github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
3,702 Commits
32 Branches
229 Tags
17 MiB
Commit Graph

716 Commits (597a27576eae6294187c241854f7e813ef18ab38)

Author SHA1 Message Date
sebres 74c6f6ac4b BF: fail2ban-regex does not read '.local' file of given filter (gh-954) 2015-02-13 15:36:00 +01:00
Yaroslav Halchenko 3fb2becddb Merge pull request #949 from leeclemens/enh/configSyslogSocket 
Configure Syslog Socket Path (closes #814)
 2015-02-06 20:08:15 -05:00
Yaroslav Halchenko 119a7bbb16 Merge pull request #939 from szepeviktor/geoip 
Added sendmail-geoip-lines.conf
 2015-02-06 11:32:41 -05:00
Lee Clemens d676a9fd4f update ChangeLog with syslogsocket config enhancement 2015-02-05 23:48:18 -05:00
Yaroslav Halchenko 40068f5f31 Merge pull request #933 from mrc0mmand/nginx-botsearch 
Add jail nginx-botsearch and refactor common with apache-botsearch regexes into botsearch-common
 2015-02-04 09:27:43 -05:00
Yaroslav Halchenko eaca33e227 Merge branch 'enh/clarifyDnsUtilsMethods' of https://github.com/leeclemens/fail2ban 
* 'enh/clarifyDnsUtilsMethods' of https://github.com/leeclemens/fail2ban:
  Update ChangeLog
  Clarify filter.DNSUtils functions' terminology and add unittests

Conflicts:
	ChangeLog -- rephrased a bit as well
 2015-02-03 20:29:03 -05:00
Lee Clemens ed71a7cd22 Update ChangeLog 2015-02-03 20:23:25 -05:00
František Šumšal 9bd25f51c1 Added ChangeLog and THANKS entry 2015-02-04 02:19:15 +01:00
Lee Clemens 4091fdde27 Update ChangeLog from PR 930 2015-02-03 19:54:23 -05:00
Orion Poplawski e7ff7e90b7 [postfix-sasl] update regexes 
- Add : to match "SASL LOGIN authentication failed: Password:"
- Add ignoreregex to ignore system authentication issues:
  "warning: unknown[1.1.1.1]: SASL LOGIN authentication failed: Connection lost to authentication server"
- Add test log messages for both
 2015-02-03 11:30:16 -07:00
Yaroslav Halchenko 646c799231 Changelog for above merge 2015-02-02 21:46:38 -05:00
Yaroslav Halchenko 73af02ffc6 Merge pull request #940 from leeclemens/ENH/ApacheFakeGoogleBot 
New jail: apache-fakegooglebot
 2015-02-02 21:44:04 -05:00
Yaroslav Halchenko 7f2d1a7269 minor changelog entry reformatting 2015-02-02 21:37:24 -05:00
Yaroslav Halchenko 7ada96b4e9 Merge pull request #932 from opoplawski/dovecot 
Dovecot - dovecot auth failure from EL7
 2015-02-02 21:37:28 -05:00
Yaroslav Halchenko 8f6d9c6a5a Merge branch 'enh/local_time_zone' of https://github.com/yarikoptic/fail2ban 
* 'enh/local_time_zone' of https://github.com/yarikoptic/fail2ban:
  fixed typos, thanks szepeviktor for review
  ENH: use non-UTC date invocation (without -u) and report offset for localzone (%z)

Conflicts:
	ChangeLog
 2015-02-02 21:21:44 -05:00
Yaroslav Halchenko 96ae041132 fixed typos, thanks szepeviktor for review 2015-02-02 21:21:37 -05:00
Lee Clemens 00961d5281 Remove ignorecommand addition from ChangeLog 2015-02-02 11:36:21 -05:00
Lee Clemens af078532ac New jail: apache-fakegooglebot 
Detects fake googlebot user agents in apache access log
 2015-02-02 00:42:01 -05:00
Viktor Szépe 0430e0dacc Changelog entry for sendmail-geoip-lines 2015-02-01 00:24:40 +01:00
Yaroslav Halchenko ec6a30efcf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
Orion Poplawski b4776a1ba0 Match dovecot unknown user line 2015-01-29 09:37:37 -07:00
Orion Poplawski ee5c5b34d6 Add ChangeLog and THANKS entry 2015-01-29 09:14:41 -07:00
Yaroslav Halchenko 64feb0fd16 Merge pull request #924 from leeclemens/ENH/StatusExtendedInfo 
Add extended info to status output using Cymru
 2015-01-26 22:55:12 -05:00
Lee Clemens 486214585e Update extended status to accept additional argument, flavor 
Default to as-in behavior, or flavor=="basic"
 2015-01-26 19:38:06 -05:00
Andrew St. Jean e0f11ae722 Modified the ChangeLog and THANKS files to reflect the addition of action.d/nsupdate.conf. 2015-01-26 11:30:41 -05:00
Yaroslav Halchenko 085d0f72ed ENH: use non-UTC date invocation (without -u) and report offset for localzone (%z) 2015-01-26 09:19:44 -05:00
Yaroslav Halchenko 65980a70fc Merge branch 'enh/recidive-allports' of https://github.com/yarikoptic/fail2ban 
* 'enh/recidive-allports' of https://github.com/yarikoptic/fail2ban:
  use iptables-allports for recidive

