Manuel Rüger
5a1ad75114
Fix typo in comment
2014-03-18 03:07:19 +01:00
Steven Hiscocks
41cbbbc248
BF: Remove unused imports and variables.
...
All highlighted by using pyflakes.
2014-03-16 14:31:34 +00:00
Steven Hiscocks
16125ec81a
BF: badips.py action methods not static due to use of self._logSys
2014-03-16 14:18:19 +00:00
Steven Hiscocks
6c5a978d6f
BF: journalmatch for recidive should be NOTICE level not WARNING
2014-03-15 13:29:44 +00:00
Daniel Black
7611096162
Merge branch '0.9' of https://github.com/fail2ban/fail2ban into 0.9
2014-03-14 22:31:16 +11:00
Daniel Black
aa7e8fb9ce
DOC: Credits. close gh-644
2014-03-14 22:30:44 +11:00
Steven Hiscocks
9e374b159e
ENH: Allow setting of badips.py key for reporting and blacklisting
2014-03-13 22:45:10 +00:00
Steven Hiscocks
de43d1d6d5
ENH: Change badips.py default score to "3"
...
As per recommendation from Amy from badips.com
2014-03-13 22:05:50 +00:00
Daniel Black
476d79d3cc
ENH: asterisk filter to support syslog format
2014-03-14 09:03:27 +11:00
Daniel Black
415f187644
ENH: sendmail-reject for all smtp ports.
2014-03-14 07:12:12 +11:00
Steven Hiscocks
a78a9d282c
DOC: Document that badips.py action should be last action for jail
2014-03-13 20:04:30 +00:00
Steven Hiscocks
0222ff4677
Merge branch 'badips-blacklist' into 0.9
...
Conflicts:
ChangeLog
- entires added in both branches.
Change:
config/action.d/badips.py
- jail.getName() changed to jail.name
2014-03-13 20:01:15 +00:00
Steven Hiscocks
0c63d0061a
DOC: Add documentation for badips.py action
2014-03-13 19:58:32 +00:00
Steven Hiscocks
dfb46cfda6
BF: Require Python 2.7+ for badips.py action
2014-03-12 21:54:15 +00:00
Daniel Black
df882feb16
ENH: expand sendmail-reject jail to 465,submission
2014-03-13 07:44:02 +11:00
Daniel Black
ef29d7bd29
ENH: paths-{common,distro} normalisation
2014-03-12 20:32:41 +11:00
Daniel Black
50d938e0bf
MRG: merge filter sendmail-spam into sendmail-reject
2014-03-02 16:28:23 +11:00
Daniel Black
666fd5eceb
ENH: purge excessive jail variations
2014-03-02 16:11:53 +11:00
Daniel Black
69f5baae36
ENH: jail.conf to use syslog_mail
2014-03-02 15:18:41 +11:00
Daniel Black
2d45becb0e
Merge branch '0.9' into distro-paths-gh-315
2014-03-02 15:17:21 +11:00
Daniel Black
2d8c497ce5
ENH: highlight missing osx paths
2014-03-02 15:16:53 +11:00
Daniel Black
cc8ec826c5
MRG: from master 2014-03-02
2014-03-02 14:33:45 +11:00
Daniel Black
853bed8e4f
ENH: more sendmail-reject filter items thanks to fab23
2014-03-02 14:04:27 +11:00
Daniel Black
d0ec09a3b5
BF: move to right location
2014-03-01 15:50:30 +11:00
Daniel Black
c10cc20928
ENH: rename sendmail-spam to sendmail-reject
2014-02-28 08:41:04 +11:00
Daniel Black
d34569fb8d
BF: email address as arg1 in sendmail filters
2014-02-27 11:38:23 +11:00
Daniel Black
72c84fe9b0
ENH: wider regex for RBL and sendmail-spam
2014-02-27 10:02:34 +11:00
Daniel Black
fe1725c603
BF: add jail.conf definitions for sendmail* filters
2014-02-26 19:31:09 +11:00
Daniel Black
3d776afbb0
ENH: add filter for sendmail-{auth,spam}. Closes gh-20
2014-02-26 19:16:49 +11:00
Steven Hiscocks
a9b9c6ea03
Merge branch 'logging' into 0.9
...
