fail2ban

Commit Graph

Author	SHA1	Message	Date
Daniel Black	ad291d7e38	Merge pull request #346 from grooverdan/bsd-ipfw-default-unreach-port BF: action.d/bsd-ipfw - use blocktype instead of unused action for icmp ...	2013-09-04 16:18:19 -07:00
Daniel Black	4face1f3e7	MRG: resolve conficts in action.d/osx-ipfw design	2013-09-05 09:07:10 +10:00
Andy Fragen	d258a51a23	after some research it looks like setting to unreachable better than deny	2013-09-04 11:28:03 -07:00
Andy Fragen	fe557e5900	more specific actionunban	2013-09-01 13:09:51 -07:00
Andy Fragen	a4884f82cd	add mods from grooverdan and fix actionunban actionunban still not working in grooverdan's mod. I made this one grep both <ip> and <port>. It should be more specific if the same <ip> is banned on multiple ports.	2013-08-31 08:39:19 -07:00
Daniel Black	f2bcf84893	BF: action.d/bsd-ipfw - use blocktype instead of unused action for icmp rejecting blocked packets	2013-08-31 11:40:04 +10:00
Daniel Black	749f215089	ENH: port optional	2013-08-31 11:07:15 +10:00
Daniel Black	8b22fa15b5	BF: reverted to simplier random rulenum. If your machine is handling 1000s of block the addition complexity isnt what you want	2013-08-31 11:03:01 +10:00
Daniel Black	5741348f45	ENH: more options and ruggedness to prevent unintensional consequences	2013-08-31 09:38:18 +10:00
Daniel Black	52bd0f86a8	Merge branch 'osx-ipfw' of https://github.com/afragen/fail2ban into osx	2013-08-31 09:09:04 +10:00
Daniel Black	7cc3e8a8c0	BF: Invert expression on actionstop in bsd-ipfw.conf to ensure exit status 0 on success. Closes gh-343	2013-08-31 08:59:02 +10:00
Andy Fragen	ef504c869f	added osx specific ipfw action with random rulenum	2013-08-26 16:06:23 -07:00
Daniel Black	6a36ff1a4a	BF: order mailx arguments with dest email address last - redhat bugzilla 998020. Closes gh-328	2013-08-19 22:36:58 +10:00
Orion Poplawski	31a78b2711	Use /var/run/fail2ban in config/action.d/dummy.conf	2013-08-08 20:41:44 -06:00
Daniel Black	ab10664b57	ENH: action.d/hostsdeny to take daemon_list arguement as suggested in README.Solaris	2013-07-14 16:20:21 +10:00
Daniel Black	1d6d5a7aae	DOC: ChangeLog merge confict	2013-07-09 08:41:28 +10:00
Alexander Dietrich	da594075f3	Move sendmail settings to common file, make sender name configurable	2013-07-02 20:30:41 +02:00
Daniel Black	aebd24ec54	BF: replace with ed so its cross platform, fixes permission problem gh-266, and Yaroslav doesn't revert to perl	2013-07-02 20:09:27 +10:00
Yaroslav Halchenko	89e06bba15	BF: blocktype must be defined within [Init] -- adding [Init] section. Close #232	2013-05-24 11:15:46 -04:00
Yaroslav Halchenko	5accc10a47	Merge pull request #206 from grooverdan/bsd_ipfw NF: BSD ipfw	2013-05-08 07:24:56 -07:00
Yaroslav Halchenko	0ae49ab11e	Merge branch 'bsd_pf' of https://github.com/grooverdan/fail2ban * 'bsd_pf' of https://github.com/grooverdan/fail2ban: BF: missed MANIFEST include DOC: add jail.conf entry for pf DOC: credit for pf action. Origin: http://svnweb.freebsd.org/ports/head/security/py-fail2ban/files/patch-pf.conf?view=log ENH: pf action thanks to Nick Hilliard <nick@foobar.org>. Conflicts: ChangeLog	2013-05-08 10:24:01 -04:00
Yaroslav Halchenko	e85914cef8	Merge pull request #215 from grooverdan/reject_no_drop_by_default ENH: add blocktype to all relevant actions and change default action to reject	2013-05-08 07:20:14 -07:00
Daniel Black	9c03ee6d9e	ENH: consolidate where blocktype is defined for iptables rules	2013-05-08 07:52:08 +10:00
Daniel Black	c7fd777966	BF: default type to unreachable	2013-05-08 07:31:31 +10:00
Yaroslav Halchenko	2143cdff39	Merge: opensolaris docs/fixes, no 'sed -i' in hostsdeny, sshd regex tuneups Origin: from https://github.com/jamesstout/fail2ban * 'OpenSolaris' of https://github.com/jamesstout/fail2ban: ENH: Removed unused log line BF: fail2ban.local needs section headers ENH: Use .local config files for logtarget and jail ENH+TST: ssh failure messages for OpenSolaris and OS X ENH: fail message matching for OpenSolaris and OS X ENH: extra daemon info regex ENH: actionunban back to a sed command Readme for config on Solaris create socket/pid dir if needed Extra patterns for Solaris change sed to perl for Solaris Conflicts: config/filter.d/sshd.conf	2013-05-06 11:11:12 -04:00