Conflicts:
	ChangeLog
 2015-01-26 09:04:42 -05:00
Lee Clemens 60ac0a1a17 Add extended info to status output using Cyrmu 2015-01-24 12:45:42 -05:00
sebres 33e9e2174a recursive/embedded version of issue/907; 
test cases merged from remote-tracking branch 'yarikoptic:enh/embedded_tags' into issue/907
infinite busy loop on _escapedTags match in substituteRecursiveTags gh-907
 2015-01-20 17:18:25 +01:00
sebres b04a51246f infinite busy loop on _escapedTags match in substituteRecursiveTags gh-907 2015-01-20 11:32:15 +01:00
sebres 12e3cca3f2 port[s] typo fixed in jail.conf/nginx-http-auth, issue gh-913 2015-01-19 10:28:53 +01:00
Yaroslav Halchenko c7edd9e67f Merge pull request #901 from leeclemens/ENH/PostfixRBL 
Create Jail for Postfix based on RBL
 2015-01-07 21:45:36 -05:00
Yaroslav Halchenko 995b1d18df Merge pull request #906 from leeclemens/BF/755-strptime 
Fix strptime thread safety issue
 2015-01-07 20:40:14 -05:00
Lee Clemens 77677e43df Merge branch 'master' of github.com:fail2ban/fail2ban into ENH/PostfixRBL 2015-01-07 20:39:04 -05:00
Lee Clemens 4714028c69 Change case and tense for consistency 2015-01-03 16:16:23 -05:00
Lee Clemens bda8dc1926 Merge branch 'master' of github.com:fail2ban/fail2ban into ENH/PostfixRBL 2015-01-03 15:29:42 -05:00
Lee Clemens 2f360ce447 Update Changelog with strptime fix 2015-01-03 15:26:34 -05:00
Lee Clemens 38641e741a Merge branch 'master' of github.com:fail2ban/fail2ban into BF/755-strptime 
Conflicts:
	ChangeLog
 2015-01-03 15:25:54 -05:00
Lee Clemens 541a747d79 Update Changelog with strptime fix 2015-01-03 15:19:58 -05:00
TorontoMedia 74c3d5d96c Updated ChangeLog 2015-01-01 13:26:11 -05:00
TorontoMedia 948eec6425 Upd 2015-01-01 12:56:17 -05:00
TorontoMedia a47001ea0e Updated ChangeLog 2015-01-01 12:41:31 -05:00
TorontoMedia c2bb3253ad Update ChangeLog 2015-01-01 05:27:18 -05:00
Yaroslav Halchenko acfa83229b Merge branch 'master' of git://github.com/fail2ban/fail2ban 
* 'master' of git://github.com/fail2ban/fail2ban:
  Update year in postfix logs test file
  Add 'Client host rejected error message' regex Not sure if it was reworded (using Postfix 2.6) or a slightly different error, but I only have "Client host rejected: cannot find your hostname"
 2014-12-31 01:12:56 -05:00
Lee Clemens fe72a5585c Create Jail for Postfix based on RBL 
Use RBL blocks to ban addresses, unique Jail so maxretry can be set to 1 (vs postfix.conf)
 2014-12-30 19:06:17 -05:00
Lee Clemens 2d7429c47c Add 'Client host rejected error message' regex 
Not sure if it was reworded (using Postfix 2.6) or a slightly different error, but I only have "Client host rejected: cannot find your hostname"
 2014-12-30 18:05:19 -05:00
Yaroslav Halchenko d65c4f8f5d moved debian's initd file to files/debian-initd from debian branch 2014-12-30 16:45:35 -05:00
Yaroslav Halchenko bcfcefa203 Merge branch 'patch-2' of https://github.com/szepeviktor/fail2ban 
* 'patch-2' of https://github.com/szepeviktor/fail2ban:
  downcase example
  Added an item to "Fixes"
  postfix-sasl failregex case insensitive
 2014-12-30 16:35:09 -05:00
Viktor Szépe 10f68f4946 Update ChangeLog 2014-12-24 15:00:25 +01:00
Viktor Szépe 190f55b06e Added an item to "Fixes" 2014-12-11 01:34:20 +01:00
bes-internal ccc986b7d8 exim filter: correct failregex for exim with extended log options 
incoming_interface, incoming_port, outgoing_port
 2014-12-04 13:34:44 +03:00
sebres 80fb48c5b0 Merge remote-tracking branch 'remotes/upstream/master' into sebres:addfailregex-gh-867 2014-12-01 13:14:42 +01:00
sebres effdb450fc better and scalable solution for gh-867 (and gh-868), using only name convention like %(known/failregex)s to add custom expressions, so no interface changes in jail.conf are necessary (for example see test-known-interp in test cases); 2014-11-29 20:33:32 +01:00
Yaroslav Halchenko 9bab6d0009 Changelog entry for preceding fix 2014-11-29 09:52:25 -05:00
sebres d63b125877 interpolation of config readers extended with `%(known/parameter)s`. 
(means last known option with name `parameter`).
 2014-11-28 19:06:17 +01:00
sebres 1439152121 test cases extended (now correct) 2014-11-28 14:52:12 +01:00
sebres cad09d2df3 BF: failregex declared direct in jail was joined to single line, (specifying of multiple expressions was not possible); 
feature request (gh-867): new options for jail introduced addfailregex/addignoreregex: extends regex specified in filter (opposite to failregex/ignoreregex that overwrites it);
 2014-11-28 03:17:47 +01:00
Yaroslav Halchenko 2a3790f8e8 use iptables-allports for recidive 2014-11-04 13:24:54 -05:00
Yaroslav Halchenko a44cfba9ae Merge pull request #841 from opoplawski/firewallcmd-multiport 
ChangeLog for firewallcmd-new multiport support
 2014-10-30 18:32:26 -04:00
Orion Poplawski 21be983620 ChangeLog for firewallcmd-new multiport support 2014-10-30 16:11:34 -06:00
Yaroslav Halchenko 967485c2d0 improving grepping 2014-10-29 23:14:47 -04:00
Yaroslav Halchenko 36abb5ed96 BF: fix $ for % in jail.conf. Debian bug #767255 2014-10-29 13:08:51 -04:00
Yaroslav Halchenko 7acddcbe4a Post-release boost to .dev 2014-10-27 23:45:51 -04:00
Yaroslav Halchenko 987356d6c0 Changes for the 0.9.1 release versioning 2014-10-27 21:43:17 -04:00
pacop b60e2bf42f Add portsentry to changelog 2014-10-25 18:17:57 +02:00
Yaroslav Halchenko e2f49b7334 DOC: very minor (tabs/spaces) 2014-10-23 14:44:10 -04:00
sebres 7d3e6e9935 code review, change log entries added; 2014-10-10 20:06:58 +02:00
SlowRiot 7b5dc9f24f adding test case, changelog and thanks entries for apache shellshock filter 2014-09-26 18:48:56 +01:00
Nick Weeds 2c158fe168 Add apache filter for AH01630 client denied by server configuration 2014-09-14 21:54:05 +01:00
Yaroslav Halchenko 8f521b8551 DOC: Changelog and THANKS for previous changes 2014-09-13 10:27:37 -04:00
Daniel Black 1864f75b3b Credits and notes from #806 2014-09-08 19:02:37 +10:00
Yaroslav Halchenko 0d9cfb84e3 Merge pull request #778 from yarikoptic/enh/symbiosis 
ENH: symbiosis-blacklist-allports action
 2014-08-20 23:00:11 -04:00
Yaroslav Halchenko 3576c509f5 changelog entry for postfix-sasl fix 2014-08-12 11:08:39 -04:00
Yaroslav Halchenko 6fc04c2256 Merge branch 'bf+enh/cyrus-imap' of https://github.com/yarikoptic/fail2ban (with some tune up to Changelog entry) 
* 'bf+enh/cyrus-imap' of https://github.com/yarikoptic/fail2ban:
  ENH: cyrus-imap -- catch also 'user not found' attempts
  BF: cyrus-imaps -- catch also for secured daemons

