github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
4,814 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

4814 Commits (654fda8a50f65c6b329d75cbac91a50aa5a8a8f5)

Author SHA1 Message Date
sebres 5b63ad17c6 stability of the test-cases: avoid echoing of server-ready in configure thread, if heavy-debug (only answer from new internal command "server-status"). 2018-03-05 21:54:18 +01:00
Sergey G. Brester b16aafe233
Update ChangeLog 2018-03-05 19:42:05 +01:00
Sergey G. Brester b34ae5999e
action.d/hostdeny.conf: fixes IPv6 syntax 
differentiate the IPv4 and IPv6 syntax (where it is enclosed in square brackets)
 2018-03-05 19:35:10 +01:00
sebres ccb1daf30a Merge branch '0.10' into 0.11 2018-03-02 21:42:07 +01:00
sebres cfc3979c84 Merge branch '0.10' with 'socket-stability-fix' 2018-03-02 21:40:13 +01:00
sebres 1bdda6c8eb cache coverage 2018-03-02 21:39:13 +01:00
sebres 96836cb199 fix several errors (shutdown in test-cases during stop communication, better error handling by unpickle/deserialization, etc) 2018-03-02 21:39:08 +01:00
sebres 29bedd70d5 socket stability and coverage: cherry picked from 0.11 version (avoid many sporadic unhandled exceptions) 2018-03-02 21:31:19 +01:00
sebres 2b282ead09 Merge branch '0.10' into 0.11 2018-03-02 19:48:15 +01:00
Sergey G. Brester 9f969e7aab
Merge pull request #2062 from MatthieuBarbu/patch-2 
filter.d/sshd.conf: fixed normal and ddos-mode regex (extended with port)
 2018-03-02 19:31:10 +01:00
sebres caa2bdfee6 amendment for gh-2061: it looks like the port was added here also 2018-03-02 19:24:47 +01:00
sebres a3bcbe2d1b backwards-compatibility, test-cases and ChangeLog update 2018-03-02 19:15:10 +01:00
MatthieuBarbu 6b5516b851 fix sshd rule #2 
in line 58, rule don't match with "%(__suff)s" but work fine if I replace with "%(__on_port_opt)s"
Debian 9 stretch : fail2ban 0.10.3
 2018-03-02 18:40:36 +01:00
Sergey G. Brester e9a43f739c
Merge pull request #2061 from MatthieuBarbu/patch-1 
fix sshd rule (space before "11:" is optional now)
 2018-03-02 18:19:24 +01:00
sebres 1d7aa2ff21 filter.d/sshd.conf: rewrite fix (for new ssh log-format) backwards compatible + test-cases extended to cover both cases 2018-03-02 18:17:17 +01:00
MatthieuBarbu 9f5c873526 fix sshd rule 
just remove the space before ":11" line 52 because don't match on my Debian 9 stretch...
I don't know if this is wrong on all OS
 2018-03-02 17:53:35 +01:00
sebres 5ea76789c6 Merge branch '0.10' into 0.11 2018-03-02 17:18:37 +01:00
sebres 5f021aa648 shutdown sockets before close, avoid socket leakage by use of the explicit socket close in async_chat; 
better error handling with error counting, differentiate special case ([Errno 24] Too many open files), with resulting stop of the server
(avoid flood the log file, closes gh-991 and similar issues);
restored auto-garbage, because of non-reference-counting python's (like pypy), otherwise it may leak there on objects like unix-socket, etc.
 2018-03-02 17:08:23 +01:00
sebres fa520f36c3 stability test-cases fix: avoid rare sporadic error on start of server (threaded in foreground); 
additionally show the log output of the thread-server in case of any error there.
