* added example for BREAK-IN in ssh
* Syncing current debian revision to FAIL2BAN-0_8@717 of upstream,
since it includes fixes to some forwarded bugs. Total list of
functional changes
- Added actions to report abuse to ISP, DShield and myNetWatchman.
Thanks to Russell Odom.
- Added apache-nohome.conf. Thanks to Yaroslav Halchenko.
- Added new time format. No idea from where it comes...
- Added new regex. Thanks to Tobias Offermann.
- Try to match the regex even if the line does not contain a valid
date/time. Described in Debian #491253. Thanks to Yaroslav
Halchenko.
- Removed "timeregex" and "timepattern" stuff that is not needed
anymore.
- Added date template for Day-Month-Year Hour:Minute:Second
(closes: #491253)
- Added date pattern for Hour:Minute:Second. Thanks to Andreas
Itzchak Rehberg.
- Use current day and month instead of Jan 1st if both are not
available in the log. Thanks to Andreas Itzchak Rehberg.
- Improved pattern. Thanks to Yaroslav Halchenko.
- Merged patches from Debian package. Thanks to Yaroslav Halchenko.
* debian: (23 commits)
Imported Upstream version 0.8.3
- Prepared for 0.8.3.
Adjusted vcs paths
- Prepared for 0.8.3
- Send file if the number of lines is greater or equal and not only equal to the limit.
- Use poll instead of select in asyncore.loop. This should solve the "Unknown error 514". Thanks to Michael Geiger and Klaus Lehmann.
- Added missing ignoreregex to filters. Thanks to Klaus Lehmann.
- Added and changed some logging level and messages.
- Added svn:keywords.
- Added ISO 8601 date/time format.
- Better (correct) fix for ignoreregex in jail.[conf|local].
- Fixed ignoreregex processing in fail2ban-client. Thanks to René Berber.
- Added "Day/Month/Year Hour:Minute:Second" date template. Thanks to Dennis Winter.
- Added svn:keywords.
- Added gssftpd filter. Thanks to Kevin Zembower.
- Changed some log level.
- Fixed "fail2ban-client get <jail> logpath". Bug #1916986.
- Fixed PID file while started in daemon mode. Thanks to Christian Jobic who submitted a similar patch.
- Fixed socket path in redhat and suse init script. Thanks to Jim Wight.
- Create /var/run/fail2ban during install.
...
Conflicts:
ChangeLog
config/filter.d/gssftpd.conf
config/filter.d/pam-generic.conf
debian/changelog
* debian:
2 new jails: xinetd-fail, apache-overflows added to jails.conf
minor: adjusted comment for named jails to come closer to upstream
BF: apache-* jails -- authentication failures are recorded in *error.log files, thus paths were adjusted
* debian:
Confirms to policy 3.7.3 (no changes)
Bye Bye dpatch: now everything is handled in git branches
removing patches from dpatch system since they are in branches now
added a comment to README.Debian and to the list of examples for ipmasq example file
Fixed == bashism (Closes: #464647). Thanks Raphael Geisser
* deb/specifics:
slight tune ups in upstream sources destined only for debian are kept in this branch
* up/0.9-0.8:
* up/apache_noscript_extend:
Extended apache-noscript filter with more file extensions and to react to "script not found or unable to stat" log message (closes: #456565). Thanks Tim Connors
* up/ipmasq:
Added ipmasq rule file to restart fail2ban when iptables are wiped out (closes: #461417). Thanks Guido Bozzetto
* up/log_examples:
up/log_examples: moved vsftpd log from up/vsftpd_optional_user
added examples of log lines (for named-refused, pam-generic, sshd) under files/logs for easy testing
* up/mail_whois_lines:
mail-whois-lines: moved fix for proper names from dpatch
* up/named_refused_fixed:
named_refused: moved fix for proper config+filters from dpatch
* up/pam_generic:
added pam-generic from dpatch
* up/proftpd_fix+extend:
Fix/extension of proftpd failrexes (Closes: #461412). Thanks Guido Bozzetto
* up/sshd_refused_connect:
* up/vsftpd_optional_user:
up/vsftpd_optional_user: moving examples into up/examples branch
BF: vsftp anchoring
- anchored properly at the end of line, and source code has .examples
files to perform testing of the rules.
- added new explicit rule for users not in the AllowUsers lists
- Removed obsolete Build-Depends-Indep on help2man, python-dev
- Explicit removal of *.pyc files compiled during build
- Invoke 'python setup.py clean' in clean target, which required also
to move python into Build-Depends
* Minor clean up of debian/rules
with multiport module. That is to address the fact that most services
listen on multiple port (for encrypted and non-encrypted connections)
* Added [courierauth] jail (First 2 items are to partially address #407404
Yaroslav Halchenko