Conflicts:
fail2ban/server/actions.py
jail getName()->name
fail2ban/server/filter.py
jail getName()->name
2014-02-23 23:03:56 +00:00
Steven Hiscocks
df8d700d17
RF: Refactor Jail and JailThread
...
Includes:
- documentation to new format and use of properties
- change isActive->is_active as former no longer documented for
python3, and later introduction and documented in python2.6
- status formatter in beautifier somewhat more automatically
formatted; no changes are required for additional status elements
- JailThread now set to active within `start` method, complimenting
`stop` method
2014-02-23 17:41:14 +00:00
Steven Hiscocks
a4731ef988
DOC: Correct log levels
2014-02-20 23:09:45 +00:00
Steven Hiscocks
5630c56c75
ENH: Change logging levels and make info more verbose
2014-02-20 23:01:40 +00:00
Daniel Black
9be22a96a6
Merge pull request #614 from kwirk/complain-abusix
...
BF: Use abusix Abuse Contact DB to get more accurate abuse addresses
2014-02-20 09:17:23 +11:00
Daniel Black
cc463aa60d
Merge pull request #620 from kwirk/xarf-tweaks
...
BF: Fix misplaced ";", and duplicate {ip,}matches
2014-02-20 09:16:11 +11:00
Daniel Black
b6f9b9161d
BF: remove self reference
2014-02-20 09:01:05 +11:00
Daniel Black
a044517cb7
MRG: from master to 0.9 2014-02-20
2014-02-20 08:35:24 +11:00
Daniel Black
79e6543eca
Merge branch '0.9' into distro-paths-gh-315
2014-02-20 08:20:47 +11:00
Daniel Black
83266eb668
ENH: framework for distro paths
2014-02-20 08:20:02 +11:00
Steven Hiscocks
8c5525163b
BF: Fix misplaced ";", and duplicate {ip,}matches
2014-02-18 15:13:02 +00:00
Steven Hiscocks
997729e274
BF: Fix complain action for multiple recipients and misplaced ";"
2014-02-18 15:05:06 +00:00
Steven Hiscocks
7c76f7f204
BF: $EUID not avilable in all shells, replaced with `id -u` in xt_recent
2014-02-16 17:56:06 +00:00
Steven Hiscocks
2a37ee2fb7
ENH: Add root user check in xt_recent, and add missing actionstop
...
Thanks to Helmut Grohne on IRC for suggestion
2014-02-16 16:52:30 +00:00
Steven Hiscocks
5c7630c4be
ENH: Allow separate blacklist category for badips.py action
2014-02-14 17:45:08 +00:00
Steven Hiscocks
cf81ddd8e2
BF: Add error handling in badips.py action
2014-02-14 17:10:34 +00:00
Steven Hiscocks
31f4ea59cb
BF: Use abusix Abuse Contact DB to get more accurate abuse addresses
...
Taken from xarf-login-attack action from 0.9 branch by Daniel Black
2014-02-13 22:00:33 +00:00
Steven Hiscocks
f68d85a6ac
Merge branch 'master' into 0.9
...
Conflicts:
ChangeLog
Spelling correction of 0.8.13 fixed in master
config/jail.conf
Added nagios and duplicate php-url removal in master
Just nagios added, duplicate not issue in 0.9
2014-02-13 20:14:40 +00:00
Daniel Black
c701ac9276
DOC: document LogLevel requirement for "Connection from" regex"
2014-02-13 16:20:36 +11:00
Daniel Black
5f4d0ed576
ENH: ssh filter - "Disconnecting: Too many authentication failures.." matching Connection log message
2014-02-13 09:13:46 +11:00
Aarón Nieves Fernández
993b7d3dfb
Duplicate jail "php-url-fopen"
2014-02-10 21:41:50 +01:00
Steven Hiscocks
dff8909473
ENH: Add badips.com reporting and blacklisting action (python based)
2014-02-09 12:23:14 +00:00
Ivo Truxa
c207ad6058
removing ignoreip at [nagios]
...
