fail2ban

Commit Graph

Author	SHA1	Message	Date
sebres	b13d9d4e22	Merge branch 'master' into 0.10	8 years ago
sebres	0600d51511	filter.d/exim.conf: added new reason for "rejected RCPT" regex: Unrouteable address	8 years ago
sebres	49e237209e	Merge branch 'master' into 0.10	8 years ago
sebres	c546f85207	filter.d/exim.conf: cherry-picked from 0.10, match complex time like `D=2m42s` (closes gh-1766)	8 years ago
Seth Reeser	c3426ba5f6	Update botsearch-common.conf (#1759 ) * Update botsearch-common.conf, apache-modsecurity.conf: typo and missing new-line	8 years ago
sebres	8839bcbb09	Merge remote-tracking branch master into 0.10	8 years ago
sebres	99344d28c8	Introduces new tags with hostname: - `<fq-hostname>` - fully-qualified name of host (the same as `$(hostname -f)`) - `<sh-hostname>` - short hostname (the same as `$(uname -n)`) Execution of `uname -n` replaced in all mail actions with most interesting fully-qualified `<fq-hostname>`.	8 years ago
sebres	3161bcf78b	filter.d/exim.conf: optional part `(...)` after host-name before `[IP]`, normalized over whole config file. # Conflicts: # config/filter.d/exim.conf	8 years ago
sebres	507034c5be	filter.d/apache-auth.conf: joined some similar expressions	8 years ago
Serg G. Brester	6dfd080e20	Update apache-auth.conf remove forgotten referer, that may prevent failure recognition (belongs to gh-1645)	8 years ago
Serg G. Brester	311f8fea83	Merge branch '0.10' into issue1644	8 years ago
Peter van der Does	bb79e7f413	Parameter not needed The parameter '-s' causes an error as the <mailcmd> already has the parameter.	8 years ago
Serg G. Brester	4f0f22702a	Update haproxy-http-auth.conf little bit more precise expression	8 years ago
Georges Racinet	4fc6323ff0	haproxy-http-auth: avoid port number in IPv6 addresses The solution taken is to consume the port number explicitely in the regexp.	8 years ago
sebres	97e8b42d34	dummy action extended with more examples and test-covered now	8 years ago
sebres	d03872fbbf	bulk unban: add new command `actionflush` default for several iptables/iptables-ipset actions (and common include): iptables-common iptables iptables-allports iptables-multiport-log iptables-multiport iptables-new iptables-ipset-proto4 iptables-ipset-proto6 iptables-ipset-proto6-allports executing `actionflush` command covered for this actions now	8 years ago
sebres	8bf79fa483	implemented execution of `actionstart` on demand, if action depends on `family` (closes gh-1741); new action parameter "actionstart_on_demand" (bool) can be set to prevent/allow starting action on demand (default retrieved automatically, if some conditional parameter `param?family=...` presents in action properties);	8 years ago
Seth Reeser	c82495353f	Update mysqld-auth.conf (#1725 )	8 years ago
Serg G. Brester	52c1950371	Update mysqld-auth.conf small typo, closes gh-1725 (Thx @seth-reeser)	8 years ago
sebres	5e93bf9bd3	Introduced new option "ignoreself", specifies whether the local resp. own IP addresses should be ignored (default is true). Fail2ban will not ban a host which matches such addresses. Option "ignoreip" affects additionally to "ignoreself" and don't need to include the DNS resp. IPs of the host self.	8 years ago
sebres	f13fac5ae9	amend to 5561423be3b2d4636f5484183c3ad470fd326d06: fixed incorrect failure counting despite the `<F-NOFAIL>` marked regex; extra: introduced new tag `<F-MLFFORGET>` as mark to forget current multi-line MLFID (e. g. connection closed); Closes gh-1727	8 years ago
sebres	5561423be3	filter.d/sshd.conf: fixed failregex format - some parts are optional, new ddos more precise rule (Connection reset by with host entry); closes gh-1719	8 years ago
sebres	0c1707afda	filter.d/sshd.conf: - optional parameter `mode` rewritten: normal (default), ddos, extra or aggressive (combines all), see sshd for regex details); test cases reformatted (since "filterOptions", we don't need multiple test log-files anymore);	8 years ago
sebres	7e442c5b27	filter.d/sendmail-reject.conf: - rewritten using `prefregex` and used MLFID-related multi-line parsing (by using tag `<F-MLFID>` instead of buffering with `maxlines`); - optional parameter `mode` introduced: normal (default), extra or aggressive (see sendmail-reject for regex details); test cases extended	8 years ago
sebres	52ed6597b2	Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10	8 years ago
