351eb5ec8f
ENH: filter.d/qmail - anchor at start. Add another regex for http://www.tjsi.com/rblsmtpd/faq/ patch to rblsmtpd
2013-10-09 16:44:48 +11:00
eb59a57b7f
ENH: tighten pam_unix expression for dovecot
2013-10-09 14:54:36 +11:00
864d2f41b9
ENH: auth-worker as per of _daemon definition for dovecot
2013-10-09 14:52:17 +11:00
2d1bd54439
Merge pull request #379 from grooverdan/webmin
...
ENH: filter.d/webmin anchor at start and use syslog
2013-10-08 20:13:14 -07:00
500968874e
Merge pull request #381 from grooverdan/suhosin
...
ENH: filter.d/suhosin - anchor regex at start
2013-10-08 19:49:51 -07:00
a7b1b802e0
Merge pull request #382 from grooverdan/vsftpd
...
Vsftpd
2013-10-08 19:47:38 -07:00
f0b91fcede
Merge pull request #380 from grooverdan/sogo
...
ENH: filter.d/sogo-auth - anchor regex at start
2013-10-08 19:41:55 -07:00
df313649a4
ENH: escape . in recidive filter
2013-10-09 12:32:06 +11:00
1a5e17f2a3
BF: use blocktype for iptables-ipset-proto6*
2013-10-09 11:59:16 +11:00
dcb845f17c
ENH: add iptables-ipset-proto6-allports for blocking all ports
2013-10-09 11:57:35 +11:00
2a1d629d88
BF: webmin -> webmin-auth
2013-10-09 11:08:44 +11:00
ab457acc4d
BF: fix name in action for uwimap-auth
2013-10-09 11:06:38 +11:00
0beea03914
ENH: jail.conf example for webmin
2013-10-09 11:05:50 +11:00
d60f470096
ENH: added to dovecot filter. closes gh-325
2013-10-09 10:09:06 +11:00
5a2623f0df
ENH: reorder osx-ipfw jail defination to near the other ssh examples
2013-10-09 09:26:36 +11:00
359210f224
ENH: filter.d/squirrelmail added
2013-10-08 20:37:33 +11:00
46386412a4
ENH: filter.d/vsftpd - pam regex as syslog and anchored at start
2013-10-05 20:02:40 +10:00
1519712972
ENH: filter.d/vsftpd anchor internal regex at start
2013-10-05 20:02:21 +10:00
9637c27873
ENH: filter.d/suhosin - anchor regex at start
2013-10-05 19:39:39 +10:00
13bcc9aa84
ENH: filter.d/sogo-auth - anchor regex at start
2013-10-05 19:27:07 +10:00
b64bf3fa7b
ENH: filter.d/webmin anchor at start and use syslog
2013-10-05 19:18:44 +10:00
f4c7c8f4b3
ENH: sasl - anchor regex at start
2013-10-05 18:59:41 +10:00
23dd734aa9
Merge pull request #366 from grooverdan/dovecot
...
ENH: dovecot regex to match failure reported by Bob Cohen on mailing lis...
2013-10-01 15:50:39 -07:00
f998e01590
Merge pull request #359 from grooverdan/pureftpd
...
ENH: Pureftpd syslog prefixing and filter achoring
2013-10-01 15:14:33 -07:00
ba8183b116
Merge pull request #372 from grooverdan/uw-imap
...
ENH: filter.d/uwimap-auth added. Closes #18
2013-10-01 15:13:11 -07:00
262616f7a7
ENH: filter.d/uwimap-auth - failure of an admin override to regex
2013-10-01 22:32:57 +10:00
9211179d30
ENH: filter.d/uwimap-auth - add "disabled" to regex
2013-10-01 22:10:33 +10:00
4649cf9608
ENH: separate selinux and selinux-ssh
2013-10-01 20:21:45 +10:00
791183b639
ENH: filter.d/uwimap-auth - add SYSTEM BREAK-IN ATTEMPT
2013-10-01 10:10:53 +10:00
a1eaa5f755
ENH: filter.d/selinxu added. Closes #296
2013-10-01 09:59:15 +10:00
778f09debe
DOC/ENH: __md5hex regex defination to common.conf. Document debian bug #
2013-10-01 09:03:33 +10:00
b3b62d65bf
ENH: filter.d/uwimap-auth added. Closes #18
2013-09-29 18:06:27 +10:00
f2ae20a3b8
BF: filter.d/sshd group on md5hex and () for serial needed to be escaped
2013-09-29 17:44:45 +10:00
1eeb6e94bd
BF: fix regex for openssh-6.3
2013-09-29 17:28:33 +10:00
e12d389c65
MRG/DOC: jail.conf resolution, ChangeLog fixes
2013-09-29 08:21:13 +10:00
74434694dc
BF: more duplicate jail.conf entries - 3proxy exim{,-spam}, perdition
2013-09-28 21:38:15 +10:00
5cf25a63df
BF: remove duplicate ssh-pf in jail.conf
2013-09-28 21:31:45 +10:00
b6bf26c9f2
dont' need to set a default name
2013-09-25 18:37:22 -04:00
4187e87b69
don't enabel ssh-apf jail by default
2013-09-25 18:35:09 -04:00
f9f4d2728f
add an example jail for apf action and ssh filter
2013-09-25 17:59:37 -04:00
2668adc896
Merge branch 'master' of github.com:fail2ban/fail2ban
2013-09-25 17:54:38 -04:00
1af4543aca
ability to name the jail that banned the IP with apf
2013-09-25 17:52:34 -04:00
dd9ee4c39a
quotes around the comment put in apf's deny_hosts.rules file
2013-09-25 17:51:25 -04:00
e64493c328
use human readable/longer options when banning and un-banning IPs with apf
2013-09-25 16:44:10 -04:00
c692912a82
don't hardcode absolute path for apf firewall
2013-09-25 16:38:45 -04:00
66aff43d68
remove un-needed '$' line
2013-09-25 16:37:58 -04:00
9805d39b60
MRG: merge date changes to support timezones
2013-09-20 18:22:32 +10:00
8c2a5612ed
DOC: resolve ChangeLog conflicts
2013-09-19 19:38:28 +10:00
2a805452c6
DOC: resolve ChangeLog conflicts
2013-09-19 19:28:39 +10:00
8e9fab9b3c
Merge branch 'master' of https://github.com/fail2ban/fail2ban
2013-09-19 19:25:47 +10:00
3be7dcd701
DOC: resolve ChangeLog conflicts
2013-09-19 19:23:02 +10:00
89e0520675
ENH: dovecot regex to match failure reported by Bob Cohen on mailing list
2013-09-19 08:25:50 +10:00
c3ee03b9ba
BF: fix daemon name typo for filter proftpd
2013-09-18 07:32:26 +10:00
39ca8837eb
TST: pureftpd - syslog therefore use syslog prefixes in filter
2013-09-17 22:24:56 +10:00
30bb1a77a3
ENH: added syslog prefix to pam-generic filter. Disable regex match for pre 2006 (< 0.99.2.0) versions on linux-pam
2013-09-17 10:50:46 +10:00
ee497ff1cb
ENH: filter mysqld-auth can be a is a syslog based service so anchor it using syslog prefix
2013-09-17 07:57:19 +10:00
13ec9d58c0
ENH: filter gssftpd is a syslog based service so anchor it using syslog prefix
2013-09-17 07:25:23 +10:00
673cc4d77f
ENH: anchor at end of recidive filter
2013-09-16 18:43:56 +10:00
504111b0b1
ENH: filter.d/recidive - anchor regex at start and support f2b SYSLOG target
2013-09-16 01:22:42 +10:00
060bd45295
ENH - Added server name to subject line in email notifications
...
This is useful when fail2ban is running on multiple servers and
keeping the notifictions separate and knowing which machine is "under
attack".
2013-09-08 15:21:58 -07:00
8c1b828423
BF: capture of microseconds no longer needed. Closes gh-341
2013-09-09 03:41:12 +10:00
d0098b0213
ENH: add timezone offest and subsecond support to Datedetector
2013-09-09 03:37:59 +10:00
1f1a56174f
MRG: merge from master
2013-09-08 21:02:35 +10:00
ad291d7e38
Merge pull request #346 from grooverdan/bsd-ipfw-default-unreach-port
...
BF: action.d/bsd-ipfw - use blocktype instead of unused action for icmp ...
2013-09-04 16:18:19 -07:00
e5f1a7f050
Merge pull request #344 from grooverdan/osx
...
ENH: OSX ipfw based on Andy Fragen's work
2013-09-04 16:16:16 -07:00
4face1f3e7
MRG: resolve conficts in action.d/osx-ipfw design
2013-09-05 09:07:10 +10:00
d258a51a23
after some research it looks like setting to unreachable better than deny
2013-09-04 11:28:03 -07:00
fe557e5900
more specific actionunban
2013-09-01 13:09:51 -07:00
a4884f82cd
add mods from grooverdan and fix actionunban
...
actionunban still not working in grooverdan's mod. I made this one grep both <ip> and <port>. It should be more specific if the same <ip> is banned on multiple ports.
2013-08-31 08:39:19 -07:00
6b0e2289d4
Merge pull request #335 from grooverdan/gh-333-bind
...
ENH: filter.d/named-refused.conf - BIND 9.9.3 regex changes. Closes gh-333
2013-08-30 21:34:22 -07:00
f2bcf84893
BF: action.d/bsd-ipfw - use blocktype instead of unused action for icmp rejecting blocked packets
2013-08-31 11:40:04 +10:00
749f215089
ENH: port optional
2013-08-31 11:07:15 +10:00
8b22fa15b5
BF: reverted to simplier random rulenum. If your machine is handling 1000s of block the addition complexity isnt what you want
2013-08-31 11:03:01 +10:00
b31799a322
ENH: add action.d/osx-afctl anonymously contributed on f2b wiki
2013-08-31 10:51:04 +10:00
808aa1a792
ENH: added jail.conf example. closes gh-340
2013-08-31 09:39:21 +10:00
5741348f45
ENH: more options and ruggedness to prevent unintensional consequences
2013-08-31 09:38:18 +10:00
52bd0f86a8
Merge branch 'osx-ipfw' of https://github.com/afragen/fail2ban into osx
2013-08-31 09:09:04 +10:00
7cc3e8a8c0
BF: Invert expression on actionstop in bsd-ipfw.conf to ensure exit status 0 on success. Closes gh-343
2013-08-31 08:59:02 +10:00
15f2f38972
ENH: anchor regex at start
2013-08-28 12:32:40 +10:00
d5684a0834
BF: filter.d/routecube-auth - time offset can be positive or negative
2013-08-28 11:57:38 +10:00
a401d11644
ENH: add regex for bad zone transfer request/ TST: add test for bind-9.9 zone transfer denied
2013-08-28 00:53:08 +10:00
ef504c869f
added osx specific ipfw action with random rulenum
2013-08-26 16:06:23 -07:00
265a85ec1f
RF: do not catch for now "invalid nonce \S* received - hash is not \S*" -- imho needs more analysis
2013-08-26 09:48:56 -04:00
b8e7d0b867
ENH: further tighten lighttpd basic auth regex
2013-08-26 08:51:40 +10:00
a7ebb84a7d
ENH: tighted up lighttpd regex
2013-08-26 08:42:45 +10:00
e133b9f1d1
MAINT: add support for lightty1.4.31
2013-08-25 21:29:43 +02:00
ca4729e943
ENH: filter.d/exim.conf - add authentication failures for "plain" authentication
2013-08-25 23:02:10 +10:00
ef903db3c9
ENH: filter.d/named-refused.conf - BIND 9.9.3 regex changes. Closes gh-333
2013-08-25 22:44:30 +10:00
cfb7dba268
DOC: merge ChangeLog
2013-08-25 21:26:13 +10:00
b589533d69
Merge branch 'master' into kwirk-merge
...
