Commit Graph

79 Commits (39147397d8d255d71f28e8b797a3442ab562a977)

Author SHA1 Message Date
Yaroslav Halchenko c96415da27 added $named and ufw to debian-initd (Debian bug #776572) 2015-01-29 08:32:20 -05:00
Yaroslav Halchenko d65c4f8f5d moved debian's initd file to files/debian-initd from debian branch 2014-12-30 16:45:35 -05:00
Viktor Szépe 971c3d93fe Monit config
Copy it to `/etc/monit/monitrc.d/fail2ban`
More info: https://github.com/szepeviktor/debian-server-tools/blob/master/monitoring/monit/monit-debian-setup.sh#L113
2014-12-24 14:45:48 +01:00
Yaroslav Halchenko caa851e5c8 RF: moving logwatch setup/sample logs under files/logwatch 2014-09-14 09:48:14 -04:00
Yaroslav Halchenko 2a51a0176a BF: minor type for delignoreregex in bash completions 2014-06-10 03:42:07 -04:00
Cameron Norman 2a14e48f0b A few final touches on the Upstart job
(a) use static-network-up, since it is more generic than the started networking event
(b) do not hook into network deconfiguration to speed up shutdown
(c) expect fork, per the use of the "-f" option
(d) use a variable for the run directory to make changing it simpler
(e) handle the situation of a left over socket file
(f) use the -f option to be able to track the PID
2014-04-22 21:55:51 -07:00
Cameron Norman 39ad5b7474 Update Upstart job: uses stop command in pre-stop, removes PID file in post-stop 2014-04-19 15:10:19 -07:00
Cameron Norman 0ef5027234 Change Upstart job to track PID of the server
This only works correctly if the client does not fork itself when starting the server (which forks twice further).
2014-04-19 14:12:20 -07:00
Cameron Norman 0c8e72f452 Update fail2ban.upstart
No longer directly exec the server, do not remove the PID file because it is unnecessary to do so. No longer respawns because Upstart can not track the process with the starter command.
2014-04-11 17:09:08 -07:00
Cameron Norman 4115b62a01 Update fail2ban.upstart
It was actually a little problematic :)
2014-04-11 16:49:56 -07:00
Cameron Norman 5e3f5db8b7 Create fail2ban.upstart
Add Upstart job.
2014-04-11 08:50:55 -07:00
Ruben Kerkhof ebed0d23c9 Add documentation link to systemd service file
So systemctl help fail2ban.service works

Signed-off-by: Ruben Kerkhof <ruben@rubenkerkhof.com>
2014-03-24 14:20:49 +00:00
Steven Hiscocks c7c203964c ENH: Add iptables and firewalld to "After" for systemd service file.
Also remove no longer supported syslog.target.
Closes #658
2014-03-22 17:28:49 +00:00
Steven Hiscocks a9b9c6ea03 Merge branch 'logging' into 0.9
Conflicts:
	fail2ban/server/actions.py
                jail getName()->name
	fail2ban/server/filter.py
                jail getName()->name
2014-02-23 23:03:56 +00:00
Steven Hiscocks 212d05dc0b ENH: Add action elements to bash-completion 2014-02-22 16:57:21 +00:00
Steven Hiscocks 5630c56c75 ENH: Change logging levels and make info more verbose 2014-02-20 23:01:40 +00:00
Daniel Black 3ee6e993c6 MRG: merge ChangeLog for nagios fix 2014-01-06 22:09:10 +11:00
alasdairdc 5428f5bbc3 Update check_fail2ban
Removed unnecessary reference to as yet undeclared $jail_name when checking a specific jail.
2014-01-06 10:43:32 +00:00
Daniel Black b5b581555c BF: nagios fix 2014-01-03 19:56:49 +11:00
alasdairdc 2e5a2b26fb Updated check_fail2ban to return performance data for all jails and applied to specific jail code 2013-12-17 17:48:19 +00:00
alasdairdc 5f623596ee Updated check_fail2ban to return performance data for all jails
Allows perf data from all jails to enable pnp4nagios to display a chart per jail when run with the command:
check_fail2ban -p -w 1 -c 5 -P /usr/bin/fail2ban-client

sample output:
CHECK FAIL2BAN ACTIVITY - CRITICAL - 9 detected jails with 5 current banned IP(s) | apache-noscript.currentBannedIP=0 sendmail.currentBannedIP=0 postfix.currentBannedIP=0 ssh-probe.currentBannedIP=3 ssh-ddos.currentBannedIP=0 apache-multiport.currentBannedIP=0 apache.currentBannedIP=0 ssh.currentBannedIP=2 apache-overflows.currentBannedIP=0
2013-12-17 17:45:50 +00:00
Daniel Black e30c80e468 Merge pull request #478 from grooverdan/fedora-initscript-fix
BF: files/redhat-initd from upstream
2013-12-08 15:00:43 -08:00
Daniel Black 008952035d BF: files/redhat-initd - as per http://pkgs.fedoraproject.org/cgit/fail2ban.git/tree/fail2ban-init.patch 2013-12-06 08:08:11 +11:00
Daniel Black b5d6310d28 BF: create flushlogs command to prevent logrotation clobbering logtarget. Closes gh-458 2013-12-04 20:51:30 +11:00
Yaroslav Halchenko 6f321068f1 NF: gen_badbots script to (re)generate/update config/filter.d/apache-badbots.conf 2013-11-07 14:25:57 -08:00
Yaroslav Halchenko f1487bfb74 Merge pull request #240 from jpmx/master
bug fixed on redhat-initd

