github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
1,038 Commits
32 Branches
229 Tags
17 MiB
Commit Graph

222 Commits (7c409dd24fbbef88e0d972e20d5f4223a06dce5d)

Author SHA1 Message Date
Daniel Black 945ad3d9e6 BF: ensure dates in email are in the C locale. Thanks iGeorgeX 2013-04-29 14:10:23 +10:00
Daniel Black 0ac8746d05 ENH: Account for views in named filter. By Romain Riviere in gentoo bug #259458 2013-04-28 11:03:44 +10:00
Yaroslav Halchenko 22f04677b6 BF: usedns deals with forward (not reverse) DNS lookups (thanks Steven Hiscocks) 2013-04-23 13:56:51 -04:00
Daniel Black 41b9f7b6ac BF: filter.d/sshd "Did not receive identification string" relates to an exploit so document this in sshd-ddos.conf but leave it out of authentication based blocks in sshd.conf 2013-04-18 04:38:03 +10:00
Daniel Black 32d10e904a ENH: more openssh fail messages from openssh source code (CVS 20121205) 2013-04-17 00:03:36 +10:00
Yaroslav Halchenko 59192a5585 Merge remote-tracking branch 'github_kwirk_fail2ban/pidfile' 
* github_kwirk_fail2ban/pidfile:
  Typo in default pidfile in fail2ban.conf
 2013-04-09 23:48:46 -04:00
Yaroslav Halchenko 99a5d78e37 ENH: for consistency (and future expansion ;)) -- rename to mysqld-auth 2013-04-09 18:03:34 -04:00
Yaroslav Halchenko ffaa9697ee Adjusting previous PR (MySQL logs) according to my comments 2013-04-09 18:00:40 -04:00
Yaroslav Halchenko 3e6be243bf Merge branch 'Support_for_mysql_log_example' of https://github.com/arto-p/fail2ban 
* 'Support_for_mysql_log_example' of https://github.com/arto-p/fail2ban:
  Added testcase for MySQL date format to testcases/datedetectortestcase.py and example of MySQL log file.
  Added support for MySQL logfiles

