sebres
ffd6b9f6de
jail.conf: extended with new parameter `mode` for the filters supporting it;
7 years ago
sebres
7e756da2b9
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
7 years ago
Serg G. Brester
9876dd44f9
replace port imap3 with imap everywhere, since imap3 is not a standard port and old rarely (if ever) used and missing on some systems
...
(see gh-1942)
7 years ago
Jeff Potter
4a2fc8b7e8
Include imap (port 143) in courier-auth ports
...
imap was missing from the list of ports, preventing fail2ban from blocking connections on standard IMAP port 143.
7 years ago
sebres
b615a98540
jail.conf: avoid overwriting of default value of the parameter `chain` of several actions (where default chain != INPUT);
...
test-cases extended to cover the same logic (use `<known/chain>` instead of fix value `INPUT`);
Closes gh-1949
7 years ago
Serg G. Brester
e07a8cda07
Update jail.conf
...
Documentation of parameters for action blocklist_de, closes gh-1940
7 years ago
sebres
b185e7cb04
Merge remote-tracking branch 'upstream/master' into 0.10
7 years ago
Serg G. Brester
fd83260bd8
jail "pass2allow-ftp" should supply blocktype to action
...
closes gh-1884
7 years ago
john
7013729a1f
removed redundant options for zoneminder from jail.conf
7 years ago
john
3d45fd2713
implemented yarikoptic's suggestions in fail2ban pull request #1376
7 years ago
john
a90f6c4ae8
added zoneminder jail and filter
...
# Conflicts:
# config/jail.conf
7 years ago
Pavel Mihadyuk
d09304b897
phpmyadmin-syslog: added default jail config
7 years ago
sebres
e26cc5de45
restore backwards compatibility (jail postfix-sasl); changelog update
8 years ago
sebres
aa92b68d4a
filter.d/postfix.conf: normalized several postfix-filters using parameter `mode` (as discussed in gh-1813);
...
introduced parameter `mode`: more (default, combines normal and rbl), auth, normal, rbl, ddos, extra or aggressive (combines all)
replacement for gh-1239, gh-1697, gh-1764; closes gh-1245, gh-1297.
8 years ago
sebres
d3ae70beb6
filter.d/roundcube-auth.conf: Use the same filter-file and jail also when logging errors to journal instead to a local file.
...
Additionally fixes more complex injections on username.
8 years ago
Johannes Weberhofer
691c080dc7
Added roundcube authentication filter, new jail and log-examples
8 years ago
sebres
99344d28c8
Introduces new tags with hostname:
...
- `<fq-hostname>` - fully-qualified name of host (the same as `$(hostname -f)`)
- `<sh-hostname>` - short hostname (the same as `$(uname -n)`)
Execution of `uname -n` replaced in all mail actions with most interesting fully-qualified `<fq-hostname>`.
8 years ago
sebres
5e93bf9bd3
Introduced new option "ignoreself", specifies whether the local resp. own IP addresses should be ignored (default is true).
...
Fail2ban will not ban a host which matches such addresses.
Option "ignoreip" affects additionally to "ignoreself" and don't need to include the DNS resp. IPs of the host self.
8 years ago
sebres
0c1707afda
filter.d/sshd.conf:
...
- optional parameter `mode` rewritten: normal (default), ddos, extra or aggressive (combines all), see sshd for regex details);
test cases reformatted (since "filterOptions", we don't need multiple test log-files anymore);
8 years ago
Serg G. Brester
d042981954
Merge pull request #1655 from ajcollett/0.10
...
Added config for AbuseIPDB
8 years ago
Serg G. Brester
62fa02241f
Update jail.conf
8 years ago
sebres
e8a1556562
Merge remote-tracking branch 'master' into 0.10
...
# Conflicts:
# fail2ban/tests/samplestestcase.py
8 years ago
sebres
628789f9a9
sshd: conditional parameter "mode" for sshd jail (normal, ddos, aggressive)
...
filter sshd-ddos and new filter sshd-aggressive are both derivation of sshd-filter
8 years ago
Christian Brandlehner
a4d8426401
Support for IBM Domino SMTP task ( #1603 )
...
filter.d/domino-smtp.conf
8 years ago
sebres
c9f32f75e6
Merge branch '0.9-fix-regex-using-journal' into 0.10-fix-regex-using-journal (merge point against 0.9 after back-porting gh-1660 from 0.10)
8 years ago
Andrew James Collett
3991f51f30
Update jail.conf
...
