sebres
52399e6ef1
amend to #2351 : providing the attempt via fail2bans protocol (Pickle, client command, etc) must follow ignore facilities (shall be ignored if matches ignoreip, ignoreself, ignorecommand etc)
2025-08-26 18:03:46 +02:00
sebres
c9e1a1b087
silence warning "Unknown distribution option: 'test_suite'", seems not work anymore (2.x only?) - test suite shall be invoked using `bin/fail2ban-testcases`
2025-08-23 22:22:20 +02:00
sebres
a055568500
GHA: update python 3.14.0-rc.2
2025-08-23 22:10:55 +02:00
sebres
0265df854e
silence skipping tests output for python versions that basically can not have the modules
2025-08-23 22:00:03 +02:00
sebres
a3d181c973
`filter.d/dovecot.conf`: new matches in `aggressive` mode:
...
- new variant for `no auth attempts in X secs` with `Login aborted` and `(no_auth_attempts)`;
- covered `disconnected during TLS handshake` with `no application protocol` and `no shared cipher`.
2025-08-23 20:22:08 +02:00
sebres
002719dca4
ChangeLog update
2025-08-23 20:18:59 +02:00
sebres
c26fda9dbb
`filter.d/dovecot.conf`: new matches in `aggressive` mode:
...
- new variant for `no auth attempts in X secs` with `Login aborted` and `(no_auth_attempts)`;
- covered `disconnected during TLS handshake` with `no application protocol` and `no shared cipher`.
2025-08-23 20:16:40 +02:00
sebres
bdb5d99906
Log `Repeal Ban` instead of `Unban` on stop action, jail or fail2ban, because the tickets are "unbanned" temporary (till restart);
...
closes gh-4057
2025-08-19 11:37:01 +02:00
sebres
4e22c20559
fixes `ignoreip` prefix `file://` - it shall resolve absolute file name (starting with `/`) unless it starts with `./`;
...
relative paths are based relative the working dir;
to use it relative current config root (normally `/etc/fail2ban`), one can use interpolation `%(fail2ban_confpath)s`, e.g.:
file://%(fail2ban_confpath)s/ignore-ipaddr-file
2025-08-12 23:46:10 +02:00
sebres
3ce6f344e3
fixes beautifier `get` `ignoreip` (explicit convert to string)
2025-08-12 23:26:42 +02:00
Sergey G. Brester
bf4903538d
update ChangeLog (enhancement from #3291 )
2025-08-08 10:29:02 +02:00
Sergey G. Brester
77ba28bae1
Merge pull request #3291 from ttyS4/patch-1
...
nftables.conf - add support for cidr notation and address ranges
2025-08-08 10:23:08 +02:00
Sergey G. Brester
dc3268ce5d
servertestcase.py: adjust test coverage
2025-08-08 10:16:01 +02:00
Sergey G. Brester
eb80b895d1
provides flags interval as `addr_options` now
2025-08-08 10:10:40 +02:00
Bill
6120a731d9
update nginx limit-req filter again ( #4048 )
...
amend to #4047 - removes unused ngx_limit_con_zones parameter.
2025-08-04 21:16:26 +02:00
Sergey G. Brester
e16e982a45
Merge pull request #4047 from billfor/nginx
...
Update nginx-limit-req filter (extended to ban hosts failed by limit connection in ngx_http_limit_conn_module);
closes gh-3674
2025-08-04 11:34:35 +02:00
Sergey G. Brester
dd58d440bc
Update ChangeLog
2025-08-04 11:32:10 +02:00
Sergey G. Brester
e6516fd2b3
combine 2 REs to single regex
...
closes gh-3674
2025-08-04 11:24:51 +02:00
bill
0a91bf69a5
add filter for delayed requests and connection limiting
2025-08-04 00:27:45 -04:00
sebres
d86a7aecca
amend to #3979 : removed mistaken double pipes in group matches
2025-07-31 17:38:28 +02:00
sebres
ff3eca1d61
* Merge pull request #3527 from vafgoettlich/master
...
(partial merge, only postfix-backend)
2025-07-24 11:17:05 +02:00
sebres
0b255a8723
Merge pull request #3527 from vafgoettlich/master
...
