Sergey G. Brester
7bbc26d67e
Merge pull request #2097 from benrubson/sni
...
Detect Apache SNI error / misredirect attempts
2018-04-04 16:31:38 +02:00
Sergey G. Brester
28ae32f0ca
Update ChangeLog
2018-04-04 16:31:14 +02:00
sebres
e786dbf132
New logging parameter `padding`, default enabled, excepting the SYSLOG (for backwards compatibility purposes);
...
Closes gh-2099.
2018-04-03 17:58:17 +02:00
sebres
8423f017e7
Merge branch 'sshd-ddos-mode-closed-preauth' into 0.10
2018-04-03 14:12:35 +02:00
sebres
4ee07adde6
Merge branch '0.10' into fix-sshd-filter-suff
...
# Conflicts resolved:
# fail2ban/server/filter.py
2018-04-03 13:30:57 +02:00
sebres
e5735b9951
ChangeLog updated
2018-03-20 18:54:25 +01:00
sebres
ed7d5d8ea1
ChangeLog updated
2018-03-20 16:04:42 +01:00
sebres
66d2436f21
filter.d/sshd.conf: extend suffix with optional port, move it to `prefregex` at end outside of the content
2018-03-19 16:50:49 +01:00
sebres
8763cf0a36
ChangeLog updated
2018-03-19 14:26:51 +01:00
sebres
a6fb33bdec
filter.d/recidive.conf: fixed if logging into systemd-journal (SYSLOG) with daemon name in prefix, gh-2069
2018-03-09 13:56:38 +01:00
Sergey G. Brester
b16aafe233
Update ChangeLog
2018-03-05 19:42:05 +01:00
sebres
a3bcbe2d1b
backwards-compatibility, test-cases and ChangeLog update
2018-03-02 19:15:10 +01:00
sebres
1d7aa2ff21
filter.d/sshd.conf: rewrite fix (for new ssh log-format) backwards compatible + test-cases extended to cover both cases
2018-03-02 18:17:17 +01:00
sebres
8c291cad38
filter.d/asterisk.conf: fixed failregex prefix by log over remote syslog server (gh-2060)
2018-03-02 09:17:04 +01:00
Ben RUBSON
b112250ef0
(Free)BSD IPFW does not allow 2 identical rules ( #2054 )
...
ipfw actionban fixed to allow same rule added several times (and actionunban to ignore error by deletion of missing rule)
2018-02-27 10:18:59 +01:00
Ben RUBSON
857767f04b
Add 'any' badips.py bancategory ( #2056 )
...
action.d/badips.py: allow `any` as bancategory to retrieve IPs from all categories
2018-02-27 10:12:22 +01:00
sebres
07fcb24ff6
Merge pull request #2057 from benrubson/https
...
Use httpS with badips
2018-02-26 18:50:35 +01:00
benrubson
8ed892b8bb
Changelog
2018-02-26 16:15:29 +01:00
benrubson
9a8add0ef0
changelog
2018-02-26 10:28:51 +01:00
Sergey G. Brester
879f580c9a
Update ChangeLog
2018-02-19 15:59:45 +01:00
Sergey G. Brester
3a1c386958
Update ChangeLog
2018-01-31 12:18:56 +01:00
sebres
9a38d5697f
bump version (0.10.2 -> 0.10.3.dev1)
2018-01-18 16:40:48 +01:00
sebres
a45488465e
prepare release: bump version, update ChangeLog, man's and MANIFEST etc.
2018-01-18 14:49:01 +01:00
sebres
81b61fe30c
ChangeLog update
2018-01-18 14:19:55 +01:00
sebres
ed22ddbbbb
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2018-01-17 16:42:56 +01:00
Benedikt Seidl
fed6c49c2d
nginx-http-auth: match usernames with spaces
...
# Conflicts:
# ChangeLog
2018-01-17 16:35:31 +01:00
sebres
2b7b0da943
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2018-01-15 18:16:43 +01:00
sebres
1c0fc73e48
Update ChangeLog
2018-01-11 10:27:38 +01:00
sebres
314e402fe0
filter.d/sendmail-auth.conf - extended daemon for Fedora 24/RHEL - the daemon name is "sendmail" (gh-1632)
2018-01-10 14:49:06 +01:00
sebres
c30144b37a
Merge branch '0.9' into 0.10
...
# Conflicts:
# config/action.d/firewallcmd-ipset.conf
# config/filter.d/asterisk.conf
# Merge-point after cherry-pick, no changes:
# fail2ban/client/jailreader.py
# fail2ban/helpers.py
2018-01-10 12:05:26 +01:00
Serg G. Brester
029cd5aa24
Update ChangeLog
2018-01-10 11:47:59 +01:00
Danila Vershinin
c190631f88
New ban action firewallcmd-ipset-allports. Closes #1167
2018-01-10 10:58:01 +01:00
Serg G. Brester
f7e2d3610b
Update ChangeLog
2018-01-09 21:19:01 +01:00
Serg G. Brester
2d23f35d26
Update ChangeLog
...
typo: missing newline restored.
