github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
3,584 Commits
33 Branches
229 Tags
19 MiB
Commit Graph

1143 Commits (7582f13003879f55a5e2bbb18eff48341e33e432)

Author SHA1 Message Date
Yaroslav Halchenko 593b1210c0 Merge master (commit '0.9.4-79-gaf8b650') into 0.10 
* commit '0.9.4-79-gaf8b650':
  badip timeout option introduced, set to 30 seconds in our test cases (#1463)
  DOC: changelog for recent exim filters tune up
  Asterisk pjsip (#1456)
  BF: finalize that sample log line for exim4
  RF: for consistency use (?:XXX)? instead of (?:|XXX)
  ENH: use non-capturing regex groups in exim-common and exim filters
  ENH: exim filters -- make more use of %(host_info)s which in turn made more flexible
  BF: make :port and I=[ip]:port optional for a "AUTH command used when not advertised"
 2016-06-19 20:06:16 -04:00
Serg G. Brester af8b650a37 badip timeout option introduced, set to 30 seconds in our test cases (#1463) 
cherry-picked from 0.10 (little bit modified in test_badips.py, because no --fast option in test cases)
 2016-06-13 12:56:53 +02:00
sebres e39126f630 badip timeout option introduced, set to 30 seconds in our test cases 2016-06-10 13:15:46 +02:00
Yaroslav Halchenko 636a93f58b Merge pull request #1438 from yarikoptic/bf-exim 
exim filters -- make wider use of host_info helper str susbstitution + fix for #1430
 2016-06-07 21:35:52 -04:00
Ludovic Gasc f85fb45b29 Asterisk pjsip (#1456) 
* Improve PJSIP log support for Asterisk 13+

* Update changelog: filter.d/asterisk.conf - fix security log support for PJSIP and Asterisk 13+

