github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
4,149 Commits
34 Branches
229 Tags
21 MiB
Commit Graph

4149 Commits (546cd55342cdb45a46e7e52eccbd1d4139b87f73)

Author SHA1 Message Date
sebres 546cd55342 Merge branch 'master' into 0.10 2017-07-03 13:02:25 +02:00
Serg G. Brester d05d9f4c28 Merge pull request #1816 from sebres/fix-gh-1302 
filter.d/asterisk.conf - fixed failregex AMI Asterisk authentification failed
 2017-07-03 12:59:46 +02:00
sebres a1d0633e69 filter.d/asterisk.conf - fixed failregex AMI Asterisk authentification failed (see gh-1302): 
- optional space between NOTICE and pid;
- optional part "Host " before IP-address;
 2017-07-03 12:57:28 +02:00
sebres 33fcf8d809 Merge branch 'master' into 0.10 2017-07-03 12:43:48 +02:00
sebres 9f55ed86df fixed testCymruInfoNxdomain (since cymru does not provide ASN mapping info for "10.0.0.0" anymore) 2017-07-03 12:41:54 +02:00
Serg G. Brester 1307e0a5b9 Merge pull request #1760 from szepeviktor/patch-12 
Courier may complain about the method only
 2017-07-03 12:00:36 +02:00
Serg G. Brester 205edff65d Merge pull request #1690 from chtheis/master 
#1689: Make lowest rule number in action.d/bsd-ipfw.conf configurable
 2017-07-01 17:16:50 +02:00
Serg G. Brester f27e053592 Update bsd-ipfw.conf 
increased starting rule number (lowest_rule_num = 111)
 2017-07-01 17:10:53 +02:00
Serg G. Brester 001c0898d6 Merge branch 'master' into master 2017-06-30 18:07:38 +02:00
Serg G. Brester 6110ba9cc3 filter.d/proftpd.conf: added option `journalmatch` for systemd backend (closes gh-1613) 2017-06-30 18:00:01 +02:00
sebres 5974b0fb35 amend to merge PR gh-1783: restores lost entry `journalmatch` for `filter.d/roundcube-auth.conf` 2017-06-26 11:32:34 +02:00
sebres 37ca4f17c2 filter.d/roundcube-auth.conf: added missing entry `journalmatch` from original gh-1783. 2017-06-26 11:24:10 +02:00
Serg G. Brester 986dd3107d Merge branch '0.10' into patch-12 2017-06-19 18:37:28 +02:00
Serg G. Brester f3ba66d1c6 Merge pull request #1783 from weberhofer/0.10 
filter.d/roundcube-auth.conf: Fixed failregex when logging errors to journal instead to a local file.
Additionally fixes more complex injections on username.
 2017-06-19 18:34:08 +02:00
sebres 9b0f39a17d ChangeLog updated 2017-06-19 18:12:37 +02:00
sebres d3ae70beb6 filter.d/roundcube-auth.conf: Use the same filter-file and jail also when logging errors to journal instead to a local file. 
Additionally fixes more complex injections on username.
 2017-06-19 18:12:13 +02:00
Johannes Weberhofer 691c080dc7 Added roundcube authentication filter, new jail and log-examples 2017-06-19 16:52:42 +02:00
Serg G. Brester 3294840c2a Merge pull request #1801 from jeaye/postfix-updates 
filter.d/postfix.conf: update to the latest postfix logging format
 2017-06-19 16:44:37 +02:00
Serg G. Brester efeca8fdeb postfix.conf: removes unneeded end-anchoring like `.*$`, etc. 
also removes several dynamic content at end, which are of no avail there.
Additionally normalizes optional part (mail-ID) after reason number.
 2017-06-19 16:25:46 +02:00
Serg G. Brester bb283776d7 Merge pull request #1807 from sebres/fix-gh-1806 
bug-fix: restoring of tickets from database for jails with persistent ban
 2017-06-15 18:42:39 +02:00
sebres fd32e908e3 fixes restoring of tickets from database for jails with persistent ban (if `bantime = -1`) 2017-06-15 18:28:37 +02:00
sebres dcdf677438 Merge remote-tracking branch 'master' into 0.10 2017-06-15 11:49:51 +02:00
Serg G. Brester d54c40bba5 Merge pull request #1805 from sebres/fix-gh-1790 
filter.d/apache-overflows.conf: rewritten without end-anchor ($)...
 2017-06-15 11:48:45 +02:00
sebres e1234a5249 ChangeLog update 2017-06-15 11:47:16 +02:00
sebres 2b358bc1a4 filter.d/apache-overflows.conf: rewritten without end-anchor ($), because apache-log could contain very long URLs (and/or referrer), the parsing of it anchored way may be very vulnerable (at least as regards the system resources, see gh-1790). 2017-06-15 11:16:19 +02:00
jeaye 6f3d425c4d
Update postfix filters and tests 2017-06-12 18:56:19 -07:00
sebres bbea73d79d Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10 2017-06-12 13:11:45 +02:00
Serg G. Brester 1e5e0722f3 Merge pull request #1792 from gracinet/1773_logtimezone 
New logtimezone jail option, zone abbreviations, new date-pattern tokens %Exz, %ExZ
 2017-06-12 12:32:44 +02:00
Serg G. Brester 23c2d05250 Update changelog (new enhancements from gh-1792) 2017-06-09 20:51:28 +02:00
Georges Racinet 12259bb3c7 man and ChangeLog for logtimezone 2017-06-09 20:39:03 +02:00
sebres 030f89bf7a Implemented zone abbreviations (DST, etc.) and abbr+-offset functionality (accept zones like 'CET+0100'), for the list of abbreviations see strptime.TZ_STR; 
Tokens `%z` and `%Z` are more precise now;
Introduced new tokens `%Exz` and `%ExZ` that fully support zone abbreviations and/or offset-based zones;

