Daniel Black
008952035d
BF: files/redhat-initd - as per http://pkgs.fedoraproject.org/cgit/fail2ban.git/tree/fail2ban-init.patch
11 years ago
Daniel Black
4780451883
Merge pull request #472 from grooverdan/banip-ignoreconflict
...
ENH: banning an IP in the ignoreIPList now issues warning to log, but still does the ban
11 years ago
Daniel Black
51f2619878
Merge pull request #473 from grooverdan/whois-missing
...
ENH: Whois missing in actions? Include output to say so
11 years ago
Daniel Black
e07ba41870
Merge pull request #463 from grooverdan/firewall-cmd-direct-new-length-too-long
...
BF: firewall-cmd-direct-new was too long. Thanks Joel.
11 years ago
Steven Hiscocks
a19b33cc72
ENH: blocklist.de action added fail2ban version as user agent
11 years ago
Steven Hiscocks
f742ed0e4b
DOC: when to use blocklist.de reporting
...
Taken from commit 1846056606
11 years ago
Steven Hiscocks
e810ec009d
ENH: Added blocklist.de reporting API action
11 years ago
Steven Hiscocks
60d298d898
BF: fail2ban-regex erroneously reporting multiple regexs had matched
11 years ago
Steven Hiscocks
c03a50b44b
BF: Allow handle case when SKIPLINES lines is not matched
...
Example is when one or more SKIPLINES is optional in a regex
11 years ago
Steven Hiscocks
c886414e2e
ENH+BF: Capture multiline matched lines into fail ticket
...
Previously only the last line of the match was being saved, not all
lines involved in matching.
Log lines are now broken into 3 part tuple, with the line pre-datetime,
the datetime, and post-datetime. Allows reformation of full line, but
also use of the line without the datetime present.
Attempting to use the term "tupleLine(s)" where possible, to avoid
confusion with normal read lines.
May also wish to consider that regexs could be made to capture more
lines of interest if some form of unique reference is available. This
may allow more lines of interest to be captured, which may not be picked
up by the traditional "grep <ip>" approach i.e. ones which do not have
the ip address in.
This also simplified the fail2ban-regex statistics for missed lines.
Also resolved bug with missed lines time extracted for debuggex having
some lines present which were captured in a multiline regex.
Also resolved independent issue with ignored line check including the
datetime, which raised assertion error in the rare case the datetime
matched the ignore regex, and the rest of line only matched a failregex
11 years ago
Daniel Black
4dc51e5def
BF: put notice in email if whois program could not provide more information. Closes gh-471
11 years ago
Daniel Black
97d7f46bb7
DOC: correct grammar - s/Here are more information/Here is more information/
11 years ago
Daniel Black
e108de3f6d
ENH: banning an IP in the ignoreIPList now issues warning to log, but still continues
11 years ago
Daniel Black
b5d6310d28
BF: create flushlogs command to prevent logrotation clobbering logtarget. Closes gh-458
11 years ago
Daniel Black
8aead9ab79
BF: escape quotes when splitting addresses for xarf
11 years ago
Daniel Black
1846056606
DOC: when to use xarf messages to network owner
11 years ago
Daniel Black
8c37d2e4de
ENH: remove dependency on querycontacts
11 years ago
Daniel Black
bfd435091d
ENH: jail examples for xarf-login-attack
11 years ago
Daniel Black
dd356c3cef
BF: fixed for sendmail and tested the MTA aspects of this action
11 years ago
Daniel Black
9df5f4eec8
BF: remove debugging tee command on xarf-login-attack
11 years ago
Daniel Black
9c1a679b7f
DOC: changelog for xarf-login-attack action
11 years ago
Daniel Black
d015f7f4fc
BF/ENH: fixed so xarf-login-attack works
11 years ago
Yaroslav Halchenko
2c1199cce0
Let's progress and mark a2 release toward 0.9.0
11 years ago
Daniel Black
0495aa098e
BF: grep matches on <ip> shouldn't include other IPs
11 years ago
Daniel Black
95845b7b65
BF: complain action could match too many IP addresses
11 years ago
Daniel Black
5cc7173fd4
ENH: add xarf email sender for login-attack type
11 years ago
Yaroslav Halchenko
3a5983ab0b
Merge branch 'bf/syslog-format' of https://github.com/yarikoptic/fail2ban
...
