Tomas Pihl
b52a4441fd
Support ACL-events without AccountID. Typically happens when a registration
...
from an unknown domain is performed.
Add credits
2014-01-12 01:28:55 +01:00
Steven Hiscocks
128112d51c
ENH: ejabberd filter
2014-01-09 22:47:17 +00:00
Daniel Black
8333abe420
Merge pull request #557 from grooverdan/apache-botsearch
...
ENH: Apache botsearch + BF: tag substition
2014-01-09 14:11:00 -08:00
Steven Hiscocks
7e8da15fc6
Merge pull request #572 from grooverdan/counterstrike
...
ENH: Counter Strike filter
2014-01-08 12:47:10 -08:00
Daniel Black
b6676dbadc
DOC: spelling of Counter Strike
2014-01-08 07:45:26 +11:00
Yaroslav Halchenko
6532a2e2f7
Merge pull request #548 from grooverdan/exim-honeypot
...
Exim honeypot
2014-01-07 06:14:42 -08:00
Daniel Black
0fb6bc7188
ENH: add filter for Counter Strike 1.6. Closes gh-347
2014-01-07 20:33:57 +11:00
Daniel Black
9e087b508d
MRG: from 0.9
2014-01-07 16:11:40 +11:00
Daniel Black
58ebf659e4
MRG: from 0.9 to make history cleaner
2014-01-07 16:07:58 +11:00
Daniel Black
76468942f9
MRG: complete merge from master
2014-01-07 10:24:23 +11:00
Steven Hiscocks
bb11c29667
Merge pull request #567 from grooverdan/groupoffice-filter
...
ENH: add filter groupoffice. Closes gh-566
2014-01-06 10:31:32 -08:00
Daniel Black
b9cd492e9f
Merge pull request #555 from grooverdan/nagios_fix
...
BF: nagios fix
2014-01-06 03:12:26 -08:00
Daniel Black
3ee6e993c6
MRG: merge ChangeLog for nagios fix
2014-01-06 22:09:10 +11:00
Daniel Black
fecb07f36d
MRG: filter substition
2014-01-06 22:07:49 +11:00
Daniel Black
db7b7bfefa
Credits for groupoffice
2014-01-06 22:00:12 +11:00
alasdairdc
67c44a5001
Update ChangeLog
2014-01-06 10:44:21 +00:00
Daniel Black
a8e0498389
BF: add expression for ssh filter for code 3: SSH2_DISCONNECT_KEY_EXCHANGE_FAILED. closes gh-289
2014-01-05 21:26:26 +11:00
Daniel Black
23f0b854da
MRG: merge in freeswitch
2014-01-04 12:24:40 +11:00
Daniel Black
05b159c74b
Merge pull request #464 from grooverdan/increase-jail-name-length
...
ENH: Actions to have f2b- as prefix instead of fail2ban- as per #462
2014-01-03 14:48:56 -08:00
Daniel Black
3d1a1afca4
MRG: to more recent 0.9
2014-01-04 09:31:05 +11:00
Daniel Black
7c09a61ca5
ENH: add apache-botsearch. Closes gh-544
2014-01-03 23:12:58 +11:00
Daniel Black
b8536490ef
ENH: filter for stunnel from fail2ban wiki
2014-01-03 19:32:29 +11:00
Daniel Black
04d28fd2e1
ENH: add filter freeswitch - as raised on mailing list
2014-01-03 13:00:37 +11:00
Daniel Black
117d3b0466
MRG: horde filter from master
2014-01-03 10:34:59 +11:00
Daniel Black
83f3aeb308
ENH: filter for horde
2014-01-02 23:12:36 +11:00
Daniel Black
9c7bb3b97e
ENH: exim-spam to take honeypot email address as argument. Closes #541
2014-01-01 22:45:13 +11:00
Daniel Black
391b5fc883
MRG: from master again 2014-01-01
2014-01-01 19:28:38 +11:00
Daniel Black
1b037a6f29
DOC: document addition of filter options substitution into failregex/ignoreregex
2013-12-31 19:15:11 +11:00
Daniel Black
856407379b
ENH: add filter openwebmail. Closes gh-543.
