github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
3,239 Commits
33 Branches
229 Tags
19 MiB
Commit Graph

588 Commits (61ac48170308da590d317cac7e0b846461a86352)

Author SHA1 Message Date
Anton Shestakov 56e5821c06 Match unknown user in dovecot's passwd-file auth database 2015-04-30 16:53:10 +08:00
Yaroslav Halchenko fb336276d4 post-release tune ups 
Conflicts:
	ChangeLog
	README.md
 2015-04-29 09:02:48 -04:00
Yaroslav Halchenko acc4c2d104 Hope for release tomorrow 2015-04-28 23:52:48 -04:00
Yaroslav Halchenko 840fea9f71 Merge commit '0f75ed5e2ab1159e45a7771a7a4e90c877ec848e' 
* commit '0f75ed5e2ab1159e45a7771a7a4e90c877ec848e':
  Just use a system wide python in the tests digest.py
  DOC: Slight tune up to RELEASE doc -- no need for PYTHONPATH to run tests
  MANIFEST: updated for some new files, sorted all entries, removed some duplicates
  Initial changes for the release -- simplified ChangeLog header etc
 2015-04-28 23:51:32 -04:00
Aaron Brice 7ae0ef2408 Fix actions in ufw.conf 
On Ubuntu 15.04 the ufw action was not working.
- With empty <application>, receiving errors:

2015-04-24 16:28:35,204 fail2ban.filter         [8527]: INFO    [sshd] Found 43.255.190.157
2015-04-24 16:28:35,695 fail2ban.actions        [8527]: NOTICE  [sshd] Ban 43.255.190.157
2015-04-24 16:28:35,802 fail2ban.action         [8527]: ERROR   [ -n "" ] && app="app " -- stdout: b''
2015-04-24 16:28:35,803 fail2ban.action         [8527]: ERROR   [ -n "" ] && app="app " -- stderr: b''
2015-04-24 16:28:35,803 fail2ban.action         [8527]: ERROR   [ -n "" ] && app="app " -- returned 1

- With action = ufw[application=OpenSSH], it was silently not doing
  anything (no errors after "Ban x.x.x.x", but no IP addresses in ufw
  status).