* Change pjsip regexp with sebres observation, thanks to @nturcksin
 2016-06-07 11:40:35 +02:00
sebres 39366e703a Merge branch 'master' into 0.10 
# Conflicts:
#	fail2ban/server/filter.py
 2016-05-31 18:06:18 +02:00
Yaroslav Halchenko 6434661480 RF: for consistency use (?:XXX)? instead of (?:|XXX) 2016-05-30 12:12:53 -04:00
Yaroslav Halchenko 48a8324662 ENH: use non-capturing regex groups in exim-common and exim filters 2016-05-30 11:02:12 -04:00
sebres 8ec4e1189e use raw host (don't use textToIp) if usedns exactly `raw`, because `usedns = no` should ignore no ip failures 2016-05-30 15:34:21 +02:00
Serg G. Brester b6700f3e52 Merge pull request #1433 from yarikoptic/bf-0.10-pf-prevbeh 
BF: maintain previous default beh for pf -- default ban type is multiport
 2016-05-23 15:20:57 +02:00
Yaroslav Halchenko 9bb869b8d4 ENH: courier-smtp -- allow for trailing username (no spaces) in the logline 
Closes #1440
 2016-05-21 22:17:09 -04:00
Yaroslav Halchenko 8b8cf2a660 ENH: exim filters -- make more use of %(host_info)s which in turn made more flexible 2016-05-21 10:29:09 -04:00
Yaroslav Halchenko 743a531eb5 BF: make :port and I=[ip]:port optional for a "AUTH command used when not advertised" 
Closes #1430
 2016-05-21 10:29:01 -04:00
sebres f62266659f Merge branch 'master' into '0.10' 2016-05-21 13:48:00 +02:00
sebres 52377984cd back to mandatory space, ungrouping of sub parameters in `__prefix_line` + small code review; 2016-05-19 17:57:48 +02:00
sebres 0fdc56546f Fixed misunderstanding of port in (ban)action: port will be always specified in jail config ([DEFAULT] or jail) 2016-05-19 17:45:41 +02:00
Yaroslav Halchenko 1ebc3facb1 BF: maintain previous default beh for pf -- ban a port (ssh) only 2016-05-19 17:14:33 +02:00
sebres 4cdca8c258 amend-merge for pull request #1429 from sebres/0.10-freebsd-fix-pf 
actiontype for PF action (all- and multi port)
 2016-05-19 14:52:10 +02:00
sebres 4d51c591c1 pf.conf: warranted consistently echoing for the pf actiontype if actiontype or multiport tags will be customized; 2016-05-19 14:50:41 +02:00
Serg G. Brester 01d9a41ba1 Merge pull request #1429 from koeppea/0.10-freebsd-fix-pf 
actiontype for PF action (all- and multi port)
 2016-05-18 11:12:31 +02:00
Alexander Koeppe b5e031f3c3 some documentation for multiport use in pf.conf 2016-05-17 21:32:21 +02:00
sebres 1e7fd26f5f rename `actionoptions` to `actiontype` in pf-action (multiport) + fixed test cases 2016-05-17 20:51:12 +02:00
sebres 25af11215b test case for generic common moved to `./fail2ban/tests/config/filter.d/zzz-generic-example.conf` to prevent shipping it with fail2ban installations 2016-05-17 20:08:46 +02:00
Alexander Koeppe e74047ae49 revert to common config for PF covering multi and allports 2016-05-17 18:19:40 +02:00
Alexander Koeppe 3e1328c83b split PF config files between all- and multi port 2016-05-17 18:19:27 +02:00
sebres cb4f9be8b2 the date brackets removed from filters using `__prefix_line`, because `__prefix_line` already contains the date ambit; 2016-05-17 11:55:02 +02:00
sebres de813acf51 extends generic `__prefix_line` with optional brackets for the date ambit (gh-1421), added new parameter `__date_ambit` + test case added; 2016-05-17 11:54:43 +02:00
Alexander Koeppe 975608dfb6 no hardcoded python interpreter path 2016-05-15 21:08:32 +02:00
sebres 0c44ecfc77 action.d/firewallcmd-ipset.conf: different name of the match set's for IPv4/IPv6, using conditional <ipmset>, analog to the iptables-ipset; 
test cases for 3 firewallcmd extended;
 2016-05-14 15:01:35 +02:00
TorontoMedia ffebde68e0 Update firewallcmd-multiport.conf 2016-05-13 22:38:36 -04:00
TorontoMedia 07de83e04a Update firewallcmd-common.conf 2016-05-13 22:38:10 -04:00
TorontoMedia 810d5996b5 Update firewallcmd-rich-logging.conf 2016-05-13 22:10:25 -04:00
TorontoMedia 7e54cee8d6 updated firewallcmd actions 2016-05-13 21:36:27 -04:00
sebres 3e49522b7a fixes unexpected extra regex-space in generic `__prefix_line` (gh-1405, misleadingly committed in d2a9537568); 
all optional spaces normalized in generic include `common.conf` + test cases are extended (using new example pseudo-filter and test log `zzz-generic-example`);
 2016-05-13 20:26:37 +02:00
sebres bdc2d07946 fix suhosin_log in common paths - log files should be separated using "\n": 
prevents to throw an error "File option must be 'head' or 'tail'", if jail suhosin will be enabled.
 2016-05-11 18:49:04 +02:00
sebres 504e5ba6f2 actions support IPv6 now: 
- introduced "conditional" sections, see for example `[Init?family=inet6]`;
  - iptables-common and other iptables config(s) made IPv6 capable;
  - several small code optimizations;
* all test cases passed (py3.x compatible);
 2016-05-11 16:54:28 +02:00
sebres 75028585c0 test cases extended for verifying ipv4/ipv6, normalized pf-action with test case 2016-05-11 16:54:25 +02:00
Alexander Koeppe ed2f3ef77d improve PF action and make IPv6 aware 2016-05-11 16:54:22 +02:00
sebres 25d6cf8dd2 fix suhosin_log in common paths - log files should be separated using "\n": 
prevents to throw an error "File option must be 'head' or 'tail'", if jail suhosin will be enabled.
 2016-05-11 16:54:11 +02:00
sebres 8cb4a3f59e move DNTUtils, IPAddr related code to dedicated source file ipdns.py (also resolves some cyclic import references) 2016-05-09 17:06:25 +02:00
Alexander Koeppe db9f3f738f add ip6-loopback to default ignoreip statement 2016-05-09 15:32:42 +02:00
sebres 05f38285f1 Merge remote-tracking branch 'remotes/gh-upstream/master' into f2b-perfom-prepare-716 2016-05-02 15:40:05 +02:00
jungle-boogie d889918f19 update doc url 
direct to confluence page. no code changes.
 2016-04-24 21:35:18 -07:00
Yaroslav Halchenko aa303acfd6 Merge pull request #1381 from theDogOfPavlov/patch-3 
Tightened up exim regexes to catch rDNS entries
 2016-04-23 18:27:38 -04:00
Alexandre Perrin 7712310d2d Be more backward compatible on matching postfix/smtps/smtpd 
Support trailing smtps also and not only smtpd.

suggested by @sebres
 2016-04-14 13:54:58 +02:00
Alexandre Perrin 1a299409e5 Fix postfix/smtps/smtpd matching. 2016-04-14 12:10:58 +02:00
theDogOfPavlov 1eb51b1bc2 Tightened up regexes to catch rDNS entries 2016-04-01 18:07:01 +01:00
Yaroslav Halchenko db2dd070ad Merge pull request #1356 from opoplawski/bug-1354 
Fedora use mariadb by default, fix log path
 2016-03-31 22:11:10 -04:00
Serg G. Brester b9b7ecbf6b Merge pull request #1357 from sebres/monit-new-fltr 
monit filter fixup for the new version (gh-1355)
 2016-03-26 11:39:26 +01:00
TorontoMedia 3d239215cd Two new firewalld actions with rich rules for firewalld-0.3.1+ (gh-1367) 
closes #1367
 2016-03-25 17:28:30 +01:00