github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
2,685 Commits
33 Branches
229 Tags
19 MiB
Commit Graph

845 Commits (45c1095606564e8d7c4299d857957816a37910f5)

Author SHA1 Message Date
Yaroslav Halchenko 45c1095606 Merge pull request #750 from niorg/master 
Added Directadmin filter, jail and log test
 2014-07-27 21:47:07 -04:00
Yaroslav Halchenko 6cddc65cee BF: path to exim's mainlog on Fedora (Thanks Frantisek Sumsal) + changelog entry 2014-07-14 12:16:12 -04:00
Yaroslav Halchenko 43950d8b7e BF: fix path to the exim log on Debian systems (/var/log/exim4) 2014-07-08 11:09:25 -04:00
Cyril Roos add8e61036 Added Directadmin filter, jail and log test 2014-07-02 13:52:06 +02:00
Yaroslav Halchenko 0adb10f653 Merge branch 'ainfo-copy' of https://github.com/kwirk/fail2ban 
* 'ainfo-copy' of https://github.com/kwirk/fail2ban:
  TST: actions modifying aInfo test more robust
  TST: Test for actions modifying (un)ban aInfo
  BF: aInfo could be modified by actions, causing unexpected behaviour
 2014-06-22 10:53:30 -04:00
Steven Hiscocks 2d54161696 Merge branch 'kwirk/harmonize-log-msgs' 
Conflicts:
	ChangeLog - Keep all additions
 2014-06-22 12:57:49 +01:00
Steven Hiscocks 76a5633ff9 Merge pull request #739 from ranvis/enh-iptables-ipsets 
ENH: Add <chain> to iptables-ipsets.
 2014-06-21 22:48:49 +01:00
SATO Kentaro 65ff3e9604 ENH: Introduce iptables-common.conf. 2014-06-18 19:04:57 +09:00
Steven Hiscocks 94232d7c31 Merge pull request #726 from pmarrapese/master 
Minor improvement to sshd filter
 2014-06-17 23:43:42 +01:00
Steven Hiscocks 8268c1641f BF: aInfo could be modified by actions, causing unexpected behaviour 
A separate copy of aInfo is passed to each action
 2014-06-17 23:24:23 +01:00
Yaroslav Halchenko 93d5c363ca Merge branch 'enh/oracle_msg_server' 
* enh/oracle_msg_server:
  ENH: make oracleims failregex better anchored (more explicit)
  Update oracleims.conf to be 'less greedy'
  Update THANKS
  Update jail.conf for oracleims filter.
  Create test for oracleims filter
  Create oracleims.conf in filter.d for new filter
 2014-06-16 09:22:42 -04:00
SATO Kentaro 1e1c4ac62a ENH: Add <chain> to iptables-ipsets. 2014-06-16 21:30:13 +09:00
Yaroslav Halchenko 994fe77e59 ENH: make oracleims failregex better anchored (more explicit) 2014-06-10 03:52:16 -04:00
JoelSnyder 5165d2f6ea Update oracleims.conf to be 'less greedy' 
This assumes that the protocol is always a string, which it always is, and that the other four fields in the "tr" are always numeric (which they always are).  See port_access documentation at http://docs.oracle.com/cd/E19563-01/819-4428/bgaur/index.html
 2014-06-09 18:44:27 -07:00
JoelSnyder 70ed93d8cc Update jail.conf for oracleims filter. 
This is the jail.conf update.  Hopefully this will go into pull request #734.
 2014-06-09 18:37:31 -07:00
Steven Hiscocks e8131475cd ENH: Realign and harmonise log messages with getF2BLogger helper 2014-06-09 22:17:00 +01:00
Steven Hiscocks db023be09b BF: Fix bad syntax in badips.py action 
Taken from https://bugzilla.redhat.com/attachment.cgi?id=895966&action=diff
 2014-06-07 20:51:53 +01:00
JoelSnyder 9b7c35810a Create oracleims.conf in filter.d for new filter 
Created oracleims.conf to catch messages from Sun/Oracle Communications Messaging Server v6.3 and above (including v7)
 2014-06-02 22:55:59 -07:00
pmarrapese 96918acee4 more explicit match for sshd filter & added test 2014-05-19 20:47:16 -07:00
pmarrapese 46d6e93800 adjusted sshd filter regex to catch more verbose lines 2014-05-18 22:12:54 -07:00
Steven Hiscocks 77ba065571 Merge pull request #697 from jhmartin/monit_admin_hack 
Block brute-force attempts against the Monit gui
 2014-05-07 22:23:01 +01:00
Steven Hiscocks bc10b64c69 ENH: Match non "Bye Bye" for sshd locked accounts failregex 2014-04-27 13:35:55 +01:00
Yaroslav Halchenko 596b819bdc DOC: minor -- tabify docstring in badips.py action 2014-04-23 10:04:17 -04:00
Jason Martin 9c3cb31862 Even stricter monit regex, now covers entire line 2014-04-22 21:29:52 -07:00
Jason Martin 72bfd14330 Tidy up filter.d/monit.conf, make regex more complete. 
Add ChangeLog / THANKS entry.
Add test cases.
 2014-04-19 13:04:03 -07:00
Steven Hiscocks 03d90c2f42 BF: recidive filter and samples at wrong log level: WARNING->NOTICE 2014-04-19 18:07:23 +01:00
Jason Martin 7d112430ca Block brute-force attempts against the Monit gui 2014-04-16 21:21:41 -07:00
Steven Hiscocks d4427e5a76 Merge pull request #683 from yarikoptic/fix/682 
Fix typos referencing  paths-common, provide empty defaults for syslog_ log files (Partial fix to #682)
 2014-04-15 17:14:28 +01:00
Steven Hiscocks 9fcb92524e BF: badips.py action logging of exc_info on debug typo 2014-04-12 11:21:52 +01:00
Yaroslav Halchenko 8bcb25c3a2 defining empty defaults for syslog_ log targets for common (Thanks @chtheis, partial fix to #682) 2014-04-10 23:17:39 -04:00
Yaroslav Halchenko 7dcea0d48d typos of paths-common (Thanks @chtheis, partial fix to #682) 2014-04-10 23:17:30 -04:00
Yaroslav Halchenko 5bccec61e4 ENH: adding pruned with previous merge trailing \s* in nginx filter 2014-04-03 21:31:46 -04:00
Yung-Chin Oei 941a38ea8e nginx-http-auth: match when "referrer" is present 
A sample log-line is provided.  The updated regex successfully matches
this line.