# TODO: because python currently does not support mixing of case-sensitive with case-insensitive matching,
#       check how TZ (in uppercase) can be combined with %a/%b etc. (that are currently case-insensitive),
#       to avoid invalid date-time recognition in strings like '11-Aug-2013 03:36:11.372 error ...'
#       with wrong TZ "error", which is at least not backwards compatible.
#       Hence %z currently match literal Z|UTC|GMT only (and offset-based), and %Exz - all zone abbreviations.
 2017-06-09 20:29:34 +02:00
sebres 39c4acf6bd small amend white-spaces (no functional changes) + a bit optimized `zone2offset` 2017-06-09 15:52:14 +02:00
sebres 9f41d1e381 Normalize zone2offset (usable within reGroupDictStrptime), tests simplified and extended with more cases (covers precedence of input-zone over default, etc.) 2017-06-09 14:55:44 +02:00
sebres 8cb4ae0242 Code review and small optimizations, prepared to provide offset-based time zones for date-detectors (parsing of input-string) 2017-06-09 13:55:30 +02:00
Serg G. Brester d56554ecf3 Merge pull request #1688 from felixonmars/arch-config 
Add a path configuration for Arch Linux
 2017-06-06 10:55:13 +02:00
Serg G. Brester 5482e0bbe7 Merge pull request #1794 from szepeviktor/patch-15 
fixed grep pattern: escape dot-char in search-IP and more restrictive boundaries (IPv6-capability)
 2017-05-31 19:05:43 +02:00
Serg G. Brester 08591a52a4 Merge pull request #1796 from peternowee/fix-dovecot-empty-user 
dovecot: revert `<[^>]+>` back to `<[^>]*>` - allows empty user again [mistakenly changed in 5678d08]
 2017-05-31 19:03:34 +02:00
Peter Nowee b93e47b12f
dovecot: Match also when user field is empty 
Commit 5678d08 of 2016-11-26 changed:

    ( user=<\S*>,)?

to:

    ( user=<[^>]+>,)?

The change from `*` (zero or more times) to `+` (one or more times) may
not have been intended. It will miss lines containing, for example:

    Aborted login (tried to use disallowed plaintext auth): user=<>

This commit reverts the `+` back to `*`.
 2017-05-31 15:54:30 +02:00
Serg G. Brester 5214c1c5d1 Update changelog (gh-1455) 2017-05-30 20:31:48 +02:00
Marcel Bischoff 228d25c548 Update Kerio Connect filter (#1455) 
* Update Kerio Connect filter

Fixed regex for some log entries that did not get recognized and some additional error formats are added.

* Add missing colon, GitHub address

* Add filter tests

* Add missing test
 2017-05-30 20:27:44 +02:00
Serg G. Brester 80cc47b75f Update helpers-common.conf 
fixed grep pattern: escape dot-char in search-IP and more restrictive boundaries (IPv6-capable)
 2017-05-30 09:14:43 +02:00
Viktor Szépe 5bb6be0163 IPv6 address may overlap 2017-05-30 02:05:38 +02:00
Georges Racinet e8f2173904 New logtimezone jail option 
This new option allows to force the time zone on log lines
that don't bear a time zone indication (GitHub issue #1773), so it behaves
actually with respect to log line contents as a default time zone.

For the time being, only fixed offset timezones (UTC or UTC[+-]hhmm) are
supported, but the implementation is designed to later on treat the case
of logical timezones with DST, e.g., Europe/Paris etc.

In particular, the timezone name gets passed all the way to the strptime
module, and the resulting offset is computed for the given log line, even
though for now, it doesn't actually depend on it.

Also, the DateTemplate subclass gets to choose whether to use it or not.
For instance, it doesn't make sense to apply a time zone offset to
Unix timestamps.

The drawback is to introduce an API change for DateTemplate. I hope it's
internal enough for that not being a problem.
 2017-05-23 17:39:37 +02:00
sebres 2b08847f3a Reintegrate 'master' into 0.10 (merge point) + small code review 2017-05-19 16:32:13 +02:00
sebres c7ddf1f940 [systemd-backend] implicit closing journal descriptor by stop filter. 
Partially cherry-picked from 0.10 (d153555a07)
 2017-05-19 15:36:06 +02:00
sebres ae0f0d2ec0 Merge branch 'fix-pyinotify-dir-rotate' into 0.10 2017-05-19 13:39:19 +02:00
sebres 96c3b06abb amend to #1778: repair notifier wait-cycle (too long timeout in polling, too late check for pending files, too long stop) 2017-05-19 13:26:16 +02:00
sebres 9b83a3128d code review, try to increase coverage 2017-05-17 12:23:28 +02:00
Serg G. Brester 17b0945a70 Update ChangeLog 2017-05-16 09:43:52 +02:00
Serg G. Brester a73b0c0064 Merge pull request #1778 from sebres/fix-pyinotify-dir-rotate 
Fix pyinotify directory-based log-rotate
 2017-05-16 09:41:09 +02:00