Conflicts:
ChangeLog
testcases/files/logs/dropbear
2013-08-25 21:21:14 +10:00
fd7cc5bda7
BF: duplicate regex match fixed
2013-08-25 21:13:11 +10:00
6a56727669
BF: apache-common regex - datetime could be entirely consumed
2013-08-25 18:30:30 +10:00
a9eb8a76c6
merge of change log and apache-auth differences
2013-08-25 16:51:35 +10:00
4e5feed7fc
Merge pull request #8 from grooverdan/gh-303-merge-2
...
training space on wuftp
2013-08-21 12:21:09 -07:00
aad7d08451
BF: disable filter expressions without tests
2013-08-20 07:33:35 +10:00
42f3aa9f62
Merge pull request #329 from grooverdan/bind-unauth-zonetransfer
...
Bind unauth zonetransfer. Closes #323
2013-08-19 06:48:13 -07:00
6a36ff1a4a
BF: order mailx arguments with dest email address last - redhat bugzilla 998020. Closes gh-328
2013-08-19 22:36:58 +10:00
c44328b1a3
ENH: new "realm mismatch" message from https://issues.apache.org/bugzilla/show_bug.cgi?id=55284#c8
2013-08-19 22:04:55 +10:00
ea7cba4205
ENH: trailing space as per discussion on gh-303
2013-08-19 21:42:43 +10:00
61d43608ae
ENH: filter.d/postfix - add filter for VRFY. Closes gh-322
2013-08-19 18:42:39 +10:00
5d451bc4d6
ENH: add refused zone tranfer to named-refused filter. closes #323
2013-08-18 22:19:31 +10:00
53e16e07ad
ENH: Minor tweak on previous commit proftpd regex changes
2013-08-09 19:04:26 +01:00
9002de069e
ENH: Improve proftpd regex.
...
Taken from @yarikoptic comment:
https://github.com/fail2ban/fail2ban/pull/303#discussion_r5687500
2013-08-09 18:54:08 +01:00
31a78b2711
Use /var/run/fail2ban in config/action.d/dummy.conf
2013-08-08 20:41:44 -06:00
e7d5e466b9
Merge branch 'enh/asterisk_and_dropbear_filters'
...
* enh/asterisk_and_dropbear_filters:
ENH: hardened added dropbear failregex to avoid trailing .* and enclose username in ''
minor: consistent indentation in dropbear.conf
https://github.com/fail2ban/fail2ban/issues/306
fail2ban-users: Sebastian Arcus - Detect device auth failures on Asterisk 11
2013-08-08 09:59:24 -04:00
4e0ddc5f67
ENH: hardened added dropbear failregex to avoid trailing .* and enclose username in ''
2013-08-08 09:58:36 -04:00
9487ee5562
minor: consistent indentation in dropbear.conf
2013-08-08 09:54:15 -04:00
d8883f4346
DOC: Notes about 401 responses and how apache logs this
2013-07-29 08:59:25 +10:00
7b2773889d
TST: apache-auth filter - nonce timetravel tests + other expression fixes
2013-07-29 02:29:04 +10:00
0fb04cb2f0
ENH: filter enhancements on mod-digest (with test cases) for apache-auth (httpd-2.4.4)
2013-07-28 22:00:55 +10:00
d5291517a7
MISC: merge from master
2013-07-28 19:43:54 +10:00
56faf7f5ad
DOC: fix ChangeLog merge
2013-07-28 18:02:38 +10:00
a355fab91b
https://github.com/fail2ban/fail2ban/issues/306
...
Fix regex for latest dropbear (keep backwards compatibility). Add test case logfiles.
Signed-off-by: Jamyn Shanley <jshanley@gmail.com>
2013-07-27 03:43:32 +00:00
8936f2cd02
fail2ban-users: Sebastian Arcus - Detect device auth failures on Asterisk 11
2013-07-27 00:06:06 +00:00
2f4aaa9fb9
ENH: Simplify sieve filter failregex
2013-07-26 12:01:09 +01:00
b5639a8672
ENH: Simplify cyrus-imap filter fail regex
2013-07-26 11:55:09 +01:00
27feb57e80
Merge pull request #299 from kwirk/datepatterns-dateregex
...
Custom date templates and date detector changes
2013-07-26 03:53:40 -07:00
8f532f9148
NIT: space remove
2013-07-24 11:29:58 +10:00
7d7ef08145
ENH: authentication_id can be an imap4 quoted string, whatever that is, so using .+ as its id
2013-07-24 10:44:52 +10:00
abc4146079
ENH: perdition proxies other types hence daemon can include (perdidtion.(imap|pop)s?|managesieve). Also support local authentication resulting in the log message: local authentication failure
2013-07-24 10:27:12 +10:00
cf1e5bdbc2
ENH: Tweak proftpd regex and add sample logs
...
Needed to add optional ":" post __pid_re, and for consistency, decided
to make use of __prefix_line instead which includes this.
2013-07-21 22:03:49 +01:00
8b9bafda79
ENH: Change lighttpd-fastcgi to suhosin, and improve regex and samples
...
suhosin is hardened php implmentation, which will log the alerts (as
seen in samples) to stderr, which is picked up by fastcgi webserver
(e.g. lighttpd, apache, nginx)
2013-07-21 16:35:37 +01:00
4033857f63
ENH: Improve xinetd-fail regex and add sample logs
2013-07-21 15:44:09 +01:00
a11f91b835
ENH: Improve cyrus-imap regex and add extra sample line
2013-07-20 17:28:28 +01:00
534be189dc
ENH: Improve sieve regex and add sample line
2013-07-20 17:26:09 +01:00
ab671b0b1a
ENH: Improve wuftpd failregex, drop duplicate pam regex and add sample
...
For wu-ftpd configured to use pam, the pam filter used be used, as regex
is more robust.
2013-07-20 16:34:24 +01:00
57a6c11260
ENH: Improve courierlogin regex and add sample logs
2013-07-20 15:53:18 +01:00
bd175f0267
ENH: Improve cyrus-imap regex and add sample log file
2013-07-20 15:38:29 +01:00
83a80a29ea
ENH: Improve couriersmtp and add sample logs
2013-07-20 15:34:00 +01:00
eb2f0c9272
ENH: Improve postfix regex and add more samples
2013-07-20 15:31:21 +01:00
5cfe108186
ENH: filter enhancements (with test cases) for apache-auth (httpd-2.4.4)
2013-07-20 22:21:08 +10:00
6fdfd8d356
BF: fix port
2013-07-20 15:09:25 +10:00
eea5b071e6
ENH: jail for perdition
2013-07-19 20:27:15 +10:00
fcf79b475f
ENH: new filter perdition.conf
2013-07-19 20:14:53 +10:00
26b472f70f
ENH: Add ejabberd-auth filter and sample log lines
2013-07-18 21:31:51 +01:00
d661b8c046
BF: Apache regex and sample fail data update due to date pattern changes
2013-07-17 21:09:30 +01:00
03ec7c211b
ENH: could not find a way to trigger filter ^%(_apache_error_client)s authorization failure \(no authenticated user\): \S*\s*$
2013-07-18 00:37:33 +10:00
8ce9c78474
TST: apache-auth digest logs
2013-07-18 00:36:17 +10:00
f8b5b3a1ef
ENH: apache-auth - quite a lot of authorization failure messages depending on module. Make a wildcard
2013-07-17 23:31:44 +10:00
4eca2c0bd5
TST: apache-auth client denied by server configuration
2013-07-17 23:24:19 +10:00
e0292913eb
ENH/TST: filter, testcase and log entry for apache-auth authorization scheme mod_authz_owner
2013-07-17 23:05:04 +10:00
1eea0dcec8
Merge branch 'master' into 0.9
...
Conflicts:
ChangeLog
bin/fail2ban-regex
bin/fail2ban-testcases
config/jail.conf
fail2ban/server/failregex.py
fail2ban/server/filter.py
fail2ban/tests/files/logs/lighttpd
fail2ban/tests/files/logs/mysqld.log
fail2ban/tests/files/logs/wu-ftpd
fail2ban/tests/filtertestcase.py
fail2ban/tests/utils.py
testcases/files/logs/lighttpd
testcases/files/logs/lighttpd-auth
testcases/files/logs/mysqld-auth
testcases/files/logs/mysqld.log
testcases/files/logs/wu-ftpd
testcases/files/logs/wuftpd
2013-07-16 23:16:22 +01:00
f6a8a04cf3
ENH: roundcube-auth - adopt for current format with trailing error message. thanks @kwirk for the review/feedback
...
I also used non-greedy .*? for the login portion since not sure if space could
be there and trying to minimize possibility of reacting on injected "from
<HOST>" somewhere within the trailing .*
2013-07-16 15:07:32 -04:00
8add63c733
ENH: anchor roundcube-auth at the beginning as well
2013-07-16 14:16:23 -04:00
728399c39e
Merge pull request #281 from kwirk/dovecot-filter
...
ENH: dovecot filter additions for session, time value and blank user
2013-07-14 05:18:04 -07:00
ab10664b57
ENH: action.d/hostsdeny to take daemon_list arguement as suggested in README.Solaris
2013-07-14 16:20:21 +10:00
606e97683b
BF: jail.conf multiport actions previously using single port iptables
2013-07-12 23:34:04 +01:00
975999591f
ENH/DOC: more realm mismatch errors. Documented filter design criteria
2013-07-12 07:39:18 +10:00
10e3be857a
ENH: apache-auth filter added mod_auth_digest message
2013-07-11 23:08:46 +10:00
384b72a535
ENH: apache-auth filter - client wrong auth
2013-07-11 22:58:36 +10:00
fce431add8
ENH: add mod_authz_core failures to apache-auth
2013-07-11 22:28:27 +10:00
6ce41a611d
BF: fix filter on apache-auth. Closes #286
2013-07-11 22:13:51 +10:00
1d6d5a7aae
DOC: ChangeLog merge confict
2013-07-09 08:41:28 +10:00
5412d7336f
DOC: ChangeLog confict
2013-07-09 08:23:44 +10:00
619603fe05
BF: match asterisk InvalidPassword correctly
2013-07-07 17:48:20 +10:00
bfa2b9dec3
ENH: dovecot filter additions for session, time value and blank user
2013-07-05 18:36:02 +01:00
04b8069cee
ENH: adjust sendmail-whois 'active' example to have also sendername in it
2013-07-05 10:12:29 -04:00
2155f6bfa5
Update ChangeLog and jail.conf example
2013-07-04 08:57:52 +02:00
d6dece4900
ENH: Split log and provide jail examples
2013-07-03 07:42:47 +10:00
da594075f3
Move sendmail settings to common file, make sender name configurable
2013-07-02 20:30:41 +02:00
e6ebcf6687
Merge branch 'dovecot' of https://github.com/grooverdan/fail2ban
...
