github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
4,814 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

4814 Commits (54298fe7614b2b05f2d966a2fcd2733f623fbd2c)

Author SHA1 Message Date
sebres 3326ec95ce small amend (preparing to merge in 0.11): more precise test and avoid "expired bantime" (in 0.11) 2019-06-11 15:50:29 +02:00
sebres 93727abeb8 cherry-pick with_alt_time helper decorator from 0.11 2019-06-11 15:50:27 +02:00
sebres 809acb69e5 stability: avoid race condition - no unban if the bans occur continuously (e. g. banning action too slow, so new bans found each time during the default sleeptime); 
now unban will happen not later than 10 tickets get banned regardless there are still active bans available (precedence of ban is 10 now);
closes gh-2410
 2019-06-11 14:37:10 +02:00
sebres e5ae113215 filter.d/postfix.conf: extended with new postfix filter mode `errors` to match "too many errors" (gh-2439), 
also included within modes `normal`, `more` (`extra` and `aggressive`), since postfix
  parameter `smtpd_hard_error_limit` is default 20 (additionally consider `maxretry`)
 2019-06-07 16:14:02 +02:00
sebres 3b2f75414c filter.d/postfix.conf: extended regexp's to accept variable suffix code in status of postfix for precise messages (gh-2442) 2019-06-07 15:40:55 +02:00
sebres 8da9bfb83a Update ChangeLog (gh-2302, rebased to 0.10) 2019-06-07 14:47:43 +02:00
Sergey G. Brester 7dbd3a07eb cut comment to limit documented on abuseipdb, additionally use curl in quiet mode 2019-06-07 14:39:55 +02:00
Carlos Ferreira 7b73cb7639 Switch to AbuseIPDB API v2 2019-06-07 14:39:52 +02:00
sebres 2e51897d7a small amend to feba50e3c2 (typo fixed) 2019-06-04 20:40:48 +02:00
sebres feba50e3c2 fixed resolve of FQDN: resolve of an external IPs and name will be preferred before the local domain (or a loopback), see gh-2438 2019-06-04 19:46:42 +02:00
sebres 3b51c005f8 update ChangeLog (multi-line parsing fix, gh-2431) 2019-05-24 16:17:06 +02:00
sebres ffd366e17b Merge branch '0.9' into 0.10 2019-05-24 16:01:27 +02:00
sebres 83f626c4aa (grave) closes gh-2431: replace newlines in message from systemd journal (otherwise multi-line parsing is broken, because removal of matched string from multi-line buffer window is confused by extra new-lines, so they are retained and got matched on every followed message). 2019-05-24 15:53:16 +02:00
sebres 49bf6132cc amend for 3036ed18893b6aae6619e53201aa53deb701b94f: eliminate "invalid sequence" warnings 2019-05-14 21:40:33 +02:00
sebres 607e965e7b Merge branch 'sebres/0.10-travis-xenial' into 0.10: 
- multi-distribution (trusty & xenial);
- python 3.8 (and new python/pypy minor versions on xenial);
 2019-05-14 20:16:59 +02:00
sebres 08d2615020 small amend: review, simplification, etc 2019-05-14 20:04:44 +02:00
sebres 1cca374d04 .travis.yml: several distributions in matrix (trusty & xenial together) 2019-05-14 19:55:01 +02:00
sebres d310c4992f .travis.yml: coverage for python 3.8 (test with newest python/pypy versions) 2019-05-14 18:24:45 +02:00
sebres 3036ed1889 resolve deprecated syntax (eliminate "invalid sequence" warnings) 2019-05-14 18:22:55 +02:00
sebres 0426a24719 filter.d/postfix.conf: (closes gh-2426) filter extended to catch "5.1.1" (Recipient address rejected: User unknown in local recipient table) with RCPT (and some session-id instead of "NOQUEUE") 2019-05-14 15:27:20 +02:00
sebres 2b8e2707bb Merge pull request #2298 from chtheis/0.11 (rebased to 0.10) 2019-05-10 16:22:58 +02:00
sebres 4d08bc4ad5 update ChangeLog 2019-05-10 16:22:25 +02:00
sebres d8d71c5a22 action.d/helpers-common.conf: grep arguments are rewritten - using options `-wF` to match only whole words and fixed string (not as pattern) 2019-05-10 16:17:13 +02:00
chtheis fa727586ff Fix grep pattern to deal with Apache's error log 
Apache's error log appends the port to the IP address, other logs don't.