I removed the ignoreip setting from the nagios section. As pointed out, it is redundant here. Nagios server, under normal circumstances should not trigger any access errors, and would be included in the global ignoreips anyway.
2014-02-06 00:27:38 +01:00
Ivo Truxa
f5f434f846
removing the second failregex
...
The second failregex was supposed to catch an error concerning an ACL denial over IPv6, but this message is no more generated by the nrpe version (v2.15) that introduced the IPv6 support, so the first failregex seems to be sufficient.
2014-02-06 00:22:05 +01:00
Ivo Truxa
a71bb89ccd
removing a dot (typo)
...
The dot at the ignoregex did not belong there. Somehow it was added during the copying and pasting. Thanks for reporting it, I did not see it. Otherwise, empty ignoregexes are in all filters, and if they are missing, fail2ban client shows warnings when starting the filter, which I prefer avoiding.
2014-02-03 23:12:56 +01:00
Ivo Truxa
dac4dd465e
ENH: Nagios filter
...
added typical configuration settings for the nagios filter
2014-02-03 21:51:49 +01:00
Ivo Truxa
c91fda8619
ENH: Nagios filter
...
Sample log for the first failregex is available in the testcases. No example available for the IPv6 denial yet.
2014-02-03 21:46:07 +01:00
Daniel Black
ef82eac790
DOC: openssh real protection is pubkey
2014-02-02 15:16:40 +11:00
Daniel Black
59b9045e88
MRG: from master 2014-02-02
2014-02-02 13:21:16 +11:00
Daniel Black
273b2f45a3
MRG: remove the "no auth attempts" as per aseques gh-600
2014-01-29 20:43:51 +11:00
Daniel Black
9b614ce486
ENH: dovecot filter enhancements
2014-01-29 20:27:45 +11:00
Joan
84617fa6da
Fixed a failing case
2014-01-28 16:19:35 +01:00
Joan
08171ba52f
Removed the -no auth attempts- from the triggers because of lots of FP
2014-01-28 12:44:46 +01:00
Daniel Black
a749a2780e
Merge pull request #593 from grooverdan/tine
...
ENH: Tine20 filter
2014-01-26 18:50:42 -08:00
Daniel Black
1a1e3bec86
ENH: framework for distro paths
2014-01-25 23:25:54 +11:00
Daniel Black
256c732bcd
BF/ENH: filter pure-ftpd - re-add _daemon. Add translations
...
_daemon was accidently removed in
89fd792dfb
Added translations from source code
2014-01-25 12:19:46 +11:00
Daniel Black
1e1261ccb4
MRG: from master 2014-01-23
2014-01-23 17:45:18 +11:00
Daniel Black
ca57427080
BF: firewallcmd-ipset had non-working actioncheck
2014-01-23 17:41:13 +11:00
Daniel Black
c8ae064b79
ENH: tighten regex and change failJSON to support timezone. Closes gh-583
2014-01-22 22:16:03 +11:00
Daniel Black
2063d96e59
MRG: import Lars' PR for tine20
2014-01-22 18:12:19 +11:00
Steven Hiscocks
8221c7ca71
TST+BF: Add tests for python actions, including test for smtp.py
...
Also fix bug when specifying multiple recipients for smtp.py action
2014-01-20 23:10:43 +00:00
Steven Hiscocks
a0f39255bc
BF: Kerio log datepattern fix for recent datepattern full regex merge
2014-01-20 23:00:38 +00:00
Daniel Black
a650178bd1
MRG: merge from master 2014-01-19
2014-01-19 14:48:29 +11:00
Daniel Black
263ac32730
ENH: test log samples for kerio thanks to
...
Tony Lawrence
2014-01-18 23:18:33 +11:00
Daniel Black
1452be4a3a
Merge pull request #588 from grooverdan/badips
...
