fail2ban

Commit Graph

Author	SHA1	Message	Date
sebres	e8401a7e65	action.d/xarf-login-attack.conf: fixes gh-2372, correction for split of addresses, interpolation is shell-independent now, etc; extended with option `boundary`, additionally dynamic boundary part is used (is not so predictable as it was previously);	6 years ago
sebres	741cf8fb0e	Merge branch 'master-0.9' into 0.10	6 years ago
sebres	1a9527e6a4	fixed catch-all on user (and simplifying)	6 years ago
jim	a7f3ba87f6	filter.d/sogo-auth.conf: fixes gh-2289 - matching auth-failures when behind a proxy; (broken by commit `72b06479a5`), replacement for gh-2290.	6 years ago
sebres	3c70fe298a	closes gh-969: introduces new section `[Thread]` and option `stacksize` to configure default stack-size of the threads running in fail2ban. Example: ```ini [Thread] stacksize = 32 ```	6 years ago
sebres	5126068099	loglevel and shortloglevel combined to single parameter loglevel, below an example logging summary with NOTICE and rest with DEBUG log-levels: action = badips.py[... , loglevel="debug, notice"]	6 years ago
benrubson	689938ee99	Add a shortloglevel badips.py option	6 years ago
sebres	140243328f	coverage: try to avoid sporadic "coverage decreased" in CI	6 years ago
Sergey G. Brester	d3f6d6ffdd	Merge pull request #2286 from crazy-max/0.10 New filter `traefik-auth`	6 years ago
Sergey G. Brester	dcede9b3f1	comment rewritten (belongs to the filter)	6 years ago
Sergey G. Brester	d84fb8a4b1	regex rewritten (more secure now, resolves catch-all vulni)	6 years ago
sebres	9ed35c423a	Merge branch '0.9' into 0.10 (gh-2317)	6 years ago
sebres	e651bc7866	amend to #1622 : jail-reader supports now multi-line option for multi-line action parameter: logpath = a.log b.log c.log action = ban[...] = log[logpath="%(logpath)s"] closes gh-2341, ultimate fix for gh-976	6 years ago
sebres	a13fdcf4f7	closes gh-2314: extended regex for mysql 8.0.13 if used logging with details (e. g. log-error-verbosity = 3, so log output has few additional words enclosed in brackets after "[Note]").	6 years ago
Yannik Sembritzki	6b4404b1bc	Fix asterisk filter not catching attackers when port is logged (Fixes #2316 )	6 years ago
CrazyMax	7cdabdd7ae	Update traefik-auth failregex	6 years ago
CrazyMax	a51f82770b	New filter `traefik-auth`	6 years ago
sebres	555b29e8e6	Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10	6 years ago
sebres	1c1d2cc435	introduces new failregex-flag tag `<F-MLFGAINED>` signaled that the access to service was gained (ATM used similar to <F-NOFAIL>, but does not added to matches); filter.d/sshd.conf: extended with new rules: - Disconnecting ...: Change of username or service not allowed - Disconnected from ... [preauth] (extra/aggressive mode only)	6 years ago
dienteperro	0df221b54b	"be" instead of "me" in shorewall.conf	6 years ago
Sergey G. Brester	1752c19b6f	Merge pull request #2205 from benrubson/patch-1 Add loglevel option to badips.py	6 years ago
Sergey G. Brester	65676baf8c	fixed py3 incompatibility (for some reasons this file seems to be excluded from 2to3), anyway not needed, because int-type is already checked in str2LogLevel	6 years ago
Sergey G. Brester	4b751c84c3	badips.py: Rewrite new bool option "log" as "loglevel" and revert default to log-level (DEBUG).	6 years ago
sebres	58b510a5be	filter.d/domino-smtp.conf: - recognizes failures logged using another format (something like session-id, IP enclosed in square brackets); - failregex extended to catch connections rejected for policy reasons (gh-2228);	6 years ago
