sebres
76f5e3659e
Merge branch '0.10' into 0.11
2017-10-18 19:03:08 +02:00
sebres
0e66e3cc57
Merge branch 'master' into 0.10
...
# Conflicts:
# config/filter.d/asterisk.conf
2017-10-18 19:00:23 +02:00
Serg G. Brester
0aeb91d1e2
Merge pull request #1929 from miken32/patch-1
...
Remove invalid (vulnerable) regex using IP from foreign input (not the originator).
2017-10-18 18:54:43 +02:00
Serg G. Brester
d81405adbc
Update ChangeLog
...
typo
2017-10-18 18:52:55 +02:00
Serg G. Brester
b6ab0aa83f
Update ChangeLog
...
more detailed entry
2017-10-18 18:52:12 +02:00
Michael Newton
894a05b843
Update ChangeLog
2017-10-18 09:26:51 -07:00
Michael Newton
3f715e8577
Remove tests
2017-10-17 14:46:11 -07:00
Michael Newton
d5d1fe679f
Remove invalid regex
...
Resolves #1927
2017-10-17 14:44:23 -07:00
sebres
667f48817b
Merge pull request #1925 from sebres/0.10-fix-pf-multiport:
...
action.d/pf.conf: fix multiport syntax
2017-10-17 16:09:50 +02:00
sebres
3c4910a3e2
ChangeLog entry + note for possible incompatibility.
2017-10-17 16:06:39 +02:00
sebres
8726c9fb0a
pf.conf: enclose ports in braces, multiple ports expecting this syntax `... any port {http, https}`.
...
Note this would be backwards-incompatible change (for the people already enclosing multiports in braces in jail.local).
closes gh-1915
2017-10-17 13:46:29 +02:00
Serg G. Brester
c6029bbef6
Merge pull request #1919 from IdahoPL/IdahoPL-patch-1
...
Update pf.conf commet to fix syntax error
2017-10-17 12:40:51 +02:00
Łukasz Wąsikowski
a4f94d2619
Update pf.conf
...
Fix comment, because current one won't work:
cat /etc/pf.conf
anchor f2b {
sshd
}
# service pf reload
Reloading pf rules.
/etc/pf.conf:2: syntax error
New version:
cat /etc/pf.conf
anchor f2b {
anchor sshd
}
# service pf reload
Reloading pf rules.
2017-10-17 12:39:25 +02:00
Serg G. Brester
c42dd6941c
Merge pull request #1921 from harry-wood/patch-1
...
typo
2017-10-16 10:50:11 +02:00
Harry Wood
ea1b663f85
typo
...
spell "positive" (...but also somebody should finish this sentence)
2017-10-16 01:15:58 +01:00
sebres
028f32b74b
bump version (0.10.1 -> 0.10.2.dev1)
2017-10-12 14:00:41 +02:00
sebres
351abeb4ff
prepare release: bump version, update ChangeLog, man's and MANIFEST etc.
2017-10-12 13:46:46 +02:00
sebres
93634dd822
Merge branch '0.10' into 0.11
2017-10-04 14:25:02 +02:00
sebres
ceff489a46
amend to a4459765ef438db83a2898ba832ff7acba033e29: irrelevant condition removed
2017-10-04 14:24:21 +02:00
sebres
a4459765ef
pyinotify/polling: test filter reaction by delete of watching file, better detection of pending file (avoid errors in fail2ban.log during log-rotation).
...
Closes gh-1865 for filterpyinotify ("cannot remove WD=2").
2017-10-04 14:17:00 +02:00
sebres
6c1d481135
Merge branch '0.10' into 0.11
2017-10-04 09:57:43 +02:00
sebres
e71f16f6ba
Merge branch 'master' into 0.10
...
# Conflicts resolved:
# config/filter.d/dovecot.conf
2017-10-04 09:57:18 +02:00
sebres
ea36e1b3fc
filter.d/dovecot.conf: fixed failregex to recognize pam_authenticate failures with "Permission denied" (gh-1897)
2017-10-04 09:55:37 +02:00
Serg G. Brester
32deb828a1
Merge pull request #1904 from sebres/no-dup-ignoreip-fix-1900
...
Avoid exact duplicates by addIgnoreIP (closes gh-1900)
2017-10-04 08:41:40 +02:00
sebres
d1fad22ac1
Avoid exact duplicates by addIgnoreIP (closes gh-1900)
2017-10-02 15:59:14 +02:00
sebres
037a0be3ae
Merge branch '0.10' into 0.11
2017-10-02 15:43:55 +02:00
sebres
8c804a2290
Merge branch 'master' into 0.10
...
