's logging
 2013-06-21 11:12:36 -04:00
Yaroslav Halchenko 1ab0f0f9e3 Merge branch 'master' of https://github.com/yarikoptic/fail2ban 
* 'master' of https://github.com/yarikoptic/fail2ban:
  DOC: Changelog for fail2ban-regex RF
  ENH: fail2ban-regex -- add specification of loglevels to enable
  RF: reworked -regex cmdline tool to use optparse, some unification and enhancement of outputs
  ENH: 'heavydebug' level == 5 for even more debugging in tricky cases

Conflicts:
	ChangeLog
 2013-06-15 10:52:05 -04:00
Yaroslav Halchenko 9d4b613ee4 Merge branch '3proxy' of https://github.com/grooverdan/fail2ban 
* '3proxy' of https://github.com/grooverdan/fail2ban:
  BF: fix to proxy port in 3proxy example
  ENH: sample log + more specific regex
  BF: authentication errors end in 01-09 but the beginning part indicates the service as per https://github.com/fail2ban/fail2ban/issues/246#issuecomment-19327955 thanks to ykimon
  BF: need to anchor the start to avoid another repeat of DoS injection like Apache
  ENH: stricter regex thanks to Steven Hiscocks (kwirk)
  DOC: credits

Conflicts:
	ChangeLog
 2013-06-14 12:32:51 -04:00
Yaroslav Halchenko 173fe48e77 Merge branch 'exim' of https://github.com/grooverdan/fail2ban 
* 'exim' of https://github.com/grooverdan/fail2ban:
  BF/ENH: Incorrect authentication data doesn't need tailier so that's optional. Also gained log entry for Unrouteable address
  ENH: readibility thanks to Yaroslav
  ENH/BF: exim improvements with sample

Conflicts:
	ChangeLog
 2013-06-14 12:28:07 -04:00
Yaroslav Halchenko ec629ab4e8 Merge branch 'proftpd' of https://github.com/grooverdan/fail2ban 
* 'proftpd' of https://github.com/grooverdan/fail2ban:
  ENH: proftpd chan accept usernames with spaces
  ENH: injection of fail data into USER field
  ENH: proftp regex hardening and log messages

Conflicts:
	ChangeLog
 2013-06-14 12:16:59 -04:00
Yaroslav Halchenko ab2c738b43 Merge branch 'dovecot' of https://github.com/grooverdan/fail2ban 
* 'dovecot' of https://github.com/grooverdan/fail2ban:
  TST: attempts at injection with username=rhost=1.2.3.4 have no user= logged in dovecot-1.2.15
  ENH: dovecot regexs rewritten and extra failures

Conflicts:
	ChangeLog -- merged entries
 2013-06-14 12:14:40 -04:00
Daniel Black 8cc13b5b40 BF/ENH: Incorrect authentication data doesn't need tailier so that's optional. Also gained log entry for Unrouteable address 2013-06-14 18:12:53 +10:00
Daniel Black a433a8ea5f ENH: readibility thanks to Yaroslav 2013-06-14 15:21:50 +10:00
Yaroslav Halchenko 948be73115 Merge branch 'assp' of https://github.com/grooverdan/fail2ban 
* 'assp' of https://github.com/grooverdan/fail2ban:
  BF: missed a space
  BF: [SSL-out] is optional in assp
  ENH: regex hardening on assp

Conflicts:
	ChangeLog -- merged the two entries into 1
 2013-06-13 23:32:45 -04:00
Yaroslav Halchenko 77044fce35 DOC: Changelog for fail2ban-regex RF 2013-06-13 23:21:48 -04:00
Yaroslav Halchenko 9b351350dd DOC: Changelog for asterisk hardening 2013-06-13 23:19:28 -04:00
Yaroslav Halchenko e91419d361 ENH: fail2ban-regex -- add specification of loglevels to enable 2013-06-13 23:19:28 -04:00
Yaroslav Halchenko ffe381d91c RF: reworked -regex cmdline tool to use optparse, some unification and enhancement of outputs 2013-06-13 23:19:28 -04:00
Yaroslav Halchenko 97f9cfc0b0 ENH: 'heavydebug' level == 5 for even more debugging in tricky cases 
I mocked logging library directly -- seems to be Ok.
 2013-06-13 23:19:28 -04:00
Yaroslav Halchenko 09302c5c25 ENH: asterisk -- use \S instead of [^:] + prefix failregex with ^\[ 
detected date portion is stripped from the string to be matched, so it is not only
the right ] is left, but also the left one ;-)
 2013-06-13 23:15:48 -04:00
Daniel Black 7018d81244 BF: missed a space 2013-06-14 12:35:44 +10:00
Daniel Black a447aa615d BF: [SSL-out] is optional in assp 2013-06-14 12:27:35 +10:00
Daniel Black d4940563d3 ENH: regex hardening on assp 2013-06-14 08:55:25 +10:00
Daniel Black 6a09ecff5c ENH: anchor a bit mor. Use \d and \w where possible. Escape a literal . 2013-06-14 08:41:50 +10:00
Daniel Black e8b6acfa65 TST: attempts at injection with username=rhost=1.2.3.4 have no user= logged in dovecot-1.2.15 2013-06-14 00:53:03 +10:00
Daniel Black 9940cd1b6b ENH: proftpd chan accept usernames with spaces 2013-06-14 00:29:43 +10:00
Daniel Black 2e2ec5d1f5 ENH: injection of fail data into USER field 2013-06-14 00:17:41 +10:00
Daniel Black dbe7ffe050 ENH: dovecot regexs rewritten and extra failures 2013-06-13 23:52:15 +10:00
Daniel Black 4c67a269bf ENH: proftp regex hardening and log messages 2013-06-13 22:11:05 +10:00
Daniel Black 3e3802512a ENH/BF: exim improvements with sample 2013-06-13 17:44:18 +10:00
Daniel Black 88b4598ed8 BF: fix to proxy port in 3proxy example 2013-06-13 14:43:15 +10:00
Yaroslav Halchenko 460e09af66 it was not the end of the world and we should continue 2013-06-12 21:22:26 -04:00
Daniel Black 9dbaec0894 ENH: sample log + more specific regex 2013-06-13 10:23:14 +10:00
Daniel Black 8faf84b7f7 BF: authentication errors end in 01-09 but the beginning part indicates the service as per https://github.com/fail2ban/fail2ban/issues/246#issuecomment-19327955 thanks to ykimon 2013-06-13 08:34:10 +10:00
Yaroslav Halchenko 921d9a8e4b DOC: add information on where to report vulnerabilities + pointer to HOWTO_Seek_Help 
originally following command was used to add header to all config files:

  sed -ie '/# Author/ i\# Please report vulnerabilities to fail2ban-vulnerabilities at lists dot sourceforge dot net\n# and see http://www.fail2ban.org/wiki/index.php/HOWTO_Seek_Help for generic bug-reports.\n#' action.d/* filter.d/*

but it would be overkill ATM causing havoc in user-tuned configs -- postponed for now

Also adjusted the release date for today (by mistake in 1 commit ... sorry)
 2013-06-12 13:21:12 -04:00
Yaroslav Halchenko 728b5e8bf4 Changes for 0.8.10 release (changelog, version, etc) 2013-06-11 19:20:50 -04:00
Yaroslav Halchenko 6ccd57813c BF: anchor apache- filters. Close #248 
See https://vndh.net/note:fail2ban-089-denial-service for more information
 2013-06-11 19:19:25 -04:00
Daniel Black fd9f9f16e0 BF: need to anchor the start to avoid another repeat of DoS injection like Apache 2013-06-12 08:48:30 +10:00
Daniel Black f2fa4d53a8 ENH: stricter regex thanks to Steven Hiscocks (kwirk) 2013-06-12 08:30:59 +10:00
Daniel Black 16d63434ef DOC: credits 2013-06-11 23:56:09 +10:00
Daniel Black 4787777cee DOC: credits for gh-244 2013-06-11 10:30:56 +10:00
Daniel Black 66d8210f80 Merge pull request #244 from clopez/filter-asterisk 
Filter Asterisk: Add AUTH_UNKNOWN_DOMAIN error to list
 2013-06-10 17:28:35 -07:00
Carlos Alberto Lopez Perez 7248ef4564 Filter Asterisk: Add sample log entry to testcase. 
* Sample log entry for AUTH_UNKNOWN_DOMAIN (Not a local domain)
 2013-06-11 02:13:37 +02:00
Carlos Alberto Lopez Perez 47b063b022 Filter Asterisk: Add AUTH_UNKNOWN_DOMAIN error to list 
* I have been seeing bruteforcing attempts where asterisk fails with
   AUTH_UNKNOWN_DOMAIN (Not a local domain)
 2013-06-10 19:50:35 +02:00
Yaroslav Halchenko b53612cb10 Merge pull request #237 from grooverdan/asterisk-227 
Asterisk enhancements
 2013-05-29 18:38:15 -07:00
Daniel Black 05c88bd85d ENH: purge a few more .* 2013-05-30 11:34:04 +10:00
Daniel Black 28fc14d010 DOC: credits 2013-05-30 10:27:30 +10:00
Daniel Black e54498f6fe DOC: how to do filter enhancements 2013-05-30 10:25:03 +10:00
Daniel Black 916b5a7c23 TST: normalize logs to use example.com and 1.2.3.4 as IP 2013-05-30 10:24:48 +10:00
Daniel Black 4cf402d60e ENH/BF: constrain regex. Fix ACL error regex 2013-05-30 10:15:58 +10:00
Daniel Black 0f7b609336 ENH: port optional 2013-05-30 09:43:39 +10:00
Daniel Black 278fd43429 Merge branch 'patch-1' of https://github.com/silviogarbes/fail2ban into asterisk-227 2013-05-30 09:39:12 +10:00
Daniel Black eceede175a Merge branch 'patch-4' of https://github.com/silviogarbes/fail2ban into asterisk-227 2013-05-30 09:37:00 +10:00
Yaroslav Halchenko 39d32e0352 Changelog for previous PR 2013-05-29 09:56:15 -04:00
Yaroslav Halchenko 374e7c6fc9 Merge pull request #208 from grooverdan/opensuse_init 
Opensuse init -- from stock suse distribution
 2013-05-29 06:54:25 -07:00