github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
2,830 Commits
34 Branches
229 Tags
21 MiB
Commit Graph

2830 Commits (80fb48c5b03b82546ee51d18526d3ef2630350c3)

Author SHA1 Message Date
Daniel Black 256f60adae DOC: improved log message 2013-07-03 09:01:24 +10:00
Daniel Black d6dece4900 ENH: Split log and provide jail examples 2013-07-03 07:42:47 +10:00
Yaroslav Halchenko e9c8a51ce4 ENH: further tighten up detection of mtimesleep duration + log what was assigned 2013-07-02 17:26:41 -04:00
Yaroslav Halchenko 591590860a BF: setSleepTime -- would barf since value is not str (wasn't used/tested) 2013-07-02 17:11:24 -04:00
Yaroslav Halchenko 8f3671bc94 BF: figure out minimal sleep time needed for mtime changes to get detected. Close #223, and probably #103 2013-07-02 17:10:00 -04:00
Alexander Dietrich da594075f3 Move sendmail settings to common file, make sender name configurable 2013-07-02 20:30:41 +02:00
Yaroslav Halchenko e6ebcf6687 Merge branch 'dovecot' of https://github.com/grooverdan/fail2ban 
* 'dovecot' of https://github.com/grooverdan/fail2ban:
  ENH: remove non-capturing groups for readibility
  BF: fix dovecot filter for when no TLS is enabled on pop/imap

Conflicts:
	ChangeLog -- changelog entries.  Also untabified few other spots
 2013-07-02 10:12:51 -04:00
Yaroslav Halchenko f0f237fa05 Merge pull request #269 from grooverdan/asterisk 
ENH: filter.d/asterisk - consolidate log prefix regex and add a few fail messages
 2013-07-02 07:04:10 -07:00
Daniel Black e6823149a1 ENH: remove non-capturing groups for readibility 2013-07-02 20:16:43 +10:00
Daniel Black aebd24ec54 BF: replace with ed so its cross platform, fixes permission problem gh-266, and Yaroslav doesn't revert to perl 2013-07-02 20:09:27 +10:00
Daniel Black 4777cfd4e7 ENH: split out exim-spam into speparate filter 2013-07-02 20:03:16 +10:00
Yaroslav Halchenko 54cce29b3e Merge pull request #271 from yarikoptic/master 
BF: support apache 2.4 more detailed error log format. Close #268

Thanks @grooverdan for the review
 2013-07-01 20:52:36 -07:00
Yaroslav Halchenko 6df949b29a Merge pull request #277 from yarikoptic/0.9 
ENH: ban also submission port (587) for all smtp-related jails
 2013-07-01 20:30:16 -07:00
Yaroslav Halchenko 70ae1ed68b ENH: ban also submission port (587) for all smtp-related jails 
see http://www.rfc-editor.org/rfc/rfc4409.txt
and http://en.wikipedia.org/wiki/Mail_submission_agent

Users of advanced setups might like to split those into multiple jails anyways
to have separate control over submission agents and incoming mail servers.
 2013-07-01 14:50:02 -04:00
Daniel Black c7d64c3c7f TST: url reference fix 2013-07-01 21:58:03 +10:00
Daniel Black ca996ace5e ENH: remove temporary failures from local_scan in line with comments in gh-258 2013-07-01 21:56:02 +10:00
Daniel Black 9757e1df2b ENH: make groupings non-capturing 2013-07-01 21:53:05 +10:00
Daniel Black 72f9e6a51e ENH/TST: more samples and rejection types for sender verify fail and rejected RCPT 2013-07-01 21:50:35 +10:00
Daniel Black 3b76fc79f9 BF: fix dovecot filter for when no TLS is enabled on pop/imap 2013-07-01 21:12:51 +10:00
Daniel Black c2696fe641 DOC: enhance development doc to show how CVE-2013-2178 was done 2013-06-30 15:03:13 +10:00
Steven Hiscocks 8513fde92a BF: Skip error in jail reader when no log files and with systemd backend 
Updated to avoid logpath elements entirely
 2013-06-30 00:50:15 +01:00
Steven Hiscocks 1aee817be2 BF: Skip error in jail reader when no log files and with systemd backend 2013-06-29 23:26:40 +01:00
Steven Hiscocks 379b4860a1 TST: Fix test for MultipleSameAction with no logs files 2013-06-29 20:36:09 +01:00
Steven Hiscocks 1dbba35cd9 Merge branch 'master' into 0.9 
Conflicts:
	fail2ban/client/jailreader.py
	fail2ban/tests/clientreadertestcase.py
	fail2ban/tests/files/logs/sshd
 2013-06-29 20:31:26 +01:00
Steven Hiscocks b670b5c792 TST: Change depreciated assertEquals to assertEqual in some tests 2013-06-29 20:17:42 +01:00
Steven Hiscocks ec0680d73a BF: fail2ban-regex when using ignoreregex file with empty regex 2013-06-29 19:17:22 +01:00
Steven Hiscocks 88bee24edb DOC: Neaten format for fail2ban-regex maxlines print 2013-06-29 19:14:42 +01:00
Steven Hiscocks d081a71759 BF: fail2ban-regex on python3+ 2013-06-29 13:57:12 +01:00
Steven Hiscocks 5ca6a9aeb6 Merge branch 'systemd-journal' into 0.9 
Conflicts:
	bin/fail2ban-regex
	config/filter.d/sshd.conf