 2019-05-10 16:04:27 +02:00
sebres 23d2281e57 action.d/nginx-block-map.conf: small fix with better RE-rule for removal of ID (token/session) via sed (anchored now) 2019-05-02 15:22:45 +02:00
benrubson 5b2b680bfe SSHd add Bad protocol version message 2019-05-02 11:42:45 +02:00
Sergey G. Brester b318eb7e33
closes gh-2408: prevent execution of action `abuseipdb` for restored tickets 2019-04-29 10:45:37 +02:00
sebres 3d80e881c5 increase coverage (if python-systemd not available, so some tests may be skipped) 2019-04-26 13:29:19 +02:00
sebres cd32f4a132 amend to ec681a3363 (PR gh-2387): 
- specify default options (`logtype`) in default sections of filter-config (this allows to overwrite such options in Definition/Init sections within filter.local or includes also without setting that in the jail);
- fail2ban-regex: output real filter-options (after combine/interpolate) if verbose (`-vv`) or debug (`-l debug`).
 2019-04-26 12:49:03 +02:00
Sergey G. Brester 7c9c751eb6
Merge pull request #2247 from Holston5/Holston5/mysqld-auth.conf 
Update mysql logging command and fix mod_security filter
 2019-04-24 21:57:19 +02:00
Sergey G. Brester a7c48e7fe7 test case to cover two client entries message 2019-04-24 21:35:21 +02:00
Holston 422a2de7fe updated 2019-04-24 21:35:19 +02:00
Holston a581bf3f08 Fixed filter for Apache mod_security 2019-04-24 21:35:17 +02:00
Holston 5d6a84ba78 Updated to correct logging option 2019-04-24 21:35:15 +02:00
Sergey G. Brester d67e42efa2
Merge pull request #2402 from sebres/maxentries-mem-saving 
maxmatches: memory saving options
 2019-04-19 12:51:04 +02:00
Sergey G. Brester 7d6db7391e
Update ChangeLog 2019-04-19 12:50:35 +02:00
sebres 3e5b8fdc6a fixes coverage of dbmaxmatches = 0 2019-04-18 22:44:14 +02:00
sebres 46fc4c4615 protocol and documentation 2019-04-18 22:14:34 +02:00
sebres 4629e4320f coverage and code review 2019-04-18 21:48:58 +02:00
sebres 852cb0362c fix restoring of tickets from database if `maxmatches` of jail smaller as `dbmaxmatches` (so read fewer matches in memory): 2019-04-18 21:17:38 +02:00
sebres 25f1aa334e fail2ban.conf: move default settings into DEFAULT section (to be more similar to jail.conf, Definition section overwrites the options, so it is backwards compatible) 2019-04-18 20:53:11 +02:00
sebres 0386df0042 introduced new options: `dbmaxmatches` (fail2ban.conf) and `maxmatches` (jail.conf); 
setting `maxmatches` and `dbmaxmatches` to 0 saves memory usage and database size (closes gh-2118).
 2019-04-18 20:31:39 +02:00
sebres 1083788e70 small amend (rename maxEntries -> maxMatches for consistency reasons) 2019-04-18 19:50:48 +02:00
sebres 5df78ad11f fix corner cases by maxEntries = 0 (no matches should be saved), test cases extended to cover it + code review 2019-04-18 19:37:42 +02:00
sebres 5ebac4fe61 Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10 2019-04-18 15:38:06 +02:00
Sergey G. Brester 28c1da33dc
Merge pull request #2387 from sebres/logtype-option-journal 
New backend-related option `logtype` (`journal` or `file`)
 2019-04-18 13:27:42 +02:00
Sergey G. Brester d920dd4014
Update ChangeLog 2019-04-18 13:19:21 +02:00
Sergey G. Brester 4a2c564945
Merge pull request #2388 from cepheid666/0.10 
Update sendmail-reject with TLSMTA & MSA port IDs
 2019-04-04 02:55:59 +02:00
Sergey G. Brester ec9f698f5b
removed new-line 2019-04-04 02:55:09 +02:00
Sergey G. Brester c09ac8ebed
small amend (typo) 2019-04-04 02:53:18 +02:00