sebres
fa007bfa7c
remove build folder, if created through setup-process in test
2017-11-24 12:57:55 +01:00
sebres
eac80966c5
Fix scripts-root within `fail2ban.service` (relative install root-base directory).
...
This is amend for e3b061e94b
.
Closes gh-1964
2017-11-24 12:54:45 +01:00
sebres
6db8db04f8
Merge branch 'master' into 0.10: fixed test-cases covering dns2ip (IP of www.epfl.ch changed)
2017-11-23 22:46:17 +01:00
sebres
5708b8b90e
fixed test-cases covering dns2ip (IP of www.epfl.ch changed)
2017-11-23 22:42:51 +01:00
sebres
159957ab88
filter.d/sshd.conf: extended failregex for modes "extra"/"aggressive": now finds all possible (also future) forms of "no matching (cipher|mac|MAC|compression method|key exchange method|host key type) found", see "ssherr.c" for all possible SSH_ERR_..._ALG_MATCH errors;
...
obsolete (multi-line buffered) variant extended also.
Closes gh-1943, gh-1944
2017-11-23 22:21:42 +01:00
sebres
7e756da2b9
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2017-11-06 18:56:31 +01:00
Serg G. Brester
4cd3b2d4c9
Merge pull request #1955 from sebres/fix-initial-config
...
config/paths-*.conf: initial values and normalization
2017-11-06 18:30:13 +01:00
Serg G. Brester
ee80c52430
Update ChangeLog
2017-11-03 14:15:54 +01:00
sebres
eba68a8f37
config/paths-common.conf: Added initial values for `syslog_authpriv`, `syslog_mail` in order to avoid errors while parsing/interpolating configuration;
...
Note the systemd-backend does not need the logpath at all;
Some defaults normalized (minimized configs, don't need to overwrite values in distribution-related path if equal).
2017-11-03 14:15:07 +01:00
Serg G. Brester
c06f3c3fb8
Merge pull request #1812 from jpotter/patch-1
...
Replace port imap3 with imap
2017-11-03 14:05:57 +01:00
Serg G. Brester
4d10c615c4
Update ChangeLog
...
typo
2017-11-03 14:05:17 +01:00
Serg G. Brester
8b26fd2778
Update ChangeLog
2017-11-03 14:03:47 +01:00
Serg G. Brester
9876dd44f9
replace port imap3 with imap everywhere, since imap3 is not a standard port and old rarely (if ever) used and missing on some systems
...
(see gh-1942)
2017-11-03 14:03:06 +01:00
Jeff Potter
4a2fc8b7e8
Include imap (port 143) in courier-auth ports
...
imap was missing from the list of ports, preventing fail2ban from blocking connections on standard IMAP port 143.
2017-11-03 14:01:19 +01:00
Serg G. Brester
a87af7bf41
Merge pull request #1948 from itoffshore/alpine
...
gentoo-initd: add descriptions
2017-11-03 13:30:18 +01:00
Stuart Cardall
18d2761dc0
gentoo-initd: add descriptions
...
add descriptions to stop syslog errors for extra_started_commands when running:
rc-service ipset describe
Oct 28 15:13:30 xxxx daemon.warn /etc/init.d/fail2ban[26446]: ^[[1m^[[36mreload^[[m: no description
Oct 28 15:13:30 xxxx daemon.warn /etc/init.d/fail2ban[26447]: ^[[1m^[[36mshowlog^[[m: no description
2017-11-01 22:19:14 +01:00
sebres
b615a98540
jail.conf: avoid overwriting of default value of the parameter `chain` of several actions (where default chain != INPUT);
...
test-cases extended to cover the same logic (use `<known/chain>` instead of fix value `INPUT`);
Closes gh-1949
2017-10-30 13:32:52 +01:00
Yaroslav Halchenko
f3b3a41639
changelog on the change of location
2017-10-27 17:31:41 -04:00
Yaroslav Halchenko
67706bebb3
Merge commit 'github_szepeviktor_fail2ban/patch-9^' into debian
...
* commit 'github_szepeviktor_fail2ban/patch-9^':
Monit files are moved
2017-10-27 17:30:04 -04:00
Serg G. Brester
e07a8cda07
Update jail.conf
...
Documentation of parameters for action blocklist_de, closes gh-1940
2017-10-27 15:26:17 +02:00
Serg G. Brester
2409c4506a
Merge pull request #1917 from martin61/patch-1
...
add ip6tables.service ipset.service in systemd unit
2017-10-20 12:39:46 +02:00
martin61
5db497017a
add ip6tables.service ipset.service in systemd unit
2017-10-19 16:44:18 +02:00
Serg G. Brester
1a8fb6290d
Merge pull request #1926 from sebres/0.10-pf-actionflush
...
action.d/pf.conf: wildcard anchoring example + bulk-unban with command `actionflush`
2017-10-19 16:35:46 +02:00
sebres
0e66e3cc57
Merge branch 'master' into 0.10
...
