github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
4,675 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

4675 Commits (3fcb0a868d1a53ca42cd78fd477ce9f8c75427cc)

Author SHA1 Message Date
sebres a2120a9de5 filter.d/postfix-*.conf - added optional port regex (closes gh-1902) 2017-10-02 15:31:55 +02:00
Serg G. Brester 6140a0f2d4 Merge pull request #1894 from sbraz/nftables-ipv6 
Fix nftables actions for IPv6 addresses, fixes #1893
 2017-09-13 09:14:39 +02:00
Serg G. Brester 6149df5216 Update ChangeLog 2017-09-12 09:27:16 +02:00
Louis Sautier 152c9d27d5
Fix nftables actions for IPv6 addresses, fixes #1893 
* add [Init?family=inet6] to nftables-common.conf and make nftable
  expressions more modular
* change "ip protocol" to "meta l4proto" in nftables-allports.conf
  since the former only works for IPv4
 2017-09-11 23:32:53 +02:00
Serg G. Brester fbd46f29f2 Merge pull request #1891 from sbraz/openrc 
Fix Gentoo init script's shebang
 2017-09-11 12:24:10 +02:00
Serg G. Brester 72ad904f58 Update ChangeLog 2017-09-11 12:22:43 +02:00
Louis Sautier 2ce0ffb977
Fix Gentoo init script's shebang 
Use openrc-run instead of runscript.
5d5856c193
 2017-09-11 12:19:33 +02:00
Serg G. Brester 8be4569d51 Update ChangeLog 
several fixes of 0.10th branch
 2017-09-08 11:32:08 +02:00
sebres b185e7cb04 Merge remote-tracking branch 'upstream/master' into 0.10 2017-09-08 11:11:05 +02:00
Serg G. Brester 983b128c54 Update ChangeLog 
several fixes of 0.9th branch
 2017-09-08 11:07:48 +02:00
Serg G. Brester 5221693ce0 Merge pull request #1889 from sebres/0.10-small-optim-review 
0.10 small optimization & review, config-reader, pretty-dump, etc.
 2017-09-08 10:57:27 +02:00
sebres 462b534469 restrict saving of previous known values to section-related (don't overwrite with the values of other sections, especially like "INCLUDES", etc.) 2017-09-07 20:00:45 +02:00
sebres e20f6204d3 don't put parameters starting with `known/` to the ready stream (intermediate options only), makes streams and dumps of configuration shorter and better readable 2017-09-07 19:32:14 +02:00
sebres b698a74902 introduces new command-line options `--dp`, `--dump-pretty` to dump the configuration using more human readable representation; 
allow dump of configuration, also if log-file is not available (warning only)
 2017-09-07 19:31:38 +02:00
Serg G. Brester fd83260bd8 jail "pass2allow-ftp" should supply blocktype to action 
closes gh-1884
 2017-09-07 18:51:08 +02:00
Serg G. Brester bb97e66627 Merge pull request #1882 from coderua/patch-1 
Add Jorgee Vulnerability Scanner protect
 2017-09-07 15:52:31 +02:00
Serg G. Brester 99a9a9136e Merge pull request #1887 from fail2ban/exim-gh-1886 
filter.d/exim.conf: fixed failregex for case of flood attempts with `D=0s`
 2017-09-07 15:47:20 +02:00
Serg G. Brester db121a6f85 Update exim 
Test case covers flood attempts with `D=0s`
 2017-09-07 15:32:35 +02:00
Serg G. Brester 2cd02b731b filter.d/exim.conf: fixed failregex for case of `D=0s` 
Closes gh-1886
 2017-09-07 15:28:46 +02:00
sebres 4bc226a692 optimized regex 2017-09-05 10:59:16 +02:00
Vladimir Chumak fafefc0293 Add Jorgee Vulnerability Scanner protect 
Details for Jorgee Vulnerability Scanner: https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=30164
 2017-09-05 10:56:43 +02:00
sebres acd9e8155b Merge pull request #1376 from j-marz/master: 
Added ZoneMinder filter
 2017-09-04 11:52:10 +02:00
sebres 4163f32968 small review, prefix replaced with `%(_apache_error_client)s` from apache-common.conf include 2017-09-04 11:48:01 +02:00
john ac95449bbb changed zoneminder regex as per Sebres and yarikoptic recommendations 2017-09-04 11:37:09 +02:00
john 7013729a1f removed redundant options for zoneminder from jail.conf 2017-09-04 11:37:05 +02:00
john 5c3a666380 fixed incomplete regex after adding anchors 2017-09-04 11:37:03 +02:00
john 3d45fd2713 implemented yarikoptic's suggestions in fail2ban pull request #1376 2017-09-04 11:37:00 +02:00