ENH: Badips action (reporting)
2014-01-17 23:10:29 -08:00
Daniel Black
f566cab766
Merge branch 'master' into badips
2014-01-15 09:37:11 +11:00
Daniel Black
657da2041c
BF: dovecot filters, session characters and order of session/tls in log messages
2014-01-15 08:02:47 +11:00
Daniel Black
2333b2d5d9
MRG: from 0.9
2014-01-13 22:17:14 +11:00
Daniel Black
c7f887642d
Merge branch '0.9' into master_to_0.9
2014-01-13 21:23:42 +11:00
Daniel Black
3de80545e0
MRG: from master 2014/01/13
2014-01-13 21:23:39 +11:00
Daniel Black
01e5ae1234
Merge pull request #584 from grooverdan/exim-auth
...
ENH: Exim auth
2014-01-13 02:20:47 -08:00
Daniel Black
08b4f3e5f2
Merge branch 'patch-5' of https://github.com/truxoft/fail2ban into exim-auth
2014-01-13 19:26:12 +11:00
Lars Kneschke
47dd8fb897
ENH: filter for Tine 2.0
2014-01-13 06:04:59 +01:00
Ivo Truxa
2d8c0b26e4
Matching any Exim authentication name
...
As explained in https://github.com/grooverdan/fail2ban/pull/4 , in Exim there can be used plenty of other standard authentication names, and in fact the names can be custom. The failregex in Exim filter should catch authentication errors regardless of the name of the authentication. Hence replacing the plain|login with the general \w+
2014-01-13 01:38:49 +01:00
Daniel Black
6b0e6b9bca
ENH: add improper command pipelining postfix filter
2014-01-13 06:59:59 +11:00
Daniel Black
a443b8b4d3
BF: remove second jail definition
2014-01-12 21:45:39 +11:00
Daniel Black
cd3e94140c
MRG: complete merge
2014-01-12 21:16:55 +11:00
Daniel Black
f2e55e8499
ENH: add filter for squirrelmail. Closes gh-261
2014-01-12 20:27:36 +11:00
Daniel Black
1e8ed55a36
MRG: from 0.9
2014-01-12 20:15:34 +11:00
Tomas Pihl
b52a4441fd
Support ACL-events without AccountID. Typically happens when a registration
...
from an unknown domain is performed.
Add credits
2014-01-12 01:28:55 +01:00
Steven Hiscocks
0dd6533680
BF: Add ejabberd-auth to jail.conf
2014-01-09 23:22:12 +00:00
Steven Hiscocks
128112d51c
ENH: ejabberd filter
2014-01-09 22:47:17 +00:00
Daniel Black
8333abe420
Merge pull request #557 from grooverdan/apache-botsearch
...
ENH: Apache botsearch + BF: tag substition
2014-01-09 14:11:00 -08:00
Daniel Black
b0baab3a0e
ENH: more test cases and wider regex
2014-01-10 08:40:24 +11:00
Daniel Black
4b33f96db4
DOC: fix comment regarding apache version in apache-noscript
2014-01-10 08:35:37 +11:00
Daniel Black
8e5366a7e9
DOC: for apache-botsearch and apache-botsearch
2014-01-10 07:34:01 +11:00
Steven Hiscocks
7e8da15fc6
Merge pull request #572 from grooverdan/counterstrike
...
ENH: Counter Strike filter
2014-01-08 12:47:10 -08:00
Yaroslav Halchenko
6532a2e2f7
Merge pull request #548 from grooverdan/exim-honeypot
...
Exim honeypot
2014-01-07 06:14:42 -08:00
Daniel Black
d94efe719d
ENH: jail.conf for counter-strike
2014-01-07 20:50:50 +11:00
Daniel Black
0fb6bc7188
ENH: add filter for Counter Strike 1.6. Closes gh-347
2014-01-07 20:33:57 +11:00
Daniel Black
aabdc51e87
BF: revert separate jail for exim-honeypot as only exim-spam exists.
