1779 Commits (467024797f07f2c488d12cafd8fd84f079a310a9)

Author	SHA1	Message	Date
sebres	467024797f	Merge branch '0.10' into 0.11	2022-08-17 16:56:10 +02:00
Sergey G. Brester	514cca9ade	filter.d/sendmail-auth.conf: detect failures without user part	2022-08-01 09:20:28 +02:00
sebres	a69d42cea5	Merge branch '0.10' into 0.11	2022-06-02 21:04:43 +02:00
Sergey G. Brester	fbfc85d8c0	common.conf: fixed typo in comment (rfc5424 for logtype) ... no functional changes; closes #3274	2022-05-12 18:09:09 +02:00
sebres	8ac49b5858	Merge branch '0.10' into 0.11	2022-02-09 15:44:35 +01:00
László Károlyi	f380d6202d	cherry pick #3210 from master	2022-02-09 15:43:21 +01:00
sebres	498e473a10	filter.d/courier-auth.conf: consider optional port after IP, regex is rewritten without catch-all's and right anchor, so it is more stable against further modifications now; ... closes #3211	2022-02-09 12:18:23 +01:00
sebres	810386a265	filter.d/dovecot.conf: parse everything in parenthesis by auth-worker info, e. g. can match (pid=...,uid=...) too ... (amend to 92f90038fa)	2022-02-08 19:21:37 +01:00
sebres	35d73d9758	Merge branch '0.10' into 0.11	2022-01-18 16:17:07 +01:00
sebres	bf689c27b8	filter.d/sshd.conf: `ddos` mode extended - recognizes messages "kex_exchange_identification: Connection closed / reset by pear" (fixed possible regression of f77398c49d); ... closes gh-3086	2022-01-18 15:42:35 +01:00
sebres	8bf15db688	filter.d/sshd.conf: `ddos` mode extended - recognizes new message "banner exchange: invalid format" generated by port scanner, https payload on ssh port; ... closes gh-3169	2022-01-18 15:41:27 +01:00
sebres	0b3ad780fe	Merge branch '0.10' into 0.11	2021-11-03 15:48:21 +01:00
sebres	4b54a07d71	Revert "`action.d/firewallcmd-*.conf` (multiport only): fixed port range selector, replacing `:` with `-`;" ... This reverts the incompatibility #3047 introduced by commit a038fd5dfe (#2821).	2021-11-01 11:45:40 +01:00
Sylvestre Ledru	3245b8018b	Add the Debian path to roundcube error logs	2021-10-23 17:38:20 +02:00
Sergey G. Brester	ba839af8ad	filter.d/lighttpd-auth.conf: adjusted to the current source code + avoiding catch-all's, etc (gh-3116)	2021-10-01 15:03:24 +02:00
sebres	c03fe6682c	merge 0.10 to 0.11 (GHSA-m985-3f3v-cwmm)	2021-07-07 12:04:46 +02:00
sebres	410a6ce5c8	fixed possible RCE vulnerability, unset escape variable (default tilde) stops consider "~" char after new-line as composing escape sequence	2021-06-21 17:12:53 +02:00
sebres	d2f5c7de09	Merge branch '0.10' into 0.11	2021-05-29 21:24:11 +02:00
sebres	92f90038fa	filter.d/dovecot.conf: extended to match prefix like `conn unix:auth-worker (uid=143): auth-worker<13247>:` (authenticate from external service like exim), gh-2553	2021-05-29 21:12:34 +02:00
sebres	8b984a0135	filter.d\exim-common.conf: pid-prefix extended to match `mx1 exim[...]:` (gh-2553)	2021-05-29 20:47:56 +02:00
sebres	6be1a5a0b1	filter.d/dovecot.conf: fixed "Authentication failure" regex, matches "Password mismatch" in title case (gh-2880)	2021-05-29 20:25:28 +02:00
sebres	8afea37494	filter.d/sendmail-auth.conf: covering several "authentication failure" messages, sendmail 8.16.1 (gh-2757)	2021-05-29 20:09:57 +02:00
sebres	c5f1598a21	filter.d/postfix.conf: extended to cover new vectors: ... - reject: BDAT/DATA from (gh-2927) - (since regex is more precise now) token selector changed to `[A-Z]{4}`, e. g. no matter what a command is supplied now (RCPT, EHLO, VRFY, DATA, BDAT or something else) - matches "Command rejected" and "Data command rejected" now	2021-05-29 19:48:24 +02:00