john 776d463e92 added missing colon to failJSON 2017-09-04 11:36:58 +02:00
john 4d8ba7b668 fixed test log file 2017-09-04 11:36:55 +02:00
john 44c4496e49 added sample log files 2017-09-04 11:36:53 +02:00
john 08878d22dd added zoneminder.conf filter 2017-09-04 11:36:50 +02:00
john a90f6c4ae8 added zoneminder jail and filter 
# Conflicts:
#	config/jail.conf
 2017-09-04 11:36:47 +02:00
sebres c312962029 filter.d/dovecot.conf: partially cherry-pick to 0.9 PR #1880 from sebres/0.10-fix-dovecot-regex (d926e11a5c) 
fixed failregex (without new mode aggressive)
 2017-09-01 10:57:41 +02:00
Serg G. Brester d926e11a5c Merge pull request #1880 from sebres/0.10-fix-dovecot-regex 
filter.d/dovecot.conf: fixed failregex + new mode aggressive
 2017-09-01 10:36:22 +02:00
sebres 2cfc53c08e remove capturing groups 2017-09-01 10:25:09 +02:00
sebres 9b8563f35e - fixes regex for message `imap-login: Disconnected (auth failed, X attempts) ...` has to many variations on additional info after `<HOST>`, 
leave it end-anchored because variable part `user=<[^>]*>` (before `<HOST>`) to avoid injecting, but can be safe rewritten using `[^>]*` in opposite to "greedy" `user=<[^>]*>`.
- introduces mode `aggressive` and extends regex for this mode to match:
  * no auth attempts (previously removed in gh-601, because of lots of false positives on misconfigured MTAs)
  * disconnected before auth was ready
  * client didn't finish SASL auth
 2017-09-01 09:56:21 +02:00
Serg G. Brester a287d0a05c Merge pull request #1872 from kmzby/master 
Added filter for phpMyAdmin+syslog
 2017-08-25 12:22:58 +02:00
Serg G. Brester 569283063b Merge pull request #1874 from sebres/fix-f2b-setup 
setup.py: fix several setup facilities
 2017-08-25 12:22:31 +02:00
Pavel Mihadyuk 4c1abe1cbf phpmyadmin-syslog: removed excess file, fixed test, updated failregex 2017-08-23 16:56:18 +03:00
sebres f451cf34b3 don't check return code by dry-run: returns 256 on some python/setuptool versions. 2017-08-23 13:20:51 +02:00
sebres e3b061e94b - `files/fail2ban.service` renamed as template to `files/fail2ban.service.in`; 
- setup process generates `build/fail2ban.service` from `files/fail2ban.service.in` using distribution related bin-path;
- bug-fixing by running setup with option `--dry-run` (note: specify option `--dry-run` before `install`, like `python setup.py --dry-run install`);
- test cases extended to cover dry-run.
 2017-08-23 13:01:29 +02:00
Pavel Mihadyuk d09304b897 phpmyadmin-syslog: added default jail config 2017-08-22 19:00:48 +03:00
Pavel Mihadyuk 41994fcb56 Added filter for phpMyAdmin+syslog (>=4.7.0) 2017-08-22 18:46:40 +03:00
Pavel Mihadyuk 5b4bc2aafd Added filter for phpMyAdmin+syslog (>=4.7.0). Closes #1713 2017-08-22 18:20:01 +03:00
sebres 1d5fbb95ae Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10 2017-08-18 15:44:22 +02:00
Serg G. Brester 124e5587c6 Merge pull request #1869 from sebres/fix-gh-1389 
action.d/bsd-ipfw.conf: replace not posix-compliant grep option
 2017-08-18 15:43:05 +02:00
Serg G. Brester b0e5efb631 bsd-ipfw.conf: sh-compliant redirect of stderr together with stdout 2017-08-18 15:26:09 +02:00
sebres 3be32adefb Replace not posix-compliant grep option: fgrep with `-q` option can cause 141 exit code in some cases (see gh-1389). 2017-08-18 14:37:29 +02:00
sebres 8e6b4346dc avoid using "ANSI_X3.4-1968" as preferred encoding, if missing environment variables 'LANGUAGE', 'LC_ALL', 'LC_CTYPE', and 'LANG' 
(especially critical if default value `encoding = auto` configured).

As PoC and coverage (this case fails without this "fix"):
$ env -i PATH="$PATH" bin/fail2ban-testcases --fast --no-network testAddBanInvalidEncoded
 2017-08-18 13:41:58 +02:00
Jacques Distler f84e58e769 Tweaks to action.d/pf.conf 
Document recent changes.
Add an option to customize the pf block rule (surely, what the user
really wants, here, is "block quick").
 2017-08-18 13:31:34 +02:00