* 'dovecot' of https://github.com/grooverdan/fail2ban :
ENH: remove non-capturing groups for readibility
BF: fix dovecot filter for when no TLS is enabled on pop/imap
Conflicts:
ChangeLog -- changelog entries. Also untabified few other spots
2013-07-02 10:12:51 -04:00
f0f237fa05
Merge pull request #269 from grooverdan/asterisk
...
ENH: filter.d/asterisk - consolidate log prefix regex and add a few fail messages
2013-07-02 07:04:10 -07:00
e6823149a1
ENH: remove non-capturing groups for readibility
2013-07-02 20:16:43 +10:00
aebd24ec54
BF: replace with ed so its cross platform, fixes permission problem gh-266, and Yaroslav doesn't revert to perl
2013-07-02 20:09:27 +10:00
4777cfd4e7
ENH: split out exim-spam into speparate filter
2013-07-02 20:03:16 +10:00
70ae1ed68b
ENH: ban also submission port (587) for all smtp-related jails
...
see http://www.rfc-editor.org/rfc/rfc4409.txt
and http://en.wikipedia.org/wiki/Mail_submission_agent
Users of advanced setups might like to split those into multiple jails anyways
to have separate control over submission agents and incoming mail servers.
2013-07-01 14:50:02 -04:00
ca996ace5e
ENH: remove temporary failures from local_scan in line with comments in gh-258
2013-07-01 21:56:02 +10:00
9757e1df2b
ENH: make groupings non-capturing
2013-07-01 21:53:05 +10:00
72f9e6a51e
ENH/TST: more samples and rejection types for sender verify fail and rejected RCPT
2013-07-01 21:50:35 +10:00
3b76fc79f9
BF: fix dovecot filter for when no TLS is enabled on pop/imap
2013-07-01 21:12:51 +10:00
1dbba35cd9
Merge branch 'master' into 0.9
...
Conflicts:
fail2ban/client/jailreader.py
fail2ban/tests/clientreadertestcase.py
fail2ban/tests/files/logs/sshd
2013-06-29 20:31:26 +01:00
5ca6a9aeb6
Merge branch 'systemd-journal' into 0.9
...
Conflicts:
bin/fail2ban-regex
config/filter.d/sshd.conf
Closes github #224
2013-06-29 13:00:40 +01:00
0086a7edab
ENH: missed a $
2013-06-29 11:30:37 +10:00
1b170b2aef
BF: support apache 2.4 more detailed error log format. Close #268
2013-06-28 09:49:36 -04:00
6d331bcbea
BF: make colon after [daemon] optional. Close #267
2013-06-27 11:44:47 -04:00
fa7a105483
ENH: filter.d/asterisk - consolidate log prefix regex and add a few fail messages
2013-06-27 09:16:14 +10:00
8487cb2e90
Merge commit '0.8.10-31-g1ab0f0f' into 0.9
...
* commit '0.8.10-31-g1ab0f0f': (24 commits)
BF/ENH: Incorrect authentication data doesn't need tailier so that's optional. Also gained log entry for Unrouteable address
ENH: readibility thanks to Yaroslav
DOC: Changelog for fail2ban-regex RF
DOC: Changelog for asterisk hardening
ENH: fail2ban-regex -- add specification of loglevels to enable
RF: reworked -regex cmdline tool to use optparse, some unification and enhancement of outputs
ENH: 'heavydebug' level == 5 for even more debugging in tricky cases
ENH: asterisk -- use \S instead of [^:] + prefix failregex with ^\[
BF: missed a space
BF: [SSL-out] is optional in assp
ENH: regex hardening on assp
ENH: anchor a bit mor. Use \d and \w where possible. Escape a literal .
TST: attempts at injection with username=rhost=1.2.3.4 have no user= logged in dovecot-1.2.15
ENH: proftpd chan accept usernames with spaces
ENH: injection of fail data into USER field
ENH: dovecot regexs rewritten and extra failures
ENH: proftp regex hardening and log messages
ENH/BF: exim improvements with sample
BF: fix to proxy port in 3proxy example
ENH: sample log + more specific regex
...
Conflicts: -- it was a messy merge/resolution.
ChangeLog
bin/fail2ban-regex
fail2ban-testcases
fail2ban/server/filter.py
2013-06-18 20:21:23 -04:00
25c3bbfc2f
DOC: credits/blame to me for changes to exim
2013-06-16 00:25:24 +10:00
b8cfda68b8
ENH: new exim filter regexs. Also note a begining PID in this format. Thanks to ftoppi for the log entries
2013-06-16 00:19:37 +10:00
d441d61a1e
TST/ENH: Improve regex around exim
...
rejected by local_scan now has test cases.
Unrouteable address error messages now normalised after looking into
exim code.
2013-06-15 12:34:16 +10:00
9d4b613ee4
Merge branch '3proxy' of https://github.com/grooverdan/fail2ban
...
* '3proxy' of https://github.com/grooverdan/fail2ban :
BF: fix to proxy port in 3proxy example
ENH: sample log + more specific regex
BF: authentication errors end in 01-09 but the beginning part indicates the service as per https://github.com/fail2ban/fail2ban/issues/246#issuecomment-19327955 thanks to ykimon
BF: need to anchor the start to avoid another repeat of DoS injection like Apache
ENH: stricter regex thanks to Steven Hiscocks (kwirk)
DOC: credits
Conflicts:
ChangeLog
2013-06-14 12:32:51 -04:00
173fe48e77
Merge branch 'exim' of https://github.com/grooverdan/fail2ban
...
* 'exim' of https://github.com/grooverdan/fail2ban :
BF/ENH: Incorrect authentication data doesn't need tailier so that's optional. Also gained log entry for Unrouteable address
ENH: readibility thanks to Yaroslav
ENH/BF: exim improvements with sample
Conflicts:
ChangeLog
2013-06-14 12:28:07 -04:00
ec629ab4e8
Merge branch 'proftpd' of https://github.com/grooverdan/fail2ban
...
* 'proftpd' of https://github.com/grooverdan/fail2ban :
ENH: proftpd chan accept usernames with spaces
ENH: injection of fail data into USER field
ENH: proftp regex hardening and log messages
Conflicts:
ChangeLog
2013-06-14 12:16:59 -04:00
ab2c738b43
Merge branch 'dovecot' of https://github.com/grooverdan/fail2ban
...
* 'dovecot' of https://github.com/grooverdan/fail2ban :
TST: attempts at injection with username=rhost=1.2.3.4 have no user= logged in dovecot-1.2.15
ENH: dovecot regexs rewritten and extra failures
Conflicts:
ChangeLog -- merged entries
2013-06-14 12:14:40 -04:00
8cc13b5b40
BF/ENH: Incorrect authentication data doesn't need tailier so that's optional. Also gained log entry for Unrouteable address
2013-06-14 18:12:53 +10:00
a433a8ea5f
ENH: readibility thanks to Yaroslav
2013-06-14 15:21:50 +10:00
948be73115
Merge branch 'assp' of https://github.com/grooverdan/fail2ban
...
* 'assp' of https://github.com/grooverdan/fail2ban :
BF: missed a space
BF: [SSL-out] is optional in assp
ENH: regex hardening on assp
Conflicts:
ChangeLog -- merged the two entries into 1
2013-06-13 23:32:45 -04:00
09302c5c25
ENH: asterisk -- use \S instead of [^:] + prefix failregex with ^\[
...
detected date portion is stripped from the string to be matched, so it is not only
the right ] is left, but also the left one ;-)
2013-06-13 23:15:48 -04:00
7018d81244
BF: missed a space
2013-06-14 12:35:44 +10:00
a447aa615d
BF: [SSL-out] is optional in assp
2013-06-14 12:27:35 +10:00
d4940563d3
ENH: regex hardening on assp
2013-06-14 08:55:25 +10:00
6a09ecff5c
ENH: anchor a bit mor. Use \d and \w where possible. Escape a literal .
2013-06-14 08:41:50 +10:00
9940cd1b6b
ENH: proftpd chan accept usernames with spaces
2013-06-14 00:29:43 +10:00
dbe7ffe050
ENH: dovecot regexs rewritten and extra failures
2013-06-13 23:52:15 +10:00
4c67a269bf
ENH: proftp regex hardening and log messages
2013-06-13 22:11:05 +10:00
3e3802512a
ENH/BF: exim improvements with sample
2013-06-13 17:44:18 +10:00
88b4598ed8
BF: fix to proxy port in 3proxy example
2013-06-13 14:43:15 +10:00
f6cb981fc0
Merge commit '0.8.10-1-g460e09a' into 0.9
...
* commit '0.8.10-1-g460e09a':
it was not the end of the world and we should continue
DOC: add information on where to report vulnerabilities + pointer to HOWTO_Seek_Help
Changes for 0.8.10 release (changelog, version, etc)
BF: anchor apache- filters. Close #248
DOC: credits for gh-244
Filter Asterisk: Add sample log entry to testcase.
Filter Asterisk: Add AUTH_UNKNOWN_DOMAIN error to list
ENH: purge a few more .*
DOC: credits
DOC: how to do filter enhancements
TST: normalize logs to use example.com and 1.2.3.4 as IP
ENH/BF: constrain regex. Fix ACL error regex
ENH: port optional
Update asterisk
Update asterisk.conf
Conflicts:
ChangeLog
DEVELOP
README.md
fail2ban/version.py
2013-06-12 21:30:47 -04:00
9dbaec0894
ENH: sample log + more specific regex
2013-06-13 10:23:14 +10:00
8faf84b7f7
BF: authentication errors end in 01-09 but the beginning part indicates the service as per https://github.com/fail2ban/fail2ban/issues/246#issuecomment-19327955 thanks to ykimon
2013-06-13 08:34:10 +10:00
6ccd57813c
BF: anchor apache- filters. Close #248
...
See https://vndh.net/note:fail2ban-089-denial-service for more information
2013-06-11 19:19:25 -04:00
fd9f9f16e0
BF: need to anchor the start to avoid another repeat of DoS injection like Apache
2013-06-12 08:48:30 +10:00
f2fa4d53a8
ENH: stricter regex thanks to Steven Hiscocks (kwirk)
2013-06-12 08:30:59 +10:00
16d63434ef
DOC: credits
2013-06-11 23:56:09 +10:00
47b063b022
Filter Asterisk: Add AUTH_UNKNOWN_DOMAIN error to list
...
* I have been seeing bruteforcing attempts where asterisk fails with
AUTH_UNKNOWN_DOMAIN (Not a local domain)
2013-06-10 19:50:35 +02:00
05c88bd85d
ENH: purge a few more .*
2013-05-30 11:34:04 +10:00
4cf402d60e
ENH/BF: constrain regex. Fix ACL error regex
2013-05-30 10:15:58 +10:00
0f7b609336
ENH: port optional
2013-05-30 09:43:39 +10:00
278fd43429
Merge branch 'patch-1' of https://github.com/silviogarbes/fail2ban into asterisk-227
2013-05-30 09:39:12 +10:00
a3161f59fa
Merge commit '0.8.9-13-g39d32e0' into 0.9
...