# Conflicts resolved:
# config/filter.d/postfix-rbl.conf
# config/filter.d/postfix-sasl.conf
# config/filter.d/postfix.conf
# fail2ban/tests/files/logs/postfix-sasl
2017-10-02 15:41:30 +02:00
sebres
a2120a9de5
filter.d/postfix-*.conf - added optional port regex (closes gh-1902)
2017-10-02 15:31:55 +02:00
Serg G. Brester
6140a0f2d4
Merge pull request #1894 from sbraz/nftables-ipv6
...
Fix nftables actions for IPv6 addresses, fixes #1893
2017-09-13 09:14:39 +02:00
Serg G. Brester
6149df5216
Update ChangeLog
2017-09-12 09:27:16 +02:00
Louis Sautier
152c9d27d5
Fix nftables actions for IPv6 addresses, fixes #1893
...
* add [Init?family=inet6] to nftables-common.conf and make nftable
expressions more modular
* change "ip protocol" to "meta l4proto" in nftables-allports.conf
since the former only works for IPv4
2017-09-11 23:32:53 +02:00
Serg G. Brester
fbd46f29f2
Merge pull request #1891 from sbraz/openrc
...
Fix Gentoo init script's shebang
2017-09-11 12:24:10 +02:00
Serg G. Brester
72ad904f58
Update ChangeLog
2017-09-11 12:22:43 +02:00
Louis Sautier
2ce0ffb977
Fix Gentoo init script's shebang
...
Use openrc-run instead of runscript.
5d5856c193
2017-09-11 12:19:33 +02:00
sebres
e0fede621e
Merge branch '0.10' into 0.11
2017-09-08 11:33:19 +02:00
Serg G. Brester
8be4569d51
Update ChangeLog
...
several fixes of 0.10th branch
2017-09-08 11:32:08 +02:00
sebres
b185e7cb04
Merge remote-tracking branch 'upstream/master' into 0.10
2017-09-08 11:11:05 +02:00
Serg G. Brester
983b128c54
Update ChangeLog
...
several fixes of 0.9th branch
2017-09-08 11:07:48 +02:00
Serg G. Brester
5221693ce0
Merge pull request #1889 from sebres/0.10-small-optim-review
...
0.10 small optimization & review, config-reader, pretty-dump, etc.
2017-09-08 10:57:27 +02:00
sebres
462b534469
restrict saving of previous known values to section-related (don't overwrite with the values of other sections, especially like "INCLUDES", etc.)
2017-09-07 20:00:45 +02:00
sebres
e20f6204d3
don't put parameters starting with `known/` to the ready stream (intermediate options only), makes streams and dumps of configuration shorter and better readable
2017-09-07 19:32:14 +02:00
sebres
b698a74902
introduces new command-line options `--dp`, `--dump-pretty` to dump the configuration using more human readable representation;
...
allow dump of configuration, also if log-file is not available (warning only)
2017-09-07 19:31:38 +02:00
Serg G. Brester
fd83260bd8
jail "pass2allow-ftp" should supply blocktype to action
...
closes gh-1884
2017-09-07 18:51:08 +02:00
Serg G. Brester
bb97e66627
Merge pull request #1882 from coderua/patch-1
...
Add Jorgee Vulnerability Scanner protect
2017-09-07 15:52:31 +02:00
Serg G. Brester
99a9a9136e
Merge pull request #1887 from fail2ban/exim-gh-1886
...
filter.d/exim.conf: fixed failregex for case of flood attempts with `D=0s`
2017-09-07 15:47:20 +02:00
Serg G. Brester
db121a6f85
Update exim
...
Test case covers flood attempts with `D=0s`
2017-09-07 15:32:35 +02:00
Serg G. Brester
2cd02b731b
filter.d/exim.conf: fixed failregex for case of `D=0s`
...
Closes gh-1886
2017-09-07 15:28:46 +02:00
sebres
4bc226a692
optimized regex
2017-09-05 10:59:16 +02:00
Vladimir Chumak
fafefc0293
Add Jorgee Vulnerability Scanner protect
...
Details for Jorgee Vulnerability Scanner: https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=30164
2017-09-05 10:56:43 +02:00
sebres
acd9e8155b
Merge pull request #1376 from j-marz/master:
...
Added ZoneMinder filter
2017-09-04 11:52:10 +02:00