2014-01-07 16:26:29 +11:00
Daniel Black
9e087b508d
MRG: from 0.9
2014-01-07 16:11:40 +11:00
Daniel Black
58ebf659e4
MRG: from 0.9 to make history cleaner
2014-01-07 16:07:58 +11:00
Yaroslav Halchenko
9a8b449086
DOC: some typos, fixes from Vincent Lefevre
2014-01-06 23:38:52 -05:00
Daniel Black
9e390d6549
ENH: jail.conf for exim-honeypot
2014-01-07 11:53:20 +11:00
Daniel Black
809581ae99
ENH: jail.conf for apache-botsearch
2014-01-07 11:52:21 +11:00
Daniel Black
ed9ed6d0cb
TST/ENH: fix test case for ReadStockJailFilterComplete and add missing jails
2014-01-07 11:27:54 +11:00
Daniel Black
10fa5e3439
BF: fix jails for gssftpd and qmail
2014-01-07 10:49:11 +11:00
Daniel Black
549f64e86c
BF: remove imap2 - not an IANA and probably not used
2014-01-07 10:25:29 +11:00
Daniel Black
320861b7dc
Merge branch 'more-jails-0.9' into master_to_0.9
2014-01-07 10:24:27 +11:00
Daniel Black
76468942f9
MRG: complete merge from master
2014-01-07 10:24:23 +11:00
Daniel Black
fa6a183e94
BF: typos in jail.conf corrected
2014-01-07 09:49:27 +11:00
Daniel Black
a31c76f126
ENH: jail cleanup and fill in missing for 0.9
2014-01-07 09:34:39 +11:00
Daniel Black
755af0a51e
Merge pull request #562 from grooverdan/jail.conf-complete_and_correct
...
ENH: Jail.conf now has all filters and TST: a mechanism to test this is truee
2014-01-06 12:08:45 -08:00
Daniel Black
90fdf5fc21
ENH: jail.conf entry for groupoffice
2014-01-07 06:55:38 +11:00
Daniel Black
ab3ded2205
Merge pull request #549 from kwirk/python-actions
...
ENH: Python actions
2014-01-06 02:58:45 -08:00
Daniel Black
50eab4df81
ENH: add filter groupoffice. Closes gh-566
2014-01-06 21:56:22 +11:00
Daniel Black
f137c7b107
BF: stunnel doesnt need datepattern as its inbuilt
2014-01-06 09:53:54 +11:00
Daniel Black
1687505995
BF: Fix datepattern
2014-01-06 09:06:05 +11:00
Steven Hiscocks
6c301ae210
Merge pull request #563 from grooverdan/gh-289-ssh
...
BF: add expression for ssh filter for code 3: SSH2_DISCONNECT_KEY_EXCHAN...
2014-01-05 09:55:05 -08:00
Daniel Black
03aba92238
ENH: add kerio filter
2014-01-05 23:41:49 +11:00
Daniel Black
1c5787174f
BF: escape . in stunnel filter
2014-01-05 23:25:49 +11:00
Daniel Black
a8e0498389
BF: add expression for ssh filter for code 3: SSH2_DISCONNECT_KEY_EXCHANGE_FAILED. closes gh-289
2014-01-05 21:26:26 +11:00
Daniel Black
a9f804e443
ENH: complete stock jail.conf to contain all filters
2014-01-05 21:03:16 +11:00
Daniel Black
6ce2ba2895
ENH: additional phpmyadmin tips from Tom on http://www.fail2ban.org/wiki/index.php?title=Fail2ban:Community_Portal . Block is now a prefix of a path
2014-01-05 11:48:35 +11:00
Daniel Black
c37ee4cc52
DOC: filter.d/vsftpd doco from wiki
2014-01-05 11:30:56 +11:00
Daniel Black
6602937ee1
DOC: filter.d./pure-ftpd doco from wiki
2014-01-05 11:24:20 +11:00
Steven Hiscocks
69a850d226
DOC: Update docstrings for smtp.py action
2014-01-04 22:46:57 +00:00
Steven Hiscocks
6e63f0ea5a
RF: Change Jails and Actions to Mapping types
2014-01-04 16:57:08 +00:00
Daniel Black
d7666c8942
DOC: bit more on how to use freeswitch
2014-01-04 12:39:48 +11:00
Daniel Black
23f0b854da
MRG: merge in freeswitch
2014-01-04 12:24:40 +11:00
Daniel Black
69b3a1cf64
BF: catchin DEBUG messages will result in duplicates
2014-01-04 12:10:51 +11:00
Daniel Black
05b159c74b
Merge pull request #464 from grooverdan/increase-jail-name-length
...
