github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
1,263 Commits
32 Branches
229 Tags
17 MiB
Commit Graph

1263 Commits (809873f3592840659df6386020b3a9b45696036c)

Author SHA1 Message Date
Yaroslav Halchenko 5f2d3832f7 NF: roundcube-auth filter (to close Debian #699442, needing debian/jail.conf section) 2013-01-31 14:41:34 -05:00
Steven Hiscocks 9c2e0cbbc8 Fix up for warning/error for inaccessible config files 2013-01-31 18:36:23 +00:00
Steven Hiscocks bf5f46c3d5 Warn if config file present but unreadable 2013-01-30 19:57:03 +00:00
Steven Hiscocks efea62e03f Revert changes to man/fail2ban-client.1 2013-01-28 20:47:32 +00:00
Steven Hiscocks 02218294bc Removed "common.local" include for FilterReader test 2013-01-28 18:41:12 +00:00
Yaroslav Halchenko d561a4c2bb BF: do not rely on scripts being under /usr -- might differ eg on Fedora -- rely on import of common.version (Closes gh-112) 
This is also not ideal, since if there happens to be some systemwide common.version -- we are doomed

but otherwise, we cannot keep extending comparison check to /bin, /sbin whatelse
 2013-01-28 09:54:12 -05:00
Yaroslav Halchenko acab23bdfe RF: move exceptions used by both client and server into common/exceptions.py 
this prevents importing of server while operating with client only
 2013-01-28 09:46:50 -05:00
Steven Hiscocks b48c17b8c4 Added 'maxlines' option to fail2ban-regex 
This allows multi-line regex to be tested
 2013-01-27 10:47:13 +00:00
Steven Hiscocks 99914ac0f3 Regex get(Un)MatchedLines now returns whole lines only 
Fix issue where for regexs not anchored at start/end of line, that
getMatchedLines and getUnmatchedLines returned partial lines
 2013-01-27 09:17:48 +00:00
Yaroslav Halchenko f8c8a5583e Merge remote-tracking branch 'gh-yarikoptic/master' 
* gh-yarikoptic/master:
  BF: pyinotify - use bitwise op on masks and do not try tracking newly created directories
 2013-01-26 12:36:49 -05:00
Yaroslav Halchenko c900c08eed Merge pull request #111 from opoplawski/nonettest 
Initial support for --no-network option for fail2ban-testcases (Closes gh-110)
 2013-01-25 16:45:01 -08:00
Orion Poplawski 431489c9b9 Remove unneeded setting of opts.no_network 2013-01-25 14:19:10 -07:00
Yaroslav Halchenko 6b2e76ba7f BF: pyinotify - use bitwise op on masks and do not try tracking newly created directories 2013-01-25 16:06:41 -05:00
Orion Poplawski fdd9dfb4b5 Initial support for --no-network option for fail2ban-testcases 2013-01-25 12:56:00 -07:00
Steven Hiscocks d05f420758 Added FilterReader test 2013-01-25 18:28:48 +00:00
Yaroslav Halchenko b8a861d012 Merge remote-tracking branch 'gh-yarikoptic/master' 
* gh-yarikoptic/master:
  ENH: Added login authenticator failed regexp for exim filter
  DOC: Mention that logrotate configuration needs to be adjusted if logtarget is changed (Closes: #697333)
 2013-01-25 13:27:30 -05:00
Steven Hiscocks 7234c2a3aa Added multiregex test for multi-line filter 2013-01-25 18:16:55 +00:00
Steven Hiscocks ea466d59f4 ignoreregex now functions correctly with multiline 
Ignore regexs are now only compared to lines that match the failregex.
Supporting test also added for multiline regex and overlapping
multiline regex matches.
 2013-01-25 18:11:40 +00:00
Yaroslav Halchenko 4a48844027 Merge pull request #107 from opoplawski/master 
sshd filter - avoid banning on pam failures since might be too early. Close gh-106

If desired to ban on pam -- enable pam-generic filter, possibly even tuning in pam-generic.local the value for caught ttys in case of more detailed control needed

Provided example was:

 Jan 18 12:47:34 host sshd[23755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.123.123.123  user=myuser
 Jan 18 12:47:34 host sshd[23755]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.123.123.123 user=myuser
 Jan 18 12:47:34 host sshd[23755]: Accepted password for myuser from 123.123.123.123 port 50615 ssh2
 2013-01-25 08:24:44 -08:00
Yaroslav Halchenko 7d630cb0de Merge pull request #109 from blotus/master 
Escape ' and " in matches
 2013-01-25 08:11:04 -08:00
blotus 96eb8986cc Escape ' and " in matches tag 2013-01-25 13:37:22 +01:00
Steven Hiscocks 28f68a693f Minor typo in server/failregex.py 2013-01-24 21:12:45 +00:00
Steven Hiscocks 9b4806bfd3 Added <SKIPLINES> regex applicable for multi-line 
This allows lines captured by <SKIPLINES> regex to remain in the line
buffer in Filter
 2013-01-24 18:20:43 +00:00
Steven Hiscocks 5952819a58 Sanitise testcase log 04 2013-01-23 19:32:55 +00:00
Steven Hiscocks 00ab425492 Changed multi-line test to provided example 2013-01-23 19:10:27 +00:00
Steven Hiscocks 055aeeb227 Filter for multi-line now stores last time match 
This is useful for log files which dont contain a date/time on every
line
 2013-01-23 18:42:25 +00:00
Steven Hiscocks 5c7e3841e0 Simplify and change some filter line buffer 
Include change variable names to `fail2ban` style
 2013-01-23 18:26:49 +00:00
Steven Hiscocks aec709f4c1 Initial changes and test for multi-line filtering 2013-01-22 20:54:14 +00:00
Orion Poplawski bb7628591c Update config/filter.d/sshd.conf 
Do not trigger sshd bans on pam_unix authentication failures, this will trigger on successful logins on systems that use non-pam_unix authentication (sssd, ldap, etc.).
 2013-01-18 14:44:49 -07:00
Yaroslav Halchenko 9a39292813 ENH: Added login authenticator failed regexp for exim filter 2013-01-04 15:23:05 -05:00
Yaroslav Halchenko b3d8ba146b DOC: Mention that logrotate configuration needs to be adjusted if logtarget is changed (Closes: #697333) 2013-01-04 15:23:05 -05:00
Yaroslav Halchenko 3ce53e8798 ENH: Added login authenticator failed regexp for exim filter 2013-01-04 15:22:18 -05:00
Yaroslav Halchenko 8f0c533d64 DOC: Mention that logrotate configuration needs to be adjusted if logtarget is changed (Closes: #697333) 2013-01-04 10:55:14 -05:00
Michael Gebetsroither 03433f79cd add example jail.conf for blocking through blackhole routes for ssh 2013-01-04 16:09:04 +01:00
Michael Gebetsroither f9b78ba927 add support for blocking through blackhole routes 2013-01-03 18:46:31 +01:00
Yaroslav Halchenko be06b1b914 Merge pull request #102 from grooverdan/ipset 
Ipset
 2012-12-30 19:51:15 -08:00
Daniel Black da0ba8ab4c ENH: add example jail for ipset 2012-12-31 14:38:51 +11:00
Daniel Black 9221886df6 more documentation and optimisations/fixes based on testing 2012-12-31 14:31:37 +11:00
Daniel Black abd5984234 base ipset support 2012-12-31 14:31:37 +11:00
Yaroslav Halchenko 05af52e833 ENH: fail2ban-regex -- __str__ for RegexStat + modeline 2012-12-24 11:05:44 -05:00
Yaroslav Halchenko 21e966e4bb example logs should carry the same name as the filter they are devised for 2012-12-13 08:24:02 -05:00
Yaroslav Halchenko f96ea013bb Merge pull request #99 from pigsyn/patch-2 
Update config/filter.d/webmin-auth.conf for trailing spaces
 2012-12-13 05:22:43 -08:00
pigsyn 123d457924 Update testcases/files/logs/Webmin 2012-12-13 08:33:07 +01:00
pigsyn 38dd1506cc Sample Webmin logs 2012-12-12 23:25:31 -08:00
pigsyn f336d9f876 Update config/filter.d/webmin-auth.conf 
Added '\s*$' to the regular expression to match the space written by webmin logs at line-endings
 2012-12-13 08:14:49 +01:00
pigsyn dc67b24270 Update config/filter.d/webmin-auth.conf 
Added a trailing '.*$' to each regex so they can find expressions in targeted log files.
 2012-12-12 23:07:39 +01:00
Yaroslav Halchenko 3969e3f77b ENH: dovecot.conf - require space(s) before rip/rhost log entry 2012-12-12 09:16:52 -05:00
Yaroslav Halchenko 68c1defb76 ENH: added dovecot example from Daniel Black + example with DoS attempt via injected rhost 2012-12-12 09:16:27 -05:00
Yaroslav Halchenko 6d804df504 Merge branch 'patch-2' of https://github.com/hamilton5/fail2ban (dovecot log examples) 
* 'patch-2' of https://github.com/hamilton5/fail2ban:
  Update testcases/files/logs/dovecot
  Update testcases/files/logs/dovecot
 2012-12-12 09:11:34 -05:00
Yaroslav Halchenko d7b7d7d491 Merge branch 'patch-1' of https://github.com/hamilton5/fail2ban 
* 'patch-1' of https://github.com/hamilton5/fail2ban:
  Update config/filter.d/dovecot.conf
  Update config/filter.d/dovecot.conf
  Update config/filter.d/dovecot.conf
 2012-12-12 09:10:44 -05:00