fail2ban

Commit Graph

Author	SHA1	Message	Date
sebres	9f1c6f1617	filter stability fix: prevent race condition - no ban if filter (backend) is continuously busy if too many messages will be found in log, e. g. initial scan of large log-file or journal (gh-2660)	2020-03-13 17:34:37 +01:00
sebres	e3737bb7c0	filter stability fix: prevent race condition - no ban if filter (backend) is continuously busy if too many messages will be found in log, e. g. initial scan of large log-file or journal (gh-2660)	2020-03-13 17:20:19 +01:00
Sergey G. Brester	d4da9afd7f	Update ChangeLog	2020-03-06 20:29:48 +01:00
sebres	42714d0849	filter.d/common.conf: closes gh-2650, avoid substitute of default values in related `lt_*` section, `__prefix_line` should be interpolated in definition section (after the config considers all sections that can overwrite it); amend to `62b1712d22` (PR #2387, backend-related option `logtype`); testSampleRegexsZZZ-GENERIC-EXAMPLE covering now negative case also (other daemon in prefix line)	2020-03-05 13:47:11 +01:00
sebres	15158e4474	closes gh-2647: add ban to database is moved from jail.putFailTicket to actions.__CheckBan; be sure manual ban is written to database, so can be restored by restart; reload/restart test extended	2020-03-02 18:58:59 +01:00
sebres	4766547e1f	performance optimization of `datepattern` (better search algorithm); datetemplate: improved anchor detection for capturing groups `(^...)`; introduced new prefix `{UNB}` for `datepattern` to disable word boundaries in regex; datedetector: speedup special case if only one template is defined (every match wins - no collision, no sorting, no other best match possible)	2020-02-28 14:27:21 +01:00
Christopher Gurnee	df885586d4	close Popen() pipes explicitly for PyPy Waiting for garbage collection to close pipes opened by Popen() can lead to "Too many open files" errors with PyPy; close them explicitly.	2020-02-25 14:55:10 +01:00
sebres	e57e950ef5	version bump (back to dev)	2020-02-25 14:51:54 +01:00
sebres	b25d8565fc	release 0.10.5 -- Deserve more respect a jedi's weapon must. Hrrrm, Yes	2020-01-10 13:34:46 +01:00
sebres	f77398c49d	filter.d/sshd.conf: captures `Disconnected from ... [preauth]`, preauth phase only, different handling by `extra` (with supplied user only) and `ddos`/`aggressive` mode (`normal` mode is not affected, used there just as a helper with `<F-NOFAIL>` to capture IP for multiline failures without IP); closes gh-2115, gh-2362.	2020-01-09 20:53:53 +01:00
sebres	d1b7e2b5fb	fail2ban-regex - several enhancements and fixes: - improved usage output (don't put a long help if an error occurs); - new option `--no-check-all` to avoid check of all regex's (first matched only); - new option `-o`, `--out` to set token provided in output (disables check-all and outputs only expected data); - test cases optimized and extended	2020-01-09 16:59:13 +01:00
sebres	f30b7ae244	update ChangeLog + spelling	2020-01-08 21:03:00 +01:00
Sergey G. Brester	e86e9b2ee9	Merge branch '0.10' into gh-927-subnet	2019-11-15 01:47:50 +01:00
sebres	27e6b0021c	ChangeLog update gh-2563	2019-11-08 13:18:57 +01:00
sebres	e5d02bc2e9	grouped tags (`<ADDR>`, `<HOST>`, `<SUBNET>`) recognize IP addresses enclosed in square brackets, closes gh-2494	2019-11-04 12:11:00 +01:00
sebres	d44607a161	part of #927 - filter enhancement to parse IP sub-nets (IP/CIDR with correct recognition of IP-family), provides new replacement tags for failregex to match subnets in form of IP-addresses with CIDR mask (gh-2559): - `<CIDR>` - helper regex to match CIDR (simple integer form of net-mask); - `<SUBNET>` - regex to match sub-net adresses (in form of IP/CIDR, also single IP is matched, so part /CIDR is optional);	2019-11-01 16:29:17 +01:00
Sergey G. Brester	8b850864cf	amend to #2254 : update changelog	2019-10-18 12:00:17 +02:00