ENH: Actions to have f2b- as prefix instead of fail2ban- as per #462
2014-01-03 14:48:56 -08:00
Daniel Black
3d1a1afca4
MRG: to more recent 0.9
2014-01-04 09:31:05 +11:00
Daniel Black
5fe75436cc
DOC: DEV NOTES before author names
2014-01-04 08:53:45 +11:00
Daniel Black
477f30665a
DOC: ignoreip for internal ips on freeswitch
2014-01-04 08:31:42 +11:00
Daniel Black
36533de6bc
ENH: more filter expressions for freeswitch. Anchored existing one at end too
2014-01-04 08:21:22 +11:00
Daniel Black
d1faae3b3b
BF: port not used in jail definition for freeswitch
2014-01-04 08:01:42 +11:00
Daniel Black
938ef689de
DOC: dev notes on stunnel
2014-01-04 07:55:26 +11:00
Steven Hiscocks
80d6f74ee8
RF: Refactor actions further, include removing server proxy interface
...
This allows direct setting of action properties and calling of methods
from the fail2ban-client if so required.
2014-01-03 17:04:49 +00:00
Daniel Black
7c09a61ca5
ENH: add apache-botsearch. Closes gh-544
2014-01-03 23:12:58 +11:00
Daniel Black
b8536490ef
ENH: filter for stunnel from fail2ban wiki
2014-01-03 19:32:29 +11:00
Daniel Black
a0c2de3e4d
DOC: document incompatiblity between APF and iptables-* actions. Closes gh-510
2014-01-03 16:51:38 +11:00
Daniel Black
04d28fd2e1
ENH: add filter freeswitch - as raised on mailing list
2014-01-03 13:00:37 +11:00
Daniel Black
117d3b0466
MRG: horde filter from master
2014-01-03 10:34:59 +11:00
Daniel Black
83f3aeb308
ENH: filter for horde
2014-01-02 23:12:36 +11:00
Steven Hiscocks
98bf511443
BF: Incorrect number of arguments in smtp.py action connect log
2014-01-01 23:50:44 +00:00
Steven Hiscocks
5b2b59d752
ENH: python actions use initOpts as **kwargs
...
Adds an easy way to handle case where mandatory arguments are missed, or
not valid arguments are passed
2014-01-01 23:18:11 +00:00
Steven Hiscocks
6ef911185d
ENH: Add matches to smtp.py action
2014-01-01 12:27:49 +00:00
Daniel Black
55688395fb
DOC: doco for exim-spam
2014-01-01 22:56:08 +11:00
Daniel Black
9c7bb3b97e
ENH: exim-spam to take honeypot email address as argument. Closes #541
2014-01-01 22:45:13 +11:00
Daniel Black
391b5fc883
MRG: from master again 2014-01-01
2014-01-01 19:28:38 +11:00
Steven Hiscocks
f37c90cdba
ENH: Python based actions
...
Python actions are imported from action.d config folder, which have .py
file extension. This imports and creates an instance of the Action class
(Action can be a variable that points to a class of another name).
fail2ban.server.action.ActionBase is a base class which can be inherited
from or as a minimum has a subclass hook which is used to ensure any
imported actions implements the methods required.
All calls to the execAction are also wrapped in a try except such that
any errors won't cripple the jail.
Action is renamed CommandAction, to clearly distinguish it from other
actions.
Include is an example smtp.py python action for sending emails via smtp.