Sigh, added a space back that I somehow missed in Vim, despite it being a rebase...
8 years ago
Andrew James Collett
10d61e0779
Fixed the spaces again
8 years ago
Andrew James Collett
b35391e768
Update jail.conf
...
Fixing spacing
8 years ago
Andrew James Collett
1c41390f7c
Restructured the way the catagories work.
...
Jail.conf is cleaner and abuseipdb.conf is more flexible.
8 years ago
Andrew James Collett
55e107310f
Added config for AbuseIPDB, ony tested on Ubuntu 16.04
8 years ago
sebres
45f1d811c9
Merge branch 'alex1702-1586'
8 years ago
sebres
67c14afd8e
ChangeLog entry added + jail.conf review
8 years ago
Serg G. Brester
4f5389fee5
Update jail.conf
8 years ago
Alex
8ac28e5dcb
Make changes and add test file
8 years ago
Alex
8c40766511
Add Mongodb-auth filter and jail
8 years ago
sebres
0eea362aa0
Merge branch 'master' into 0.10
8 years ago
Andrii Melnyk
b2e3affaa0
adding openldap slapd filter
9 years ago
sebres
39366e703a
Merge branch 'master' into 0.10
...
# Conflicts:
# fail2ban/server/filter.py
9 years ago
sebres
8ec4e1189e
use raw host (don't use textToIp) if usedns exactly `raw`, because `usedns = no` should ignore no ip failures
9 years ago
Alexander Koeppe
db9f3f738f
add ip6-loopback to default ignoreip statement
9 years ago
sebres
d7e7b52013
Merge remote-tracking branch 'remotes/gh-upstream/master' into f2b-perfom-prepare-716
9 years ago
Yaroslav Halchenko
3f437b32db
Merge remote-tracking branch 'pr/1288/head'
...
* pr/1288/head:
Update haproxy-http-auth.conf
Added HAProxy HTTP Auth filter
Conflicts:
config/jail.conf - resolved + removed unnecessary filter/enabled (defaults should be as good)
9 years ago
local
40c0bed82c
action_mw, action_mwl, action_cf_mwl ignore the "sender" option when sending a notification email.
...
This commit adds "sender="%(sender)s"" to the three actions to correct this issue.
9 years ago
Yaroslav Halchenko
5d0d96a5cb
Merge pull request #1286 from yarikoptic/enh-jail
...
ENH: harmonize jail.conf + 1 more test that passed bantime is non-degenerate and int
9 years ago
Jordan Moeser
e133762a28
Added HAProxy HTTP Auth filter
9 years ago
sebres
cf334421bd
Provides fail2ban version to jail (as interpolation variable during parse of jail.conf);
...
BF: use `fail2ban_agent` as user-agent in actions badips, blocklist_de, etc. (closes #1271 , closes #1272 )
9 years ago
Yaroslav Halchenko
28c9832293
RF: harmonize jail.conf (no explicit enabled=false in jails, match filter name for screesharingd, etc)
9 years ago
Yaroslav Halchenko
69aa1feac0
Merge "Mac OS Screen Sharing filter" PR 1232
...
* pr/1232/head:
removed system.log
Removed old svn revision comment
removed false matches
Removed includes comment for screensharing jail
Now using a literal logpath for screensharing jail
Fixed blatant typo in regex
clarified comments on sample log format
Fixed name (again?)
Made screensharing jail off by default
Changed regex prequel
added entry for new screensharingd filter
name change & new sample data
Added json metadata
Sample log for test case
Replaced .* with literal
Update jail.conf
Added new path variable for system.log
Added in settings for screensharingd filter
Created file
Conflicts:
ChangeLog - moved to New Features
config/jail.conf - kept at the end
9 years ago
sebres
d22b2498d4
normalizing time config entries: use time abbreviation (str2seconds) for all time options such 'dbpurgeage', 'bantime', 'findtime', ex.: default '1d' instead '86400';
...
code review and test case extended;
9 years ago
Ross Brown
106c3eab9a
Added filter and jail for murmur/mumble-server.
9 years ago