sebres
d4c921c22a
amend to 31b8d91ba2211595182d8d3fe6d89034b562aef0: tag `<family>` is normally dynamic tag (ticket related), so better to replace it this way (may avoid confusing if tag is used directly during restore sane env process for both families); conditional replacement is not affected here
2020-01-15 13:22:55 +01:00
sebres
ec37b1942c
action.d/nginx-block-map.conf: fixed backslash substitution (different echo behavior in some shells, gh-2596)
2020-01-14 11:39:13 +01:00
sebres
31a6c8cf5d
closes gh-2599: fixes `splitwords` for unicode string
2020-01-13 20:12:16 +01:00
sebres
b158f83aa3
testIPAddr_CompareDNS: add missing network constraint (gh-2596)
2020-01-13 12:37:19 +01:00
sebres
b25d8565fc
release 0.10.5 -- Deserve more respect a jedi's weapon must. Hrrrm, Yes
2020-01-10 13:34:46 +01:00
sebres
4e4bd43e5e
small amend for d1b7e2b5fb2b389d04845369d7d29db65425dcf2: double usage string removed, spacing fixed
...
generate-man: small fixing (avoid ../bin in usage, version fix
2020-01-10 13:28:20 +01:00
sebres
f77398c49d
filter.d/sshd.conf: captures `Disconnected from ... [preauth]`, preauth phase only, different handling by `extra` (with supplied user only) and `ddos`/`aggressive` mode (`normal` mode is not affected, used there just as a helper with `<F-NOFAIL>` to capture IP for multiline failures without IP);
...
closes gh-2115, gh-2362.
2020-01-09 20:53:53 +01:00
sebres
d1b7e2b5fb
fail2ban-regex - several enhancements and fixes:
...
- improved usage output (don't put a long help if an error occurs);
- new option `--no-check-all` to avoid check of all regex's (first matched only);
- new option `-o`, `--out` to set token provided in output (disables check-all and outputs only expected data);
- test cases optimized and extended
2020-01-09 16:59:13 +01:00
sebres
dbc6590589
usage of failure-ID tag `<F-ID>...</F-ID>` causes raw handling automatically (avoid DNS-resolve for found ID)
2020-01-08 22:07:33 +01:00
Sergey G. Brester
a15832e773
Merge pull request #2588 from sebres/0.10-invariant-improve
...
0.10 auto-reban, improved invariant check and conditional operations
2020-01-08 21:04:42 +01:00
sebres
f30b7ae244
update ChangeLog + spelling
2020-01-08 21:03:00 +01:00
sebres
17a34b1528
amend with missing parameter of actionreban in actionreader and coverage
2020-01-07 22:01:11 +01:00
sebres
f001f8de2a
automatic reban (repeat banning action) after repair/restore sane environment, if already logged ticket causes new failures (part of #980 , closes #1680 );
...
introduces banning epoch for actions and tickets (to distinguish or recognize removed set of tickets)
2020-01-07 21:28:32 +01:00
sebres
1a9bc1905d
auto-detection of IPv6 subsystem availability (important for not on-demand actions or jails, like pass2allow)
2020-01-07 17:01:47 +01:00
sebres
125da61bda
more cases covered, start in repair distinguish operations, on demand flag etc
2020-01-07 15:50:54 +01:00
sebres
b7fe33483a
coverage
2020-01-07 11:54:21 +01:00
sebres
a527fbcae5
small amend: if not on-demand, the families should be specified (or default), also avoids error "dictionary changed size during iteration"
2020-01-06 21:44:19 +01:00
sebres
67fd75c88e
pass2allow-ftp: inverted handling - action should prohibit access per default for any IP, so reset start on demand parameter for this action (will be started immediately).
2020-01-06 21:13:40 +01:00
sebres
165b7d6643
tests fixed, prepared for other conditional operations (for subnet usage), operations like repair/flush/stop considering started families (executed for started only)
2020-01-06 21:02:57 +01:00
sebres
3c42c7b9ef
**not ready** testActionsConsistencyCheck fixed, but several **broken** tests (todo: fix public interface like action.start()/stop()).
2020-01-06 21:02:56 +01:00
sebres
31b8d91ba2
**not ready** amend with more tests (some issue on stop?)
2019-12-27 21:58:06 +01:00
sebres
8f6ba15325
avoid unhandled exception during flush, better invariant check (and repair), avoid repair by unban/stop etc...
2019-12-27 21:30:41 +01:00
Sergey G. Brester
690a0050f0
Merge pull request #2567 from Mart124/bitwarden
...
