fail2ban

Commit Graph

Author	SHA1	Message	Date
sebres	50595b70fd	filter.d/mysqld-auth.conf: ISO timestamp format (dual time) within log message (https://serverfault.com/questions/982126/fail2ban-fails-to-recognize-ip)	5 years ago
sebres	9e28b6c65f	filter.d/asterisk.conf: relaxing protocol RE-part before IP in RemoteAddress (gh-2531)	5 years ago
sebres	82ddaa5771	fix order of jail options in stream: * be sure usedns is before all regex(s) in stream (this option is also allowed in the config of filter now) * logpath after all log-related data (backend, date-pattern, etc)	5 years ago
sebres	7b3ee3dadc	allow to set all standard options of filter (like prefregex, journalmatch, etc) directly in jail (without filter or supplying parameters to filter); normalize stream generation of filter-related parameters across FilterReader and JailReader (uses stream generator of filter now); test cases extended (testOverrideFilterOptInJail) to cover this possibility.	5 years ago
sebres	a36b70c7b5	filter.d/znc-adminlog.conf: support logging format of systemd-journal, bypass port after address (optional, removed end-anchor, see gh-2520)	5 years ago
sebres	fbd4bfc595	extend murmur test cases to cover systemd journal log-format (gh-2520, note we don't use any time-stamp as systemd-backend does not expect it)	5 years ago
sebres	e547927075	tests: extend server test cases for some stock jails (e. g. check issue with sendmail filters gh-2493 + covering `maxmatches` / `dbmaxmatches` in server tests)	5 years ago
sebres	65da15327e	curtail some bothering continuously repeatable debug messages of filters (backend-related) to level 4 (below extra heavy-debug, so simplifying debugging and testing with level 5)	5 years ago
sebres	16b3993be6	actions: improve conditional execution of some operations, also allow to start action on demand (by first ban if `actionstart_on_demand` enabled) for non-conditional actions (backwards compatible, so actionstart_on_demand is on per default only for the actions having family-conditional sections); small bug fixing (stop/flush/restore env etc) and code simplification.	5 years ago
sebres	39d9133baa	amend to `7520d250b0` (#2444 ): don't use default flags (SYSTEM) if journalfiles are specified (similar journalflags set to 0); fix failure of testJournalFilesArg and cover both cases now.	5 years ago
sebres	19052d9789	* Merge pull request #2406 from JoeHorn/0.11 support bind-9.11.0 log format	5 years ago
sebres	91923b5c07	don't need to match identifier exactly (@ is precise enough as prefix), not capturing group; `prefregex` extended, more selective now (denied/NOTAUTH suffix moved from `failregex`, so no catch-all there anymore); update ChangeLog	5 years ago
Sergey G. Brester	5a3859c163	Update named-refused	5 years ago
Joe Horn	4395469226	Update named-refused.conf Log format changed since ver. 9.11.0 Ref. ftp://ftp.isc.org/isc/bind9/9.11.0/RELEASE-NOTES-bind-9.11.0.html "The logging format used for querylog has been altered. It now includes an additional field indicating the address in memory of the client object processing the query."	5 years ago
Sergey G. Brester	a395361de8	Merge pull request #2467 from sebres/logtype-option-rfc5424 New option `logtype` value - `rfc5424`	5 years ago
Sergey G. Brester	70280bfa12	Update ChangeLog	5 years ago
Sergey G. Brester	d3b5befe44	update changelog (#2404 )	5 years ago
Sergey G. Brester	0dfd4f1f41	Merge pull request #2404 from benrubson/badprotocol filter.d/sshd.conf: matches "Bad protocol version identification" in ddos and aggressive modes.	5 years ago
Sergey G. Brester	eb308d0fc8	add test for injection on version identification	5 years ago
Sergey G. Brester	119401fced	Merge pull request #2452 from benrubson/badips Badips key is only used to retrieve list	5 years ago
Ben RUBSON	a98315386d	Update zzz-sshd-obsolete-multiline.conf	5 years ago
Sergey G. Brester	d5a5efcd5a	amend to #2174 for fail2ban.service, fix legacy path, closes gh-2474	5 years ago