2017-12-21 22:50:54 +01:00
sebres
79443210ad
Update ChangeLog
2017-12-21 22:49:57 +01:00
Serg G. Brester
ad658a0a95
Merge pull request #1989 from sebres/logging-options
...
New server logging options
2017-12-06 00:07:51 +01:00
sebres
cc9ff31c9c
Update ChangeLog: `action.d/firewallcmd-ipset.conf`: fixed create of set for ipv6 (missing `family inet6`, gh-1990)
2017-12-05 23:35:34 +01:00
sebres
f9833ddee4
Update ChangeLog
2017-12-05 18:55:47 +01:00
Serg G. Brester
b0ba1aa846
Update ChangeLog
2017-12-05 16:24:04 +01:00
sebres
7f89fbc33f
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2017-12-01 15:53:11 +01:00
Peter Nowee
e4bbaf3d58
Update ChangeLog
2017-12-01 15:01:48 +01:00
sebres
5547697401
ChangeLog and typo
2017-12-01 10:16:14 +01:00
sebres
b62ab2d51e
ChangeLog updated
2017-11-28 13:46:57 +01:00
sebres
6db9ae8574
ChangeLog updated
2017-11-26 23:35:11 +01:00
sebres
159957ab88
filter.d/sshd.conf: extended failregex for modes "extra"/"aggressive": now finds all possible (also future) forms of "no matching (cipher|mac|MAC|compression method|key exchange method|host key type) found", see "ssherr.c" for all possible SSH_ERR_..._ALG_MATCH errors;
...
obsolete (multi-line buffered) variant extended also.
Closes gh-1943, gh-1944
2017-11-23 22:21:42 +01:00
Serg G. Brester
ee80c52430
Update ChangeLog
2017-11-03 14:15:54 +01:00
Serg G. Brester
4d10c615c4
Update ChangeLog
...
typo
2017-11-03 14:05:17 +01:00
Serg G. Brester
8b26fd2778
Update ChangeLog
2017-11-03 14:03:47 +01:00
Serg G. Brester
1a8fb6290d
Merge pull request #1926 from sebres/0.10-pf-actionflush
...
action.d/pf.conf: wildcard anchoring example + bulk-unban with command `actionflush`
2017-10-19 16:35:46 +02:00
sebres
0e66e3cc57
Merge branch 'master' into 0.10
...
# Conflicts:
# config/filter.d/asterisk.conf
2017-10-18 19:00:23 +02:00
Serg G. Brester
d81405adbc
Update ChangeLog
...
typo
2017-10-18 18:52:55 +02:00
Serg G. Brester
b6ab0aa83f
Update ChangeLog
...
more detailed entry
2017-10-18 18:52:12 +02:00
Michael Newton
894a05b843
Update ChangeLog
2017-10-18 09:26:51 -07:00
sebres
a1b863fcf6
action.d/pf.conf: extended with bulk-unban, command `actionflush` in order to flush all bans at once (by stop jail, resp. shutdown of fail2ban)
2017-10-17 20:12:48 +02:00
sebres
3c4910a3e2
ChangeLog entry + note for possible incompatibility.
2017-10-17 16:06:39 +02:00
sebres
028f32b74b
bump version (0.10.1 -> 0.10.2.dev1)
2017-10-12 14:00:41 +02:00
sebres
351abeb4ff
prepare release: bump version, update ChangeLog, man's and MANIFEST etc.
2017-10-12 13:46:46 +02:00
sebres
e71f16f6ba
Merge branch 'master' into 0.10
...
# Conflicts resolved:
# config/filter.d/dovecot.conf
2017-10-04 09:57:18 +02:00
sebres
ea36e1b3fc
filter.d/dovecot.conf: fixed failregex to recognize pam_authenticate failures with "Permission denied" (gh-1897)
2017-10-04 09:55:37 +02:00
sebres
8c804a2290
Merge branch 'master' into 0.10
...
# Conflicts resolved:
# config/filter.d/postfix-rbl.conf
# config/filter.d/postfix-sasl.conf
# config/filter.d/postfix.conf
# fail2ban/tests/files/logs/postfix-sasl
2017-10-02 15:41:30 +02:00
sebres
a2120a9de5
filter.d/postfix-*.conf - added optional port regex (closes gh-1902)
2017-10-02 15:31:55 +02:00
Serg G. Brester
6149df5216
Update ChangeLog
2017-09-12 09:27:16 +02:00
Louis Sautier
152c9d27d5
Fix nftables actions for IPv6 addresses, fixes #1893
...
* add [Init?family=inet6] to nftables-common.conf and make nftable
expressions more modular
* change "ip protocol" to "meta l4proto" in nftables-allports.conf
since the former only works for IPv4
2017-09-11 23:32:53 +02:00
Serg G. Brester
72ad904f58
Update ChangeLog
2017-09-11 12:22:43 +02:00
Louis Sautier
2ce0ffb977
Fix Gentoo init script's shebang
...