per @opoplawski  blessing
2013-08-31 06:57:42 -07:00
Orion Poplawski 67497db6e5 Change /tmp/fail2ban.sock to /var/run/fail2ban/fail2ban.sock 2013-08-08 20:28:55 -06:00
JP Espinosa 32b271c36e Update redhat-initd
- Using `-x` to remove previous socket on start
- Using Should- to wait for iptables and wrappers
2013-06-03 12:34:47 -04:00
JP Espinosa 3736d7ddbf Rewrite to use native init.d functions
- There was a bug with the old "getpid" function, when running linux containers you can see multiple fail2ban instances on hardware node and could stop one on a random virtual environment
- Added reload and status options
2013-06-03 06:29:36 -05:00
Yaroslav Halchenko 374e7c6fc9 Merge pull request #208 from grooverdan/opensuse_init
Opensuse init -- from stock suse distribution
2013-05-29 06:54:25 -07:00
Yaroslav Halchenko 746c7d990e Merge pull request #217 from kwirk/bash-completion
NF: bash-completion
2013-05-08 07:03:09 -07:00
Steven Hiscocks 95726b3976 DOC: Drop sudo from bash-completion 2013-05-06 20:37:58 +01:00
Steven Hiscocks 92dff6d645 DOC: Added bash-completion script 2013-05-06 20:17:26 +01:00
Yaroslav Halchenko 2143cdff39 Merge: opensolaris docs/fixes, no 'sed -i' in hostsdeny, sshd regex tuneups
Origin: from https://github.com/jamesstout/fail2ban

* 'OpenSolaris' of https://github.com/jamesstout/fail2ban:
  ENH: Removed unused log line
  BF: fail2ban.local needs section headers
  ENH: Use .local config files for logtarget and jail
  ENH+TST: ssh failure messages for OpenSolaris and OS X
  ENH: fail message matching for OpenSolaris and OS X
  ENH: extra daemon info regex
  ENH: actionunban back to a sed command
  Readme for config on Solaris
  create socket/pid dir if needed
  Extra patterns for Solaris
  change sed to perl for Solaris

Conflicts:
	config/filter.d/sshd.conf
2013-05-06 11:11:12 -04:00
Yaroslav Halchenko b8777c033d Merge pull request #211 from grooverdan/logrotate
ENH: basic logrotate based on what distros are doing
2013-05-06 07:50:17 -07:00
Daniel Black 8b8c720d07 ENH: logrotate file 2013-05-03 17:16:42 +10:00
Daniel Black 13c154198f ENH: since it seems the default is to use file based logging, $syslog is in Should-{Start|Stop} like Debian https://github.com/fail2ban/fail2ban/blob/debian/debian/fail2ban.init 2013-05-03 16:56:30 +10:00
Daniel Black 28f5d7b980 ENH: opensuse script from opensuse: https://build.opensuse.org/package/view_file?expand=1&file=fail2ban.init&package=fail2ban&project=openSUSE%3AFactory 2013-05-03 16:53:03 +10:00
Daniel Black 495f2dd877 DOC: purge of svn tags 2013-05-03 16:03:38 +10:00
jamesstout 578a8998c6 create socket/pid dir if needed
Also remove any lingering sockets
2013-04-21 07:30:52 +08:00
Yaroslav Halchenko 82e2fc34eb Merge branch 'systemd' of https://github.com/opoplawski/fail2ban
Just two files to enable fail2ban within systemd:

 files/fail2ban-tmpfiles.conf |  1 +
 files/fail2ban.service       | 14 ++++++++++++++

* 'systemd' of https://github.com/opoplawski/fail2ban:
  Add After, PIDFile, and change WantedBy to multi-user.target in fail2ban.server
  Add systemd unit file and tmpfiles.d configuration files
2013-04-17 11:40:03 -04:00
Orion Poplawski ddebcab9aa Add After, PIDFile, and change WantedBy to multi-user.target in fail2ban.server 2013-04-17 09:27:06 -06:00
Erwan Ben Souiden 44736035bd change the license to GPLv2 + adapat text 2013-04-02 09:49:44 +02:00
Erwan Ben Souiden c4d92fba71 fix the script name to check_fail2ban everywhere 2013-03-26 16:08:05 +01:00
Erwan Ben Souiden d7d5228964 Replace the check_fail2ban script by a new one which respects the Nagios specs (like status, output, perfdata, help...).
Also add a README which includes the content of f2ban.txt (which is now removed)
2013-03-26 15:55:26 +01:00
Orion Poplawski ed386dfe07 Add systemd unit file and tmpfiles.d configuration files 2013-03-15 14:37:11 -06:00
Daniel Black 00ad4d56a7 FSF address changes missing from previous 2013-03-10 15:18:09 +11:00
Yaroslav Halchenko 47e956bc8e Replace "|" with "_" in ipmasq-ZZZzzz|fail2ban.rul (Closes gh-66)
Surprise -- that is for Windows compatibility
2012-07-18 10:29:59 -04:00
Jeremy Olexa 444e4ac3ed Fix Gentoo initd script (drop extra_commands) 2012-04-21 22:24:51 -04:00
Tom Hendrikx 0eaa4c2750 gentoo init scipt: $opts variable is deprecated
See http://forums.gentoo.org/viewtopic-t-899018.html
2012-01-26 23:41:55 +01:00