github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
817 Commits
32 Branches
229 Tags
17 MiB
Commit Graph

220 Commits (413ec5317e590f4acbddc795f72b9edb24debcde)

Author SHA1 Message Date
Yaroslav Halchenko 413ec5317e first pre-release version of 0.8.1 2007-10-16 17:02:35 -04:00
Yaroslav Halchenko 0012f9ff92 * (NOT RELEASED YET) New upstream release. 
Patches absorbed upstream:
    00_daemon_pids.dpatch
    00_iptables_allports.dpatch
    00_vsftp_filter_spaces.dpatch
    00_resolve_all_names.dpatch
    00_HOST_ignoreregex.dpatch
   Patches which needed some tune-up:
    00_ssh_strong_re.dpatch
    00_mail-whois-lines.dpatch
    00_named_refused.dpatch
 2007-10-16 17:02:35 -04:00
Yaroslav Halchenko e10a8616b4 fetched fresh upstream 0.8.1 2007-10-16 17:02:35 -04:00
Yaroslav Halchenko 922b5035ea actually we never released pre-release 2007-10-16 17:02:35 -04:00
Yaroslav Halchenko 85b75c77fb * Resolve all "names" which became a part of <HOST>. Previousely only fqdn's 
were resolved
 2007-08-13 21:13:59 +00:00
Yaroslav Halchenko c5202ce696 * Added optional spaces at the end of failregex for vsftpd. 2007-08-06 01:39:30 +00:00
Yaroslav Halchenko 58ae2a5a75 * Added new time template matching named log entries 2007-07-30 02:31:35 +00:00
Yaroslav Halchenko 95d17ee318 * Adjusted failregex for sshd filter: 
- anchored properly at the end of line, and source code has .examples
    files to perform testing of the rules.
  - added new explicit rule for users not in the AllowUsers lists
 2007-07-29 17:20:23 +00:00
Yaroslav Halchenko 3aef16b773 * jail.conf has specification of protocol (default to tcp) to be provided to 
banaction
 2007-07-25 03:47:32 +00:00
Yaroslav Halchenko 990bd15dd5 specified default protocol (tcp) and specified udp for jail for named 2007-07-25 03:46:41 +00:00
Yaroslav Halchenko ac7e1696d4 fixed named filter to account for optional (cache) 2007-07-24 20:04:20 +00:00
Yaroslav Halchenko 14d3ffc6de * Added a filter for named to catch refused/denied queries 2007-07-24 18:10:05 +00:00
Yaroslav Halchenko 2a3d710cad adjusted pam_generic patch in example to catch ftp 2007-07-24 17:25:38 +00:00
Yaroslav Halchenko d63bea24f5 tuned pam_generic to catch some weird log lines 2007-07-21 02:29:45 +00:00
Yaroslav Halchenko a843d0da04 tuned pam_generic to catch some weird log lines 2007-07-21 02:27:30 +00:00
Yaroslav Halchenko f58421eabf * Use /var/run to keep socket file (closes: #425746) 2007-07-05 17:12:17 +00:00
Yaroslav Halchenko a9ecd98ffe Added port param in jail since otherwise -- crashes 2007-06-25 17:08:49 +00:00
Yaroslav Halchenko 2e55bc57c7 * Added a filter pam_generic to catch any login errors. 
* Added iptables-allports.
 2007-06-25 16:51:05 +00:00
Yaroslav Halchenko bc0806d459 * Moved <HOST> expansion into regex.py (closes: #429263). Thanks James 
Andrewartha.
* Added optional regexp entry for process PID in some entries (closes:
  #426050). Thanks Roderick Schertler.
 2007-06-21 01:47:02 +00:00
Yaroslav Halchenko cc5ec4dcde releasing 2007-05-16 18:14:13 +00:00
Yaroslav Halchenko e55dfeaf3a untabified last entry 2007-05-15 14:37:09 +00:00
Yaroslav Halchenko cc1ed23b40 * Applied changes submitted by Bernd Zeimetz (thanks Bernd): 
- Removed obsolete Build-Depends-Indep on help2man, python-dev
	- Explicit removal of *.pyc files compiled during build
	- Invoke 'python setup.py clean' in clean target, which required also
	  to move python into Build-Depends
* Minor clean up of debian/rules
 2007-05-15 14:26:28 +00:00
Yaroslav Halchenko be824f4e00 adjusted to be prerelease of the package 2007-05-10 15:35:43 +00:00
Yaroslav Halchenko c58a100259 * Manually changing the order of debhelper inserted scripts in prerm 
(Closes: #422655)
* Removed obsolete hack to have /bin/env invocation of python for
  fail2ban-* scripts
 2007-05-10 15:34:09 +00:00
Yaroslav Halchenko e9397ea375 * New stable upstream release 2007-05-05 16:35:58 +00:00
Yaroslav Halchenko 10718c1036 initial upgrade to 0.8.0 2007-05-05 16:17:50 +00:00
Yaroslav Halchenko d15f9d0206 * New upstream release 
* Updated copyright to include current year
* Removed patches absorbed upstream
 2007-04-20 01:44:43 +00:00
Yaroslav Halchenko 5dcec130f6 adjusted changelog -- releasing finally 2007-03-26 21:53:30 +00:00
Yaroslav Halchenko 7c30a3097b * Applied post-release upstream changes to resolve issues with 
- Close opened handlers to log file
 - Fixed "reload" bug
 2007-03-26 21:47:10 +00:00
Yaroslav Halchenko dc21820c80 adjusted paths in patches 2007-03-24 22:40:42 +00:00
Yaroslav Halchenko d345865621 * New upstream release 
* Applied post-release changes to resolve issues with gamin and not closed
  on reload log file
 2007-03-24 22:27:09 +00:00
Yaroslav Halchenko ee3f91176c * New upstream release (included most of the debian-provided patches -- new 
filters and actions)
* Refreshed and made verbatim homepage in description
 2007-02-09 03:22:15 +00:00
Yaroslav Halchenko a4c15ea883 * NOT RELEASED YET 
* Made homepage in description verbatim
 2007-02-07 15:25:11 +00:00
Yaroslav Halchenko 936fee7c40 * Use /usr/bin/python interpreter instead of wrapped call to python by 
/usr/bin/env
 2007-01-19 16:08:10 +00:00
Yaroslav Halchenko 30eb0566bd making it using /usr/bin/python directly 2007-01-19 15:56:21 +00:00
Yaroslav Halchenko f92e887994 minor more changes 2007-01-19 15:53:21 +00:00
Yaroslav Halchenko 878fa0dedd * Synchronized action.d/iptables-* rules from upstream SVN (closes: 
#407561)
* Minor: options renames in the comments to be in sync with upstream
 2007-01-19 15:51:11 +00:00
Yaroslav Halchenko e3102eb28a had to rename filter for courierauth 2007-01-18 15:52:48 +00:00
Yaroslav Halchenko 7a1dd9e98c * iptables-multiport is default action to take since Debian kernel arrives 
with multiport module. That is to address the fact that most services
  listen on multiple port (for encrypted and non-encrypted connections)
* Added [courierauth] jail (First 2 items are to partially address #407404
 2007-01-18 15:41:49 +00:00
Yaroslav Halchenko 85d8604209 removed empty lines 2007-01-04 20:34:41 +00:00
Yaroslav Halchenko 36b1833e31 * Adjusted default log file for postfix to be /var/log/mail.log 
(Closes: #404921)
 2007-01-04 20:25:45 +00:00
Yaroslav Halchenko acfebf3475 adjusted multiport section as promised in changelog 2007-01-04 20:19:58 +00:00
Yaroslav Halchenko e570f14a5d releasing 2007-01-04 19:48:58 +00:00
Yaroslav Halchenko f01c74581d fixed action_ shortcuts 
adjusted initd script to be verbose on start if socketfile exists
 2007-01-04 19:47:00 +00:00
Yaroslav Halchenko 7fa686a7f2 * New upstream release, which incorporates fixes introduced in 3~pre 
non-released versions (which were suggested to the users to overcome
  problems reported in bug reports). In particular attention should be paid
  to upstream changelog entries