Daniel Black	3b4a7b7926	ENH: add blocktype to all relevant actions. Also default the rejection to a ICMP reject rather than a drop	2013-05-05 15:43:18 +10:00
Daniel Black	0c5a9c53e1	ENH: pf action thanks to Nick Hilliard <nick@foobar.org>.	2013-05-03 16:34:54 +10:00
Daniel Black	b6d0e8ad9c	ENH: add ipfw rule for bsd using the tables.	2013-05-03 16:31:45 +10:00
Daniel Black	495f2dd877	DOC: purge of svn tags	2013-05-03 16:03:38 +10:00
jamesstout	b7795addd0	ENH: actionunban back to a sed command per https://github.com/fail2ban/fail2ban/pull/182#discussion_r3999128	2013-04-30 04:10:32 +08:00
Daniel Black	945ad3d9e6	BF: ensure dates in email are in the C locale. Thanks iGeorgeX	2013-04-29 14:10:23 +10:00
jamesstout	de98e3dabd	change sed to perl for Solaris	2013-04-21 07:29:48 +08:00
Daniel Black	67544d1dd6	DOC: tags are documented in the jail.conf(5) man page	2013-03-17 10:52:49 +11:00
Yaroslav Halchenko	5e5eaaf838	Merge pull request #134 from grooverdan/misc-fixes BF: fail2ban client can't handle multi word setcinfo or action[*] values	2013-03-10 18:01:17 -07:00
Pascal Borreli	a2b29b4875	Fixed typos	2013-03-10 22:05:33 +00:00
Daniel Black	a0f088be25	ENH: typo + head -1 has been deprecated for 10+ years.	2013-03-10 16:28:45 +11:00
Yaroslav Halchenko	d5ae28facf	Merge pull request #104 from gebi/t/route add support for blocking through blackhole routes	2013-02-18 08:01:34 -08:00
Daniel Black	47b1ee39d8	add blocking type	2013-02-17 12:44:15 +11:00
Yaroslav Halchenko	8cf006827e	BF: remove path from grep call in sendmail-whois-lines.conf Closes: gh-118	2013-02-12 08:48:05 -05:00
Michael Gebetsroither	f9b78ba927	add support for blocking through blackhole routes	2013-01-03 18:46:31 +01:00
Daniel Black	9221886df6	more documentation and optimisations/fixes based on testing	2012-12-31 14:31:37 +11:00
Daniel Black	abd5984234	base ipset support	2012-12-31 14:31:37 +11:00
Yaroslav Halchenko	2a225aa6ee	Added a warning within "complaint.conf" action about care with enabling it	2012-08-13 23:03:52 -04:00
Yaroslav Halchenko	80b191c7fd	BF: anchor chain name in actioncheck's for iptables actions (Closes: #672228 )	2012-07-31 15:27:05 -04:00
Yaroslav Halchenko	35201f6690	Merge remote-tracking branch 'gh-keszybz/master' * gh-keszybz/master: NF: xt_recent-echo action	2012-01-07 20:59:50 -05:00
Zbigniew Jędrzejewski-Szmek	321670487e	NF: xt_recent-echo action The default configuration can only be run by root. To actually support running as a different user, the setup action must be disabled.	2012-01-06 00:51:03 +01:00
Leonardo Chiquitto	4502adfe69	Fix comments to reflect code Commit `638bb6652` changed some defaults but the comments still point to the previous values.	2011-12-30 12:41:46 -05:00
Tom Hendrikx	9fa54cf233	Add Date: header for sendmail*.conf actions According to rfc2822, Date: headers are not optional. Added these to all sendmail action templates, format specification should conform to rfc and be portable across multiple platforms.	2011-11-18 16:52:44 -05:00
Yaroslav Halchenko	3831fbf98b	ENH: add <chain> to action.d/iptables*. Thanks Matthijs Kooijman: see http://bugs.debian.org/515599 git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@771 a942ae1a-1317-0410-a47c-b1dcaea8d605	2011-03-23 20:36:41 +00:00
Yaroslav Halchenko	638bb66523	BF: Use /var/run/fail2ban instead of /tmp for temp files in actions: see http://bugs.debian.org/544232 It should be robust since /var/run/fail2ban is guaranteed to exist to carry the socket file, and it will be owned by root (or some other dedicated fail2ban user) thus avoiding possibility for the exploit git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@767 a942ae1a-1317-0410-a47c-b1dcaea8d605	2011-03-23 20:35:56 +00:00

1 2

88 Commits (5a2623f0dfc1c7ae607b41bb7a71c8545321b34a)