* commit '0.8.9-13-g39d32e0':
Changelog for previous PR
DOC: Changelog entry fro preceeding merge from Terence
TST: Fix fail2ban.conf reader test for unreliable dictionary order
failregex when roundcube log driver is set to 'syslog'
fixed failregex line for roundcube 0.9+
TST: test all stock jails to have actions and correctly specifying blocktype
CFG: assure actions for all the jails
BF: blocktype must be defined within [Init] -- adding [Init] section. Close #232
ENH: since it seems the default is to use file based logging, $syslog is in Should-{Start|Stop} like Debian https://github.com/fail2ban/fail2ban/blob/debian/debian/fail2ban.init
ENH: opensuse script from opensuse: https://build.opensuse.org/package/view_file?expand=1&file=fail2ban.init&package=fail2ban&project=openSUSE%3AFactory
Conflicts:
ChangeLog
config/jail.conf
testcases/clientreadertestcase.py -- had to "git show XXX | patch -p2" under tests/ 2 commits: 8a57ffd7a4db4b
2013-05-29 11:32:35 -04:00
49261925d7
ENH: Add new regex for locked accounts for sshd
2013-05-27 22:06:49 +01:00
244a96f9b3
fixed failregex line for roundcube 0.9+
...
# Only works only if log driver: is set to 'syslog'. this is becoz fail2ban fails to 'read' the line due to the
brackets around the date timestamp on logline when log driver is set to file
2013-05-25 19:26:13 +02:00
d2b1c73b92
CFG: assure actions for all the jails
2013-05-24 14:33:08 -04:00
89e06bba15
BF: blocktype must be defined within [Init] -- adding [Init] section. Close #232
2013-05-24 11:15:46 -04:00
5c8fb68a2c
Update asterisk.conf
...
Para ficar compatível com asterisk 11
2013-05-14 08:04:11 -03:00
f5a8a8ac7c
Release 0.8.9
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEABECAAYFAlGRBZ8ACgkQjRFFY3XAJMhqzwCgvUsrv6cSjo1d8YCQUA8Na0Kk
44QAoKk7X2sqFM+wvj2vK3stsHa/80qm
=iBfR
-----END PGP SIGNATURE-----
Merge tag '0.8.9' into 0.9 (quite a bit of conflicts "resolved")
Release 0.8.9
* tag '0.8.9':
BF: add missing files to MANIFEST (I think we shoult not rely on sdist anyways -- 'git tag' tarballs are more thorough ;) )
All the (version) updates for the release of 0.8.9
BF: (travis) relax the test for needed to be presented installed directories -- allow new
BF: (travis) if tests ran under coverage -- there is a traceback parts to report (thus > would be present)
ENH: also print the failing traceback line in case of failure
ENH: include explicit list of new files which should not be there upon "install --root"
ENH: now we know that logging handlers closing was still buggy in 2.6.2
ENH: issue a warning if jail name is longer than 19 symbols (Close #222 )
DOC: inline commends with ';' are in effect only if ';' follows as space
BF: Fix for filterpoll incorrectly checking for jailless state
ENH: strengthen detection of working pyinotify
ENH: use the same python executable for setup.py test
ENH: actually tune up TraceBack to determine "unittest" portions of the stack across all python releases
TST: Some primarily smoke tests for tests utils
TST: cover few more lines in fail2banreader.py
ENH: basic test for setup.py itself (when applicable, should greatly improve coverage ;) )
ENH: consistent operation of formatExceptionInfo + unittest for it
ENH: point to the status of master branch on travis
Conflicts:
ChangeLog
MANIFEST
README.md
fail2ban/version.py -- all of the above obvious version changes
below files primarily needed just a bit of help in resolution
config/jail.conf
fail2ban/server/filterpoll.py
fail2ban/server/server.py
fail2ban/tests/servertestcase.py
and following were more difficult -- git wasn't able to track renames/moves of the code
fail2ban-testcases -- needed to introduce those changes to tests/utils.py
testcases/clientreadertestcase.py -- manually applied patch from master
testcases/utils.py -- manually applied patch from master
2013-05-13 12:29:41 -04:00
90b8433ac5
DOC: inline commends with ';' are in effect only if ';' follows as space
2013-05-12 21:42:59 -04:00
f7d328195f
NF: Add systemd journal backend
2013-05-10 00:15:07 +01:00
f1b6806eb4
Merge branch 'master' into 0.9
...
* master: (51 commits)
ENH: Use real (resolving) example.com instead of test.example.com
DOC: Slight tune ups to ChangeLog -- we must release!
Changelog entries for the latest merges
BF: add bash-completion to MANIFEST
DOC: ChangeLog for default action type change
ENH: consolidate where blocktype is defined for iptables rules
BF: default type to unreachable
ENH: separate out regex and escape a .
ENH: logs/sshd -- have ":" after [daemon] (other uses are uncommon)
ENH: logs/sshd -- use example.com as the resolved hostname in sample log lines
ENH: filter.d/sshd.conf -- allow for trailing "via IP" in logs
DOC: Drop sudo from bash-completion
DOC: Added bash-completion script
ENH: add blocktype to all relevant actions. Also default the rejection to a ICMP reject rather than a drop
ENH: Removed unused log line
ENH: logrotate file
BF: missed MANIFEST include
BF: missed MANIFEST include
BF: missed MANIFEST include
ENH: some form of logrotate based on what distros are doing
...
Conflicts:
ChangeLog
MANIFEST
client/actionreader.py
config/jail.conf
fail2ban/server/datedetector.py
fail2ban/tests/datedetectortestcase.py
2013-05-08 13:53:38 -04:00
2b1e19933f
Merge branch 'master' of git://github.com/fail2ban/fail2ban
...
* 'master' of git://github.com/fail2ban/fail2ban:
BF: missed MANIFEST include
DOC: credits for bsd-ipfw
ENH: add ipfw rule for bsd using the tables.
2013-05-08 10:32:18 -04:00
976a65bb89
Merge branch 'bsd_logs' of https://github.com/grooverdan/fail2ban
...
* 'bsd_logs' of https://github.com/grooverdan/fail2ban :
ENH: separate out regex and escape a .
BF: missed MANIFEST include
DOC: credits for bsd log
DOC: bsd syslog files thanks to Nick Hilliard
BF: change common.conf to handle formats of syslog -v and syslog -vv in BSD
Conflicts:
config/filter.d/common.conf
2013-05-08 10:30:04 -04:00
5accc10a47
Merge pull request #206 from grooverdan/bsd_ipfw
...
NF: BSD ipfw
2013-05-08 07:24:56 -07:00
0ae49ab11e
Merge branch 'bsd_pf' of https://github.com/grooverdan/fail2ban
...
* 'bsd_pf' of https://github.com/grooverdan/fail2ban :
BF: missed MANIFEST include
DOC: add jail.conf entry for pf
DOC: credit for pf action. Origin: http://svnweb.freebsd.org/ports/head/security/py-fail2ban/files/patch-pf.conf?view=log
ENH: pf action thanks to Nick Hilliard <nick@foobar.org>.
Conflicts:
ChangeLog
2013-05-08 10:24:01 -04:00
e85914cef8
Merge pull request #215 from grooverdan/reject_no_drop_by_default
...
ENH: add blocktype to all relevant actions and change default action to reject
2013-05-08 07:20:14 -07:00
9c03ee6d9e
ENH: consolidate where blocktype is defined for iptables rules
2013-05-08 07:52:08 +10:00
c7fd777966
BF: default type to unreachable
2013-05-08 07:31:31 +10:00
de56347619
ENH: separate out regex and escape a .
2013-05-08 06:32:27 +10:00
e7cb0f8b8c
ENH: filter.d/sshd.conf -- allow for trailing "via IP" in logs
2013-05-07 12:22:49 -04:00
2143cdff39
Merge: opensolaris docs/fixes, no 'sed -i' in hostsdeny, sshd regex tuneups
...
Origin: from https://github.com/jamesstout/fail2ban
* 'OpenSolaris' of https://github.com/jamesstout/fail2ban :
ENH: Removed unused log line
BF: fail2ban.local needs section headers
ENH: Use .local config files for logtarget and jail
ENH+TST: ssh failure messages for OpenSolaris and OS X
ENH: fail message matching for OpenSolaris and OS X
ENH: extra daemon info regex
ENH: actionunban back to a sed command
Readme for config on Solaris
create socket/pid dir if needed
Extra patterns for Solaris
change sed to perl for Solaris
Conflicts:
config/filter.d/sshd.conf
2013-05-06 11:11:12 -04:00
822a01018f
Merge pull request #205 from grooverdan/bsd_ssh
...
BSD ssh improvements (casing, msg)
2013-05-06 07:54:58 -07:00
3b4a7b7926
ENH: add blocktype to all relevant actions. Also default the rejection to a ICMP reject rather than a drop
2013-05-05 15:43:18 +10:00
aa52743f52
DOC: add jail.conf entry for pf
2013-05-03 16:42:10 +10:00
0c5a9c53e1
ENH: pf action thanks to Nick Hilliard <nick@foobar.org>.
2013-05-03 16:34:54 +10:00
b6d0e8ad9c
ENH: add ipfw rule for bsd using the tables.
2013-05-03 16:31:45 +10:00
40c56b10a0
EHN: enhance sshd filter for bsd.
2013-05-03 16:17:35 +10:00
b3bd877d23
BF: change common.conf to handle formats of syslog -v and syslog -vv in BSD
2013-05-03 16:12:13 +10:00
495f2dd877
DOC: purge of svn tags
2013-05-03 16:03:38 +10:00
89adcd7ff7
Merge branch PR #193 ASSP SMTP Proxy support (with some manual squashing)
...
Origin: https://github.com/lenrico/fail2ban
Squashing was done via rebase -i 1524b076d6
2013-05-03 00:57:49 -04:00
36b0d78ff8
tight control of the filter for ASSP
2013-05-03 00:56:53 -04:00
07aee8cd33
as daniel desires
2013-05-03 00:56:53 -04:00
24a8d07c20
added new date format support for ASSP SMTP Proxy
2013-05-03 00:56:46 -04:00
b65205d4ad
Merge branch 'master' into 0.9
...
* master:
ENH: "is None" instead of "== None" + tune ups in headers
BF: log error only if there were missed config files that couldn't be read
DOC: missing cinfo tags are ok. Log error for self referencing definitions
DOC: s/defination/definition/g learn to spell
Changelog entry for the previous commit and some untabify
BF: pyinotify backend should also handle IN_MOVED_TO events
ENH: remove stats of config files and use results of SafeConfigParserWithIncludes.read to facilitate meaningful error messages
DOC: credits for gh-70 fix
BF: ensure dates in email are in the C locale. Thanks iGeorgeX
DOC: ChangeLog for recursive tag substition
ENH: allow recursive tag substitution in action files.
DOC: document <br> tag
DOC: ChangeLog for named-refused entry
ENH: Account for views in named filter. By Romain Riviere in gentoo bug #259458
DOC: release documentation and distributor contacts
DOC: changelog entry for enhanced ssh filter
BF: Rename mentioning of README to README.md (Fixes #187 )
updated README.md to hyperlink, add travis and coversall
Moving README into a markup README.md for github's goodnesses
Conflicts:
DEVELOP
README.md
fail2ban/client/configreader.py
fail2ban/server/datedetector.py
2013-05-02 23:55:26 -04:00
f196709be1
ENH: Update asterisk example jail.conf entry for multiaction
2013-04-29 23:40:18 +01:00
3367dbd987
ENH: fail message matching for OpenSolaris and OS X
...