This is work in progress, as looking to add the <matches> and whois
elements, and also SSL/TLS support.
2013-12-31 18:54:34 +00:00
Daniel Black
e8710b679d
ENH: stronger regex for failregex
2013-12-31 08:22:52 +11:00
Daniel Black
856407379b
ENH: add filter openwebmail. Closes gh-543.
2013-12-31 08:09:00 +11:00
Daniel Black
ccb64e68b4
DOC: for exim-spam to say how to enable the log lines for the latest regex
2013-12-29 21:53:26 +00:00
Daniel Black
b5f5ddf123
ENH: end anchor for exim-spam
2013-12-29 20:56:25 +00:00
Daniel Black
d727ba639a
ENH: exim-spam to include spamassassin log entry. Closes gh-533
2013-12-29 20:16:37 +00:00
Daniel Black
c074773805
ENH: apache modsecurity from 0.9 branch
2013-12-29 07:06:13 +00:00
Daniel Black
be382dae4d
MRG: ufw changelog conflicts
2013-12-29 05:45:06 +00:00
Daniel Black
1f6ece2a40
Merge pull request #490 from grooverdan/firewallcmd-ipset
...
ENH: add firewallcmd-ipset
2013-12-28 21:43:49 -08:00
Daniel Black
ea2a13946e
TST: more test of filters
2013-12-29 05:29:59 +00:00
Daniel Black
c9cfdca396
ENH: add filter for apache-modsecurity
2013-12-28 22:28:11 +00:00
Daniel Black
ddac79c15c
TST: include blank ignorecommand in jail.conf to indicate default value and to raise test coverage
2013-12-25 11:01:31 +00:00
bes.internal
ebd89ec077
New ignorecommand that is added to the ignoreip list from output of an external program
...
ignorecommand update man and fix protocol help
ENH: run ignore command only after internal list has been examined. Change interface on ignorecommand to take IP as environment variable and return true if it is to be banned
ENH: ignore IP command to take tagged command
DOC: man pages for ingorecommand
TST: add test cases for ignorecommand
2013-12-24 23:55:35 +03:00
Daniel Black
382d68f0fe
DOC: perfork model for apache log format
2013-12-23 09:09:48 +00:00
Daniel Black
1b7df1181f
BF: apache-2.4 log format fix. Closes gh-516
2013-12-23 08:28:40 +00:00
Yaroslav Halchenko
7af58b9984
Merge branch 'apache-noscripts' of https://github.com/grooverdan/fail2ban
...
* 'apache-noscripts' of https://github.com/grooverdan/fail2ban :
ENH: apache-noscript now matched php-cgi scripts. Closes gh-503
Conflicts:
ChangeLog -- two new entries collided, Reformatted the merged one a bit
2013-12-22 22:28:57 -05:00
Daniel Black
a9b7d33c51
ENH: apache-noscript now matched php-cgi scripts. Closes gh-503
2013-12-19 10:01:24 +00:00
Daniel Black
a1a219189f
Merge pull request #493 from grooverdan/xarf-ipmatch
...
ENH: use ipmatches for action xarf-login-attack
2013-12-19 01:28:49 -08:00
Daniel Black
ed2f46759c
MRG: restore accidently deleted pam comment in jail.conf
2013-12-19 09:21:12 +00:00
Daniel Black
44a0981495
MRG: fix recidive filter
2013-12-19 09:18:18 +00:00
Steven Hiscocks
d22716ab63
ENH: Add nsd filter and amend DateEpoch to match date format
2013-12-18 22:31:54 +00:00
Daniel Black
7c0efc8ec8
MRG: merge so far - flushLogs not working yet
2013-12-16 15:08:34 +00:00
Daniel Black
4eedf9d4e1
ENH: use ipmatches for action xarf-login-attack
2013-12-15 23:49:38 +00:00
Daniel Black
a398c51d6c
ENH: simplify actioncheck on firewallcmd-new a little more
2013-12-15 22:36:47 +00:00
Daniel Black
772def1095
Merge pull request #491 from kwirk/ipmatches
...