Sergey G. Brester	7520d250b0	Merge pull request #2444 from sebres/gh-2392 systemd-backend: switched default flags to SYSTEM_ONLY(4)	5 years ago
sebres	5e980afbb8	filter.d/apache-noscript.conf: closes #2466 - matches "Primary script unknown" without "\n" (optional now)	5 years ago
sebres	62b1712d22	amend to #2387 : - common.conf: rewritten using section-based handling round about option logtype; - option `logtype` extended with `rfc5424` to cover RFC 5424 log-format (see #2309);	5 years ago
sebres	595054639b	tests/samplestestcase.py: fixes retrieving of microseconds by epoch (and comparison within tests factory)	5 years ago
Sergey G. Brester	5bc8d73220	test_badips.py: parameter `key` is removed in #2452	6 years ago
benrubson	8b171f7d25	Badips key is only used to retrieve list	6 years ago
sebres	4a2f4226b8	testIpToName: fixed for reverse IP of google dns (resolving another name now), more dynamic now	6 years ago
Sergey G. Brester	8a386103c1	Update ChangeLog	6 years ago
Sergey G. Brester	978c2fa8dd	Merge pull request #2448 from sebres/norm-mail-actions Normalization of mailing actions	6 years ago
sebres	e751be2c13	normalize, simplify and fix several mail actions (mail and sendmail actions are more similar now, sendmail is configurable via parameter `mailcmd`, etc); added test covering sendmail-whois-lines	6 years ago
sebres	3d04a99d25	fail2ban-regex: (verbose only) avoid errors by dump of real options (if filter doesn't have some optional parameter, like `datepattern`)	6 years ago
sebres	809e7c4e82	Merge pull request #2264 from girst/0.11 (rebased to 0.10)	6 years ago
girst	a7dc3614c4	znc-adminlog: use `<ADDR>` instead of `<HOST>`	6 years ago
girst	b288ccd6b6	new filter: znc-adminlog	6 years ago
sebres	326f5d4e3f	Merge fix of gh-2390	6 years ago
sebres	4c81338944	update ChangeLog (gh-2390)	6 years ago
sebres	22b9304562	action.d/badips.py: fix start of banaction on demand (which may be IP-family related), supplied action info with ticket instead of simulating it with dict; (closes gh-2390)	6 years ago
sebres	9e44c30659	systemd-backend: switched default flags to SYSTEM_ONLY(4), that avoid to open the user session files, so can prevent "Too many open files" errors (like gh-2208) on a lot of user sessions; (following Orion's proposal in gh-2392)	6 years ago
sebres	2725acb64b	amend to 809acb69e5928c0e678ad25b43e53b567cb23a3b: extended to avoid the vice versa race (too many outdated tickets to unban) - max count of outdated tickets is restricted also.	6 years ago
sebres	3326ec95ce	small amend (preparing to merge in 0.11): more precise test and avoid "expired bantime" (in 0.11)	6 years ago
sebres	93727abeb8	cherry-pick with_alt_time helper decorator from 0.11	6 years ago
sebres	809acb69e5	stability: avoid race condition - no unban if the bans occur continuously (e. g. banning action too slow, so new bans found each time during the default sleeptime); now unban will happen not later than 10 tickets get banned regardless there are still active bans available (precedence of ban is 10 now); closes gh-2410	6 years ago
sebres	e5ae113215	filter.d/postfix.conf: extended with new postfix filter mode `errors` to match "too many errors" (gh-2439), also included within modes `normal`, `more` (`extra` and `aggressive`), since postfix parameter `smtpd_hard_error_limit` is default 20 (additionally consider `maxretry`)	6 years ago
sebres	3b2f75414c	filter.d/postfix.conf: extended regexp's to accept variable suffix code in status of postfix for precise messages (gh-2442)	6 years ago
sebres	8da9bfb83a	Update ChangeLog (gh-2302, rebased to 0.10)	6 years ago
Sergey G. Brester	7dbd3a07eb	cut comment to limit documented on abuseipdb, additionally use curl in quiet mode	6 years ago
Carlos Ferreira	7b73cb7639	Switch to AbuseIPDB API v2	6 years ago
sebres	2e51897d7a	small amend to `feba50e3c2` (typo fixed)	6 years ago

1 2 3 4 5 ...

4805 Commits (50595b70fd4e2563ba816acf4877775eda36e248) All Branches Search

4805 Commits (50595b70fd4e2563ba816acf4877775eda36e248)

All Branches