New jail, Bitwarden
2019-12-13 18:31:21 +01:00
sebres
7e98073014
amend to f3dbc9dda10e52610e3de26f538b5581fd905505: don't need truncate (if the name with \0 exceeds 16 bytes, the string is silently truncated by prctl).
2019-12-12 21:45:09 +01:00
sebres
f3dbc9dda1
set real thread names (used for identification and diagnostic purposes, e. g. top -H, ps -e -T, pstree, etc)
2019-12-12 21:28:16 +01:00
Mart124
e763c657c4
Let's get back to WRN
2019-11-27 00:32:10 +01:00
Mart124
566cbcdde0
Update bitwarden
2019-11-27 00:14:18 +01:00
Mart124
d7b707b09d
Update bitwarden.conf
2019-11-27 00:09:22 +01:00
Mart124
869327e9b1
Update bitwarden.conf
2019-11-25 22:17:58 +01:00
Mart124
79caeaa520
Create bitwarden.conf
2019-11-25 22:05:29 +01:00
Mart124
30e742a849
Update jail.conf
2019-11-25 21:57:41 +01:00
Mart124
ef394b3cf0
Update jail.conf
2019-11-25 21:55:45 +01:00
Mart124
a3df1ab3f0
Create bitwarden
2019-11-25 21:50:16 +01:00
sebres
d5144e380e
filter: testing proper handling after time-drift or time-jump (DST-hole, NTP time correction backwards, etc), gh-2566
2019-11-25 01:46:07 +01:00
Sergey G. Brester
e4c2f303bd
Merge pull request #2550 from CPbN/centreonjail
...
Add Centreon jail
2019-11-15 01:53:20 +01:00
Sergey G. Brester
596c5cee7e
Merge pull request #2560 from sebres/gh-927-subnet
...
subnet implementation (filter, parsing tags)
2019-11-15 01:48:30 +01:00
Sergey G. Brester
e86e9b2ee9
Merge branch '0.10' into gh-927-subnet
2019-11-15 01:47:50 +01:00
Sergey G. Brester
9d263edfbb
Merge pull request #2563 from hvanmegen/patch-1
...
Updated sendmail-auth.conf for longer mail IDs
2019-11-15 01:41:13 +01:00
sebres
27e6b0021c
ChangeLog update gh-2563
2019-11-08 13:18:57 +01:00
sebres
0e8a8edb5e
filter.d/sendmail-*.conf: both filters have same `__prefix_line` now (and same RE for ID, 14-20 chars long, optional) + adjusted test cases (gh-2563)
2019-11-08 13:15:40 +01:00
Henry van Megen
a9200c5456
Added logline that fails at IDs with 15 chars (see gh-2563)
2019-11-08 12:43:02 +01:00
Henry van Megen
548e2e0054
sendmail-auth.conf: filter updated for longer mail IDs (up to 20, see gh-2562)
2019-11-08 12:42:09 +01:00
sebres
5cf064a112
monit: accepting both logpath's: monit and monit.log, closes gh-2495
2019-11-04 12:18:12 +01:00
sebres
e5d02bc2e9
grouped tags (`<ADDR>`, `<HOST>`, `<SUBNET>`) recognize IP addresses enclosed in square brackets, closes gh-2494
2019-11-04 12:11:00 +01:00
sebres
d44607a161
part of #927 - filter enhancement to parse IP sub-nets (IP/CIDR with correct recognition of IP-family),
...
provides new replacement tags for failregex to match subnets in form of IP-addresses with CIDR mask (gh-2559):
- `<CIDR>` - helper regex to match CIDR (simple integer form of net-mask);
- `<SUBNET>` - regex to match sub-net adresses (in form of IP/CIDR, also single IP is matched, so part /CIDR is optional);
2019-11-01 16:29:17 +01:00
CPbN
9e699646f8
Add Centreon jail
2019-10-24 14:37:18 +02:00
CPbN
18ba714f97
Add Centreon jail
2019-10-23 09:14:26 +02:00
sebres
5e3fef1631
Merge branch 'amend-gh-2254' into 0.10
2019-10-18 19:06:42 +02:00
sebres
85ec605358
nftables: amend to gh-2254 - implemented shutdown of action (proper clean-up) - at stop it checks now the last set was deleted and removes table completely (if table does not contain any set);
...
this is avoided if some sets were added manually or can be avoided via overwriting of parameter `_nft_shutdown_table`, for example:
banaction = nftables[_nft_shutdown_table=''][...]
2019-10-18 19:01:16 +02:00
sebres
51af193402
nftables: add options allowing to specify own table (default `f2b-table`) and chain (default `f2b-chain`)
2019-10-18 18:54:02 +02:00