- OpenSolaris keyboard message matched by new regex 3
- Removed Bye Bye regex per
https://github.com/fail2ban/fail2ban/issues/175#issuecomment-16538036
- PAM auth failure or error and first char case-insensitive, can also
have chars after the hostname. e.g.
Apr 29 16:53:38 Jamess-iMac.local sshd[47831]: error: PAM:
authentication error for james from 205.186.180.101 via 192.168.1.201
2013-04-30 04:23:13 +08:00
d2a9537568
ENH: extra daemon info regex
...
for matching log lines like:
Mar 29 05:20:09 dusky sshd[19558]: [ID 800047 auth.info] Failed
keyboard-interactive for james from 205.186.180.30 port 54520 ssh2
this matches [ID 800047 auth.info]
2013-04-30 04:14:36 +08:00
b7795addd0
ENH: actionunban back to a sed command
...
per https://github.com/fail2ban/fail2ban/pull/182#discussion_r3999128
2013-04-30 04:10:32 +08:00
945ad3d9e6
BF: ensure dates in email are in the C locale. Thanks iGeorgeX
2013-04-29 14:10:23 +10:00
0ac8746d05
ENH: Account for views in named filter. By Romain Riviere in gentoo bug #259458
2013-04-28 11:03:44 +10:00
62602a9ed0
Revert "ENH: by default enable a single jail -- sshd"
...
This reverts commit 47a62b6072
2013-04-23 13:58:58 -04:00
1d72a8265d
Merge branch '0.9' into _tent/jail.conf
...
* 0.9:
BF: usedns deals with forward (not reverse) DNS lookups (thanks Steven Hiscocks)
Conflicts:
config/jail.conf
2013-04-23 13:57:52 -04:00
2a48b0ab54
Merge branch 'master' into 0.9
...
* master:
BF: usedns deals with forward (not reverse) DNS lookups (thanks Steven Hiscocks)
2013-04-23 13:57:07 -04:00
22f04677b6
BF: usedns deals with forward (not reverse) DNS lookups (thanks Steven Hiscocks)
2013-04-23 13:56:51 -04:00
87bac37139
ENH: default port to all ports (0:65535) + remove where thus not needed + typos
2013-04-23 13:55:26 -04:00
f4a74d8d8b
RF: rename/unify naming of courier filters/jails
2013-04-22 22:42:09 -04:00
47a62b6072
ENH: by default enable a single jail -- sshd
2013-04-22 22:35:01 -04:00
3ba540eca3
ENH+BF: use %(__name__) by default for filter, defined enabled = false by DEFAULT
...
Now jail.conf is really neat.
BF: tests
2013-04-22 22:23:23 -04:00
24e4cfe1b7
Merge branch '0.9' into _tent/jail.conf
...
* 0.9: (45 commits)
Beef up changelog for 0.9
ENH: make fail2ban-regex aware of possible maxlines in the filter config file
BF+TST: Correctly reset time in tearDownMyTime
ENH: Reimplement warning suppression of setup.py test --quiet
ENH: Renamed OptionConfigReader to DefinitionInitConfigReader
ENH: Rename splitAction to extractOptions in jailreader
ENH: Use os.path.join for filter/action config readers
BF: Remove warnings handler which breaks setup.py python2<2.7 and python3<3.2
ENH: For python3.2+ use ConfigPaser which replaces SafeConfigParser
TST: Change depreciated unittest assertEquals method to assertEqual
TST: Ensure files are closed in tests to remove ResourceWarnings
BF: Change logging instance logSys `warn` method to `warning`
ENH: use os.path.join for consistency -- add "Contributors" to authors
RF: setup.py now imports version number again
DOC: tune up formatting (spaces) and prelude for the changelog entry
TST+RF: Add ability to execute test from setup.py with setuptools
TST: Move test gathering to function is test utils
TST: Move test TZ changes to setUp and tearDown methods
ENH: Remove redundant `maxlines` option from jail reader
TST: Add test for FilterReader [Init] `maxlines` override
...
Conflicts:
config/jail.conf
2013-04-22 10:21:13 -04:00
698c74d9ed
Merge commit '0.8.8-212-gf6f30f1' into 0.9
...
* commit '0.8.8-212-gf6f30f1': (24 commits)
DOC: tune up formatting (spaces) and prelude for the changelog entry
DOC: more ChangeLog entries all the way back to 0.8.8
DOC: move new actions and filters to New Features in ChangeLog
DOC: tomcat and Guacmole are next release
DOC: credit man page edits
DOC: developers please rebase and use a single commit
DOC: post release ChangeLog entry
DOC: ChangeLog - current HEAD back to ce3ab34
2013-04-22 09:55:27 -04:00
10fcfb925d
Extra patterns for Solaris
2013-04-21 07:30:21 +08:00
de98e3dabd
change sed to perl for Solaris
2013-04-21 07:29:48 +08:00
9672e44d39
ENH: Move jail `maxlines` to filter config
2013-04-18 22:11:41 +01:00
41b9f7b6ac
BF: filter.d/sshd "Did not receive identification string" relates to an exploit so document this in sshd-ddos.conf but leave it out of authentication based blocks in sshd.conf
2013-04-18 04:38:03 +10:00
4665ac6b27
RF: jail.conf with entries from Debian's copy and changing existing ones to conform the "template"
...
our unittests fail now -- will BF later
2013-04-17 01:05:04 -04:00
9a14cf8b7b
Merge branch 'master' into 0.9
...
* master:
DOC: initiated changelog (but not juice left to actually fill it up ;-))
TST: test all valid loglevels in server testcases
TST: Add tag replace and escape test for actions
ENH: Minor change to action for consistency of execStart/Stop
TST: Coverage for coveralls.io should only be run on success
TST: no cover additions to server, primarily daemon creation
DOC: thanks @kwirk for spotting the typos in exception message
FD_CLOEXEC support
Typo in default pidfile in fail2ban.conf
Conflicts:
.travis.yml -- after_success
ChangeLog -- added perspective changelog for 0.8.9
fail2ban/server/asyncserver.py -- imports
fail2ban/server/server.py -- no pragma (if I got it right ;-) )
2013-04-16 23:50:43 -04:00
4869186c8f
Merge branch 'py3' of https://github.com/kwirk/fail2ban into 0.9
...
* 'py3' of https://github.com/kwirk/fail2ban : (38 commits)
DOC: Add python3 to requirements
ENH: Clarify use of bytes in csocket and asyncserver for python3
DOC: Revert dnsToIp error change, seperate log message for socket.error
TST: Tweak python3 open statement to resolve python2.5 SyntaxError
TST: Revert changes for filter testcase open statement
DOC: Revert setup.py messages to use print statement
Add *.bak files generated by 2to3 to gitignore
TST: Fix up fail2ban python3 scripts
TST: Fix issues in tests which assumed dictionary's order
ENH: setup.py now automatically runs 2to3 for python3.x
TST: Remove Travis CI unsupported versions of python from Travis config
add fail2ban-2to3 to MANIFEST file
ENH: Add python3 versions to Travis CI config
BF: Handle expected errors for python3.{0,1} when changing log target
Minor tweaks to fail2ban-regex for encoding
Added ability to set log file encoding with fail2ban-regex
Add ability to set log encoding for jail
Move handling of unicode decoding to FileContainer readline
Fix incorrect exit code from fail2ban-2to3
Remove redundant reassignment of variable
...
Conflicts:
fail2ban/tests/servertestcase.py -- both branches added a new unittest at the same point
2013-04-16 23:24:49 -04:00
f5572c8ade
Merge pull request #173 from kwirk/maxlines
...
Maxlines jail setting tweaks
2013-04-16 19:50:00 -07:00
4d80fad874
ENH+DOC: Add Guacamole filter, example log and jail
2013-04-16 21:13:31 +01:00
32d10e904a
ENH: more openssh fail messages from openssh source code (CVS 20121205)
2013-04-17 00:03:36 +10:00
183cfa6e00
ENH: Default maxlines value in jail.conf, and verify value is int >0
2013-04-15 21:21:19 +01:00
fa0f8f9e6d
Merge branch '0.9' into py3
...
Conflicts:
.travis.yml
MANIFEST
bin/fail2ban-regex
fail2ban/server/filter.py
fail2ban/tests/servertestcase.py
setup.py
2013-04-13 16:54:22 +01:00
59192a5585
Merge remote-tracking branch 'github_kwirk_fail2ban/pidfile'
...
* github_kwirk_fail2ban/pidfile:
Typo in default pidfile in fail2ban.conf
2013-04-09 23:48:46 -04:00
99a5d78e37
ENH: for consistency (and future expansion ;)) -- rename to mysqld-auth
2013-04-09 18:03:34 -04:00
ffaa9697ee
Adjusting previous PR (MySQL logs) according to my comments
2013-04-09 18:00:40 -04:00
3e6be243bf
Merge branch 'Support_for_mysql_log_example' of https://github.com/arto-p/fail2ban
...
* 'Support_for_mysql_log_example' of https://github.com/arto-p/fail2ban :
Added testcase for MySQL date format to testcases/datedetectortestcase.py and example of MySQL log file.
Added support for MySQL logfiles
Conflicts:
testcases/datedetectortestcase.py -- conflictde with other added test cases
2013-04-09 17:55:14 -04:00
77aa523f22
Merge branch 'master' into py3
...
Conflicts:
.travis.yml
server/datetemplate.py
server/server.py
testcases/filtertestcase.py
2013-03-30 22:51:36 +00:00
72b06479a5
ENH: Slight tune ups for fresh SOGo filter + comment into the sample log file
2013-03-27 11:09:54 -04:00
105306e1a8
Merge remote-tracking branch 'pr/117/head' -- SOGo filters
...
* pr/117/head:
An example of failed logins against sogo
Update sogo-auth.conf
Update config/filter.d/sogo-auth.conf
Create sogo-auth.conf
Update config/jail.conf
2013-03-27 11:09:35 -04:00
91d5736c12
ENH: postfix filter -- react also on (450 4.7.1) with empty from/to. fixes #126
2013-03-26 09:40:04 -04:00
bba3fd8568
Update sogo-auth.conf
...
included hint by user yarikoptic
2013-03-25 08:43:13 +01:00
29d0df58be
Added support for MySQL logfiles
2013-03-24 16:52:58 +02:00
67544d1dd6
DOC: tags are documented in the jail.conf(5) man page
2013-03-17 10:52:49 +11:00
5e5eaaf838
Merge pull request #134 from grooverdan/misc-fixes
...
BF: fail2ban client can't handle multi word setcinfo or action[*] values
2013-03-10 18:01:17 -07:00
a2b29b4875
Fixed typos
2013-03-10 22:05:33 +00:00
a0f088be25
ENH: typo + head -1 has been deprecated for 10+ years.
2013-03-10 16:28:45 +11:00
66367876bb
Add ability to set log encoding for jail
2013-02-27 18:09:55 +00:00
a8bd9c20a0
Merge branch 'master' of git://github.com/fail2ban/fail2ban
...