2013-12-31 08:09:00 +11:00
Daniel Black
332d37f363
DOC: python-2.6 minimium now. Closes gh-526
...
Clean up ChangeLog and README.md to reflect these changes.
Remove credit from developers for individual changes to be consistent
with the 0.8.12 ChangeLog. Update summary and priority of items listed
in ChangeLog.
2013-12-30 04:57:16 +00:00
Daniel Black
e220210dc4
DOC: fix ChangeLog entry for exim-spam
2013-12-29 21:55:04 +00:00
Daniel Black
dbca949e5e
DOC: typo in ChangeLog
2013-12-29 21:26:30 +00:00
Daniel Black
d727ba639a
ENH: exim-spam to include spamassassin log entry. Closes gh-533
2013-12-29 20:16:37 +00:00
Daniel Black
4a0e428563
DOC: change log for asynchat.push change
2013-12-29 07:11:57 +00:00
Daniel Black
c074773805
ENH: apache modsecurity from 0.9 branch
2013-12-29 07:06:13 +00:00
Daniel Black
be382dae4d
MRG: ufw changelog conflicts
2013-12-29 05:45:06 +00:00
Daniel Black
1f6ece2a40
Merge pull request #490 from grooverdan/firewallcmd-ipset
...
ENH: add firewallcmd-ipset
2013-12-28 21:43:49 -08:00
Daniel Black
ea2a13946e
TST: more test of filters
2013-12-29 05:29:59 +00:00
Daniel Black
c9cfdca396
ENH: add filter for apache-modsecurity
2013-12-28 22:28:11 +00:00
Daniel Black
d3c065bf76
ENH: add PyPy compatibility
2013-12-27 05:15:33 +00:00
Daniel Black
1b7df1181f
BF: apache-2.4 log format fix. Closes gh-516
2013-12-23 08:28:40 +00:00
Yaroslav Halchenko
7af58b9984
Merge branch 'apache-noscripts' of https://github.com/grooverdan/fail2ban
...
* 'apache-noscripts' of https://github.com/grooverdan/fail2ban :
ENH: apache-noscript now matched php-cgi scripts. Closes gh-503
Conflicts:
ChangeLog -- two new entries collided, Reformatted the merged one a bit
2013-12-22 22:28:57 -05:00
Daniel Black
a9b7d33c51
ENH: apache-noscript now matched php-cgi scripts. Closes gh-503
2013-12-19 10:01:24 +00:00
Steven Hiscocks
d22716ab63
ENH: Add nsd filter and amend DateEpoch to match date format
2013-12-18 22:31:54 +00:00
alasdairdc
04c267c307
Updated Changelog
2013-12-18 08:36:30 +00:00
Daniel Black
7c0efc8ec8
MRG: merge so far - flushLogs not working yet
2013-12-16 15:08:34 +00:00
Steven Hiscocks
66e9f06feb
DOC: ChangeLog moved python3 support to refactoring
2013-12-14 17:46:13 +00:00
Steven Hiscocks
401d8aba1f
DOC: Update ChangeLog with systemd backend and persistent database
2013-12-14 17:20:21 +00:00
Daniel Black
f1e593da67
DOC: Changelog for adding firewallcmd-ipset
2013-12-14 10:27:11 +00:00
Daniel Black
f35345ecaa
ENH: add ufw action based off Guilhem Lettron's work in lp-#701522. Closes gh-455
2013-12-14 00:34:12 +00:00
Daniel Black
13ccebe78f
BF: fix actioncheck in firewallcmd
2013-12-13 23:40:51 +00:00
Daniel Black
66374913ec
ENH: add squid filter
2013-12-10 21:24:37 +11:00
Daniel Black
f385439a41
MRG: ChangeLog merge
2013-12-09 09:28:42 +11:00
Daniel Black
80df01bf15
Merge pull request #468 from grooverdan/xarf
...
ENH: action.d/Xarf reporting of messages
2013-12-08 14:26:37 -08:00
Steven Hiscocks
7115f64f83
Merge pull request #470 from grooverdan/flush-logs
...
BF: create flushlogs command to prevent logrotation clobbering logtarget...