sebres	ae3e9b9149	filter.d/postfix.conf: extended to cover 2 new vectors: ... - RCPT from unknown, 504 5.5.2, need fully-qualified hostname, gh-2995 - 550 5.7.25 Client host rejected, gh-2996 review combining several regex to single one	2021-05-29 19:21:27 +02:00
sebres	87f717e0e0	filter.d/sendmail-reject.conf: fix reverse DNS for ... (gh-3012)	2021-05-29 18:45:59 +02:00
sebres	3312b8cb95	Merge branch '0.10' into 0.11	2021-05-25 23:18:33 +02:00
sebres	1627d4f573	filter.d/sendmail-auth.conf: user not found, closes gh-3030	2021-05-25 23:16:29 +02:00
sebres	b5b615731e	Merge branch '0.10' into 0.11	2021-04-27 14:03:49 +02:00
sebres	f0214b3d36	filter.d/sendmail-reject.conf: fixed regex to consider "Connection rate limit exceeded" with different combination of arguments	2021-04-20 18:13:40 +02:00
Sergey G. Brester	d74dd9321b	Merge pull request #2565 from caronc/0.11 ... Add Apprise Support (50+ Notifications)	2021-04-04 00:24:21 +02:00
Sergey G. Brester	b2f6a3a658	remove unneeded substitution ... it is enough to add `apprise` to action	2021-04-04 00:21:59 +02:00
sebres	3eaefe8da0	Merge branch '0.10' into 0.11	2021-03-03 18:16:47 +01:00
sebres	a45b1c974c	filter.d/ignorecommands/apache-fakegooglebot: added timeout parameter (default 55 seconds) - avoid fail with timeout (default 1 minute) by reverse lookup on some slow DNS services (googlebots must be resolved fast); ... closes gh-2951	2021-03-02 19:35:27 +01:00
sebres	63acc862b1	`action.d/nginx-block-map.conf`: reload nginx only if it is running (also avoid error in nginx-errorlog, gh-2949) and better test coverage for the action	2021-02-24 18:21:42 +01:00
sebres	fb6315ea5e	Merge branch '0.10' into 0.11	2021-02-24 13:16:36 +01:00
sebres	6f4b6ec8cc	action.d/badips.* removed (badips.com is no longer active, gh-2889)	2021-02-24 13:05:04 +01:00
sebres	6198b4566c	Merge branch '0.10' into 0.11	2021-02-03 14:47:56 +01:00
sebres	c75748c5d3	fail2ban.conf: added new fail2ban configuration option "allowipv6" (default auto), can be used to allow or disallow IPv6 interface in fail2ban immediately by start (e. g. if fail2ban starts before network interfaces). ... closes gh-2804	2021-01-27 17:06:14 +01:00
sebres	dbc77c47c3	Merge branch '0.10' into 0.11	2021-01-21 19:11:01 +01:00
Sergey G. Brester	5f3f4d1e2f	action.d/cloudflare.conf: better IPv6 capability ... closes gh-2891	2021-01-11 15:23:40 +01:00
sebres	9df332fdef	filter.d/apache-overflows.conf: extended to match AH00126 error (Invalid URI ...); ... closes gh-2908	2021-01-11 15:10:53 +01:00
sebres	fe334590cd	Merge branch '0.10' into 0.11	2020-12-29 21:25:09 +01:00
sebres	73b39e0894	filter.d/named-refused.conf: fixes prefix for messages from systemd journal (no mandatory space ahead, because don't have timestamp) ... closes gh-2899	2020-12-29 21:22:47 +01:00
sebres	b78d1e439a	Merge branch '0.10' into 0.11	2020-11-23 21:35:32 +01:00
sebres	7965d652a1	filter.d/dovecot.conf: allow more verbose logging ... closes #2573	2020-11-23 18:17:29 +01:00
sebres	a6de9459fc	typo	2020-11-23 18:08:38 +01:00
RyuaNerin	bba8844af8	typo	2020-11-23 18:07:49 +01:00
mpoliwczak834	595ee7ed74	add submission	2020-11-23 17:42:12 +01:00
mpoliwczak834	0c12cb7970	add managesieve support dovecot filter	2020-11-23 17:42:11 +01:00
sebres	cc64ef25f6	filter.d/apache-noscript.conf: extended to match "script not found" with error AH02811 (and cgi-bin path segment in script) ... closes gh-2805	2020-11-23 17:25:41 +01:00