fail2ban

Commit Graph

Author	SHA1	Message	Date
oliverdorn	4a65e069e1	Solution for issue #1665 Solves the issue of authentic GoogleBots being banned by apache-fakegooglebots.	8 years ago
sebres	45174c5eaf	if fail2ban running as systemd-service, for logging to the systemd-journal, the `logtarget` could be set to STDOUT small fixes by logging in stdout (+ system targets also allowed in lowercase now)	8 years ago
sebres	1cd67ecaa2	automatically creates /var/run/fail2ban before start fail2ban (systems which /var/run/ is virtual resp. memory mount device)	8 years ago
sebres	528a7a5abb	systemd service update: - starting service in normal mode (without forking) - does not restart if service exited normally (exit-code 0, e.g. stopped via fail2ban-client) - does not restart if service can not start (exit-code 255, e.g. wrong configuration, etc.) - service can be additionally started/stopped with commands (fail2ban-client, fail2ban-server)	8 years ago
Viktor Szépe	a406c6eb3a	By the author: > Yes, scripting is not supported in path. https://bitbucket.org/tildeslash/monit/issues/372/webadmin-shows-only-the-first-part-of#comment-27946048	8 years ago
sebres	932708de9e	fixed --pidfile bug, introduced in gh-1322: gentoo-initd fixed --pidfile bug: `--pidfile` is option of start-stop-daemon, not argument of fail2ban (see gh-1434) closes gh-1434	9 years ago
Jack Suter	fb779a78c5	gentoo-initd: Use start-stop-daemon in order to handle crashes better Currently, if fail2ban is killed (or crashes), its status will be reported by '/etc/init.d/fail2ban status' as 'running' even though it is not. Attempting to restart the service also fails, because Gentoo unsuccessfully tries to stop the service. By using start-stop-daemon and providing a pidfile, Gentoo will instead report the status as 'crashed' and allow the service to be restarted as normal.	9 years ago
Yaroslav Halchenko	3dc57af19c	Merge branch 'logrotate' of https://github.com/sbraz/fail2ban * 'logrotate' of https://github.com/sbraz/fail2ban: Remove compression and count from logrotate	9 years ago
Louis Sautier	869d99dd37	Remove compression and count from logrotate Initially reported at https://bugs.gentoo.org/show_bug.cgi?id=549856	9 years ago
Louis Sautier	294a7790a9	gentoo-initd: do not hide useful output Gentoo applies a patch for this: https://bugs.gentoo.org/show_bug.cgi?id=536320	9 years ago
Yaroslav Halchenko	9f15d02910	Merge pull request #1251 from fastest963/master Added PartOf to service file so f2b restarts when deps do	9 years ago
sarneaud	5b88a84fe8	Small fixes for Gentoo initd script These fixes are pretty pedantic, but they do simplify the script a little. * Checking the existence of a file/directory before creating/deleting it adds complexity and raciness. There are better options. * mkdir -p does the job of making sure a directory exists. (It only fails if there's a filesystem error or something.) * Likewise, rm -f doesn't fail if the file doesn't exist. * rm -r isn't neccessary because the socket shouldn't be a directory. (If it is for some reason, that should be an error.)	9 years ago
James Hartig	9905396eb8	Added PartOf to service file so f2b restarts when deps do	9 years ago
Paul Menzel	078e2048f2	files: Strip trailing whitespace from files Run the command `StripWhitespace` from the [Vim Better Whitespace Plugin](https://github.com/ntpeters/vim-better-whitespace).	9 years ago
Ville Skyttä	67a94733a9	logrotate: Do not rotate empty logs As a useful side effect, prevents "Unable to contact server. Is it running?" mails from cron when fail2ban hasn't been (intentionally) running nor thus logging anything either.	9 years ago
Ville Skyttä	63c7ceb81d	logrotate: Remove outdated Fedora comment	9 years ago
Edward Beckett	03460d5ed0	Update gen_badbots Added plus char to the regex for escaping user-agent strings.	9 years ago
Yaroslav Halchenko	c96415da27	added $named and ufw to debian-initd (Debian bug #776572 )	10 years ago
Yaroslav Halchenko	d65c4f8f5d	moved debian's initd file to files/debian-initd from debian branch	10 years ago
Viktor Szépe	971c3d93fe	Monit config Copy it to `/etc/monit/monitrc.d/fail2ban` More info: https://github.com/szepeviktor/debian-server-tools/blob/master/monitoring/monit/monit-debian-setup.sh#L113	10 years ago
Yaroslav Halchenko	caa851e5c8	RF: moving logwatch setup/sample logs under files/logwatch	10 years ago
Yaroslav Halchenko	2a51a0176a	BF: minor type for delignoreregex in bash completions	11 years ago