Conflicts:
	testcases/datedetectortestcase.py -- conflictde with other added test cases
 2013-04-09 17:55:14 -04:00
Yaroslav Halchenko 72b06479a5 ENH: Slight tune ups for fresh SOGo filter + comment into the sample log file 2013-03-27 11:09:54 -04:00
Yaroslav Halchenko 105306e1a8 Merge remote-tracking branch 'pr/117/head' -- SOGo filters 
* pr/117/head:
  An example of failed logins against sogo
  Update sogo-auth.conf
  Update config/filter.d/sogo-auth.conf
  Create sogo-auth.conf
  Update config/jail.conf
 2013-03-27 11:09:35 -04:00
Yaroslav Halchenko 91d5736c12 ENH: postfix filter -- react also on (450 4.7.1) with empty from/to. fixes #126 2013-03-26 09:40:04 -04:00
ArndRa bba3fd8568 Update sogo-auth.conf 
included hint by user  yarikoptic
 2013-03-25 08:43:13 +01:00
Artur Penttinen 29d0df58be Added support for MySQL logfiles 2013-03-24 16:52:58 +02:00
Daniel Black 67544d1dd6 DOC: tags are documented in the jail.conf(5) man page 2013-03-17 10:52:49 +11:00
Yaroslav Halchenko 5e5eaaf838 Merge pull request #134 from grooverdan/misc-fixes 
BF: fail2ban client can't handle multi word setcinfo or action[*] values
 2013-03-10 18:01:17 -07:00
Pascal Borreli a2b29b4875 Fixed typos 2013-03-10 22:05:33 +00:00
Daniel Black a0f088be25 ENH: typo + head -1 has been deprecated for 10+ years. 2013-03-10 16:28:45 +11:00
Yaroslav Halchenko a8bd9c20a0 Merge branch 'master' of git://github.com/fail2ban/fail2ban 
* 'master' of git://github.com/fail2ban/fail2ban:
  add blocking type
  add example jail.conf for blocking through blackhole routes for ssh
  add support for blocking through blackhole routes
 2013-02-18 23:12:06 -05:00
Yaroslav Halchenko d5ae28facf Merge pull request #104 from gebi/t/route 
add support for blocking through blackhole routes
 2013-02-18 08:01:34 -08:00
Steven Hiscocks 294f073741 Typo in default pidfile in fail2ban.conf 2013-02-17 22:42:24 +00:00
Steven Hiscocks ce3ab34dd8 Added ability to specify PID file 2013-02-17 22:14:01 +00:00
Daniel Black 47b1ee39d8 add blocking type 2013-02-17 12:44:15 +11:00
Yaroslav Halchenko 8cf006827e BF: remove path from grep call in sendmail-whois-lines.conf Closes: gh-118 2013-02-12 08:48:05 -05:00
ArndRa 6cd358ee95 Update config/filter.d/sogo-auth.conf 
Comment line in the top altered to fit file name. My local file was named differently...
 2013-02-12 10:45:37 +01:00
ArndRa 35bf84abad Create sogo-auth.conf 
Regexp works with SOGo 2.0.5 or newer, following new feature implemented here: http://www.sogo.nu/bugs/view.php?id=2229
 2013-02-11 08:19:48 -08:00
ArndRa 52f952e645 Update config/jail.conf 
Update to use the new sogo-auth filter
 2013-02-11 17:14:29 +01:00
Yaroslav Halchenko 5f2d3832f7 NF: roundcube-auth filter (to close Debian #699442, needing debian/jail.conf section) 2013-01-31 14:41:34 -05:00
Orion Poplawski bb7628591c Update config/filter.d/sshd.conf 
Do not trigger sshd bans on pam_unix authentication failures, this will trigger on successful logins on systems that use non-pam_unix authentication (sssd, ldap, etc.).
 2013-01-18 14:44:49 -07:00
Yaroslav Halchenko 9a39292813 ENH: Added login authenticator failed regexp for exim filter 2013-01-04 15:23:05 -05:00
Yaroslav Halchenko b3d8ba146b DOC: Mention that logrotate configuration needs to be adjusted if logtarget is changed (Closes: #697333) 2013-01-04 15:23:05 -05:00
Michael Gebetsroither 03433f79cd add example jail.conf for blocking through blackhole routes for ssh 2013-01-04 16:09:04 +01:00
Michael Gebetsroither f9b78ba927 add support for blocking through blackhole routes 2013-01-03 18:46:31 +01:00
Daniel Black da0ba8ab4c ENH: add example jail for ipset 2012-12-31 14:38:51 +11:00
Daniel Black 9221886df6 more documentation and optimisations/fixes based on testing 2012-12-31 14:31:37 +11:00
Daniel Black abd5984234 base ipset support 2012-12-31 14:31:37 +11:00
pigsyn f336d9f876 Update config/filter.d/webmin-auth.conf 
Added '\s*$' to the regular expression to match the space written by webmin logs at line-endings
 2012-12-13 08:14:49 +01:00
pigsyn dc67b24270 Update config/filter.d/webmin-auth.conf 
Added a trailing '.*$' to each regex so they can find expressions in targeted log files.
 2012-12-12 23:07:39 +01:00
Yaroslav Halchenko 3969e3f77b ENH: dovecot.conf - require space(s) before rip/rhost log entry 2012-12-12 09:16:52 -05:00
hamilton5 266cdc29a6 Update config/filter.d/dovecot.conf 
even tho not on the fail2ban site..
suggested to not be greedy by yarikoptic
 2012-12-11 12:09:28 -05:00
hamilton5 e040c6d8a3 Update config/filter.d/dovecot.conf 
site actually needs updated because of <HOST> alias 
per Notes above.
 2012-12-11 03:26:14 -05:00
hamilton5 7ede1e8518 Update config/filter.d/dovecot.conf 
added failregex line for debian and centos per 
http://www.fail2ban.org/wiki/index.php/Talk:Dovecot
 2012-12-10 19:17:04 -05:00
Yaroslav Halchenko fc27e00290 ENH: tune up sshd-ddos to use common.conf and allow training spaces 2012-12-07 15:24:34 -05:00
Yaroslav Halchenko 6ecf4fd80a Merge pull request #64 from sourcejedi/remove_sshd_rdns 
Misconfigured DNS should not ban *successful* ssh logins

Per our discussion indeed better (and still as "safe") to not punish users behind bad DNS
 2012-11-05 18:20:37 -08:00
Yaroslav Halchenko 282724a7f9 ENH: join both failregex for lighttpd-auth into a single one 
they are close in meaning
should provide a slight run-time performance benefit
 2012-09-30 11:30:24 -04:00
François Boulogne 958a1b0a40 Lighttpd: support auth.backend = "htdigest" 2012-09-30 13:27:21 +02:00
Yaroslav Halchenko 2a225aa6ee Added a warning within "complaint.conf" action about care with enabling it 2012-08-13 23:03:52 -04:00
Yaroslav Halchenko 2082fee7b1 ENH: match possibly present "pam_unix(sshd:auth):" portion for sshd (Closes: #648020) 2012-07-31 15:53:41 -04:00
Yaroslav Halchenko 6ad55f64b3 ENH: add wu-ftpd failregex for use against syslog (Closes: #514239) 2012-07-31 15:43:13 -04:00
Yaroslav Halchenko 80b191c7fd BF: anchor chain name in actioncheck's for iptables actions (Closes: #672228) 2012-07-31 15:27:05 -04:00