Conflicts:
	ChangeLog
 2014-08-11 13:09:43 -04:00
Yaroslav Halchenko 818dd59d65 ENH: symbiosis-blacklist-allports action 2014-08-08 11:57:30 -04:00
Yaroslav Halchenko 4a23a7dcf1 Merge pull request #766 from leftyfb/master 
Added cloudflare action
 2014-07-28 15:34:09 -04:00
Yaroslav Halchenko 2756bbe12a changelog and thanks for the preceding fix 
Conflicts:
	ChangeLog
	THANKS
 2014-07-28 12:48:50 -04:00
leftyfb 2179c8293c ChangeLog Added and entry about Cloudflare action 2014-07-28 11:24:38 -04:00
Yaroslav Halchenko a35b62500f changelog entries for already merged and upcoming merge 2014-07-28 10:18:33 -04:00
Yaroslav Halchenko effa1bc757 Merge branch 'master' of github.com:fail2ban/fail2ban 
* 'master' of github.com:fail2ban/fail2ban:
  Update courier-smtp.conf
  I don't understand those years.
  added Jul 3 & Jul 4
  Update courier-smtp.conf
  named users + smtp atuh probes
  BF: Remove manually unbanned IPs from persistent database
  typo
 2014-07-28 10:14:40 -04:00
Yaroslav Halchenko edfdeecfe6 DOC: Changelog for recent merge 2014-07-27 21:48:55 -04:00
Yaroslav Halchenko 3339dc8d84 ENH: cyrus-imap -- catch also 'user not found' attempts 2014-07-25 10:13:04 -04:00
Yaroslav Halchenko 3e5c598b79 BF: cyrus-imaps -- catch also for secured daemons 2014-07-25 10:02:40 -04:00
Steven Hiscocks 01d02ca5e6 BF: Remove manually unbanned IPs from persistent database 
Stops them being restored when Fail2Ban is restarted. Particularly this
is an issue with bantime < 0

