github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5,474 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

5474 Commits (5d8f5004718d38146c6821f37eaeb3c7b0415d9d)

Author SHA1 Message Date
sebres b2036c1d62 Merge branch '0.10' into 0.11 2020-08-26 12:22:17 +02:00
sebres e569281d6b avoids overwrite of `known/option` with unmodified (not available) value of `option` from .local config file, 
so it wouldn't cause self-recursion if `option` already has a reference to `known/option` (from some include) in .conf file;
closes gh-2751
 2020-08-26 12:08:04 +02:00
sebres 5a2cc4e1c5 substituteRecursiveTags: more precise self- or cyclic-recursion prevention (don't clear replacement counts of tags, rather consider replacement count by tax X in tag Y) 2020-08-26 12:05:20 +02:00
sebres e9071b642a Merge branch '0.10' into 0.11 2020-08-25 18:28:18 +02:00
Sergey G. Brester 81fb28e146
Merge pull request #2631 from benrubson/guacamole 
`filter.d/guacamole.conf` extended with `logging` parameter to follow webapp-logging if it's configured
 2020-08-25 18:27:18 +02:00
sebres 2945fe8cbd changelog 2020-08-25 18:25:32 +02:00
sebres d9b8796792 amend with better (common) handling, documentation and tests 2020-08-25 18:01:34 +02:00
sebres 7b05c1ce7a do type-convert only in getCombined (otherwise int/bool conversion prevents substitution or section-related interpolation of tags) 2020-08-25 14:52:22 +02:00
benrubson 1707560df8 Enhance Guacamole jail 2020-08-25 13:01:50 +02:00
sebres 41b88b4f4f Merge branch '0.10' into 0.11 2020-08-24 16:42:19 +02:00
TorontoMedia 1e3da21c68 Remove duplicate method and rename invalid parameter 
(cherry picked from commit fd25c4cbb8)
 2020-08-24 16:41:55 +02:00
sebres ad51fb7e1e partial cherry-pick fd25c4cbb8 (#2768) 2020-08-24 16:41:22 +02:00
Sergey G. Brester 57caf8ec90
Merge pull request #2768 from TorontoMedia/patch 
Remove duplicate method and rename invalid parameter
 2020-08-24 16:39:25 +02:00
sebres 7327fee2c8 Merge branch '0.11' 2020-08-24 16:33:30 +02:00
sebres 4bc8bc9d5f Merge branch '0.10' into 0.11 2020-08-24 16:31:48 +02:00
Sergey G. Brester 8da663a67e
Merge pull request #2814 from sebres/0.10-date-opt 
extended datepattern handling (TZ issues, no datepattern, etc)
 2020-08-24 16:27:35 +02:00
sebres 295630cccf documentation and changelog 2020-08-24 16:12:55 +02:00
sebres 76e5d2b199 amend to f21c58dc72, better follow previous handling with last known datetime (compatibility for multi-line logs, in case of second line without a timestamp) 2020-08-21 17:53:02 +02:00
sebres f21c58dc72 implements special datepattern `{NONE}` - allow to find failures without date-time in log messages (filter use now as timestamp) 
closes gh-2802
 2020-08-20 20:28:29 +02:00
sebres b82f584a96 added test case covering new date handling (simulation, unknown format, warnings, etc) 2020-08-20 19:46:41 +02:00
sebres d2cef96f33 filter: implement mode `inOperation`, which gets activated if filter starts processing of new messages; better interaction with non-matching optional datepattern or invalid timestamps (or timezone) - assuming now instead of bypass; 
fixed test cases gathering new failures now in operation mode
 2020-08-20 18:52:00 +02:00
sebres 7e8d98c4ed code review, fix simplest TZ issue - avoid date adjustment by assuming of last year (date without year in the future) by wrong zone (don't adjust by offset up to +24 hours) 2020-08-13 19:20:27 +02:00
sebres 3ca69c8c0a amend to #2791: unban subnet when subnet is in supplied subnet 2020-08-11 17:14:21 +02:00
sebres 7d172faa50 implements gh-2791: fail2ban-client extended to unban IP range(s) by subnet (CIDR/mask) or hostname (DNS) 2020-08-11 16:01:52 +02:00