* 'bf/syslog-format' of https://github.com/yarikoptic/fail2ban :
Changelog entries for the last changes
ENH: added optional [PID] matching in recidive.conf
ENH: reintroducing levelnameinto syslog msgs, time stamp and indentation in non-syslog msgs
BF/ENH: include [PID] into logging msgs, remove indentation from syslog messages
Conflicts:
ChangeLog
11 years ago
Daniel Black
f7504d5b64
MRG: conflict in THANKS
11 years ago
Daniel Black
4d86a17641
Merge pull request #453 from grooverdan/master_to_0.9
...
MRG: merge Master to 0.9
11 years ago
Daniel Black
56b6bf7d25
ENH: reduce firewalld-cmd-new -> firewallcmd-new
11 years ago
Daniel Black
04438cd1a1
BF/ENH: mysql jail - rename to mysql-syslog to be consistent with 0.8.13. Add port to syslog defination. Document mysql configuration required for mysql jails
11 years ago
Daniel Black
3f4d179612
BF: smtps not an IANA port - from #447
11 years ago
Daniel Black
fe9e077acf
BF: correct spelling of port for solid-pop3 jail in jail.conf
11 years ago
Daniel Black
86a0a5962a
BF: revert to fail2ban- prefix as f2b- was intended for 0.9
11 years ago
Yaroslav Halchenko
982d5abbef
Merge branch 'namelength20' of https://github.com/grooverdan/fail2ban
...
* 'namelength20' of https://github.com/grooverdan/fail2ban :
DOC: document rational behind 20 character jail name limit
Conflicts:
ChangeLog
11 years ago
Yaroslav Halchenko
25e967f23b
Merge branch 'mysqld-syslog-iptables-name-too-long' of https://github.com/grooverdan/fail2ban
...
* 'mysqld-syslog-iptables-name-too-long' of https://github.com/grooverdan/fail2ban :
BF: jail name mysqld-syslog-iptables too long. removed -iptables. Thanks Stefan (#447 )
Conflicts:
ChangeLog
11 years ago
Yaroslav Halchenko
f2fed88920
Merge pull request #465 from grooverdan/smtps-not-iana-protocol
...
BF: smtps not IANA standard. Closes #447
See http://en.wikipedia.org/wiki/SMTPS for more information on port 465
11 years ago
Daniel Black
2bcc6c66b1
TST: remove python 2.5 from TravisCI
11 years ago
Daniel Black
b9b2ddf996
BF: smtps not IANA standard. Closes #447
11 years ago
Daniel Black
cade746307
BF: jail name mysqld-syslog-iptables too long. removed -iptables. Thanks Stefan ( #447 )
11 years ago
Daniel Black
9e53892708
BF: did remove instead of move
11 years ago
Daniel Black
b157be22d2
TST: pids don't match test case for sshd filter
11 years ago
Daniel Black
fb666b69ff
BF: firewall-cmd-direct-new was too long. Thanks Joel.
11 years ago
Daniel Black
99838440c8
DOC: document rational behind 20 character jail name limit
11 years ago
Daniel Black
227f27ce6b
ENH: added multiline filter for sshd filter
11 years ago
Daniel Black
f80fa7d7a0
Merge pull request #456 from grooverdan/apffix
...
BF: add init section with name for action.d/apf. Closes #398
11 years ago
Daniel Black
13223c33f5
MRG: recidive-protocol-all
11 years ago
Daniel Black
dc154c792e
BF: add init section with name for action.d/apf. Closes #398
11 years ago
Daniel Black
093aee9676
TST: no python-2.5 any more - https://github.com/travis-ci/travis-ci/issues/1668
11 years ago
Yaroslav Halchenko
085ebbe1de
Changelog entries for the last changes
11 years ago