* 'master' of git://github.com/fail2ban/fail2ban:
add blocking type
add example jail.conf for blocking through blackhole routes for ssh
add support for blocking through blackhole routes
2013-02-18 23:12:06 -05:00
d5ae28facf
Merge pull request #104 from gebi/t/route
...
add support for blocking through blackhole routes
2013-02-18 08:01:34 -08:00
294f073741
Typo in default pidfile in fail2ban.conf
2013-02-17 22:42:24 +00:00
ce3ab34dd8
Added ability to specify PID file
2013-02-17 22:14:01 +00:00
47b1ee39d8
add blocking type
2013-02-17 12:44:15 +11:00
8cf006827e
BF: remove path from grep call in sendmail-whois-lines.conf Closes: gh-118
2013-02-12 08:48:05 -05:00
6cd358ee95
Update config/filter.d/sogo-auth.conf
...
Comment line in the top altered to fit file name. My local file was named differently...
2013-02-12 10:45:37 +01:00
35bf84abad
Create sogo-auth.conf
...
Regexp works with SOGo 2.0.5 or newer, following new feature implemented here: http://www.sogo.nu/bugs/view.php?id=2229
2013-02-11 08:19:48 -08:00
52f952e645
Update config/jail.conf
...
Update to use the new sogo-auth filter
2013-02-11 17:14:29 +01:00
5f2d3832f7
NF: roundcube-auth filter (to close Debian #699442 , needing debian/jail.conf section)
2013-01-31 14:41:34 -05:00
bb7628591c
Update config/filter.d/sshd.conf
...
Do not trigger sshd bans on pam_unix authentication failures, this will trigger on successful logins on systems that use non-pam_unix authentication (sssd, ldap, etc.).
2013-01-18 14:44:49 -07:00
9a39292813
ENH: Added login authenticator failed regexp for exim filter
2013-01-04 15:23:05 -05:00
b3d8ba146b
DOC: Mention that logrotate configuration needs to be adjusted if logtarget is changed ( Closes : #697333 )
2013-01-04 15:23:05 -05:00
03433f79cd
add example jail.conf for blocking through blackhole routes for ssh
2013-01-04 16:09:04 +01:00
f9b78ba927
add support for blocking through blackhole routes
2013-01-03 18:46:31 +01:00
da0ba8ab4c
ENH: add example jail for ipset
2012-12-31 14:38:51 +11:00
9221886df6
more documentation and optimisations/fixes based on testing
2012-12-31 14:31:37 +11:00
abd5984234
base ipset support
2012-12-31 14:31:37 +11:00
f336d9f876
Update config/filter.d/webmin-auth.conf
...
Added '\s*$' to the regular expression to match the space written by webmin logs at line-endings
2012-12-13 08:14:49 +01:00
dc67b24270
Update config/filter.d/webmin-auth.conf
...
Added a trailing '.*$' to each regex so they can find expressions in targeted log files.
2012-12-12 23:07:39 +01:00
3969e3f77b
ENH: dovecot.conf - require space(s) before rip/rhost log entry
2012-12-12 09:16:52 -05:00
266cdc29a6
Update config/filter.d/dovecot.conf
...
even tho not on the fail2ban site..
suggested to not be greedy by yarikoptic
2012-12-11 12:09:28 -05:00
e040c6d8a3
Update config/filter.d/dovecot.conf
...
site actually needs updated because of <HOST> alias
per Notes above.
2012-12-11 03:26:14 -05:00
7ede1e8518
Update config/filter.d/dovecot.conf
...
added failregex line for debian and centos per
http://www.fail2ban.org/wiki/index.php/Talk:Dovecot
2012-12-10 19:17:04 -05:00
fc27e00290
ENH: tune up sshd-ddos to use common.conf and allow training spaces
2012-12-07 15:24:34 -05:00
6ecf4fd80a
Merge pull request #64 from sourcejedi/remove_sshd_rdns
...
Misconfigured DNS should not ban *successful* ssh logins
Per our discussion indeed better (and still as "safe") to not punish users behind bad DNS
2012-11-05 18:20:37 -08:00
95de9c1a97
add support for the APF firewall
2012-10-18 11:17:04 -04:00
282724a7f9
ENH: join both failregex for lighttpd-auth into a single one
...
they are close in meaning
should provide a slight run-time performance benefit
2012-09-30 11:30:24 -04:00
958a1b0a40
Lighttpd: support auth.backend = "htdigest"
2012-09-30 13:27:21 +02:00
2a225aa6ee
Added a warning within "complaint.conf" action about care with enabling it
2012-08-13 23:03:52 -04:00
2082fee7b1
ENH: match possibly present "pam_unix(sshd:auth):" portion for sshd ( Closes : #648020 )
2012-07-31 15:53:41 -04:00
6ad55f64b3
ENH: add wu-ftpd failregex for use against syslog ( Closes : #514239 )
2012-07-31 15:43:13 -04:00
80b191c7fd
BF: anchor chain name in actioncheck's for iptables actions ( Closes : #672228 )
2012-07-31 15:27:05 -04:00
a3b242d6dd
BF: inline comments must use ; not # -- recidive jail
2012-07-31 14:05:42 -04:00
8c38907016
Misconfigured DNS should not ban *successful* ssh logins
...
Noticed while looking at the source (to see the point of ssh-ddos).
POSSIBLE BREAK-IN ATTEMPT - sounds scary? But keep reading
the message. It's not a login failure. It's a warning about
reverse-DNS. The login can still succeed, and if it _does_ fail,
that will be logged as normal.
<exhibit n="1">
Jul 9 05:43:00 brick sshd[18971]: Address 200.41.233.234 maps to host234.advance.com.
ar, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Jul 9 05:43:00 brick sshd[18971]: Invalid user html from 200.41.233.234
</exhibit>
The problem (in my mind) is that some users are stuck with bad dns.
The warning won't stop them from logging in. I'm pretty sure they can't
even see it. But when they exceed a threshold number of logins -
which could be all successful logins - fail2ban will trigger.
fail2ban shouldn't adding additional checks to successful logins
- it goes against the name fail2ban :)
- the first X "POSSIBLE BREAK-IN ATTEMPT"s would be permitted anyway
- if you want to ban bad DNS, the right way is PARANOID in /etc/hosts.deny
I've checked the source of OpenSSH, and this will only affect the
reverse-DNS error. (I won't be offended if you want to check
for yourself though ;)
<exhibit n="2">
$ grep -r -h -C1 'ATTEMPT' openssh-5.5p1/
logit("reverse mapping checking getaddrinfo for %.700s "
"[%s] failed - POSSIBLE BREAK-IN ATTEMPT!", name, ntop);
return xstrdup(ntop);
--
logit("Address %.100s maps to %.600s, but this does not "
"map back to the address - POSSIBLE BREAK-IN ATTEMPT!",
ntop, name);
$
</exhibit>
2012-07-13 21:41:58 +01:00
b4099dae57
DOC: Adjusted header for config/*.conf to mention .local and way to comment
...
thanks to Stefano Forli for reminding about comments
see Debian Bug#676146
2012-06-04 22:41:28 -04:00
4007751191
ENH: catch failed ssh logins due to being listed in DenyUsers. Close gh-47 ( Closes : #669063 )
2012-04-16 20:36:53 -04:00
7b77beee0e
DOC: comment in jail.conf for the need of multiple jails for asterisk
2012-02-28 12:04:24 -05:00
71a3fb17e2
Merge remote-tracking branch 'gh-magicrhesus/master'
...
* gh-magicrhesus/master:
Add the INCLUDE section to use __pid_re feature
Disable asterisk jail by default
Change jail for asterisk, add support for SIP and SIP-TLS on TCP and UDP ports
Change NOTICE by NOTICE%(__pid_re)s
Remove custom bantime
Add sample log file for asterisk
Add $ at the end of the failregex
Add asterisk support
Conflicts:
config/jail.conf -- placed asterisk jails before recidive and added blank lines after the jail headers
2012-02-28 12:03:16 -05:00
8c00ce0a65
Add the INCLUDE section to use __pid_re feature
2012-02-28 17:28:06 +01:00
180c17bede
Disable asterisk jail by default
2012-02-27 16:14:18 +01:00
df0e0fdc07
Change jail for asterisk, add support for SIP and SIP-TLS on TCP and UDP ports
2012-02-21 18:53:44 +01:00
c679a1a588
Change NOTICE by NOTICE%(__pid_re)s
2012-02-21 18:05:53 +01:00
42dd05210a
Added a warning for the recidive jail
2012-02-18 20:15:42 -05:00
d7ca754980
Merge branch 'master' of github.com:magicrhesus/fail2ban
2012-02-15 19:47:04 +01:00
c7613ce311
Remove custom bantime
2012-02-15 18:55:35 +01:00
d98cdb25d6
Add $ at the end of the failregex
2012-02-13 17:11:32 +01:00
25f1e8d98c
BF: allow trailing whitespace in few missing it regexes for sshd.conf
2012-02-10 21:14:51 -05:00
1807be5a8c
ENH: moved jail definition for recidive into jail.conf + swapped/commented durations + non-groupping ?:
...
thanks @cepheid666 for the useful comments
2012-01-26 23:28:44 -05:00
f94a121663
Fix for https://github.com/fail2ban/fail2ban/issues/19
...
Based on previous work as documented in the bug by Amir and myself,
plus some enhancements and documentation added to the file itself rather
than a URL (they rot).
2012-01-26 23:33:01 +01:00
d73a71f5cf
ENH: Add usedns parameter for the jails
...
following commits were squashed from feature branch use_dns
commit 068c105eb5635ed36a8c24656d28127957fbec429f5c7957fbe8216ce9d04640cfb2c75b49f6186eff1482c62d29dcdc0ae21932594e25818c48ff80ffac0bdab4c2d76d6b734ea511ad2b6125b48fa9b6afc429f5c91a4b18afb0021906#3 from yarikoptic/enh/use_dns
let's be consistent ;-)
commit 00219063584b18afb28a4fae37e46fe94806ce484d30c5290776696d452a0631618087d23d4955479538553bc5ae1e857e53ace43eb941
2012-01-12 23:23:41 -05:00
7d465f98c1
Add asterisk support
2012-01-11 16:35:40 +01:00
9559fcd3a0
Merge pull request #25 from leeclemens/enh/pyinotify
...
ENH: pyinotify
2012-01-09 18:17:41 -08:00
35201f6690
Merge remote-tracking branch 'gh-keszybz/master'
...
* gh-keszybz/master:
NF: xt_recent-echo action
2012-01-07 20:59:50 -05:00
321670487e
NF: xt_recent-echo action
...
The default configuration can only be run by root. To actually support
running as a different user, the setup action must be disabled.
2012-01-06 00:51:03 +01:00
8a2e26403a
Merge remote-tracking branch 'upstream/master'
2011-12-31 01:57:55 -05:00
4502adfe69
Fix comments to reflect code
...