sebres 39d4bb3c35 closes gh-2758: no explicit flush (close std-channels on exit, it would cause implicit flush without to produce an error 32 "Broken pipe" on closed pipe) 2020-08-11 13:57:36 +02:00
sebres a7ad3e00dd amend to 91eca4fdeb (#2634): server creates a RTM-directory for socket/pid file automatically (don't check its existence in client) 2020-08-11 11:58:02 +02:00
sebres 1ea36c3045 Merge branch '0.11' 2020-08-04 17:19:51 +02:00
sebres 9d076af9a2 Merge branch '0.11-combine-multiple-captures' into 0.11 2020-08-04 17:15:28 +02:00
sebres 98983adf76 update ChangeLog 2020-08-04 17:14:13 +02:00
sebres 067b76fc9e Merge branch '0.10' into 0.11 2020-08-04 15:40:59 +02:00
sebres 253d47d33c compat: some 2.x pypy versions produce UnicodeEncodeError: 'ascii' codec can't encode character on surrogates (uni_string must be fixed also for UTF-8 system encoding) 2020-08-04 15:08:02 +02:00
sebres 9510346507 typo in skip message 2020-08-04 14:31:11 +02:00
sebres 0ef8f6675d fix travis builds (pipy in xenial, don't error if doc missing in default path after install) 2020-08-04 14:25:31 +02:00
sebres 9100d07c03 Merge branch '0.10-ipset-tout' into 0.10, amend to #2703: resolves names conflict (command action timeout and ipset timeout); closes #2790 2020-08-04 13:53:21 +02:00
sebres 62a6771b33 Merge remote-tracking branch 'sebres:0.10' into 0.10; closes gh-2763 
action.d/nftables.conf (type=multiport only): fixed port range selector (replacing `:` with `-`)
 2020-08-04 13:51:20 +02:00
sebres 73a8175bb0 resolves names conflict (command action timeout and ipset timeout); closes gh-2790 2020-08-04 13:22:02 +02:00
Sergey G. Brester ea35f2ad75
default loglevel is INFO 2020-07-03 13:47:46 +02:00
Sergey G. Brester 08dbe4abd5
fixed comment for loglevel, default is INFO 2020-07-03 13:45:29 +02:00
TorontoMedia fd25c4cbb8
Remove duplicate method and rename invalid parameter 2020-06-28 12:58:41 -04:00
sebres 309c8dddd7 action.d/nftables.conf (type=multiport only): fixed port range selector (replacing `:` with `-`) 2020-06-24 19:20:36 +02:00
Jan Przybylak 56fefe9240 Added test file "nginx-bad-request" 
I tested with `./fail2ban-testcases testSampleRegex`, which did not return any errors.
 2020-06-21 18:25:27 +02:00
Jan Przybylak a5ab4406d8 Removed unnecessary escape sequence 
This commit also contains changes to match requests that are 100% empty (by using "*" instead of "+" in the regex)
 2020-06-21 18:24:09 +02:00
sebres ec3000798d ensure that set of alternate tags or combine tuple tags take place ordered (sort the lists by its name or index) 2020-06-12 21:25:42 +02:00
sebres dd8081ade5 extends capturing alternate tags in filter, implementing new tag prefix `<F-TUPLE_` (that would combine value of `<F-V>` with all value of <F-TUPLE_V?_n?> tags), for examples see new tests in fail2banregextestcase; 
closes gh-2755 (extends #1454 and #1698).
 2020-06-12 20:00:42 +02:00
Jan Przybylak d7ef5d166d Removed vulnerable catchall & anchor 2020-06-11 16:44:48 +02:00
sebres 78fc99ec7e Merge branch '0.11' 2020-06-11 12:52:34 +02:00
sebres 1da9ab78be Merge branch '0.10' into 0.11 2020-06-11 12:52:13 +02:00
sebres 5a0edf61c9 filter.d/sshd.conf: normalizing of user pattern in all RE's, allowing empty user (gh-2749) 2020-06-08 14:38:26 +02:00
Jan Przybylak 3c83c19070 Added filter nginx-bad-request 2020-06-06 19:51:46 +02:00
aresdr 412120ac3c
Update drupal-auth.conf 
Small fix for Drupal 8. D8 uses "Login attempt failed from" while D7 uses "Login attempt failed for".
The referer part is a must currently, but some requests did not have one and are not failing.
 2020-05-30 15:25:31 -07:00