 2018-03-02 17:00:01 +01:00
sebres 8c291cad38 filter.d/asterisk.conf: fixed failregex prefix by log over remote syslog server (gh-2060) 2018-03-02 09:17:04 +01:00
Ben RUBSON b112250ef0 (Free)BSD IPFW does not allow 2 identical rules (#2054) 
ipfw actionban fixed to allow same rule added several times (and actionunban to ignore error by deletion of missing rule)
 2018-02-27 10:18:59 +01:00
Ben RUBSON 857767f04b Add 'any' badips.py bancategory (#2056) 
action.d/badips.py: allow `any` as bancategory to retrieve IPs from all categories
 2018-02-27 10:12:22 +01:00
sebres 47a7f83a0b Merge branch '0.10' into 0.11 2018-02-26 19:30:54 +01:00
sebres 07fcb24ff6 Merge pull request #2057 from benrubson/https 
Use httpS with badips
 2018-02-26 18:50:35 +01:00
Sergey G. Brester 117dcca414
Merge pull request #2059 from benrubson/str 
badips.py, solve a str() issue - expected string, IPAddr found
 2018-02-26 18:42:32 +01:00
sebres 933670d034 pragma: no cover - availability (once after error case only) 2018-02-26 18:35:30 +01:00
sebres f52c67238a action.d/badips.py: code review, ban command covered, debug log-messages, etc; 2018-02-26 18:16:20 +01:00
sebres 095a909c84 action.d/badips.py: increases score in test-cases (5 now, ssh/3 returns to large list, which can cause timeout if badips server to busy); 2018-02-26 18:14:44 +01:00
benrubson 8ed892b8bb Changelog 2018-02-26 16:15:29 +01:00
benrubson fce2a50165 badips.py, solve a str() issue under FreeBSD 2018-02-26 15:55:21 +01:00
benrubson 9a8add0ef0 changelog 2018-02-26 10:28:51 +01:00
benrubson e2665d39fd Use httpS with badips 2018-02-26 09:58:37 +01:00
sebres a5155f55e7 Merge branch '0.10' into 0.11 2018-02-21 09:31:35 +01:00
Sergey G. Brester 7070664772
Merge pull request #2048 from sebres/exim-too-many-errors 
Exim-filter: too many errors
 2018-02-21 09:25:42 +01:00
Sergey G. Brester 879f580c9a
Update ChangeLog 2018-02-19 15:59:45 +01:00
sebres e636567d23 filter.d/exim.conf: failregex extended with SMTP call dropped: too many syntax or protocol errors. 2018-02-19 09:50:46 +01:00
sebres 19a5a2f8c0 filter.d/murmur.conf: fixed detection of failures reading from journal (systemd-backend only): 
- extended with optional prefix for the systemd-journal (with second date-pattern as optional match);
- added `journalmatch` filtering;
closes gh-2043
 2018-02-09 11:43:55 +01:00
sebres 3e15343343 fail2ban-regex: bug fixed, if running over systemd-journal and `journalmatch` missing in filter. 2018-02-09 11:34:02 +01:00
sebres 730e760666 Merge branch '0.10' into 0.11 2018-02-06 18:19:50 +01:00
sebres 98f4d70371 fixed cymru-info resolved to answers with multiple data-records (as comma-separated list now) 2018-02-06 18:00:50 +01:00
Sergey G. Brester 3b8b9c4acf
README: extended systemd-prerequirements: python-systemd package 2018-02-06 17:02:23 +01:00
sebres 5c2fba0398 Merge branch '0.10' into 0.11 2018-02-01 19:41:26 +01:00
sebres f1661d35ea fix sporadic error, wait for shutdown/exit messages by assert-check, better prevention of dual (parallel) stop 2018-02-01 18:30:00 +01:00
sebres 2c03f5ad28 simple syntax change (wrong escape in string): no functional changes 2018-02-01 18:04:04 +01:00
sebres 201ae0dac2 Merge branch '0.10' into 0.11 2018-01-31 12:20:34 +01:00
Sergey G. Brester 3a1c386958
Update ChangeLog 2018-01-31 12:18:56 +01:00
Sergey G. Brester 0e0e478483
Merge pull request #2038 from sebres/long-epoch-and-epoch-pattern 
Long epoch and epoch pattern
 2018-01-31 12:13:46 +01:00
sebres dcbf904876 allow to parse milliseconds as float + more test cases; 
normalize capturing with epoch-pattern match - similar to `{DATE}` should capture and cut out the whole pattern match from the log-line;
 2018-01-31 11:07:49 +01:00
sebres 3e8098d427 python 3.x compatibility: fix replacement string (may fail with errors like `bad escape \d ...`, etc) 2018-01-31 11:07:48 +01:00
sebres 442b0b1c59 extends date-detector with long epoch (LEPOCH) to parse milliseconds/microseconds posix-dates; 
provide opportunity to specify own regex-pattern to match epoch date-time, e. g. "^\[{EPOCH}\]";
closes gh-2029
 2018-01-31 11:07:46 +01:00