Commit 638bb6652
2011-12-30 12:41:46 -05:00
e442503133
Added pyinotify backend
2011-12-30 00:18:52 -05:00
4c76fb3b54
ENH: allow trailing white-spaces in lighttpd-auth.conf
...
now catches the one in testcases/files/logs/lighttpd
2011-12-25 10:00:50 -05:00
683d4f269d
modifications suggested by a referee (log ex+regexp)
2011-12-24 22:24:08 +01:00
a7cb20edac
add lighttpd-auth jail
2011-12-24 21:56:38 +01:00
b6d9f795dc
add filter for lighttpd mod_auth failure
2011-12-24 21:51:18 +01:00
9fa54cf233
Add Date: header for sendmail*.conf actions
...
According to rfc2822, Date: headers are not optional.
Added these to all sendmail action templates, format specification
should conform to rfc and be portable across multiple platforms.
2011-11-18 16:52:44 -05:00
a9be451079
ENH: removed expansion for few Date and Revision SVN keywords
...
For consistency of appearance... eventually we might just remove them
altogether
2011-11-18 10:14:39 -05:00
dad91f7969
ENH: sshd.conf -- allow user names to have spaces and trailing spaces in the line
...
absorbed from patches carried by Debian distribution of f2b
2011-11-18 10:07:13 -05:00
ed0bf3ad96
Removed duplicate entry for DataCha0s/2\.0 in badbots ( closes : #519557 )
2011-11-18 09:40:56 -05:00
3152afbdc2
Recognise time-stamped kernel messages
...
e.g.
Sep 25 12:51:04 myhost kernel: [773580.832329] sshd[25557]: Invalid user pgsql from 91.203.223.206
This fixes the sshd filter on Fedora 15, and probably other filters on
other newish distros too.
2011-09-28 12:46:28 -04:00
3eb5e3b876
BF: Allow for trailing spaces in sasl logs
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@783 a942ae1a-1317-0410-a47c-b1dcaea8d605
2011-08-07 02:41:08 +00:00
02be7d03b2
BF: use standard/reserved example.com instead of mail.com
...
Adapted from fail2ban-0.8.4-examplemail.patch in Fedora:
http://sophie.zarb.org/sources/fail2ban/fail2ban-0.8.4-examplemail.patch
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@777 a942ae1a-1317-0410-a47c-b1dcaea8d605
2011-05-07 03:16:40 +00:00
6d25310e28
ENH: Adding author for dovecot filter and prunning unneeded space in the regexp
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@776 a942ae1a-1317-0410-a47c-b1dcaea8d605
2011-03-23 21:38:26 +00:00
eab9af9caa
BF: proftpd filter -- if login failed -- count regardless of the reason for failure
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@775 a942ae1a-1317-0410-a47c-b1dcaea8d605
2011-03-23 20:37:19 +00:00
d4b89d8404
BF: Allow for trailing spaces in proftpd logs
...
See http://bugs.debian.org/507986
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@774 a942ae1a-1317-0410-a47c-b1dcaea8d605
2011-03-23 20:37:10 +00:00
1cb48bbc96
BF: escaping () in pure-ftpd filter. Thanks Teodor
...
See http://bugs.debian.org/544744
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@773 a942ae1a-1317-0410-a47c-b1dcaea8d605
2011-03-23 20:37:00 +00:00
02e7dfb099
BF: allow space in the trailing of failregex for sasl.conf: see http://bugs.debian.org/573314
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@772 a942ae1a-1317-0410-a47c-b1dcaea8d605
2011-03-23 20:36:50 +00:00
3831fbf98b
ENH: add <chain> to action.d/iptables*. Thanks Matthijs Kooijman: see http://bugs.debian.org/515599
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@771 a942ae1a-1317-0410-a47c-b1dcaea8d605
2011-03-23 20:36:41 +00:00
6558c03f8e
NF: Adding found on a drive filter.d/dovecot.conf
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@770 a942ae1a-1317-0410-a47c-b1dcaea8d605
2011-03-23 20:36:28 +00:00
10faba5163
ENH: make filter.d/apache-overflows.conf catch more: see http://bugs.debian.org/574182
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@769 a942ae1a-1317-0410-a47c-b1dcaea8d605
2011-03-23 20:36:17 +00:00
0073ba3838
ENH: dropbear filter: see http://bugs.debian.org/546913
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@768 a942ae1a-1317-0410-a47c-b1dcaea8d605
2011-03-23 20:36:08 +00:00
638bb66523
BF: Use /var/run/fail2ban instead of /tmp for temp files in actions: see http://bugs.debian.org/544232
...
It should be robust since /var/run/fail2ban is guaranteed to exist to carry the
socket file, and it will be owned by root (or some other dedicated fail2ban
user) thus avoiding possibility for the exploit
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@767 a942ae1a-1317-0410-a47c-b1dcaea8d605
2011-03-23 20:35:56 +00:00
7b54c7b33b
spellcheck jail.conf. Thanks Christoph Anton Mitterer
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@766 a942ae1a-1317-0410-a47c-b1dcaea8d605
2010-09-27 13:18:32 +00:00
521631cfcc
default ignoreip to ignore entire loopback zone (/8): see http://bugs.debian.org/598200
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@765 a942ae1a-1317-0410-a47c-b1dcaea8d605
2010-09-27 13:10:48 +00:00
dabe3aeae1
disabling entirely named-refused-udp jail with a big fat warning
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@761 a942ae1a-1317-0410-a47c-b1dcaea8d605
2010-06-29 01:34:08 +00:00
b91595dd11
Disabled jail lighttpd-fastcgi by default.
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@747 a942ae1a-1317-0410-a47c-b1dcaea8d605
2009-08-31 13:57:32 +00:00
dde7afe1f3
added two new filter files (PHP url_fopen, lighttpd fastcgi alerts), updated MANIFEST and jail.conf accordingly
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@742 a942ae1a-1317-0410-a47c-b1dcaea8d605
2009-08-30 14:17:29 +00:00
55fd21ec4b
- Made the named-refused regex a bit less restrictive in order to match logs with "view". Thanks to Stephen Gildea.
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@730 a942ae1a-1317-0410-a47c-b1dcaea8d605
2009-02-09 20:27:35 +00:00
abd061bad8
- Changed <HOST> template to be more restrictive. Debian bug #514163 .
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@728 a942ae1a-1317-0410-a47c-b1dcaea8d605
2009-02-08 17:31:24 +00:00
7fd0300a73
- Added cyrus-imap and sieve filters. Thanks to Jan Wagner. Debian bug #513953 .
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@727 a942ae1a-1317-0410-a47c-b1dcaea8d605
2009-02-03 22:37:46 +00:00
376f348823
- Pull a commit from Yaroslav git repo. BF: addressing added bang to ssh log ( closes : #512193 ).
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@726 a942ae1a-1317-0410-a47c-b1dcaea8d605
2009-02-03 21:56:03 +00:00
e86e7d002e
- Added missing semi-colon in the bind9 example. Thanks to Yaroslav Halchenko.
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@725 a942ae1a-1317-0410-a47c-b1dcaea8d605
2009-02-03 21:51:32 +00:00
e16c18d091
- Added NetBSD ipfilter (ipf command) action. Thanks to Ed Ravin. Tracker #2484115 .
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@724 a942ae1a-1317-0410-a47c-b1dcaea8d605
2009-01-27 23:39:38 +00:00
e46e8ed32e
- Improved SASL filter. Thanks to Loic Pefferkorn. Tracker #2310410 .
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@723 a942ae1a-1317-0410-a47c-b1dcaea8d605
2009-01-27 23:35:46 +00:00
6cd56802bb
- Added actions to report abuse to ISP, DShield and myNetWatchman. Thanks to Russell Odom.
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@717 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-10-13 14:56:54 +00:00
622218271d
- Added svn:keywords property.
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@716 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-10-13 14:38:41 +00:00
bb8e610795
- Added apache-nohome.conf. Thanks to Yaroslav Halchenko.
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@715 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-10-13 14:37:25 +00:00
391a38a7a8
- Added new regex. Thanks to Tobias Offermann.
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@713 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-10-10 16:00:10 +00:00
3615c8ec81
- Improved pattern. Thanks to Yaroslav Halchenko.
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@707 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-08-12 19:20:02 +00:00
155c4652a4
- Merged patches from Debian package. Thanks to Yaroslav Halchenko.
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@706 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-07-22 22:29:57 +00:00
9ed39a4387
- Send file if the number of lines is greater or equal and not only equal to the limit.
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@701 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-07-16 21:11:42 +00:00
11c8c71014
- Added missing ignoreregex to filters. Thanks to Klaus Lehmann.
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@699 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-05-21 22:17:00 +00:00
7dde8d6694
- Added svn:keywords.
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@684 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-04-07 22:45:37 +00:00
a32f04b0cb
- Added gssftpd filter. Thanks to Kevin Zembower.
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@683 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-04-07 22:41:19 +00:00
d9f9a31802
- Added "pam-generic" filter and more configuration fixes. Thanks to Yaroslav Halchenko.
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@677 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-03-10 22:03:34 +00:00
55d6baa66d
- Added svn:keywords
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@668 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-03-05 22:37:20 +00:00
e7eaf5c488
- Fixed Debian bug #461426
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@667 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-03-05 22:35:09 +00:00
f77057d3dd
- Fixed Debian bug #462060
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@666 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-03-05 22:23:41 +00:00
06f8a1a8ca
- Fixed Debian bug #468477
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@665 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-03-05 21:53:33 +00:00
ead3e50c97
- Fixed Debian bug #456567
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@664 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-03-05 21:47:59 +00:00
6db1212152
- Added revision.
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@663 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-03-05 21:47:14 +00:00
17e31b167e
- Replaced "reject" with "drop" in shorwall action. Fix #1854875
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@661 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-03-04 23:20:10 +00:00
0afa6fb2be
- Replaced "echo" with "printf" in actions. Fix #1839673
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@660 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-03-04 23:11:28 +00:00
f0399ca5a4
- Absorbed some Debian patches. Thanks to Yaroslav Halchenko.
...
- Renamed actionend to actionstop.
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@658 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-03-04 22:41:28 +00:00
174ce7027a
- Fixed fail2ban-regex. It support "includes" in configuration files.
...
- Modified "includes" to be more generic. We will probably support URL in the future.
- Small refactoring.
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@656 a942ae1a-1317-0410-a47c-b1dcaea8d605
2008-03-04 00:17:56 +00:00
e66d9eee41
- Moved socket to /var/run/fail2ban.
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@629 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-12-14 21:33:33 +00:00
c40534123c
- Fixed ipfw action script. Thanks to Nick Munger
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@623 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-10-23 22:06:31 +00:00
66063d2731
- Added "full line failregex" patch. Thanks to Yaroslav Halchenko. It will be possible to create stronger failregex against log injection
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@621 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-09-12 21:38:51 +00:00
d885fc786e
- Fixed wrong path for apache-auth in jail.conf. Thanks to Vincent Deffontaines
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@617 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-08-27 21:25:56 +00:00
938297138b
- Fixed named filter. Thanks to Yaroslav Halchenko
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@616 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-08-27 21:03:33 +00:00
732c66215f
- Improved regular expressions
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@613 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-08-13 21:39:26 +00:00
5fd5a8112a
- Added named (bind9) example. Thanks to Yaroslav Halchenko
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@611 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-08-08 22:49:58 +00:00
49b2e40682
- Fixed vsftpd filter. Thanks to Yaroslav Halchenko
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@610 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-08-08 22:31:47 +00:00
3ef8fbe2e3
- Modified failregex again. Thanks to Yaroslav Halchenko
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@609 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-08-08 22:29:13 +00:00
a3ace8040b
- Added filter file for named (bind9). Thanks to Yaroslav Halchenko
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@608 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-08-08 22:21:15 +00:00
26c54c4538
- Added new action iptables-allports. Thanks to Yaroslav Halchenko
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@606 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-08-08 22:13:09 +00:00
711f936ed0
- Corrected subject
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@604 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-08-05 19:33:15 +00:00
e841209f1b
- Added new regex for proftpd. Thanks to Vaclav Misek
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@603 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-07-17 20:41:00 +00:00
9ac663a121
- Added webmin authentication filter. Thanks to Guillaume Delvit
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@601 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-07-11 22:27:16 +00:00
f714c96d0e
- Updated regular expressions
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@598 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-07-10 20:24:44 +00:00
08c2c55742
- Added sendmail actions. The action started with "mail" are now deprecated. Thanks to Raphaël Marichez
...