Fixes gh-768
 2014-07-19 15:17:32 +01:00
Steven Hiscocks e301d6c840 DOC: Update ChangeLog for change in b73ed9b 2014-07-19 15:15:38 +01:00
Yaroslav Halchenko 78d8ea2e50 Merge pull request #760 from yarikoptic/enh/exim4_debian_path 
BF: fix path to the exim log on Debian and Fedora systems
 2014-07-18 09:59:08 -04:00
Sean DuBois 84b7e93a47 ENH: Add version command to protocol 
TST: Add test for version server command
 2014-07-15 06:19:13 +00:00
Yaroslav Halchenko 6cddc65cee BF: path to exim's mainlog on Fedora (Thanks Frantisek Sumsal) + changelog entry 2014-07-14 12:16:12 -04:00
Yaroslav Halchenko c7de888cd3 DOC: Changelog for previous merge (pass a copy of aInfo) 2014-06-22 10:59:43 -04:00
Yaroslav Halchenko 305b31ae1c DOC: ChangeLog -- Added an entry about iptables-common.conf 2014-06-22 10:29:23 -04:00
Steven Hiscocks 2d54161696 Merge branch 'kwirk/harmonize-log-msgs' 
Conflicts:
	ChangeLog - Keep all additions
 2014-06-22 12:57:49 +01:00
Steven Hiscocks 76a5633ff9 Merge pull request #739 from ranvis/enh-iptables-ipsets 
ENH: Add <chain> to iptables-ipsets.
 2014-06-21 22:48:49 +01:00
Yaroslav Halchenko 4190a4030c Merge branch 'sebres-strptime-bug' of https://github.com/kwirk/fail2ban 
* 'sebres-strptime-bug' of https://github.com/kwirk/fail2ban:
  DOC: Tweak ChangeLog and THANKS
  DOC: Update docs in reference to time zone related fix
  TST: Fix tests due to @sebres fix and based from gh-349 reverts
  strptime bug fix: if gmtoff is None we have 1 hour increment of time (through utctimetuple), compare: >>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().timetuple())).strftime("%Y-%m-%d %H:%M:%S") '2014-04-29 17:26:31' >>>> datetime.datetime.fromtimestamp(time.mktime(datetime.datetime.now().utctimetuple())).strftime("%Y-%m-%d %H:%M:%S") '2014-04-29 18:26:37'

Conflicts:
	ChangeLog
 2014-06-16 09:28:41 -04:00
SATO Kentaro 1e1c4ac62a ENH: Add <chain> to iptables-ipsets. 2014-06-16 21:30:13 +09:00
Steven Hiscocks f7da091437 ENH: Log unhandled exceptions to Fail2Ban log 2014-06-09 22:27:51 +01:00
Steven Hiscocks e8131475cd ENH: Realign and harmonise log messages with getF2BLogger helper 2014-06-09 22:17:00 +01:00
Steven Hiscocks 1fa8f9fa70 DOC: Tweak ChangeLog and THANKS 2014-05-15 22:18:07 +01:00
Steven Hiscocks fc4b69a282 DOC: Update ChangeLog fix for ip{,jail}failures action tags 2014-05-15 22:15:12 +01:00
Steven Hiscocks 1c20fd88d4 DOC: Update docs in reference to time zone related fix 2014-05-14 23:04:48 +01:00
Yaroslav Halchenko 2526dbae92 Merge branch 'recursive-tag-fix' of https://github.com/kwirk/fail2ban 
* 'recursive-tag-fix' of https://github.com/kwirk/fail2ban:
  ENH: explicitly define tags which should be escaped
  DOC: ChangeLog update for recursive tag bug fix
  BF: Tags not fully recursively substituted

Conflicts:
	ChangeLog -- kept all as is
 2014-05-13 11:23:30 -04:00
Yaroslav Halchenko c619202d6f Merge branch 'master' of github.com:fail2ban/fail2ban 
* 'master' of github.com:fail2ban/fail2ban:
  ENH: Match non "Bye Bye" for sshd locked accounts failregex
  Even stricter monit regex, now covers entire line
  Tidy up filter.d/monit.conf, make regex more complete. Add ChangeLog / THANKS entry. Add test cases.
  ENH: Move traceback formatter to from tests.utils to helpers
  Block brute-force attempts against the Monit gui
 2014-05-10 20:02:47 -04:00
Steven Hiscocks 904b362215 DOC: ChangeLog update for recursive tag bug fix 
Also minor typo fixes in comments
 2014-05-09 20:25:44 +01:00
Steven Hiscocks 77ba065571 Merge pull request #697 from jhmartin/monit_admin_hack 
Block brute-force attempts against the Monit gui
 2014-05-07 22:23:01 +01:00
Yaroslav Halchenko 1f8b554d31 Merge branch 'database-persistent-bans' of https://github.com/kwirk/fail2ban 
* 'database-persistent-bans' of https://github.com/kwirk/fail2ban:
  BF: bantime < 0 database should return all bans, as they are persistent

Conflicts:
	ChangeLog - kept all ;)
 2014-05-05 23:29:35 -04:00
Yaroslav Halchenko 3eabf4a7bd Merge pull request #708 from kwirk/ssh-bye-bye 
ENH: Match non "Bye Bye" for sshd locked accounts failregex
 2014-05-05 23:22:57 -04:00
Yaroslav Halchenko 65269365ee minor 2014-05-05 23:16:18 -04:00
Steven Hiscocks 1e8402cb99 DOC: ChangeLog entry for Python 3.4.0 persistent "/dev/urandom" fix 2014-05-03 12:51:15 +01:00
Steven Hiscocks bc10b64c69 ENH: Match non "Bye Bye" for sshd locked accounts failregex 2014-04-27 13:35:55 +01:00
Steven Hiscocks 7cc64a14e0 BF: fail2ban-regex assertion error caused by miscounted "missed" lines 
Caused when removing lines as part of multiline regex, which had been
previously considered missed.
 2014-04-27 13:27:11 +01:00
Steven Hiscocks bbcbefd494 BF: bantime < 0 database should return all bans, as they are persistent 2014-04-22 19:20:44 +01:00
Jason Martin 72bfd14330 Tidy up filter.d/monit.conf, make regex more complete. 
Add ChangeLog / THANKS entry.
Add test cases.
 2014-04-19 13:04:03 -07:00
Steven Hiscocks 03d90c2f42 BF: recidive filter and samples at wrong log level: WARNING->NOTICE 2014-04-19 18:07:23 +01:00
Yaroslav Halchenko af07b2edf8 very minor 2014-04-18 23:59:24 -04:00
Steven Hiscocks abfa7fa7e3 DOC: Update ChangeLog 2014-04-03 18:47:38 +01:00
Daniel Black e3be822245 DOC: nginx-http-auth filter 2014-04-03 21:30:45 +11:00
Steven Hiscocks dc24d3d494 BF: On jail restart reinstatement of bans, fetch one ticket per IP 
Closes gh-664
 2014-03-29 21:44:39 +00:00
Ruben Kerkhof 1695d5c076 Fix a few typos 
Found with https://github.com/lucasdemarchi/codespell