Use openrc-run instead of runscript.
5d5856c193
2017-09-11 12:19:33 +02:00
Serg G. Brester
8be4569d51
Update ChangeLog
...
several fixes of 0.10th branch
2017-09-08 11:32:08 +02:00
sebres
b185e7cb04
Merge remote-tracking branch 'upstream/master' into 0.10
2017-09-08 11:11:05 +02:00
Serg G. Brester
983b128c54
Update ChangeLog
...
several fixes of 0.9th branch
2017-09-08 11:07:48 +02:00
Serg G. Brester
a287d0a05c
Merge pull request #1872 from kmzby/master
...
Added filter for phpMyAdmin+syslog
2017-08-25 12:22:58 +02:00
Pavel Mihadyuk
5b4bc2aafd
Added filter for phpMyAdmin+syslog (>=4.7.0). Closes #1713
2017-08-22 18:20:01 +03:00
sebres
1d5fbb95ae
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2017-08-18 15:44:22 +02:00
sebres
3be32adefb
Replace not posix-compliant grep option: fgrep with `-q` option can cause 141 exit code in some cases (see gh-1389).
2017-08-18 14:37:29 +02:00
sebres
19e59fff3e
ChangeLog: added incompatibility list (compared to v.0.9)
2017-08-16 15:38:44 +02:00
sebres
28076618fd
back to development edition: README.md, ChangeLog, version.py
2017-08-09 17:37:40 +02:00
sebres
c60784540c
version bump: release 0.10.0
2017-08-09 16:53:05 +02:00
sebres
30219b54c4
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2017-08-09 16:38:29 +02:00
Serg G. Brester
c540217844
Update ChangeLog
...
action.d/cloudflare.conf - Cloudflare API v4 implementation (gh-1651)
2017-08-09 16:34:37 +02:00
sebres
6f4fde2c29
Update changelog and man/jail.conf.5
2017-08-08 21:50:38 +02:00
sebres
51c54b3253
ChangeLog entry for 9a42ce12f4
2017-08-08 13:04:36 +02:00
sebres
a12ac4242b
ChangeLog updated
2017-07-12 11:59:42 +02:00
sebres
c9385a2e04
ChangeLog updated
2017-07-11 15:28:04 +02:00
sebres
ea3a6aa971
ChangeLog updated
2017-07-11 15:02:59 +02:00
sebres
e26cc5de45
restore backwards compatibility (jail postfix-sasl); changelog update
2017-07-11 11:57:48 +02:00
sebres
546cd55342
Merge branch 'master' into 0.10
2017-07-03 13:02:25 +02:00
sebres
a1d0633e69
filter.d/asterisk.conf - fixed failregex AMI Asterisk authentification failed (see gh-1302):
...
- optional space between NOTICE and pid;
- optional part "Host " before IP-address;
2017-07-03 12:57:28 +02:00
sebres
33fcf8d809
Merge branch 'master' into 0.10
2017-07-03 12:43:48 +02:00
Serg G. Brester
001c0898d6
Merge branch 'master' into master
2017-06-30 18:07:38 +02:00
Serg G. Brester
986dd3107d
Merge branch '0.10' into patch-12
2017-06-19 18:37:28 +02:00
sebres
9b0f39a17d
ChangeLog updated
2017-06-19 18:12:37 +02:00
Serg G. Brester
3294840c2a
Merge pull request #1801 from jeaye/postfix-updates
...
filter.d/postfix.conf: update to the latest postfix logging format
2017-06-19 16:44:37 +02:00
sebres
dcdf677438
Merge remote-tracking branch 'master' into 0.10
2017-06-15 11:49:51 +02:00
sebres
e1234a5249
ChangeLog update
2017-06-15 11:47:16 +02:00
jeaye
6f3d425c4d
Update postfix filters and tests
2017-06-12 18:56:19 -07:00
sebres
bbea73d79d
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2017-06-12 13:11:45 +02:00
Serg G. Brester
23c2d05250
Update changelog (new enhancements from gh-1792)
2017-06-09 20:51:28 +02:00
Georges Racinet
12259bb3c7
man and ChangeLog for logtimezone
2017-06-09 20:39:03 +02:00
Serg G. Brester
5214c1c5d1
Update changelog (gh-1455)
2017-05-30 20:31:48 +02:00
sebres
2b08847f3a
Reintegrate 'master' into 0.10 (merge point) + small code review
2017-05-19 16:32:13 +02:00
sebres
c7ddf1f940
[systemd-backend] implicit closing journal descriptor by stop filter.
...
Partially cherry-picked from 0.10 (d153555a07
)
2017-05-19 15:36:06 +02:00
Serg G. Brester
17b0945a70
Update ChangeLog
2017-05-16 09:43:52 +02:00