ffd6b9f6de
jail.conf: extended with new parameter `mode` for the filters supporting it;
2017-12-05 16:09:18 +01:00
7e756da2b9
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2017-11-06 18:56:31 +01:00
9876dd44f9
replace port imap3 with imap everywhere, since imap3 is not a standard port and old rarely (if ever) used and missing on some systems
...
(see gh-1942)
2017-11-03 14:03:06 +01:00
4a2fc8b7e8
Include imap (port 143) in courier-auth ports
...
imap was missing from the list of ports, preventing fail2ban from blocking connections on standard IMAP port 143.
2017-11-03 14:01:19 +01:00
b615a98540
jail.conf: avoid overwriting of default value of the parameter `chain` of several actions (where default chain != INPUT);
...
test-cases extended to cover the same logic (use `<known/chain>` instead of fix value `INPUT`);
Closes gh-1949
2017-10-30 13:32:52 +01:00
e07a8cda07
Update jail.conf
...
Documentation of parameters for action blocklist_de, closes gh-1940
2017-10-27 15:26:17 +02:00
b185e7cb04
Merge remote-tracking branch 'upstream/master' into 0.10
2017-09-08 11:11:05 +02:00
fd83260bd8
jail "pass2allow-ftp" should supply blocktype to action
...
closes gh-1884
2017-09-07 18:51:08 +02:00
7013729a1f
removed redundant options for zoneminder from jail.conf
2017-09-04 11:37:05 +02:00
3d45fd2713
implemented yarikoptic's suggestions in fail2ban pull request #1376
2017-09-04 11:37:00 +02:00
a90f6c4ae8
added zoneminder jail and filter
...
# Conflicts:
# config/jail.conf
2017-09-04 11:36:47 +02:00
d09304b897
phpmyadmin-syslog: added default jail config
2017-08-22 19:00:48 +03:00
e26cc5de45
restore backwards compatibility (jail postfix-sasl); changelog update
2017-07-11 11:57:48 +02:00
aa92b68d4a
filter.d/postfix.conf: normalized several postfix-filters using parameter `mode` (as discussed in gh-1813);
...
introduced parameter `mode`: more (default, combines normal and rbl), auth, normal, rbl, ddos, extra or aggressive (combines all)
replacement for gh-1239, gh-1697, gh-1764; closes gh-1245, gh-1297.
2017-07-10 20:49:28 +02:00
d3ae70beb6
filter.d/roundcube-auth.conf: Use the same filter-file and jail also when logging errors to journal instead to a local file.
...
Additionally fixes more complex injections on username.
2017-06-19 18:12:13 +02:00
691c080dc7
Added roundcube authentication filter, new jail and log-examples
2017-06-19 16:52:42 +02:00
99344d28c8
Introduces new tags with hostname:
...
- `<fq-hostname>` - fully-qualified name of host (the same as `$(hostname -f)`)
- `<sh-hostname>` - short hostname (the same as `$(uname -n)`)
Execution of `uname -n` replaced in all mail actions with most interesting fully-qualified `<fq-hostname>`.
2017-04-24 21:17:55 +02:00
5e93bf9bd3
Introduced new option "ignoreself", specifies whether the local resp. own IP addresses should be ignored (default is true).
...
Fail2ban will not ban a host which matches such addresses.
Option "ignoreip" affects additionally to "ignoreself" and don't need to include the DNS resp. IPs of the host self.
2017-03-23 15:52:31 +01:00
0c1707afda
filter.d/sshd.conf:
...
- optional parameter `mode` rewritten: normal (default), ddos, extra or aggressive (combines all), see sshd for regex details);
test cases reformatted (since "filterOptions", we don't need multiple test log-files anymore);
2017-03-10 22:09:11 +01:00
d042981954
Merge pull request #1655 from ajcollett/0.10
...
Added config for AbuseIPDB
2017-03-09 15:15:26 +01:00
62fa02241f
Update jail.conf
2017-03-09 13:31:40 +01:00
e8a1556562
Merge remote-tracking branch 'master' into 0.10
...
# Conflicts:
# fail2ban/tests/samplestestcase.py
2017-01-21 16:59:41 +01:00
628789f9a9
sshd: conditional parameter "mode" for sshd jail (normal, ddos, aggressive)
...
filter sshd-ddos and new filter sshd-aggressive are both derivation of sshd-filter
2017-01-21 15:54:49 +01:00
a4d8426401
Support for IBM Domino SMTP task ( #1603 )
...
filter.d/domino-smtp.conf
2017-01-20 08:44:20 +01:00
c9f32f75e6
Merge branch '0.9-fix-regex-using-journal' into 0.10-fix-regex-using-journal (merge point against 0.9 after back-porting gh-1660 from 0.10)
2017-01-10 11:25:41 +01:00
3991f51f30
Update jail.conf
...