Signed-off-by: Ruben Kerkhof <ruben@rubenkerkhof.com>
 2014-03-24 13:16:52 +00:00
Steven Hiscocks 7046388291 Merge branch 'database-no-sqlite' 
Conflicts:
	ChangeLog
        - Entries added in both branches, both kept
 2014-03-22 17:34:38 +00:00
Steven Hiscocks 1470e3c01d BF: fail2ban.conf reader expected "int" type for `loglevel` 
Closes #657
 2014-03-19 19:09:07 +00:00
Steven Hiscocks 8c129cc283 DOC: Update ChangeLog fixes 2014-03-19 18:59:00 +00:00
Daniel Black e3839777d1 DOC: ChangeLog for gh-652 2014-03-18 08:02:39 +11:00
Yaroslav Halchenko 65628e303c Merge commit '0.8.13-1-ga8d0cc9' 
* commit '0.8.13-1-ga8d0cc9':
  DOC: remove duplicate update of Fail2ban_Version
  DOC: DEVELOP release note changes
  PKG: version release
  PKG: include nagios filter/log
  DOC/ENH: update man pages for release

Conflicts:
	ChangeLog
	DEVELOP
	MANIFEST
	fail2ban/version.py
	man/fail2ban-client.1
	man/fail2ban-regex.1
	man/fail2ban-server.1
 2014-03-17 10:25:12 -04:00
Steven Hiscocks 8f4a99f81f DOC: Document recent changes 2014-03-16 21:59:50 +00:00
Steven Hiscocks b89d05c57d DOC: Document recent fixes 2014-03-16 21:55:41 +00:00
Daniel Black 755e35fdfe DOC: syntax 2014-03-17 08:43:34 +11:00
Daniel Black c602dea3c3 DOC: new ChangeLog header 2014-03-17 08:43:00 +11:00
Daniel Black cee3414029 PKG: version release 2014-03-15 19:06:37 +11:00
Daniel Black 9bee8b3257 Merge branch '0.9' 2014-03-15 18:41:34 +11:00
Daniel Black 77fda9498c ENH: pull asterisk filter change to support syslog from 0.9 branch 2014-03-14 23:15:46 +11:00
Daniel Black 8671b73958 DOC: versioning and release/readme notes 2014-03-14 23:08:25 +11:00
Daniel Black aa7e8fb9ce DOC: Credits. close gh-644 2014-03-14 22:30:44 +11:00
Daniel Black 476d79d3cc ENH: asterisk filter to support syslog format 2014-03-14 09:03:27 +11:00
Steven Hiscocks 0222ff4677 Merge branch 'badips-blacklist' into 0.9 
Conflicts:
	ChangeLog
        - entires added in both branches.