2013-12-06 16:30:16 -08:00
Daniel Black
e07ba41870
Merge pull request #463 from grooverdan/firewall-cmd-direct-new-length-too-long
...
BF: firewall-cmd-direct-new was too long. Thanks Joel.
2013-12-05 12:42:55 -08:00
Daniel Black
b5d6310d28
BF: create flushlogs command to prevent logrotation clobbering logtarget. Closes gh-458
2013-12-04 20:51:30 +11:00
Daniel Black
9c1a679b7f
DOC: changelog for xarf-login-attack action
2013-12-01 17:51:31 +11:00
Yaroslav Halchenko
2c1199cce0
Let's progress and mark a2 release toward 0.9.0
2013-11-30 12:25:17 -05:00
Daniel Black
95845b7b65
BF: complain action could match too many IP addresses
2013-11-30 17:47:10 +11:00
Yaroslav Halchenko
3a5983ab0b
Merge branch 'bf/syslog-format' of https://github.com/yarikoptic/fail2ban
...
* 'bf/syslog-format' of https://github.com/yarikoptic/fail2ban :
Changelog entries for the last changes
ENH: added optional [PID] matching in recidive.conf
ENH: reintroducing levelnameinto syslog msgs, time stamp and indentation in non-syslog msgs
BF/ENH: include [PID] into logging msgs, remove indentation from syslog messages
Conflicts:
ChangeLog
2013-11-29 19:58:56 -05:00
Daniel Black
f7504d5b64
MRG: conflict in THANKS
2013-11-30 10:39:19 +11:00
Yaroslav Halchenko
982d5abbef
Merge branch 'namelength20' of https://github.com/grooverdan/fail2ban
...
* 'namelength20' of https://github.com/grooverdan/fail2ban :
DOC: document rational behind 20 character jail name limit
Conflicts:
ChangeLog
2013-11-29 10:09:16 -05:00
Yaroslav Halchenko
25e967f23b
Merge branch 'mysqld-syslog-iptables-name-too-long' of https://github.com/grooverdan/fail2ban
...
* 'mysqld-syslog-iptables-name-too-long' of https://github.com/grooverdan/fail2ban :
BF: jail name mysqld-syslog-iptables too long. removed -iptables. Thanks Stefan (#447 )
Conflicts:
ChangeLog
2013-11-29 10:02:31 -05:00
Daniel Black
b9b2ddf996
BF: smtps not IANA standard. Closes #447
2013-11-29 21:47:53 +11:00
Daniel Black
cade746307
BF: jail name mysqld-syslog-iptables too long. removed -iptables. Thanks Stefan ( #447 )
2013-11-29 21:45:11 +11:00
Daniel Black
af4feb0c92
Actions to have f2b- as prefix instead of fail2ban- as per #462
2013-11-29 19:08:38 +11:00
Daniel Black
fb666b69ff
BF: firewall-cmd-direct-new was too long. Thanks Joel.
2013-11-28 23:35:05 +11:00
Daniel Black
99838440c8
DOC: document rational behind 20 character jail name limit
2013-11-28 23:18:34 +11:00
Daniel Black
227f27ce6b
ENH: added multiline filter for sshd filter
2013-11-25 14:55:41 +11:00
Daniel Black
13223c33f5
MRG: recidive-protocol-all
2013-11-25 08:22:09 +11:00
Yaroslav Halchenko
085ebbe1de
Changelog entries for the last changes
2013-11-24 11:55:58 -05:00
Daniel Black
9a82bc3c61
BF: kernel messages can have space. Thanks ag4ve(shawn). Closes #448
2013-11-24 18:21:02 +11:00
Daniel Black
98eacdf333
MRG/BF: merge from master. Fix bugs in iso8601
2013-11-24 16:36:06 +11:00
Yaroslav Halchenko
629e9ae445
Merge pull request #443 from grooverdan/apache-authfix
...
BF: apache filters using error log weren't matched when referer existed ...
2013-11-18 15:53:39 -08:00
Daniel Black
284f811c91
BF: apache filters using error log weren't matched when referer existed in HTTP header
2013-11-19 10:27:55 +11:00
Yaroslav Halchenko
491165c929
Merge pull request #438 from grooverdan/solid-pop3d
...