- Fixed a small typo
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@595 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-07-05 16:10:33 +00:00
e2334db7a6
- Improved regular expressions. Thanks to Yaroslav Halchenko
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@592 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-06-25 21:57:10 +00:00
1e2ddec485
- Fixed vulnerability in sshd.conf. Thanks to Daniel B. Cid
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@587 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-06-07 21:29:18 +00:00
bfab0409a2
- Replaced -d with -f. We are looking for a file, not a directory
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@570 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-04-19 21:43:45 +00:00
ac54c8b4f1
- Modified filters config. Thanks to Michael C. Haller
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@569 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-04-18 20:22:54 +00:00
b40b9d88d2
- Added a new line before "Regards,"
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@566 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-03-26 21:08:09 +00:00
ee234d424c
- Added pure-ftpd filter. Thanks to Yaroslav Halchenko
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@560 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-03-19 20:32:28 +00:00
64226d09c0
- Improved failregex a bit
...
- Added TrackBack/1.02
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@558 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-03-07 21:32:33 +00:00
0b9c41c015
- Removed actionstart and actionstop which are now obsolete
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@554 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-03-07 20:47:41 +00:00
f02a915de1
- Added a new example for vsftpd. Thanks to Christian Rauch
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@552 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-02-22 21:11:30 +00:00
54e4d012d1
- Fixed bug #1664386 . Thanks to Harry Rarig
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@551 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-02-22 20:52:35 +00:00
b4caed8c00
- Added new filter for spam bots
...
- Added new action for buffered mails
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@549 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-02-12 21:50:50 +00:00
d5ededc340
- Updated failregex
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@534 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-01-29 20:51:43 +00:00
743ec88eef
- Updated failregex
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@532 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-01-29 20:32:13 +00:00
45277fff4a
- Removed section with mail-report script which does not exist anymore
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@524 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-01-21 22:22:29 +00:00
04cd3f5bd5
- Added new filters/actions. Thanks to Yaroslav Halchenko
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@520 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-01-08 21:40:37 +00:00
6cf814245e
- Fixed missing regular expression
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@513 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-01-04 13:07:04 +00:00
44d75eb54f
- Added missing svn:keywords
...
- Split failregex in sshd.conf
- Added sshd-ddos.conf. Thanks to Yaroslav Halchenko
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@510 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-01-04 12:21:44 +00:00
7719c00d37
- Allow comma in action options. The value of the option must be escaped with " or '. Thanks to Yaroslav Halchenko
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@509 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-01-04 11:58:58 +00:00
3a344557ec
- Exim4 filter. Thanks to mEDI
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@499 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-12-23 09:49:19 +00:00
1ac00d062a
- Regular expression should be more correct now
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@498 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-12-23 09:48:49 +00:00
2e197487a2
- Fixed removal of host in hosts.deny. Thanks to René Berber
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@496 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-12-19 21:51:14 +00:00
840b9fff0f
- Fixed some comments
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@495 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-12-18 22:35:34 +00:00
0c40adda4b
- Fixed some comments
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@494 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-12-18 22:33:01 +00:00
6f7df2cc3c
- Use numeric output for iptables in "actioncheck"
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@489 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-12-14 21:20:03 +00:00
8ca367d609
- Use /dev/log for SYSLOG output. Thanks to Joerg Sommrey
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@488 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-12-13 23:02:46 +00:00
90fb1d442e
slight english adjustment with no good english: Destinataire->Destination/Addressee
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@479 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-12-07 03:12:28 +00:00
f5d4cb6be2
- Added alias "<HOST>" for failregex
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@471 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-11-19 21:25:51 +00:00
911b2b15fc
- Merged "maxtime" with "findtime"
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@470 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-11-18 15:15:58 +00:00
0fd9865172
- Defined default values in .conf. Should fix Debian bug #398758
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@464 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-11-15 18:44:28 +00:00
90359ba523
- Added option "ignoreregex" in filter scripts and jail.conf. Feature Request #1283304
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@458 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-11-12 14:52:36 +00:00
d6e49f8480
- Fixed rebanned bug
...
- Clarified available tags
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@455 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-11-12 10:56:21 +00:00
f74657f4b6
- Added "courierlogin" filter. Thanks to Christoph Haas
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@427 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-10-22 23:49:10 +00:00
51fd8fac27
- Added ipfw action script and example. Thanks to Nick Munger
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@421 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-10-19 20:15:24 +00:00
15a4634c38
- Added "shorewall" action
...
- Use glob in setup.py
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@413 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-10-17 21:13:11 +00:00
9a96428bd2
- Added "socket" option
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@412 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-10-17 21:12:22 +00:00
ebae6d70aa
- Added "apache-noscript" filter. Thanks to Pander
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@411 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-10-17 19:05:27 +00:00
e39ef65e3a
added sections for sasl and proftpd authentications
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@402 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-10-02 13:42:36 +00:00
2bcc036cf2
- Improved configuration files
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@394 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-10-01 21:19:56 +00:00
7b7d246a19
- Added DNS support for "ignoreip"
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@389 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-27 20:32:30 +00:00
0d68fc9ef1
- Added "ignoreip" and a few other options in [DEFAULT]
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@365 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-17 22:38:44 +00:00
5c020b99da
- mail-report.conf is not a good idea as the jail is already deleted when creating the report
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@339 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-10 20:41:57 +00:00
7864bdc953
- Improved jail.conf
...
- Removed useless parameter in mail-report.conf
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@335 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-06 21:33:18 +00:00
1c3088b267
- Added new action
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@334 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-06 21:19:58 +00:00
b1160ab7ca
- Added qmail and postfix filters
...
- Updated vsftpd and couriersmtp
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@331 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-06 19:34:03 +00:00
21b6e76cde
- Added date detector
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@325 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-05 21:16:28 +00:00
f1f12518c8
- Moved "logpath" and "maxtime" to "jail.conf"
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@320 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-04 19:18:57 +00:00
131a0a9cb3
- Added a couriersmtpd filter
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@317 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-08-30 22:16:52 +00:00
d7682360bc
- Clean up configuration files
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@281 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-08-20 21:34:55 +00:00
f752dbe065
- Removed from version control
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@279 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-08-20 21:20:53 +00:00
7ed59912f2
- Added *.local as svn:ignore
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@278 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-08-20 21:18:39 +00:00
4bc6fe419b
- Removed a new line
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@268 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-08-06 22:15:10 +00:00
857f6d619b
- Fixed bug in failregex
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@267 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-08-06 22:14:34 +00:00
f248c460f2
- Improved logging in server
...
- Added logtarget option
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@263 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-08-06 21:24:06 +00:00
3d73f45531
- Added 'host' group in failregex
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@262 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-08-06 21:23:06 +00:00
b5c0f7bae2
- Added whois information to mail. Feature Request #1533626
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@260 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-08-06 21:20:28 +00:00
894bcbdbbf
- Improved mail script
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@257 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-07-31 21:48:13 +00:00
be7cc4f81c
- Added mail script
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@256 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-07-19 21:35:22 +00:00
9aa6a505eb
- Added header
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@254 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-07-17 19:26:14 +00:00
7048e19995
- 0.7.0 soon
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@251 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-07-16 21:35:08 +00:00
12c222bd1c
- One step forward to 0.7.0
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@250 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-07-08 16:51:14 +00:00
ea1948eff4
- Initial commit of the new development release 0.7
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@249 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-06-26 20:05:00 +00:00
7e24b948bf
- Added vsftpd support. Thanks to zugeschmiert
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@237 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-02-11 15:29:32 +00:00
de7acd4d6c
- Added support for shorewall and hosts.deny
...
- Renamed fail2ban.conf.default to fail2ban.conf.iptables
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@233 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-01-22 11:07:22 +00:00
3e86a8204b
- Removed 192.168.0.0/16 from ignoreip
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@232 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-01-12 16:20:00 +00:00
be26cd5b75
- Removed debug option
...
- Added SMTP authentification support
- Added TAI64N support
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@226 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-01-03 15:11:57 +00:00
15806fc3da
- Added permanent banning feature
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@222 a942ae1a-1317-0410-a47c-b1dcaea8d605
2005-12-16 23:48:52 +00:00
840f6cd052
- Merged FAIL2BAN-0_5 with HEAD
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@216 a942ae1a-1317-0410-a47c-b1dcaea8d605
2005-11-20 17:07:47 +00:00
07d127bebd
- Added an initd script for RedHat/Fedora. Thanks to Andrey G. Grozin
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@113 a942ae1a-1317-0410-a47c-b1dcaea8d605
2005-07-01 09:30:52 +00:00
7b118f42d3
- Initd script for Gentoo
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@109 a942ae1a-1317-0410-a47c-b1dcaea8d605
2005-06-30 09:25:28 +00:00
9317581b18
- Modified for readability. Thanks to Iain Lea
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@108 a942ae1a-1317-0410-a47c-b1dcaea8d605
2005-06-29 06:17:28 +00:00
b0cae2c43f
- Changed all sections to disabled by default
...
- Add "Invalid user" to SSH failregex
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@104 a942ae1a-1317-0410-a47c-b1dcaea8d605
2005-04-24 11:03:44 +00:00
78b32ef3b2
- Added "ipfw-start-rule" option (thanks to Robert Edeker)
...
- Added "enabled" option
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@64 a942ae1a-1317-0410-a47c-b1dcaea8d605
2005-02-22 21:08:36 +00:00
3122f5eeae
- Added PID lock file option
...
- Added more comments
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@63 a942ae1a-1317-0410-a47c-b1dcaea8d605
2005-02-20 13:38:10 +00:00
ff088ec333
- Added more comments
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@55 a942ae1a-1317-0410-a47c-b1dcaea8d605
2005-02-18 21:51:32 +00:00
2e5bfe5bb6
- Changed Fail2Ban in order to handle several log files
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@50 a942ae1a-1317-0410-a47c-b1dcaea8d605
2005-02-18 13:30:54 +00:00
fabe6e59b4
- Add firewall and interface options
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@43 a942ae1a-1317-0410-a47c-b1dcaea8d605
2004-11-06 14:03:17 +00:00
aee13b03ee
- Default config file
...
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@33 a942ae1a-1317-0410-a47c-b1dcaea8d605
2004-10-16 22:16:14 +00:00
Daniel Black