Change:
        config/action.d/badips.py
        - jail.getName() changed to jail.name
 2014-03-13 20:01:15 +00:00
Steven Hiscocks 0c63d0061a DOC: Add documentation for badips.py action 2014-03-13 19:58:32 +00:00
Steven Hiscocks 406fe0f5b6 DOC: Additional entries to ChangeLog 2014-03-12 21:20:24 +00:00
Steven Hiscocks 742e52269a DOC: Added jail.conf(5) and ChangeLog for "logencoding" 2014-03-12 21:00:25 +00:00
Steven Hiscocks 725a8261fe DOC: Add items to ChangeLog and readded jail.conf(5) for logpath tail 
jail.conf change merged from 6a395f4cf7
 2014-03-12 20:48:52 +00:00
Daniel Black cc8ec826c5 MRG: from master 2014-03-02 2014-03-02 14:33:45 +11:00
Daniel Black c10cc20928 ENH: rename sendmail-spam to sendmail-reject 2014-02-28 08:41:04 +11:00
Daniel Black 3d776afbb0 ENH: add filter for sendmail-{auth,spam}. Closes gh-20 2014-02-26 19:16:49 +11:00
Steven Hiscocks f68d85a6ac Merge branch 'master' into 0.9 
Conflicts:
	ChangeLog
                Spelling correction of 0.8.13 fixed in master
	config/jail.conf
                Added nagios and duplicate php-url removal in master
                Just nagios added, duplicate not issue in 0.9
 2014-02-13 20:14:40 +00:00
Daniel Black 5f4d0ed576 ENH: ssh filter - "Disconnecting: Too many authentication failures.." matching Connection log message 2014-02-13 09:13:46 +11:00
Yaroslav Halchenko c424e4032d DOC: minor - replace tabs with spaces for consistent formatting 2014-02-07 00:41:22 -05:00
Daniel Black 1c740636e3 Merge pull request #603 from truxoft/master 
ENH: Nagios filter
 2014-02-06 11:09:49 +11:00
Chris Markle 20886288e5 Correct spelling error in changelog 
I know it's a nit but still... ;)
 2014-02-05 10:44:46 -08:00
Ivo Truxa a8a43e8f38 ENH: Nagios filter 
new filter Nagios added
 2014-02-03 22:01:22 +01:00
Daniel Black 59b9045e88 MRG: from master 2014-02-02 2014-02-02 13:21:16 +11:00
Daniel Black 9b614ce486 ENH: dovecot filter enhancements 2014-01-29 20:27:45 +11:00
Daniel Black a749a2780e Merge pull request #593 from grooverdan/tine 
ENH: Tine20 filter
 2014-01-26 18:50:42 -08:00
Daniel Black 3c48e3f035 DOC: changelog for pure-ftpd filter fixes 2014-01-25 12:22:27 +11:00
Daniel Black 1e1261ccb4 MRG: from master 2014-01-23 2014-01-23 17:45:18 +11:00
Daniel Black ca57427080 BF: firewallcmd-ipset had non-working actioncheck 2014-01-23 17:41:13 +11:00
Daniel Black 2063d96e59 MRG: import Lars' PR for tine20 2014-01-22 18:12:19 +11:00
Daniel Black 499b33f8a6 DOC: post release versioning 2014-01-22 08:37:51 +11:00
Daniel Black 33dd1733fb DOC: version and release date to 0.8.12 on 2014-01-22 2014-01-19 16:25:23 +11:00
Daniel Black a650178bd1 MRG: merge from master 2014-01-19 2014-01-19 14:48:29 +11:00
Daniel Black 10edd994d1 DOC: ChangeLog for kerio filters 2014-01-18 23:21:44 +11:00
Steven Hiscocks 0b4dd6272c Merge pull request #589 from grooverdan/one-bad-regex-gh-585 
fault tolerance when pushing multiple configurations
 2014-01-18 03:27:52 -08:00
Daniel Black 5ade6a13af DOC: ChangeLog dateing and normalisation 2014-01-18 21:00:24 +11:00
Daniel Black 058621f9bd ENH: continue with rest of fail2ban config even if errors. Closes gh-585 2014-01-18 20:16:38 +11:00
Daniel Black 2647461a3c DOC: ChangeLog. Note incompatible changes and group new filters and actions under New Features 2014-01-18 19:38:25 +11:00
Daniel Black 1452be4a3a Merge pull request #588 from grooverdan/badips 
ENH: Badips action (reporting)
 2014-01-17 23:10:29 -08:00
Daniel Black 93613e82f0 DOC: credits for action.d/badips 2014-01-15 09:40:18 +11:00
Daniel Black 657da2041c BF: dovecot filters, session characters and order of session/tls in log messages 2014-01-15 08:02:47 +11:00
Daniel Black c7f887642d Merge branch '0.9' into master_to_0.9 2014-01-13 21:23:42 +11:00
Daniel Black 3de80545e0 MRG: from master 2014/01/13 2014-01-13 21:23:39 +11:00
Lars Kneschke 47dd8fb897 ENH: filter for Tine 2.0 2014-01-13 06:04:59 +01:00
Daniel Black 6b0e6b9bca ENH: add improper command pipelining postfix filter 2014-01-13 06:59:59 +11:00
Daniel Black cd3e94140c MRG: complete merge 2014-01-12 21:16:55 +11:00
Daniel Black f2e55e8499 ENH: add filter for squirrelmail. Closes gh-261 2014-01-12 20:27:36 +11:00
Tomas Pihl b52a4441fd Support ACL-events without AccountID. Typically happens when a registration 
from an unknown domain is performed.