ENH: Add <ipmatches> and <ipjailmatches> tags + sendmail implementations
2013-12-15 14:29:02 -08:00
Steven Hiscocks
40007abc1d
ENH: Refactor and add database matches and failures for sendmail actions
2013-12-15 21:41:43 +00:00
Steven Hiscocks
2deb76e3f9
Merge pull request #492 from grooverdan/abusix-disclaimer
...
ENH: full abusix disclaimer in action xarf-login-attack
2013-12-14 13:35:43 -08:00
Daniel Black
1c6c011154
EHH missed trailing .
2013-12-14 21:22:46 +00:00
Daniel Black
868a4ea470
ENH: full abusix disclaimer in action xarf-login-attack
2013-12-14 21:18:20 +00:00
Daniel Black
9fe0a69852
ENH: add firewallcmd-ipset
2013-12-14 09:06:01 +00:00
Daniel Black
4ffc57e14f
ENH: simplify firewallcmd-new actioncheck and provide output samples
2013-12-14 07:11:29 +00:00
Daniel Black
ed816afbcd
ENH: add badips action
2013-12-14 01:41:28 +00:00
Daniel Black
1ff52dfe4d
DOC: document ufw a bit more. Change insertpos default to 1 to allow it to work if the user run ufw enable
2013-12-14 00:40:47 +00:00
Daniel Black
f35345ecaa
ENH: add ufw action based off Guilhem Lettron's work in lp-#701522. Closes gh-455
2013-12-14 00:34:12 +00:00
Daniel Black
13ccebe78f
BF: fix actioncheck in firewallcmd
2013-12-13 23:40:51 +00:00
Steven Hiscocks
0bcff771b8
ENH: Add <ipmatches> and <ipjailmatches> tags
...
Example use filter also added for sendmail-whois with ipmatches rather
than grepped lines
2013-12-13 22:40:11 +00:00
Steven Hiscocks
2c3dbc8046
BF: In 0.9 recidive bans come from fail2ban.server.actions
...
Also changed journalmatch to limit to WARNING priority to avoid the
recidive + DEBUG combo issue
2013-12-13 21:55:43 +00:00
Steven Hiscocks
b7d1579c9d
MRG: branch 'kwirk/database' into 0.9 - gh-480
...
Conflicts:
fail2ban/tests/utils.py
- Another test suite added in separate commit e09b700
2013-12-13 17:15:19 +00:00
Steven Hiscocks
e18af48e34
ENH: Database now optional, by setting dbfile to "None"
2013-12-10 21:16:36 +00:00
Daniel Black
9d532828fc
BF: multiple _ separated values according to http://wiki.squid-cache.org/SquidFaq/SquidLogs#Squid_result_codes . Thanks Steven
2013-12-11 07:44:41 +11:00
Daniel Black
66374913ec
ENH: add squid filter
2013-12-10 21:24:37 +11:00
Daniel Black
db4c21acde
BF/DOC: fix filename in documentation for filter.d/proftpd
2013-12-09 14:46:01 +11:00
Daniel Black
e8eab11615
DOC: proftp - turn off ReverseDNS
2013-12-09 14:45:09 +11:00
Daniel Black
f385439a41
MRG: ChangeLog merge
2013-12-09 09:28:42 +11:00
Daniel Black
36917d7517
BF: action.d/complain - match IP at beginning and end of lines
2013-12-09 09:21:55 +11:00
Steven Hiscocks
d8c7bca9b0
BF: Fix dbpurgeage default value, and change default dbfile extension
2013-12-08 11:35:12 +00:00
Steven Hiscocks
bbadef847b
ENH: Add fail2ban persistent data storage
2013-12-07 23:23:28 +00:00
Daniel Black
135c759dbb
Merge pull request #477 from kwirk/blocklist.de
...
ENH: Added blocklist.de reporting API action
2013-12-06 16:16:39 -08:00
Steven Hiscocks
630dd91dcd
BF: Add [Init] section to blocklist.de action
2013-12-07 00:09:31 +00:00