Re-arranged the bash commands on two lines, and it works with or without
<application>.
 2015-04-28 11:39:00 -07:00
Lee Clemens 8f792f52fb Add drupal-auth filter and jail 2015-04-27 13:10:27 -04:00
Yaroslav Halchenko ca849b93dc Initial changes for the release -- simplified ChangeLog header etc 2015-04-26 21:39:54 -04:00
Lee Clemens b530d88eca Merge remote-tracking branch 'upstream/master' into bf/1000-asteriskBlocksSelf 
Conflicts:
	ChangeLog
 2015-04-26 15:13:59 -04:00
Markus Oesterle b9a09af914 Added changes to ChangeLog & updated sample test cases 2015-04-16 21:33:57 +02:00
Thomas Mayer c0cf3daac8 Add myself to the changelog 2015-03-27 18:20:25 +01:00
Thomas Mayer c9b24839e4 Character detection heuristics for whois output via optional setting in mail-whois*.conf (Closes #1003) 
when set by user,
 - detects character set of whois output (which is undefined by RFC 3912) via heuristics of the file command
 - converts whois data to UTF-8 character set with iconv
 - sends the whois output in UTF-8 character set to mail program
 - avoids that heirloom mailx creates binary attachment for input with unknown character set
 2015-03-27 14:27:41 +01:00
Lee Clemens 72f4bcfbff Match hacking attempt IP instead of asterisk server IP (closes #1000) 2015-03-24 19:03:26 -04:00
Yaroslav Halchenko 320a28a4a4 DOC: make a warning for recidive jail to increase dbpurgeage (Closes #964) 2015-03-21 20:50:03 -04:00
Yaroslav Halchenko 31d107d181 BF: asyncore.loop poll=True for recent (>=3.4) pythons too 
should avoid
  File /usr/lib/python3.4/asyncore.py, line 208, in loop
    poll_fun(timeout, map)
  File /usr/lib/python3.4/asyncore.py, line 145, in poll
    r, w, e = select.select(r, w, e, timeout)
OSError: [Errno 9] Bad file descriptor
 2015-03-05 22:52:40 -05:00
Yaroslav Halchenko daa2a9e5d8 Merge pull request #975 from sebres/gh-973-fix 
BF: binding parameter error (unsupported type) (closes gh-973) ...
 2015-03-05 22:47:45 -05:00
Teubel György 0254cbf7fb Flush logs at USR1 signal 2015-02-26 23:23:10 +01:00
sebres 2bfe22aa66 makes test case more precise; 2015-02-25 15:05:32 +01:00
sebres 6c788a32ee BF: binding parameter error (unsupported type) by writing json with invalid encoded lines into sqlite database (gh-973); 
especially python < 3.0; try to prevent occurring such errors in the future;
 2015-02-25 11:56:11 +01:00
Yaroslav Halchenko 83805ee5dc Changelog for preceding merge 2015-02-14 16:07:28 -05:00
Yaroslav Halchenko 54e182e017 Merge pull request #955 from sebres/fail2ban-regex-gh-954 
BF: fail2ban-regex does not read '.local' file of given filter (Close #954)
 2015-02-14 09:44:54 -05:00
Yaroslav Halchenko ae2af0d51b Minor tune up to changelog (we should eventually just make it into .md format) 2015-02-14 09:37:13 -05:00
Yaroslav Halchenko 07b0ab07ad Merge branch 'master' of https://github.com/rumple010/fail2ban 
* 'master' of https://github.com/rumple010/fail2ban:
  Changed default TTL value to 60 seconds.
  Added a reminder to create an nsupdate.local file to set required options.
  Modified the ChangeLog and THANKS files to reflect the addition of action.d/nsupdate.conf.
  add nsupdate action

Conflicts:
	ChangeLog
 2015-02-14 09:32:05 -05:00
sebres 74c6f6ac4b BF: fail2ban-regex does not read '.local' file of given filter (gh-954) 2015-02-13 15:36:00 +01:00
Yaroslav Halchenko 3fb2becddb Merge pull request #949 from leeclemens/enh/configSyslogSocket 
Configure Syslog Socket Path (closes #814)
 2015-02-06 20:08:15 -05:00
Yaroslav Halchenko 119a7bbb16 Merge pull request #939 from szepeviktor/geoip 
Added sendmail-geoip-lines.conf
 2015-02-06 11:32:41 -05:00
Lee Clemens d676a9fd4f update ChangeLog with syslogsocket config enhancement 2015-02-05 23:48:18 -05:00
Yaroslav Halchenko 40068f5f31 Merge pull request #933 from mrc0mmand/nginx-botsearch 
Add jail nginx-botsearch and refactor common with apache-botsearch regexes into botsearch-common
 2015-02-04 09:27:43 -05:00
Yaroslav Halchenko eaca33e227 Merge branch 'enh/clarifyDnsUtilsMethods' of https://github.com/leeclemens/fail2ban 
* 'enh/clarifyDnsUtilsMethods' of https://github.com/leeclemens/fail2ban:
  Update ChangeLog
  Clarify filter.DNSUtils functions' terminology and add unittests