# Conflicts:
# config/filter.d/asterisk.conf
2017-10-18 19:00:23 +02:00
Serg G. Brester
0aeb91d1e2
Merge pull request #1929 from miken32/patch-1
...
Remove invalid (vulnerable) regex using IP from foreign input (not the originator).
2017-10-18 18:54:43 +02:00
Serg G. Brester
d81405adbc
Update ChangeLog
...
typo
2017-10-18 18:52:55 +02:00
Serg G. Brester
b6ab0aa83f
Update ChangeLog
...
more detailed entry
2017-10-18 18:52:12 +02:00
Michael Newton
894a05b843
Update ChangeLog
2017-10-18 09:26:51 -07:00
Michael Newton
3f715e8577
Remove tests
2017-10-17 14:46:11 -07:00
Michael Newton
d5d1fe679f
Remove invalid regex
...
Resolves #1927
2017-10-17 14:44:23 -07:00
sebres
a1b863fcf6
action.d/pf.conf: extended with bulk-unban, command `actionflush` in order to flush all bans at once (by stop jail, resp. shutdown of fail2ban)
2017-10-17 20:12:48 +02:00
sebres
667f48817b
Merge pull request #1925 from sebres/0.10-fix-pf-multiport:
...
action.d/pf.conf: fix multiport syntax
2017-10-17 16:09:50 +02:00
sebres
3c4910a3e2
ChangeLog entry + note for possible incompatibility.
2017-10-17 16:06:39 +02:00
sebres
8726c9fb0a
pf.conf: enclose ports in braces, multiple ports expecting this syntax `... any port {http, https}`.
...
Note this would be backwards-incompatible change (for the people already enclosing multiports in braces in jail.local).
closes gh-1915
2017-10-17 13:46:29 +02:00
Serg G. Brester
c6029bbef6
Merge pull request #1919 from IdahoPL/IdahoPL-patch-1
...
Update pf.conf commet to fix syntax error
2017-10-17 12:40:51 +02:00
Łukasz Wąsikowski
a4f94d2619
Update pf.conf
...
Fix comment, because current one won't work:
cat /etc/pf.conf
anchor f2b {
sshd
}
# service pf reload
Reloading pf rules.
/etc/pf.conf:2: syntax error
New version:
cat /etc/pf.conf
anchor f2b {
anchor sshd
}
# service pf reload
Reloading pf rules.
2017-10-17 12:39:25 +02:00
Serg G. Brester
c42dd6941c
Merge pull request #1921 from harry-wood/patch-1
...
typo
2017-10-16 10:50:11 +02:00
Harry Wood
ea1b663f85
typo
...
spell "positive" (...but also somebody should finish this sentence)
2017-10-16 01:15:58 +01:00
sebres
028f32b74b
bump version (0.10.1 -> 0.10.2.dev1)
2017-10-12 14:00:41 +02:00
sebres
351abeb4ff
prepare release: bump version, update ChangeLog, man's and MANIFEST etc.
2017-10-12 13:46:46 +02:00
sebres
ceff489a46
amend to a4459765ef438db83a2898ba832ff7acba033e29: irrelevant condition removed
2017-10-04 14:24:21 +02:00
sebres
a4459765ef
pyinotify/polling: test filter reaction by delete of watching file, better detection of pending file (avoid errors in fail2ban.log during log-rotation).
...
Closes gh-1865 for filterpyinotify ("cannot remove WD=2").
2017-10-04 14:17:00 +02:00
sebres
e71f16f6ba
Merge branch 'master' into 0.10
...
# Conflicts resolved:
# config/filter.d/dovecot.conf
2017-10-04 09:57:18 +02:00
sebres
ea36e1b3fc
filter.d/dovecot.conf: fixed failregex to recognize pam_authenticate failures with "Permission denied" (gh-1897)
2017-10-04 09:55:37 +02:00
Serg G. Brester
32deb828a1
Merge pull request #1904 from sebres/no-dup-ignoreip-fix-1900
...
Avoid exact duplicates by addIgnoreIP (closes gh-1900)
2017-10-04 08:41:40 +02:00
sebres
d1fad22ac1
Avoid exact duplicates by addIgnoreIP (closes gh-1900)
2017-10-02 15:59:14 +02:00
sebres
8c804a2290
Merge branch 'master' into 0.10
...
# Conflicts resolved:
# config/filter.d/postfix-rbl.conf
# config/filter.d/postfix-sasl.conf
# config/filter.d/postfix.conf
# fail2ban/tests/files/logs/postfix-sasl
2017-10-02 15:41:30 +02:00
sebres
a2120a9de5
filter.d/postfix-*.conf - added optional port regex (closes gh-1902)
2017-10-02 15:31:55 +02:00
Serg G. Brester
6140a0f2d4
Merge pull request #1894 from sbraz/nftables-ipv6
...
Fix nftables actions for IPv6 addresses, fixes #1893
2017-09-13 09:14:39 +02:00
Serg G. Brester
6149df5216
Update ChangeLog
2017-09-12 09:27:16 +02:00