(partial merge, only postfix-backend)
2025-07-24 11:14:03 +02:00
Sergey G. Brester
793d0c6555
Merge pull request #4037 from kusaka-0107/fix/asterisk-conf-regex
...
filter.d/asterisk: fix regex to match "No matching endpoint found" with retry info (like `after X tries in Y ms`)
2025-07-20 15:17:17 +02:00
Sergey G. Brester
7bb86822d0
Update ChangeLog
2025-07-20 15:15:38 +02:00
Sergey G. Brester
6d3bfa8781
revert RE back, but relive the end-anchor a bit (ignore any text without single quote, so also preventing false match by injection on foreign data)
2025-07-20 15:04:15 +02:00
177ac
b309cf6b3c
Add test line
2025-07-20 18:06:33 +09:00
177ac
e97df4672a
filter.d/asterisk: fix regex to match "No matching endpoint found" with retry info
2025-07-20 18:05:35 +09:00
sebres
1c2ace2958
GHA: update python 3.14.0-beta.4
2025-07-13 01:08:50 +02:00
sebres
b710d5b6c7
`filter.d/sendmail-reject.conf` - also recognize "Domain of sender address ... does not resolve";
...
closes gh-4035
2025-07-13 01:03:53 +02:00
sebres
dc899e438f
avoid error "Unable to get failures" by stop (if file gets removed from filter, but filter already entered getFailures for the file);
...
closes gh-4032
2025-07-07 01:04:35 +02:00
sebres
86b9adb2f5
workflows/publish.yml: amend (allow manual trigger for publishing)
2025-06-16 22:09:46 +02:00
sebres
85faeab644
workflows/publish.yml: flow to publish package on pypi
2025-06-16 21:55:58 +02:00
Sergey G. Brester
9ef134c17d
Merge pull request #4016 from nabbi/dovecot-2.4
...
add Dovecot 2.4 support
2025-06-15 18:09:40 +02:00
Sergey G. Brester
8a4f373617
integrate new RE in already existing (combine new and old format)
2025-06-15 18:07:43 +02:00
Nic Boet
646832d5bd
dovecot 2.4 into changelog
...
Signed-off-by: Nic Boet <nic@boet.cc>
2025-06-13 17:00:47 -05:00
Nic Boet
04ff4c060c
Dovecot 2.4 filter support
...
Dovecot 2.4 release is a major upgrade
Logger event structure has changed, all messages are now
prefixed with:
"Login aborted: " <reason> "auth failed"
Maintain 2.3 support as many folks have yet to migrate,
community edition is still receiving cretial security patches
Dovecot 2.4.1
Python 3.12.10
Signed-off-by: Nic Boet <nic@boet.cc>
2025-06-13 16:44:57 -05:00
Sergey G. Brester
cfa3356e0f
Merge pull request #4001 from sebres/f2b-regex--inverted-out
...
fail2ban-regex: new feature `-i` or `--invert` to output not-matched lines by `-o` or `--out`
2025-06-03 22:23:19 +02:00
sebres
4254d6bcd3
man and changelog
2025-06-03 22:19:54 +02:00
Sergey G. Brester
afe9bc08ec
Merge pull request #4006 from pzl/smtp-py-wrap
...
Line-wrap long messages in smtp.py
2025-06-02 12:40:45 +02:00
pzl
a5d7127109
construct smtp.py email wrap long lines
...
RFC 5322 2.1.1 requires <=998 chars per line.
If matches are included, and are very long lines,
the email will be rejected. Constructing the mail
as a message instead of a subpart (mimetext) fixes this
2025-05-20 14:55:03 -04:00
sebres
cca2de984f
fail2ban-regex: implemented new feature `-i` or `--invert` - inverting the sense of matching, to output non-matching lines.
2025-05-06 18:15:05 +02:00
Sergey G. Brester
f7aaaf50b8
`filter.d/exim.conf`: colon must be outside of F-RCPT group
2025-04-27 23:00:09 +02:00
sebres
f0a083449a
coverage for non zero journalflags
2025-04-24 00:12:26 +02:00
sebres
9ecf6150c8
increase max wait time a bit - some (systemd) tests may fail occasionally in fast mode
2025-04-24 00:11:45 +02:00
sebres
cbc3cb431c
amend to a0093b557e
(systemd-review): flags cannot be specified simultaneously with files too;
2025-04-24 00:04:37 +02:00
Sergey G. Brester
d731b385f9
Merge pull request #3909 from avcbvamorec/patch-1
...
Enhancement on iptables: allow bans to be effective on multiple chains at the same time
2025-04-17 12:46:51 +02:00
Sergey G. Brester
52d239483d
typo
2025-04-16 17:18:36 +02:00
sebres
0d4a926029
ChangeLog (enhancement and compat entries)
2025-04-16 17:13:58 +02:00
sebres
cbe14c70c5
iptables.conf rewritten to affect all derivative actions (multiple chains are also supported by `iptables-ipset` etc);
...
iptables-xt_recent-echo.conf adjusted to be compatible to new syntax of inherited iptables.conf;
test coverage fixed to new handling
2025-04-16 16:56:46 +02:00
Arnaud
37f72f88ef
Reverting chains to chain in order to preserve backward compatibilityu
...
backing to the option named "chain", using "iteredchain" a new variable to iterate over.
2025-04-16 16:06:29 +02:00