Closes github #224
 2013-06-29 13:00:40 +01:00
Daniel Black 0086a7edab ENH: missed a $ 2013-06-29 11:30:37 +10:00
Yaroslav Halchenko 1b170b2aef BF: support apache 2.4 more detailed error log format. Close #268 2013-06-28 09:49:36 -04:00
Yaroslav Halchenko 0fe93cf992 Merge branch 'master' of git://github.com/fail2ban/fail2ban 
* 'master' of git://github.com/fail2ban/fail2ban:
 2013-06-27 11:44:55 -04:00
Yaroslav Halchenko 6d331bcbea BF: make colon after [daemon] optional. Close #267 2013-06-27 11:44:47 -04:00
Daniel Black fa7a105483 ENH: filter.d/asterisk - consolidate log prefix regex and add a few fail messages 2013-06-27 09:16:14 +10:00
Yaroslav Halchenko b20159a715 Merge pull request #265 from yarikoptic/master 
Improve fail2ban-client errors logging/handling -- fail if no log file could be read, dump logs to stderr
 2013-06-24 07:09:10 -07:00
Yaroslav Halchenko b9e971c25d Merge branch 'exim' of https://github.com/grooverdan/fail2ban 
* 'exim' of https://github.com/grooverdan/fail2ban:
  DOC: credits/blame to me for changes to exim
  ENH: new exim filter regexs. Also note a begining PID in this format. Thanks to ftoppi for the log entries
  TST/ENH: Improve regex around exim
 2013-06-23 00:21:28 -04:00
Yaroslav Halchenko 057f0ad135 ENH: allow_no_files option for jail's convert to allow testing of stock jail.conf 2013-06-21 12:44:37 -04:00
Yaroslav Halchenko 61f81c6b2f Changelog entries with close statements for recent changes 2013-06-21 11:12:44 -04:00
Yaroslav Halchenko 27947407bc ENH: raise an exception if not a single file was found for the jail. Close #63 2013-06-21 11:12:44 -04:00
Yaroslav Halchenko b6be8b8243 ENH/RF: remove __readJailConfig in favor of __readConfig + catch/error exceptions while reading the configuration 2013-06-21 11:12:44 -04:00
Yaroslav Halchenko 2974cac40c RF: log all logging output from fail2ban-client to stderr. Close #264 
otherwise it
1. 'interferes' with meaninful output of the client
2. if ERROR is logged it better go to stderr and separating ERROR from other levels is not that transparent with python's logging
 2013-06-21 11:12:36 -04:00
Steven Hiscocks f87c53fa52 BF: fail2ban-regex adding duplicate lines with each regex 
This is another fix on top of e73b3dd to correctly resolve this issue
 2013-06-19 20:03:19 +01:00
Steven Hiscocks 123ec3da13 BF: Incorrect import for 0.9 branch in fail2ban-regex 2013-06-19 20:02:49 +01:00
Yaroslav Halchenko 8487cb2e90 Merge commit '0.8.10-31-g1ab0f0f' into 0.9 
* commit '0.8.10-31-g1ab0f0f': (24 commits)
  BF/ENH: Incorrect authentication data doesn't need tailier so that's optional. Also gained log entry for Unrouteable address
  ENH: readibility thanks to Yaroslav
  DOC: Changelog for fail2ban-regex RF
  DOC: Changelog for asterisk hardening
  ENH: fail2ban-regex -- add specification of loglevels to enable
  RF: reworked -regex cmdline tool to use optparse, some unification and enhancement of outputs
  ENH: 'heavydebug' level == 5 for even more debugging in tricky cases
  ENH: asterisk -- use \S instead of [^:] + prefix failregex with ^\[
  BF: missed a space
  BF: [SSL-out] is optional in assp
  ENH: regex hardening on assp
  ENH: anchor a bit mor. Use \d and \w where possible. Escape a literal .
  TST: attempts at injection with username=rhost=1.2.3.4 have no user= logged in dovecot-1.2.15
  ENH: proftpd chan accept usernames with spaces
  ENH: injection of fail data into USER field
  ENH: dovecot regexs rewritten and extra failures
  ENH: proftp regex hardening and log messages
  ENH/BF: exim improvements with sample
  BF: fix to proxy port in 3proxy example
  ENH: sample log + more specific regex
  ...

Conflicts: -- it was a messy merge/resolution.
	ChangeLog
	bin/fail2ban-regex
	fail2ban-testcases
	fail2ban/server/filter.py
 2013-06-18 20:21:23 -04:00
Steven Hiscocks 9b8eaa90ef ENH: Reorder date regex and remove duplicate ISO8601 format 2013-06-18 22:19:53 +01:00
Yaroslav Halchenko 1ab0f0f9e3 Merge branch 'master' of https://github.com/yarikoptic/fail2ban 
* 'master' of https://github.com/yarikoptic/fail2ban:
  DOC: Changelog for fail2ban-regex RF
  ENH: fail2ban-regex -- add specification of loglevels to enable
  RF: reworked -regex cmdline tool to use optparse, some unification and enhancement of outputs
  ENH: 'heavydebug' level == 5 for even more debugging in tricky cases

Conflicts:
	ChangeLog
 2013-06-15 10:52:05 -04:00
Daniel Black 25c3bbfc2f DOC: credits/blame to me for changes to exim 2013-06-16 00:25:24 +10:00
Daniel Black b8cfda68b8 ENH: new exim filter regexs. Also note a begining PID in this format. Thanks to ftoppi for the log entries 2013-06-16 00:19:37 +10:00
Daniel Black ee786671aa DOC: developing filters without DoS 2013-06-15 13:17:09 +10:00
Daniel Black d441d61a1e TST/ENH: Improve regex around exim 
rejected by local_scan now has test cases.

Unrouteable address error messages now normalised after looking into
exim code.
 2013-06-15 12:34:16 +10:00