sebres	8768776d68	filter.d/cyrus-imap.conf: fixed `failregex` - accept entries without login-info resp. hostname before IP address	8 years ago
Serg G. Brester	d042981954	Merge pull request #1655 from ajcollett/0.10 Added config for AbuseIPDB	8 years ago
Serg G. Brester	b1f5ac9484	Update abuseipdb.conf	8 years ago
Serg G. Brester	62fa02241f	Update jail.conf	8 years ago
sebres	6a2c95da95	`action.d/sendmail-geoip-lines.conf` fixed using new tag `<ip-host>` (dns-cache and without external command execution); changelog updated;	8 years ago
sebres	d2a3d093c6	rewritten CallingMap: performance optimized, immutable, self-referencing, template possibility (used in new ActionInfo objects); new ActionInfo handling: saves content between actions, without interim copying (save original on demand, recoverable via reset); test cases extended	8 years ago
sebres	35efca5941	Better multi-line handling introduced: single-line parsing with caching of needed failure information to process in further lines. Many times faster and fewer CPU-hungry because of parsing with `maxlines=1`, so without line buffering (scrolling of the buffer-window). Combination of tags `<F-MLFID>` and `<F-NOFAIL>` can be used now to process multi-line logs using single-line expressions: - tag `<F-MLFID>`: used to identify resp. store failure info for groups of log-lines with the same identifier (e. g. combined failure-info for the same conn-id by `<F-MLFID>(?:conn-id)</F-MLFID>`, see sshd.conf for example) - tag `<F-NOFAIL>`: used as mark for no-failure (helper to accumulate common failure-info); filter.d/sshd.conf: [sshd], [sshd-ddos], [sshd-aggressive] optimized with pre-filtering using new option `prefregex` and new multi-line handling.	8 years ago
sebres	22afdbd536	Several filters optimized with pre-filtering using new option `prefregex`	8 years ago
sebres	4ff8d051f4	Introduced new filter option `prefregex` for pre-filtering using single regular expression; Some filters extended with user name; [filter.d/pam-generic.conf]: grave fix injection on user name to host fixed; test-cases in testSampleRegexsFactory can now check the captured groups (using additionally fields in failJSON structure)	8 years ago
sebres	4bf09bf297	provides new tag `<ip-rev>` for PTR reversed representation of IP address; [action.d/complain.conf] fixed using this new tag;	8 years ago
Serg G. Brester	7f63809afb	Merge branch '0.10' into patch-1	8 years ago
Jan Grewe	58c68b75f0	Remove double-quotes from email addresses	8 years ago
Jan Grewe	1bcf0de7c1	Update complain.conf	8 years ago
Filippo Tessarotto	607568f5da	Postfix RBL: 554 & SMTP	8 years ago
Jan Grewe	901eeff53d	Make Abusix lookup compatible with Dash	8 years ago
sebres	1823571e0f	Merge branch 'ssh-filter-new-regexp' into 0.10	8 years ago
sebres	9d06f0ee40	sshd-amend: optional space after port part	8 years ago
sebres	e8a1556562	Merge remote-tracking branch 'master' into 0.10 # Conflicts: # fail2ban/tests/samplestestcase.py	8 years ago
sebres	54a8c681ce	suhosin.conf: removed greedy match	8 years ago
sebres	8aa9516d50	sshd.conf: fixed expression "received disconnect ... auth fail" - optional space after port part (gh-1652)	8 years ago
sebres	3276bd6d54	sshd: additionally aggressive filter rules - no matching cipher resp. no matching key exchange method (gh-1545, gh-1117)	8 years ago
sebres	628789f9a9	sshd: conditional parameter "mode" for sshd jail (normal, ddos, aggressive) filter sshd-ddos and new filter sshd-aggressive are both derivation of sshd-filter	8 years ago
sebres	dd373dba9f	test all config-regexp, that contains greedy catch-all before <HOST>, that is hard-anchored at end or precise sub expression after <HOST>; new ssh rule(s) added: - Connection reset by peer (multi-line rule during authorization process); - No supported authentication methods available; Single line and multi-line expression optimized, added optional prefixes and suffix (logged from several ssh versions); closes gh-864	8 years ago
Christian Brandlehner	a4d8426401	Support for IBM Domino SMTP task (#1603 ) filter.d/domino-smtp.conf	8 years ago
Serg G. Brester	40f294e6bf	Merge pull request #1663 from jjeziorny/netscaler-action Introduced citrix netscaler action	8 years ago

1 2 3 4 5 ...

1263 Commits (39c4acf6bd0726131bbc3848d514ec66341ce70f)