Conflicts:
	ChangeLog -- rephrased a bit as well
 2015-02-03 20:29:03 -05:00
Lee Clemens ed71a7cd22 Update ChangeLog 2015-02-03 20:23:25 -05:00
František Šumšal 9bd25f51c1 Added ChangeLog and THANKS entry 2015-02-04 02:19:15 +01:00
Lee Clemens 4091fdde27 Update ChangeLog from PR 930 2015-02-03 19:54:23 -05:00
Orion Poplawski e7ff7e90b7 [postfix-sasl] update regexes 
- Add : to match "SASL LOGIN authentication failed: Password:"
- Add ignoreregex to ignore system authentication issues:
  "warning: unknown[1.1.1.1]: SASL LOGIN authentication failed: Connection lost to authentication server"
- Add test log messages for both
 2015-02-03 11:30:16 -07:00
Yaroslav Halchenko 646c799231 Changelog for above merge 2015-02-02 21:46:38 -05:00
Yaroslav Halchenko 73af02ffc6 Merge pull request #940 from leeclemens/ENH/ApacheFakeGoogleBot 
New jail: apache-fakegooglebot
 2015-02-02 21:44:04 -05:00
Yaroslav Halchenko 7f2d1a7269 minor changelog entry reformatting 2015-02-02 21:37:24 -05:00
Yaroslav Halchenko 7ada96b4e9 Merge pull request #932 from opoplawski/dovecot 
Dovecot - dovecot auth failure from EL7
 2015-02-02 21:37:28 -05:00
Yaroslav Halchenko 8f6d9c6a5a Merge branch 'enh/local_time_zone' of https://github.com/yarikoptic/fail2ban 
* 'enh/local_time_zone' of https://github.com/yarikoptic/fail2ban:
  fixed typos, thanks szepeviktor for review
  ENH: use non-UTC date invocation (without -u) and report offset for localzone (%z)

Conflicts:
	ChangeLog
 2015-02-02 21:21:44 -05:00
Yaroslav Halchenko 96ae041132 fixed typos, thanks szepeviktor for review 2015-02-02 21:21:37 -05:00
Lee Clemens 00961d5281 Remove ignorecommand addition from ChangeLog 2015-02-02 11:36:21 -05:00
Lee Clemens af078532ac New jail: apache-fakegooglebot 
Detects fake googlebot user agents in apache access log
 2015-02-02 00:42:01 -05:00
Viktor Szépe 0430e0dacc Changelog entry for sendmail-geoip-lines 2015-02-01 00:24:40 +01:00
Yaroslav Halchenko ec6a30efcf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
Orion Poplawski b4776a1ba0 Match dovecot unknown user line 2015-01-29 09:37:37 -07:00
Orion Poplawski ee5c5b34d6 Add ChangeLog and THANKS entry 2015-01-29 09:14:41 -07:00
Yaroslav Halchenko 64feb0fd16 Merge pull request #924 from leeclemens/ENH/StatusExtendedInfo 
Add extended info to status output using Cymru
 2015-01-26 22:55:12 -05:00
Lee Clemens 486214585e Update extended status to accept additional argument, flavor 
Default to as-in behavior, or flavor=="basic"
 2015-01-26 19:38:06 -05:00
Andrew St. Jean e0f11ae722 Modified the ChangeLog and THANKS files to reflect the addition of action.d/nsupdate.conf. 2015-01-26 11:30:41 -05:00
Yaroslav Halchenko 085d0f72ed ENH: use non-UTC date invocation (without -u) and report offset for localzone (%z) 2015-01-26 09:19:44 -05:00
Yaroslav Halchenko 65980a70fc Merge branch 'enh/recidive-allports' of https://github.com/yarikoptic/fail2ban 
* 'enh/recidive-allports' of https://github.com/yarikoptic/fail2ban:
  use iptables-allports for recidive