  - Several "failregex" and "ignoreregex" are now accepted.
    Creation of rules should be easier now.
  
    This is an alternative solution to 'multiple <HOST>' entries fix,
    which is not applied to this shipped version - pay cautios if upgrading
    from 0.7.5-3~pre?
 
  - Allow comma in action options. The value of the option must
    be escaped with " or '. 
    That allowed to implement requested ability to ban multiple ports
    at once (See 373592). README.Debian and jail.conf adjusted to reflect
    possible use of iptables-mport
  - Now Fail2ban goes in /usr/share/fail2ban instead of
    /usr/lib/fail2ban. This is more compliant with FHS.
    Patch 00_share_insteadof_lib no longer applied
* Refactored installed by debian package jail.conf:
  - Added option banaction which is to incorporate banning agent
    (usually some flavor of iptables rule), which can then be easily
    overriden globally or per section
  
  - Multiple actions are defined as action_* to serve as shortcuts
 2007-01-04 18:08:09 +00:00
Yaroslav Halchenko e8ce484c05 reworked init script a bit: waiting on stop and ping instead of status 2007-01-04 17:03:35 +00:00
Yaroslav Halchenko a81dd8b103 boosted version 2007-01-03 16:09:43 +00:00
Yaroslav Halchenko 97ab74de5f * Not applying patch any more for rigid python2.4 - it is default now in 
sid/etch
 2007-01-03 16:09:01 +00:00
Yaroslav Halchenko 4d5ec804f5 * Added filter ssh-ddos to fight DDOS attacks. Must be used with caution if 
there is a possibility of clients accessing through unreliable connection 
  (Closes: #404487)
 2006-12-28 07:28:53 +00:00
Yaroslav Halchenko 832a8a4346 * Moved call to dh_pycentral before dh_installinit 
* Removed unnecessary call of dh_shlibdeps
 2006-12-22 18:56:51 +00:00