ENH: filter for Solid-pop3d
2013-11-17 17:34:46 -08:00
Daniel Black
8aa20a7b0e
ENH: credits for #440 recidive jail protocol=all
2013-11-18 07:59:56 +11:00
Daniel Black
dab2ddb9da
ENH: recidive jail to block all protocols. Closes #440
2013-11-18 07:57:16 +11:00
Yaroslav Halchenko
82174ea4c4
Changelog for preceding proftpd date format change
2013-11-16 22:18:51 -05:00
Daniel Black
88eff70774
ENH: filter.d/solid-pop3d added
2013-11-16 09:43:15 +11:00
Daniel Black
ed212fcdcc
DOC: new ChangeLog header
2013-11-16 09:40:05 +11:00
Daniel Black
1ac7b53cad
MRG: merge from master
2013-11-13 09:16:45 +11:00
Daniel Black
d0498bec69
DOC: finalise 0.8.11 release
2013-11-13 08:05:08 +11:00
Daniel Black
eb9663eb4f
BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from <HOST>" regex thanks to Jonathan Lanning
2013-11-12 09:22:41 +11:00
Yaroslav Halchenko
49024fe6ea
DOC: minor typos in ChangeLog
2013-11-08 14:36:56 -08:00
Yaroslav Halchenko
ea8fce6308
Merge pull request #426 from yarikoptic/bf/openssh6.3-regex-injection
...
openssh 6.3 regex injection vectors: inject into ruser and/or exploiting pre-specified limits set for user provided data
2013-11-08 14:35:18 -08:00
Daniel Black
d6bbe03861
Merge pull request #424 from grooverdan/nginx-auth
...
ENH: add filter.d/nginx-http-auth. Partially forfils #405
2013-11-08 14:24:02 -08:00
Yaroslav Halchenko
750e0c1e3d
BF: disallow exploiting of non-greedy .* in previous fix by providing too long rhost -- do not impose length limits for user-provided input
...
since daemon might eventually change reported length and we would need to adjust anyways. So limiting
in length does not provide additional security but allows for a possible injection vector
2013-11-08 10:10:33 -08:00
Yaroslav Halchenko
eace931c19
Changelog for prior changes (gen_buildbots)
2013-11-07 15:47:25 -08:00
Daniel Black
a148d35d70
ENH: add filter.d/nginx-http-auth. Partially forfills #405
2013-11-08 10:06:40 +11:00
Daniel Black
cb982ef921
ENH: multiline filter for sendmail-spam. Closes gh-418
2013-11-08 08:55:45 +11:00
Yaroslav Halchenko
28ee7ba123
DOC: keeping Changelog release-phrases uniform, simplified intro, unified
2013-11-06 14:04:30 -05:00
Yaroslav Halchenko
f26fba9c19
DOC: Untabifying and reindenting a bit ChangeLog
2013-11-06 13:47:45 -05:00
Daniel Black
0730db9b2b
Merge pull request #416 from grooverdan/debian-bug-665925-wuftpd-pam
...
BF: wuftpd pam filter fix (Debian bug 665925)
2013-11-05 18:39:01 -08:00
Daniel Black
e55b24c533
BF: fix dovecot filter for newer failure message. Closes Debian bug #709324
2013-11-06 12:51:21 +11:00
Daniel Black
8b54523316
BF: fix to filter.d/wuftp to support pam authentication - Debian bug #665925
2013-11-06 12:13:37 +11:00
Daniel Black
ac1f45d18c
Merge pull request #412 from grooverdan/firewalld
...
ENH: enhance firewall-cmd to use firewall-0.8.3's --remove-rules
2013-11-05 16:46:18 -08:00
Daniel Black
87f68d7564
firewalld-0.3.8 release that support --remove-rules out so documenting this.
2013-11-06 11:37:56 +11:00
Daniel Black
47d35c9d80
MRG: 0.8.11 to 0.9
...
Epnoc of selinux is now true UTC
Merge multiline support and date detection in filter
2013-11-02 15:59:05 +11:00