Sigh, added a space back that I somehow missed in Vim, despite it being a rebase...
2017-01-08 09:45:35 +02:00
10d61e0779
Fixed the spaces again
2017-01-08 09:42:15 +02:00
b35391e768
Update jail.conf
...
Fixing spacing
2017-01-08 09:30:00 +02:00
1c41390f7c
Restructured the way the catagories work.
...
Jail.conf is cleaner and abuseipdb.conf is more flexible.
2017-01-08 09:26:11 +02:00
55e107310f
Added config for AbuseIPDB, ony tested on Ubuntu 16.04
2017-01-07 14:24:54 +02:00
45f1d811c9
Merge branch 'alex1702-1586'
2016-11-28 18:54:02 +01:00
67c14afd8e
ChangeLog entry added + jail.conf review
2016-11-28 18:51:23 +01:00
4f5389fee5
Update jail.conf
2016-11-24 19:30:10 +01:00
8ac28e5dcb
Make changes and add test file
2016-11-10 13:09:32 +01:00
8c40766511
Add Mongodb-auth filter and jail
2016-11-10 12:48:24 +01:00
0eea362aa0
Merge branch 'master' into 0.10
2016-08-01 15:10:52 +02:00
b2e3affaa0
adding openldap slapd filter
2016-07-08 04:50:57 +03:00
39366e703a
Merge branch 'master' into 0.10
...
# Conflicts:
# fail2ban/server/filter.py
2016-05-31 18:06:18 +02:00
8ec4e1189e
use raw host (don't use textToIp) if usedns exactly `raw`, because `usedns = no` should ignore no ip failures
2016-05-30 15:34:21 +02:00
db9f3f738f
add ip6-loopback to default ignoreip statement
2016-05-09 15:32:42 +02:00
d7e7b52013
Merge remote-tracking branch 'remotes/gh-upstream/master' into f2b-perfom-prepare-716
2016-03-07 19:11:36 +01:00
3f437b32db
Merge remote-tracking branch 'pr/1288/head'
...
* pr/1288/head:
Update haproxy-http-auth.conf
Added HAProxy HTTP Auth filter
Conflicts:
config/jail.conf - resolved + removed unnecessary filter/enabled (defaults should be as good)
2016-01-28 08:51:45 -05:00
40c0bed82c
action_mw, action_mwl, action_cf_mwl ignore the "sender" option when sending a notification email.
...
This commit adds "sender="%(sender)s"" to the three actions to correct this issue.
2016-01-10 00:05:03 +01:00
5d0d96a5cb
Merge pull request #1286 from yarikoptic/enh-jail
...
ENH: harmonize jail.conf + 1 more test that passed bantime is non-degenerate and int
2016-01-08 08:51:08 -05:00
e133762a28
Added HAProxy HTTP Auth filter
2015-12-31 11:16:23 +10:00
cf334421bd
Provides fail2ban version to jail (as interpolation variable during parse of jail.conf);
...
BF: use `fail2ban_agent` as user-agent in actions badips, blocklist_de, etc. (closes #1271 , closes #1272 )
2015-12-31 01:38:25 +01:00
28c9832293
RF: harmonize jail.conf (no explicit enabled=false in jails, match filter name for screesharingd, etc)
2015-12-29 19:43:52 -05:00
69aa1feac0
Merge "Mac OS Screen Sharing filter" PR 1232
...
* pr/1232/head:
removed system.log
Removed old svn revision comment
removed false matches
Removed includes comment for screensharing jail
Now using a literal logpath for screensharing jail
Fixed blatant typo in regex
clarified comments on sample log format
Fixed name (again?)
Made screensharing jail off by default
Changed regex prequel
added entry for new screensharingd filter
name change & new sample data
Added json metadata
Sample log for test case
Replaced .* with literal
Update jail.conf
Added new path variable for system.log
Added in settings for screensharingd filter
Created file
Conflicts:
ChangeLog - moved to New Features
config/jail.conf - kept at the end
2015-12-29 19:36:59 -05:00
d22b2498d4
normalizing time config entries: use time abbreviation (str2seconds) for all time options such 'dbpurgeage', 'bantime', 'findtime', ex.: default '1d' instead '86400';
...
code review and test case extended;
2015-12-29 12:49:10 +01:00
106c3eab9a
Added filter and jail for murmur/mumble-server.
2015-11-29 15:56:56 +00:00
sebres