Add credits
 2014-01-12 01:28:55 +01:00
Steven Hiscocks 128112d51c ENH: ejabberd filter 2014-01-09 22:47:17 +00:00
Daniel Black 8333abe420 Merge pull request #557 from grooverdan/apache-botsearch 
ENH: Apache botsearch + BF: tag substition
 2014-01-09 14:11:00 -08:00
Steven Hiscocks 7e8da15fc6 Merge pull request #572 from grooverdan/counterstrike 
ENH: Counter Strike filter
 2014-01-08 12:47:10 -08:00
Daniel Black b6676dbadc DOC: spelling of Counter Strike 2014-01-08 07:45:26 +11:00
Yaroslav Halchenko 6532a2e2f7 Merge pull request #548 from grooverdan/exim-honeypot 
Exim honeypot
 2014-01-07 06:14:42 -08:00
Daniel Black 0fb6bc7188 ENH: add filter for Counter Strike 1.6. Closes gh-347 2014-01-07 20:33:57 +11:00
Daniel Black 9e087b508d MRG: from 0.9 2014-01-07 16:11:40 +11:00
Daniel Black 58ebf659e4 MRG: from 0.9 to make history cleaner 2014-01-07 16:07:58 +11:00
Daniel Black 76468942f9 MRG: complete merge from master 2014-01-07 10:24:23 +11:00
Steven Hiscocks bb11c29667 Merge pull request #567 from grooverdan/groupoffice-filter 
ENH: add filter groupoffice. Closes gh-566
 2014-01-06 10:31:32 -08:00
Daniel Black b9cd492e9f Merge pull request #555 from grooverdan/nagios_fix 
BF: nagios fix
 2014-01-06 03:12:26 -08:00
Daniel Black 3ee6e993c6 MRG: merge ChangeLog for nagios fix 2014-01-06 22:09:10 +11:00
Daniel Black fecb07f36d MRG: filter substition 2014-01-06 22:07:49 +11:00
Daniel Black db7b7bfefa Credits for groupoffice 2014-01-06 22:00:12 +11:00
alasdairdc 67c44a5001 Update ChangeLog 2014-01-06 10:44:21 +00:00
Daniel Black a8e0498389 BF: add expression for ssh filter for code 3: SSH2_DISCONNECT_KEY_EXCHANGE_FAILED. closes gh-289 2014-01-05 21:26:26 +11:00
Daniel Black 23f0b854da MRG: merge in freeswitch 2014-01-04 12:24:40 +11:00
Daniel Black 05b159c74b Merge pull request #464 from grooverdan/increase-jail-name-length 
ENH: Actions to have f2b- as prefix instead of fail2ban- as per #462
 2014-01-03 14:48:56 -08:00
Daniel Black 3d1a1afca4 MRG: to more recent 0.9 2014-01-04 09:31:05 +11:00
Daniel Black 7c09a61ca5 ENH: add apache-botsearch. Closes gh-544 2014-01-03 23:12:58 +11:00
Daniel Black b8536490ef ENH: filter for stunnel from fail2ban wiki 2014-01-03 19:32:29 +11:00
Daniel Black 04d28fd2e1 ENH: add filter freeswitch - as raised on mailing list 2014-01-03 13:00:37 +11:00
Daniel Black 117d3b0466 MRG: horde filter from master 2014-01-03 10:34:59 +11:00
Daniel Black 83f3aeb308 ENH: filter for horde 2014-01-02 23:12:36 +11:00
Daniel Black 9c7bb3b97e ENH: exim-spam to take honeypot email address as argument. Closes #541 2014-01-01 22:45:13 +11:00
Daniel Black 391b5fc883 MRG: from master again 2014-01-01 2014-01-01 19:28:38 +11:00
Daniel Black 1b037a6f29 DOC: document addition of filter options substitution into failregex/ignoreregex 2013-12-31 19:15:11 +11:00
Daniel Black 856407379b ENH: add filter openwebmail. Closes gh-543. 2013-12-31 08:09:00 +11:00
Daniel Black 332d37f363 DOC: python-2.6 minimium now. Closes gh-526 
Clean up ChangeLog and README.md to reflect these changes.
Remove credit from developers for individual changes to be consistent
with the 0.8.12 ChangeLog. Update summary and priority of items listed
in ChangeLog.
 2013-12-30 04:57:16 +00:00
Daniel Black e220210dc4 DOC: fix ChangeLog entry for exim-spam 2013-12-29 21:55:04 +00:00
Daniel Black dbca949e5e DOC: typo in ChangeLog 2013-12-29 21:26:30 +00:00
Daniel Black d727ba639a ENH: exim-spam to include spamassassin log entry. Closes gh-533 2013-12-29 20:16:37 +00:00
Daniel Black 4a0e428563 DOC: change log for asynchat.push change 2013-12-29 07:11:57 +00:00
Daniel Black c074773805 ENH: apache modsecurity from 0.9 branch 2013-12-29 07:06:13 +00:00
Daniel Black be382dae4d MRG: ufw changelog conflicts 2013-12-29 05:45:06 +00:00
Daniel Black 1f6ece2a40 Merge pull request #490 from grooverdan/firewallcmd-ipset 
ENH: add firewallcmd-ipset
 2013-12-28 21:43:49 -08:00
Daniel Black ea2a13946e TST: more test of filters 2013-12-29 05:29:59 +00:00
Daniel Black c9cfdca396 ENH: add filter for apache-modsecurity 2013-12-28 22:28:11 +00:00
Daniel Black d3c065bf76 ENH: add PyPy compatibility 2013-12-27 05:15:33 +00:00
Daniel Black 1b7df1181f BF: apache-2.4 log format fix. Closes gh-516 2013-12-23 08:28:40 +00:00
Yaroslav Halchenko 7af58b9984 Merge branch 'apache-noscripts' of https://github.com/grooverdan/fail2ban 
* 'apache-noscripts' of https://github.com/grooverdan/fail2ban:
  ENH: apache-noscript now matched php-cgi scripts. Closes gh-503