sebres	d01fe9d22a	action.d/*.conf: correct comments for actionstart/actionstop	6 years ago
Ben RUBSON	9d7c0e00c1	Also log number of IPs removed/added	6 years ago
Ben RUBSON	70e53b55c5	Typo	6 years ago
Ben RUBSON	ec4c4b12c1	Add yes/no log option to badips.py	6 years ago
Sergey G. Brester	ee207d8c31	Merge pull request #2151 from benrubson/merge Apache SNI error / misredirect attempts rules are combined in one regex	6 years ago
Ben RUBSON	77b35b8db7	Improvement	6 years ago
sebres	e2a255d104	fixed typo in comments by "ignoreself" parameter	6 years ago
sebres	e995d5a0b6	filter.d/freeswitch.conf: provide mode parameter, allows to avoid matching of messages like `auth challenge (REGISTER)` (see gh-2163) (currently `extra` as default to be backwards-compatible), see comments in filter how to set it to mode `normal`.	6 years ago
sebres	bc2dbacc9a	filter.d/freeswitch.conf: provide compatibility for log-format from gh-2193: - extended with new default date-pattern `^(?:%%Y-)?%%m-%%d[ T]%%H:%%M:%%S(?:\.%%f)?` to cover `YYYY-mm-dd HH:MM::SS.ms` as well as `mm-dd HH:MM::SS.ms` (so year is optional); - more optional arguments in log-line (so accept [WARN] as well as [WARNING] and optional [SOFIA] hereafter);	6 years ago
sebres	22d37cdce2	sshd: fixed failregex for ddos (resp. aggressive) mode, to cover "authenticating user" case in log-message: Connection closed by authenticating user root 192.0.2.10 ... [preauth] tests extended (also with few injection tries). closes gh-2185.	6 years ago
sebres	8fe07e29ad	filter.d/dovecot.conf: failregex enhancement to catch disconnected with "proxy dest auth failed"; closes gh-2184	6 years ago
Sergey G. Brester	75330568d9	Merge pull request #2168 from dpavlin/dovecot-add-F-USER dovecot: collect F-USER and variants	6 years ago
sebres	6ce67a6d21	coverage	6 years ago
Dobrica Pavlinusic	6f1e789f31	dovecot: collect F-USER and variants We are prefering ruser= if availble because this are credentials presented to dovecot from remote client.	7 years ago
sebres	8cbe1e6b13	Merge pull request #2155	7 years ago
cheese1	43db4411de	small typo	7 years ago
Boris Gulay	a923cd209b	`filter.d/dovecot.conf`: failregex enhancement to catch sql password mismatch errors;	7 years ago
benrubson	f54f6caece	Merge Apache SNI error / misredirect attempts rules	7 years ago
sebres	bba7a6c5cf	amend to (gh-2067) / b34ae5999e0d8ee1af8939527305c13152844b3d: fix parameter in config (dynamic parameters stating with '_' are protected and don't allowed in command-actions); the interpolation of hostsdeny is test-covered now; closes gh-2114.	7 years ago
sebres	8069eef50c	badips: try to fix sporadic test errors if badips-server timed out resp. not available (502 bad gateway or similar).	7 years ago
Michael Grant	57bc502d5c	Update sendmail-reject.conf	7 years ago
Michael Grant	2ab6a5ae62	Update sendmail-auth.conf	7 years ago
Michael Grant	87520e8008	Sendmail logs IPv6 addresses with the prefix 'IPv6:'. Added (IPv6:)? before all <HOST> regexes to match the IPv6 address (but not the prefix).	7 years ago
Luis Aranguren	fc76ccf192	Fixes abuseipdb curl cypher error and comment $f2bV_matches Fixed https://github.com/fail2ban/fail2ban/issues/2044 #2044 and used https://github.com/fail2ban/fail2ban/issues/2039 to fix comment in abuseipdb.com only showing $f2bV_matches	7 years ago
Sergey G. Brester	7bbc26d67e	Merge pull request #2097 from benrubson/sni Detect Apache SNI error / misredirect attempts	7 years ago
benrubson	bd74f7ba8b	Detect Apache SNI error / misredirect attempts, typos	7 years ago

1 2 3 4 5 ...

1482 Commits (6fe6ebe0392332717ce8d65be91d3362fbf09723)