Signed-off-by: Yung-Chin Oei <yungchin@yungchin.nl>
 2014-04-04 01:27:39 +01:00
shawn d7e888238c Correct grammar 2014-04-03 10:44:49 -04:00
yungchin 6e8c1b2871 nginx-http-auth filter: match server_name = "" 
As documented at
http://nginx.org/en/docs/http/server_names.html#miscellaneous_names "If
no server_name is defined in a server block then nginx uses the empty
name as the server name."  This regex change allows us to match error
output for such a configuration.

The log line added to the tests was lifted from our logs verbatim; it
did not match without the patched regex.

Signed-off-by: Yung-Chin Oei <yungchin@yungchin.nl>
 2014-04-03 11:04:21 +01:00
yungchin 3a155ed2e0 Update comments in shorewall.conf for new settings 2014-04-01 16:52:21 +01:00
Ruben Kerkhof 1c36da9df9 Fix 2 more typos that codespell didn't catch 2014-03-25 10:57:20 +00:00
Ruben Kerkhof 1695d5c076 Fix a few typos 
Found with https://github.com/lucasdemarchi/codespell

Signed-off-by: Ruben Kerkhof <ruben@rubenkerkhof.com>
 2014-03-24 13:16:52 +00:00
Manuel Rüger 5a1ad75114 Fix typo in comment 2014-03-18 03:07:19 +01:00
Steven Hiscocks 41cbbbc248 BF: Remove unused imports and variables. 
All highlighted by using pyflakes.
 2014-03-16 14:31:34 +00:00
Steven Hiscocks 16125ec81a BF: badips.py action methods not static due to use of self._logSys 2014-03-16 14:18:19 +00:00
Steven Hiscocks 6c5a978d6f BF: journalmatch for recidive should be NOTICE level not WARNING 2014-03-15 13:29:44 +00:00
Daniel Black 7611096162 Merge branch '0.9' of https://github.com/fail2ban/fail2ban into 0.9 2014-03-14 22:31:16 +11:00
Daniel Black aa7e8fb9ce DOC: Credits. close gh-644 2014-03-14 22:30:44 +11:00
Steven Hiscocks 9e374b159e ENH: Allow setting of badips.py key for reporting and blacklisting 2014-03-13 22:45:10 +00:00
Steven Hiscocks de43d1d6d5 ENH: Change badips.py default score to "3" 
As per recommendation from Amy from badips.com
 2014-03-13 22:05:50 +00:00
Daniel Black 476d79d3cc ENH: asterisk filter to support syslog format 2014-03-14 09:03:27 +11:00
Daniel Black 415f187644 ENH: sendmail-reject for all smtp ports. 2014-03-14 07:12:12 +11:00
Steven Hiscocks a78a9d282c DOC: Document that badips.py action should be last action for jail 2014-03-13 20:04:30 +00:00
Steven Hiscocks 0222ff4677 Merge branch 'badips-blacklist' into 0.9 
Conflicts:
	ChangeLog
        - entires added in both branches.

Change:
        config/action.d/badips.py
        - jail.getName() changed to jail.name
 2014-03-13 20:01:15 +00:00