Conflicts:
	ChangeLog -- two new entries collided,  Reformatted the merged one a bit
 2013-12-22 22:28:57 -05:00
Daniel Black a9b7d33c51 ENH: apache-noscript now matched php-cgi scripts. Closes gh-503 2013-12-19 10:01:24 +00:00
Steven Hiscocks d22716ab63 ENH: Add nsd filter and amend DateEpoch to match date format 2013-12-18 22:31:54 +00:00
alasdairdc 04c267c307 Updated Changelog 2013-12-18 08:36:30 +00:00
Daniel Black 7c0efc8ec8 MRG: merge so far - flushLogs not working yet 2013-12-16 15:08:34 +00:00
Steven Hiscocks 66e9f06feb DOC: ChangeLog moved python3 support to refactoring 2013-12-14 17:46:13 +00:00
Steven Hiscocks 401d8aba1f DOC: Update ChangeLog with systemd backend and persistent database 2013-12-14 17:20:21 +00:00
Daniel Black f1e593da67 DOC: Changelog for adding firewallcmd-ipset 2013-12-14 10:27:11 +00:00
Daniel Black f35345ecaa ENH: add ufw action based off Guilhem Lettron's work in lp-#701522. Closes gh-455 2013-12-14 00:34:12 +00:00
Daniel Black 13ccebe78f BF: fix actioncheck in firewallcmd 2013-12-13 23:40:51 +00:00
Daniel Black 66374913ec ENH: add squid filter 2013-12-10 21:24:37 +11:00
Daniel Black f385439a41 MRG: ChangeLog merge 2013-12-09 09:28:42 +11:00
Daniel Black 80df01bf15 Merge pull request #468 from grooverdan/xarf 
ENH: action.d/Xarf reporting of messages
 2013-12-08 14:26:37 -08:00
Steven Hiscocks 7115f64f83 Merge pull request #470 from grooverdan/flush-logs 
BF: create flushlogs command to prevent logrotation clobbering logtarget...
 2013-12-06 16:30:16 -08:00
Daniel Black e07ba41870 Merge pull request #463 from grooverdan/firewall-cmd-direct-new-length-too-long 
BF: firewall-cmd-direct-new was too long. Thanks Joel.
 2013-12-05 12:42:55 -08:00
Daniel Black b5d6310d28 BF: create flushlogs command to prevent logrotation clobbering logtarget. Closes gh-458 2013-12-04 20:51:30 +11:00
Daniel Black 9c1a679b7f DOC: changelog for xarf-login-attack action 2013-12-01 17:51:31 +11:00
Yaroslav Halchenko 2c1199cce0 Let's progress and mark a2 release toward 0.9.0 2013-11-30 12:25:17 -05:00
Daniel Black 95845b7b65 BF: complain action could match too many IP addresses 2013-11-30 17:47:10 +11:00
Yaroslav Halchenko 3a5983ab0b Merge branch 'bf/syslog-format' of https://github.com/yarikoptic/fail2ban 
* 'bf/syslog-format' of https://github.com/yarikoptic/fail2ban:
  Changelog entries for the last changes
  ENH: added optional [PID] matching in recidive.conf
  ENH: reintroducing levelnameinto syslog msgs, time stamp and indentation in non-syslog msgs
  BF/ENH: include [PID] into logging msgs, remove indentation from syslog messages

Conflicts:
	ChangeLog
 2013-11-29 19:58:56 -05:00
Daniel Black f7504d5b64 MRG: conflict in THANKS 2013-11-30 10:39:19 +11:00
Yaroslav Halchenko 982d5abbef Merge branch 'namelength20' of https://github.com/grooverdan/fail2ban 
* 'namelength20' of https://github.com/grooverdan/fail2ban:
  DOC: document rational behind 20 character jail name limit

Conflicts:
	ChangeLog
 2013-11-29 10:09:16 -05:00
Yaroslav Halchenko 25e967f23b Merge branch 'mysqld-syslog-iptables-name-too-long' of https://github.com/grooverdan/fail2ban 
* 'mysqld-syslog-iptables-name-too-long' of https://github.com/grooverdan/fail2ban:
  BF: jail name mysqld-syslog-iptables too long. removed -iptables. Thanks Stefan (#447)

Conflicts:
	ChangeLog
 2013-11-29 10:02:31 -05:00
Daniel Black b9b2ddf996 BF: smtps not IANA standard. Closes #447 2013-11-29 21:47:53 +11:00
Daniel Black cade746307 BF: jail name mysqld-syslog-iptables too long. removed -iptables. Thanks Stefan (#447) 2013-11-29 21:45:11 +11:00
Daniel Black af4feb0c92 Actions to have f2b- as prefix instead of fail2ban- as per #462 2013-11-29 19:08:38 +11:00
Daniel Black fb666b69ff BF: firewall-cmd-direct-new was too long. Thanks Joel. 2013-11-28 23:35:05 +11:00
Daniel Black 99838440c8 DOC: document rational behind 20 character jail name limit 2013-11-28 23:18:34 +11:00
Daniel Black 227f27ce6b ENH: added multiline filter for sshd filter 2013-11-25 14:55:41 +11:00
Daniel Black 13223c33f5 MRG: recidive-protocol-all 2013-11-25 08:22:09 +11:00
Yaroslav Halchenko 085ebbe1de Changelog entries for the last changes 2013-11-24 11:55:58 -05:00
Daniel Black 9a82bc3c61 BF: kernel messages can have space. Thanks ag4ve(shawn). Closes #448 2013-11-24 18:21:02 +11:00
Daniel Black 98eacdf333 MRG/BF: merge from master. Fix bugs in iso8601 2013-11-24 16:36:06 +11:00
Yaroslav Halchenko 629e9ae445 Merge pull request #443 from grooverdan/apache-authfix 
BF: apache filters using error log weren't matched when referer existed ...
 2013-11-18 15:53:39 -08:00
Daniel Black 284f811c91 BF: apache filters using error log weren't matched when referer existed in HTTP header 2013-11-19 10:27:55 +11:00
Yaroslav Halchenko 491165c929 Merge pull request #438 from grooverdan/solid-pop3d 
ENH: filter for Solid-pop3d
 2013-11-17 17:34:46 -08:00
Daniel Black 8aa20a7b0e ENH: credits for #440 recidive jail protocol=all 2013-11-18 07:59:56 +11:00
Daniel Black dab2ddb9da ENH: recidive jail to block all protocols. Closes #440 2013-11-18 07:57:16 +11:00
Yaroslav Halchenko 82174ea4c4 Changelog for preceding proftpd date format change 2013-11-16 22:18:51 -05:00