Cameron Norman	2a14e48f0b	A few final touches on the Upstart job (a) use static-network-up, since it is more generic than the started networking event (b) do not hook into network deconfiguration to speed up shutdown (c) expect fork, per the use of the "-f" option (d) use a variable for the run directory to make changing it simpler (e) handle the situation of a left over socket file (f) use the -f option to be able to track the PID	11 years ago
Cameron Norman	39ad5b7474	Update Upstart job: uses stop command in pre-stop, removes PID file in post-stop	11 years ago
Cameron Norman	0ef5027234	Change Upstart job to track PID of the server This only works correctly if the client does not fork itself when starting the server (which forks twice further).	11 years ago
Cameron Norman	0c8e72f452	Update fail2ban.upstart No longer directly exec the server, do not remove the PID file because it is unnecessary to do so. No longer respawns because Upstart can not track the process with the starter command.	11 years ago
Cameron Norman	4115b62a01	Update fail2ban.upstart It was actually a little problematic :)	11 years ago
Cameron Norman	5e3f5db8b7	Create fail2ban.upstart Add Upstart job.	11 years ago
Ruben Kerkhof	ebed0d23c9	Add documentation link to systemd service file So systemctl help fail2ban.service works Signed-off-by: Ruben Kerkhof <ruben@rubenkerkhof.com>	11 years ago
Steven Hiscocks	c7c203964c	ENH: Add iptables and firewalld to "After" for systemd service file. Also remove no longer supported syslog.target. Closes #658	11 years ago
Steven Hiscocks	a9b9c6ea03	Merge branch 'logging' into 0.9 Conflicts: fail2ban/server/actions.py jail getName()->name fail2ban/server/filter.py jail getName()->name	11 years ago
Steven Hiscocks	212d05dc0b	ENH: Add action elements to bash-completion	11 years ago
Steven Hiscocks	5630c56c75	ENH: Change logging levels and make info more verbose	11 years ago
Daniel Black	3ee6e993c6	MRG: merge ChangeLog for nagios fix	11 years ago
alasdairdc	5428f5bbc3	Update check_fail2ban Removed unnecessary reference to as yet undeclared $jail_name when checking a specific jail.	11 years ago
Daniel Black	b5b581555c	BF: nagios fix	11 years ago
alasdairdc	2e5a2b26fb	Updated check_fail2ban to return performance data for all jails and applied to specific jail code	11 years ago
alasdairdc	5f623596ee	Updated check_fail2ban to return performance data for all jails Allows perf data from all jails to enable pnp4nagios to display a chart per jail when run with the command: check_fail2ban -p -w 1 -c 5 -P /usr/bin/fail2ban-client sample output: CHECK FAIL2BAN ACTIVITY - CRITICAL - 9 detected jails with 5 current banned IP(s) \| apache-noscript.currentBannedIP=0 sendmail.currentBannedIP=0 postfix.currentBannedIP=0 ssh-probe.currentBannedIP=3 ssh-ddos.currentBannedIP=0 apache-multiport.currentBannedIP=0 apache.currentBannedIP=0 ssh.currentBannedIP=2 apache-overflows.currentBannedIP=0	11 years ago
Daniel Black	e30c80e468	Merge pull request #478 from grooverdan/fedora-initscript-fix BF: files/redhat-initd from upstream	11 years ago
Daniel Black	008952035d	BF: files/redhat-initd - as per http://pkgs.fedoraproject.org/cgit/fail2ban.git/tree/fail2ban-init.patch	11 years ago
Daniel Black	b5d6310d28	BF: create flushlogs command to prevent logrotation clobbering logtarget. Closes gh-458	11 years ago
Yaroslav Halchenko	6f321068f1	NF: gen_badbots script to (re)generate/update config/filter.d/apache-badbots.conf	11 years ago
Yaroslav Halchenko	f1487bfb74	Merge pull request #240 from jpmx/master bug fixed on redhat-initd per @opoplawski blessing	11 years ago
Orion Poplawski	67497db6e5	Change /tmp/fail2ban.sock to /var/run/fail2ban/fail2ban.sock	11 years ago
JP Espinosa	32b271c36e	Update redhat-initd - Using `-x` to remove previous socket on start - Using Should- to wait for iptables and wrappers	12 years ago
JP Espinosa	3736d7ddbf	Rewrite to use native init.d functions - There was a bug with the old "getpid" function, when running linux containers you can see multiple fail2ban instances on hardware node and could stop one on a random virtual environment - Added reload and status options	12 years ago
Yaroslav Halchenko	374e7c6fc9	Merge pull request #208 from grooverdan/opensuse_init Opensuse init -- from stock suse distribution	12 years ago
Yaroslav Halchenko	746c7d990e	Merge pull request #217 from kwirk/bash-completion NF: bash-completion	12 years ago
Steven Hiscocks	95726b3976	DOC: Drop sudo from bash-completion	12 years ago
Steven Hiscocks	92dff6d645	DOC: Added bash-completion script	12 years ago

1 2

96 Commits (80cc47b75ff14858d9a7bab8410ce982745508da)