Conflicts:
	ChangeLog
 2015-01-26 09:04:42 -05:00
Lee Clemens 60ac0a1a17 Add extended info to status output using Cyrmu 2015-01-24 12:45:42 -05:00
sebres 33e9e2174a recursive/embedded version of issue/907; 
test cases merged from remote-tracking branch 'yarikoptic:enh/embedded_tags' into issue/907
infinite busy loop on _escapedTags match in substituteRecursiveTags gh-907
 2015-01-20 17:18:25 +01:00
sebres b04a51246f infinite busy loop on _escapedTags match in substituteRecursiveTags gh-907 2015-01-20 11:32:15 +01:00
sebres 12e3cca3f2 port[s] typo fixed in jail.conf/nginx-http-auth, issue gh-913 2015-01-19 10:28:53 +01:00
Yaroslav Halchenko c7edd9e67f Merge pull request #901 from leeclemens/ENH/PostfixRBL 
Create Jail for Postfix based on RBL
 2015-01-07 21:45:36 -05:00
Yaroslav Halchenko 995b1d18df Merge pull request #906 from leeclemens/BF/755-strptime 
Fix strptime thread safety issue
 2015-01-07 20:40:14 -05:00
Lee Clemens 77677e43df Merge branch 'master' of github.com:fail2ban/fail2ban into ENH/PostfixRBL 2015-01-07 20:39:04 -05:00
Lee Clemens 4714028c69 Change case and tense for consistency 2015-01-03 16:16:23 -05:00
Lee Clemens bda8dc1926 Merge branch 'master' of github.com:fail2ban/fail2ban into ENH/PostfixRBL 2015-01-03 15:29:42 -05:00
Lee Clemens 2f360ce447 Update Changelog with strptime fix 2015-01-03 15:26:34 -05:00
Lee Clemens 38641e741a Merge branch 'master' of github.com:fail2ban/fail2ban into BF/755-strptime 
Conflicts:
	ChangeLog
 2015-01-03 15:25:54 -05:00
Lee Clemens 541a747d79 Update Changelog with strptime fix 2015-01-03 15:19:58 -05:00
TorontoMedia 74c3d5d96c Updated ChangeLog 2015-01-01 13:26:11 -05:00
TorontoMedia 948eec6425 Upd 2015-01-01 12:56:17 -05:00
TorontoMedia a47001ea0e Updated ChangeLog 2015-01-01 12:41:31 -05:00
TorontoMedia c2bb3253ad Update ChangeLog 2015-01-01 05:27:18 -05:00
Yaroslav Halchenko acfa83229b Merge branch 'master' of git://github.com/fail2ban/fail2ban 
* 'master' of git://github.com/fail2ban/fail2ban:
  Update year in postfix logs test file
  Add 'Client host rejected error message' regex Not sure if it was reworded (using Postfix 2.6) or a slightly different error, but I only have "Client host rejected: cannot find your hostname"
 2014-12-31 01:12:56 -05:00
Lee Clemens fe72a5585c Create Jail for Postfix based on RBL 
Use RBL blocks to ban addresses, unique Jail so maxretry can be set to 1 (vs postfix.conf)
 2014-12-30 19:06:17 -05:00
Lee Clemens 2d7429c47c Add 'Client host rejected error message' regex 
Not sure if it was reworded (using Postfix 2.6) or a slightly different error, but I only have "Client host rejected: cannot find your hostname"
 2014-12-30 18:05:19 -05:00
Yaroslav Halchenko d65c4f8f5d moved debian's initd file to files/debian-initd from debian branch 2014-12-30 16:45:35 -05:00
Yaroslav Halchenko bcfcefa203 Merge branch 'patch-2' of https://github.com/szepeviktor/fail2ban 
* 'patch-2' of https://github.com/szepeviktor/fail2ban:
  downcase example
  Added an item to "Fixes"
  postfix-sasl failregex case insensitive
 2014-12-30 16:35:09 -05:00
Viktor Szépe 10f68f4946 Update ChangeLog 2014-12-24 15:00:25 +01:00
Viktor Szépe 190f55b06e Added an item to "Fixes" 2014-12-11 01:34:20 +01:00
bes-internal ccc986b7d8 exim filter: correct failregex for exim with extended log options 
incoming_interface, incoming_port, outgoing_port
 2014-12-04 13:34:44 +03:00
sebres 80fb48c5b0 Merge remote-tracking branch 'remotes/upstream/master' into sebres:addfailregex-gh-867 2014-12-01 13:14:42 +01:00
