github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
692 Commits
33 Branches
229 Tags
19 MiB
Commit Graph

154 Commits (76696d452ae59e0fa161e1f85e31c6411352f966)

Author SHA1 Message Date
Lee Clemens ace43eb941 Added use_dns option in jail.conf 2012-01-09 21:57:33 -05:00
Yaroslav Halchenko 9559fcd3a0 Merge pull request #25 from leeclemens/enh/pyinotify 
ENH: pyinotify
 2012-01-09 18:17:41 -08:00
Yaroslav Halchenko 35201f6690 Merge remote-tracking branch 'gh-keszybz/master' 
* gh-keszybz/master:
  NF: xt_recent-echo action
 2012-01-07 20:59:50 -05:00
Zbigniew Jędrzejewski-Szmek 321670487e NF: xt_recent-echo action 
The default configuration can only be run by root. To actually support
running as a different user, the setup action must be disabled.
 2012-01-06 00:51:03 +01:00
Lee Clemens 8a2e26403a Merge remote-tracking branch 'upstream/master' 2011-12-31 01:57:55 -05:00
Leonardo Chiquitto 4502adfe69 Fix comments to reflect code 
Commit 638bb6652 changed some defaults but the comments still point
to the previous values.
 2011-12-30 12:41:46 -05:00
Lee Clemens e442503133 Added pyinotify backend 2011-12-30 00:18:52 -05:00
Yaroslav Halchenko 4c76fb3b54 ENH: allow trailing white-spaces in lighttpd-auth.conf 
now catches the one in testcases/files/logs/lighttpd
 2011-12-25 10:00:50 -05:00
François Boulogne 683d4f269d modifications suggested by a referee (log ex+regexp) 2011-12-24 22:24:08 +01:00
François Boulogne a7cb20edac add lighttpd-auth jail 2011-12-24 21:56:38 +01:00
François Boulogne b6d9f795dc add filter for lighttpd mod_auth failure 2011-12-24 21:51:18 +01:00
Tom Hendrikx 9fa54cf233 Add Date: header for sendmail*.conf actions 
According to rfc2822, Date: headers are not optional.
Added these to all sendmail action templates, format specification
should conform to rfc and be portable across multiple platforms.
 2011-11-18 16:52:44 -05:00
Yaroslav Halchenko a9be451079 ENH: removed expansion for few Date and Revision SVN keywords 
For consistency of appearance... eventually we might just remove them
altogether
 2011-11-18 10:14:39 -05:00
Yaroslav Halchenko dad91f7969 ENH: sshd.conf -- allow user names to have spaces and trailing spaces in the line 
absorbed from patches carried by Debian distribution of f2b
 2011-11-18 10:07:13 -05:00
Yaroslav Halchenko ed0bf3ad96 Removed duplicate entry for DataCha0s/2\.0 in badbots (closes: #519557) 2011-11-18 09:40:56 -05:00
Adam Spiers 3152afbdc2 Recognise time-stamped kernel messages 
e.g.

Sep 25 12:51:04 myhost kernel: [773580.832329] sshd[25557]: Invalid user pgsql from 91.203.223.206

This fixes the sshd filter on Fedora 15, and probably other filters on
other newish distros too.
 2011-09-28 12:46:28 -04:00
Yaroslav Halchenko 3eb5e3b876 BF: Allow for trailing spaces in sasl logs 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@783 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-08-07 02:41:08 +00:00
Yaroslav Halchenko 02be7d03b2 BF: use standard/reserved example.com instead of mail.com 
Adapted from fail2ban-0.8.4-examplemail.patch in Fedora:
http://sophie.zarb.org/sources/fail2ban/fail2ban-0.8.4-examplemail.patch

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@777 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-05-07 03:16:40 +00:00
Yaroslav Halchenko 6d25310e28 ENH: Adding author for dovecot filter and prunning unneeded space in the regexp 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@776 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 21:38:26 +00:00
Yaroslav Halchenko eab9af9caa BF: proftpd filter -- if login failed -- count regardless of the reason for failure 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@775 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:37:19 +00:00
Yaroslav Halchenko d4b89d8404 BF: Allow for trailing spaces in proftpd logs 
See http://bugs.debian.org/507986

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@774 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:37:10 +00:00
Yaroslav Halchenko 1cb48bbc96 BF: escaping () in pure-ftpd filter. Thanks Teodor 
See http://bugs.debian.org/544744