sebres	d1a73d3004	filter.d/apache-auth.conf: - ignore errors from mod_evasive in `normal` mode (mode-controlled now) (gh-2548); - extended with option `mode` - `normal` (default) and `aggressive` close gh-2548	2019-10-18 11:26:19 +02:00
sebres	91923b5c07	don't need to match identifier exactly (@ is precise enough as prefix), not capturing group; `prefregex` extended, more selective now (denied/NOTAUTH suffix moved from `failregex`, so no catch-all there anymore); update ChangeLog	2019-07-29 13:21:00 +02:00
Sergey G. Brester	a395361de8	Merge pull request #2467 from sebres/logtype-option-rfc5424 New option `logtype` value - `rfc5424`	2019-07-24 00:02:04 +02:00
Sergey G. Brester	70280bfa12	Update ChangeLog	2019-07-24 00:00:24 +02:00
Sergey G. Brester	d3b5befe44	update changelog (#2404 )	2019-07-22 12:50:48 +02:00
Sergey G. Brester	7520d250b0	Merge pull request #2444 from sebres/gh-2392 systemd-backend: switched default flags to SYSTEM_ONLY(4)	2019-07-11 13:25:58 +02:00
Sergey G. Brester	8a386103c1	Update ChangeLog	2019-06-25 15:49:07 +02:00
girst	b288ccd6b6	new filter: znc-adminlog	2019-06-12 16:25:50 +02:00
sebres	4c81338944	update ChangeLog (gh-2390)	2019-06-12 11:28:19 +02:00
sebres	2725acb64b	amend to 809acb69e5928c0e678ad25b43e53b567cb23a3b: extended to avoid the vice versa race (too many outdated tickets to unban) - max count of outdated tickets is restricted also.	2019-06-12 00:11:26 +02:00
sebres	e5ae113215	filter.d/postfix.conf: extended with new postfix filter mode `errors` to match "too many errors" (gh-2439), also included within modes `normal`, `more` (`extra` and `aggressive`), since postfix parameter `smtpd_hard_error_limit` is default 20 (additionally consider `maxretry`)	2019-06-07 16:14:02 +02:00
sebres	3b2f75414c	filter.d/postfix.conf: extended regexp's to accept variable suffix code in status of postfix for precise messages (gh-2442)	2019-06-07 15:40:55 +02:00
sebres	8da9bfb83a	Update ChangeLog (gh-2302, rebased to 0.10)	2019-06-07 14:47:43 +02:00
sebres	3b51c005f8	update ChangeLog (multi-line parsing fix, gh-2431)	2019-05-24 16:17:06 +02:00
sebres	4d08bc4ad5	update ChangeLog	2019-05-10 16:22:25 +02:00
Sergey G. Brester	7d6db7391e	Update ChangeLog	2019-04-19 12:50:35 +02:00
Sergey G. Brester	28c1da33dc	Merge pull request #2387 from sebres/logtype-option-journal New backend-related option `logtype` (`journal` or `file`)	2019-04-18 13:27:42 +02:00
Sergey G. Brester	d920dd4014	Update ChangeLog	2019-04-18 13:19:21 +02:00
Sergey G. Brester	ec9f698f5b	removed new-line	2019-04-04 02:55:09 +02:00
Amir Caspi	7ac2f167f9	Update ChangeLog Fixing typo I introduced in commit `eed1de0ceb`	2019-03-29 17:49:22 -06:00
Amir Caspi	eed1de0ceb	Update ChangeLog Updated to reflect sendmail-reject changes `9e1fa4ff73` and `ffd5d0db78`	2019-03-29 17:47:52 -06:00
Sergey G. Brester	6c14f1987f	Update ChangeLog	2019-03-01 12:31:17 +01:00
Sergey G. Brester	410a9804b1	Update ChangeLog	2019-02-22 14:23:05 +01:00
Ben RUBSON	34edec297b	Add changelog entry	2019-02-22 13:33:08 +01:00
Sergey G. Brester	d3f6d6ffdd	Merge pull request #2286 from crazy-max/0.10 New filter `traefik-auth`	2019-02-21 22:27:04 +01:00
Sergey G. Brester	a48d50efc0	Update ChangeLog	2019-02-21 14:37:07 +01:00
Sergey G. Brester	c819a18a0a	Update ChangeLog	2019-02-11 19:15:11 +01:00
Sergey G. Brester	4108e04ab4	Update ChangeLog	2019-01-07 01:50:44 +01:00
sebres	9b96a7de89	fix of SafeConfigParserWithIncludes	2018-12-11 15:39:43 +01:00
CrazyMax	a51f82770b	New filter `traefik-auth`	2018-11-24 22:44:44 +01:00
Sergey G. Brester	0ac5c8941c	Update ChangeLog	2018-11-20 12:39:38 +01:00
sebres	0ae02ba2a1	version bump (back to dev-version)	2018-10-04 11:57:56 +02:00
sebres	aa565eb80e	release 0.10.4 - ten-four-on-due-date-ten-four	2018-10-04 11:26:22 +02:00

1 2 3 4 5 ...

917 Commits (68f827e1f3945b735f214e15b224a926bb4bf170)