sebres effdb450fc better and scalable solution for gh-867 (and gh-868), using only name convention like %(known/failregex)s to add custom expressions, so no interface changes in jail.conf are necessary (for example see test-known-interp in test cases); 2014-11-29 20:33:32 +01:00
Yaroslav Halchenko 9bab6d0009 Changelog entry for preceding fix 2014-11-29 09:52:25 -05:00
sebres d63b125877 interpolation of config readers extended with `%(known/parameter)s`. 
(means last known option with name `parameter`).
 2014-11-28 19:06:17 +01:00
sebres 1439152121 test cases extended (now correct) 2014-11-28 14:52:12 +01:00
sebres cad09d2df3 BF: failregex declared direct in jail was joined to single line, (specifying of multiple expressions was not possible); 
feature request (gh-867): new options for jail introduced addfailregex/addignoreregex: extends regex specified in filter (opposite to failregex/ignoreregex that overwrites it);
 2014-11-28 03:17:47 +01:00
Yaroslav Halchenko 2a3790f8e8 use iptables-allports for recidive 2014-11-04 13:24:54 -05:00
Yaroslav Halchenko a44cfba9ae Merge pull request #841 from opoplawski/firewallcmd-multiport 
ChangeLog for firewallcmd-new multiport support
 2014-10-30 18:32:26 -04:00
Orion Poplawski 21be983620 ChangeLog for firewallcmd-new multiport support 2014-10-30 16:11:34 -06:00
Yaroslav Halchenko 967485c2d0 improving grepping 2014-10-29 23:14:47 -04:00
Yaroslav Halchenko 36abb5ed96 BF: fix $ for % in jail.conf. Debian bug #767255 2014-10-29 13:08:51 -04:00
Yaroslav Halchenko 7acddcbe4a Post-release boost to .dev 2014-10-27 23:45:51 -04:00
Yaroslav Halchenko 987356d6c0 Changes for the 0.9.1 release versioning 2014-10-27 21:43:17 -04:00
pacop b60e2bf42f Add portsentry to changelog 2014-10-25 18:17:57 +02:00
Yaroslav Halchenko e2f49b7334 DOC: very minor (tabs/spaces) 2014-10-23 14:44:10 -04:00
sebres 7d3e6e9935 code review, change log entries added; 2014-10-10 20:06:58 +02:00
SlowRiot 7b5dc9f24f adding test case, changelog and thanks entries for apache shellshock filter 2014-09-26 18:48:56 +01:00
Nick Weeds 2c158fe168 Add apache filter for AH01630 client denied by server configuration 2014-09-14 21:54:05 +01:00
Yaroslav Halchenko 8f521b8551 DOC: Changelog and THANKS for previous changes 2014-09-13 10:27:37 -04:00
Daniel Black 1864f75b3b Credits and notes from #806 2014-09-08 19:02:37 +10:00
Yaroslav Halchenko 0d9cfb84e3 Merge pull request #778 from yarikoptic/enh/symbiosis 
ENH: symbiosis-blacklist-allports action
 2014-08-20 23:00:11 -04:00
Yaroslav Halchenko 3576c509f5 changelog entry for postfix-sasl fix 2014-08-12 11:08:39 -04:00
Yaroslav Halchenko 6fc04c2256 Merge branch 'bf+enh/cyrus-imap' of https://github.com/yarikoptic/fail2ban (with some tune up to Changelog entry) 
* 'bf+enh/cyrus-imap' of https://github.com/yarikoptic/fail2ban:
  ENH: cyrus-imap -- catch also 'user not found' attempts
  BF: cyrus-imaps -- catch also for secured daemons

Conflicts:
	ChangeLog
 2014-08-11 13:09:43 -04:00
Yaroslav Halchenko 818dd59d65 ENH: symbiosis-blacklist-allports action 2014-08-08 11:57:30 -04:00
Yaroslav Halchenko 4a23a7dcf1 Merge pull request #766 from leftyfb/master 
Added cloudflare action
 2014-07-28 15:34:09 -04:00
Yaroslav Halchenko 2756bbe12a changelog and thanks for the preceding fix 
Conflicts:
	ChangeLog
	THANKS
 2014-07-28 12:48:50 -04:00
leftyfb 2179c8293c ChangeLog Added and entry about Cloudflare action 2014-07-28 11:24:38 -04:00