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@773 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:37:00 +00:00
Yaroslav Halchenko 02e7dfb099 BF: allow space in the trailing of failregex for sasl.conf: see http://bugs.debian.org/573314 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@772 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:36:50 +00:00
Yaroslav Halchenko 3831fbf98b ENH: add <chain> to action.d/iptables*. Thanks Matthijs Kooijman: see http://bugs.debian.org/515599 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@771 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:36:41 +00:00
Yaroslav Halchenko 6558c03f8e NF: Adding found on a drive filter.d/dovecot.conf 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@770 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:36:28 +00:00
Yaroslav Halchenko 10faba5163 ENH: make filter.d/apache-overflows.conf catch more: see http://bugs.debian.org/574182 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@769 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:36:17 +00:00
Yaroslav Halchenko 0073ba3838 ENH: dropbear filter: see http://bugs.debian.org/546913 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@768 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:36:08 +00:00
Yaroslav Halchenko 638bb66523 BF: Use /var/run/fail2ban instead of /tmp for temp files in actions: see http://bugs.debian.org/544232 
It should be robust since /var/run/fail2ban is guaranteed to exist to carry the
socket file, and it will be owned by root (or some other dedicated fail2ban
user) thus avoiding possibility for the exploit

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@767 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2011-03-23 20:35:56 +00:00
Yaroslav Halchenko 7b54c7b33b spellcheck jail.conf. Thanks Christoph Anton Mitterer 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@766 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2010-09-27 13:18:32 +00:00
Yaroslav Halchenko 521631cfcc default ignoreip to ignore entire loopback zone (/8): see http://bugs.debian.org/598200 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@765 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2010-09-27 13:10:48 +00:00
Yaroslav Halchenko dabe3aeae1 disabling entirely named-refused-udp jail with a big fat warning 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@761 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2010-06-29 01:34:08 +00:00
Arturo 'Buanzo' Busleiman b91595dd11 Disabled jail lighttpd-fastcgi by default. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@747 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-08-31 13:57:32 +00:00
Arturo 'Buanzo' Busleiman dde7afe1f3 added two new filter files (PHP url_fopen, lighttpd fastcgi alerts), updated MANIFEST and jail.conf accordingly 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@742 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-08-30 14:17:29 +00:00
Cyril Jaquier 55fd21ec4b - Made the named-refused regex a bit less restrictive in order to match logs with "view". Thanks to Stephen Gildea. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@730 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-02-09 20:27:35 +00:00
Cyril Jaquier abd061bad8 - Changed <HOST> template to be more restrictive. Debian bug #514163. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@728 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-02-08 17:31:24 +00:00
Cyril Jaquier 7fd0300a73 - Added cyrus-imap and sieve filters. Thanks to Jan Wagner. Debian bug #513953. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@727 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-02-03 22:37:46 +00:00
Cyril Jaquier 376f348823 - Pull a commit from Yaroslav git repo. BF: addressing added bang to ssh log (closes: #512193). 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@726 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-02-03 21:56:03 +00:00
Cyril Jaquier e86e7d002e - Added missing semi-colon in the bind9 example. Thanks to Yaroslav Halchenko. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@725 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-02-03 21:51:32 +00:00
Cyril Jaquier e16c18d091 - Added NetBSD ipfilter (ipf command) action. Thanks to Ed Ravin. Tracker #2484115. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@724 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-01-27 23:39:38 +00:00
Cyril Jaquier e46e8ed32e - Improved SASL filter. Thanks to Loic Pefferkorn. Tracker #2310410. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@723 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2009-01-27 23:35:46 +00:00
Cyril Jaquier 6cd56802bb - Added actions to report abuse to ISP, DShield and myNetWatchman. Thanks to Russell Odom. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@717 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2008-10-13 14:56:54 +00:00
Cyril Jaquier 622218271d - Added svn:keywords property. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@716 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2008-10-13 14:38:41 +00:00
Cyril Jaquier bb8e610795 - Added apache-nohome.conf. Thanks to Yaroslav Halchenko. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@715 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2008-10-13 14:37:25 +00:00
Cyril Jaquier 391a38a7a8 - Added new regex. Thanks to Tobias Offermann. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@713 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2008-10-10 16:00:10 +00:00
Cyril Jaquier 3615c8ec81 - Improved pattern. Thanks to Yaroslav Halchenko. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@707 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2008-08-12 19:20:02 +00:00
Cyril Jaquier 155c4652a4 - Merged patches from Debian package. Thanks to Yaroslav Halchenko. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@706 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2008-07-22 22:29:57 +00:00
Cyril Jaquier 9ed39a4387 - Send file if the number of lines is greater or equal and not only equal to the limit. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@701 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2008-07-16 21:11:42 +00:00
Cyril Jaquier 11c8c71014 - Added missing ignoreregex to filters. Thanks to Klaus Lehmann. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@699 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2008-05-21 22:17:00 +00:00
Cyril Jaquier 7dde8d6694 - Added svn:keywords. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@684 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2008-04-07 22:45:37 +00:00
Cyril Jaquier a32f04b0cb - Added gssftpd filter. Thanks to Kevin Zembower. 
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@683 a942ae1a-1317-0410-a47c-b1dcaea8d605
 2008-04-07 22:41:19 +00:00