github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5,958 Commits
34 Branches
229 Tags
21 MiB
Commit Graph

5958 Commits (8360776ce1b119d519a842069c73bec7f5e24fad)

Author SHA1 Message Date
Sergey G. Brester 8360776ce1
zzz-sshd-obsolete-multiline.conf: adjusted to new sshd-session log format 2024-07-03 19:33:39 +02:00
Sergey G. Brester 7b335f47ea
sshd: add test coverage for new format, gh-3782 2024-07-03 19:09:28 +02:00
Fabian Dellwing 2fed408c05 Adjust sshd filter for OpenSSH 9.8 new daemon name 2024-07-02 08:51:51 +02:00
sebres 59c5e78ce9 `filter.d/apache-overflows.conf` - consider AH10244: invalid URI path; 
closes gh-3778
 2024-06-28 12:50:14 +02:00
sebres a7f3a04b0e `filter.d/recidive.conf` - restore possibility to set jail name in the filter, _jailname is positive now (but by default it uses now negative lookahead to exclude recidive jail); 
closes gh-3769
 2024-06-21 13:24:46 +02:00
sebres ab9d41e530 beautifier detect whether it can use unicode chars in stats table; asciified output of beautifier in test suite; 
closes gh-3750
 2024-06-14 15:17:53 +02:00
Sergey G. Brester 6fce23e7ba
`filterd./sshd.conf`: fixed journalmatch (sshd.service seems to be renamed to ssh.service) 
closes gh-3747
 2024-06-10 01:40:59 +02:00
sebres 8ae5e7e3e4 GHA: update python version in CI-flow (3.13 is beta now) 2024-06-10 00:10:25 +02:00
sebres cd95c3a1fc Merge branch 'ipsettype-in-ipset-actions' 2024-06-09 23:41:56 +02:00
sebres 2533526827 extend ipset actions with new parameter `ipsettype` for the type of set (gh-3760), affected actions: 
`action.d/firewallcmd-ipset.conf`, `action.d/iptables-ipset.conf`, `action.d/shorewall-ipset-proto6.conf`
 2024-06-09 23:38:58 +02:00
sebres 17daf0ec78 `action.d/firewallcmd-ipset.conf`: rename `ipsettype` to `ipsetbackend` (`ipsettype` will be used now to the real set type); 
amend to #2620
 2024-06-09 23:32:03 +02:00
sebres 304c3cd566 improve fix with fallback to local async libraries - add path to compat folder (pyinotify module may have dependency to asyncore module, see https://github.com/fail2ban/fail2ban/issues/3487#issuecomment-2133529081); 
amend to 054e1d89ca
 2024-05-27 16:18:26 +02:00
sebres 7d2fffbe19 .codespellrc: silence codespell flow on assertIn 2024-05-27 15:38:32 +02:00
sebres 8bbdb7b5a7 GHA: output current preferred encoding of fail2ban 2024-05-27 15:32:17 +02:00
Sergey G. Brester 246a617cd6
Merge pull request #3749 from by/patch-1 
abuseipdb.conf: update link
 2024-05-21 13:24:32 +02:00
by 21bf636056
Update abuseipdb.conf 
Corrected link for HP helper (see https://shaunc.com/blog/article/reporting-to-abuseipdb.com-with-fail2ban~kDoa-Hml95wW)
 2024-05-20 15:34:24 +02:00
Sergey G. Brester 65e9c411ef
README.md: typos 
closes gh-3746
 2024-05-14 11:46:49 +02:00
sebres ecb9771123 GHA: 3.13.0-alpha.6 2024-05-07 13:26:11 +02:00
Sergey G. Brester 4da56cf4bc
Update README.md 
distutils support removed
 2024-05-07 13:18:08 +02:00
Sergey G. Brester ac62658c10
Merge pull request #3728 from branchvincent/distutils 
distutils removal
 2024-05-07 13:14:57 +02:00
sebres 0185e1c7d5 setup.py: no distutils anymore 2024-05-07 13:06:50 +02:00
sebres ed20a9a5b9 there is no systemd < 204 and pyinotify < 0.8.3 for supported python3 versions anymore 2024-05-07 12:53:54 +02:00
sebres c04e12dd8d Merge remote-tracking branch 'remotes/gh-upstream/0.11' 2024-04-29 11:03:33 +02:00
Sergey G. Brester 1434e3089c
Merge pull request #2455 from Thermi/improved-action-blocklist-de 
Improved blocklist_de action to not resend bans that were already reported
 2024-04-28 21:12:49 +02:00
Branch Vincent a763fbbdfd
replace distutils for python 3.12 2024-04-27 10:24:01 -07:00
sebres d0d0728523 cherry-pick from debian: debian default banactions are nftables, systemd backend for sshd 
closes gh-3292
 2024-04-26 02:26:55 +02:00
sebres c14327565d version bump 2024-04-26 02:06:09 +02:00
sebres 61799e15e1 release 1.1.0 -- object-found--norad-59479-cospar-2024-069a--altitude-36267km 2024-04-25 23:08:13 +02:00
sebres 22ffe12abb preparing release 2024-04-25 22:43:51 +02:00
sebres 7b528a6da6 example.com seemed to switch its IPs, replace them everywhere (and use test IP-range instead where it is possible) 2024-04-24 19:30:48 +02:00
sebres 3ca3646472 implemented `fail2ban-client stats` (or alias `fail2ban-client statistic[s]`) for tabulated output of fail2ban stats 
amend to #2975
 2024-04-24 18:49:59 +02:00
sebres bdba42edd9 implemented `fail2ban-client status --all [flavor]` 
closes #2975
 2024-04-24 16:29:49 +02:00
sebres 921d9a5a40 Merge branch 'gh-2655--f2b-regex-4-jail': implemented loading of jail settings in fail2ban-regex; 
amend to RFE gh-2655
 2024-04-02 18:04:52 +02:00
sebres 3b97182f62 amend to 781321d6092d415e079439389e6e6588b8feaaa7: better regex to detect jail name (it could contain dot etc) 2024-04-02 18:02:07 +02:00
Sergey G. Brester b59fd2e7b5
Merge pull request #3697 from remontti/patch-1 
named-refused.conf: denied allows any reason in parenthesis as suffix
 2024-03-25 16:41:11 +01:00
sebres 44f32d6132 changelog 2024-03-25 16:36:21 +01:00
sebres 2c13cba73d loosening for denied suffix (would match no matter which reason in parenthesis); 
add coverage for denied with "(allow-query-cache did not match)"
 2024-03-25 16:35:20 +01:00
Rudimar Remontti fd7657f9a9 Update named-refused.conf 2024-03-25 16:35:16 +01:00
sebres 4550e3ad27 ChangeLog: reorder (filters after actions) 2024-03-25 16:34:12 +01:00
sebres a4ca2e83bd Merge branch 'gh-3060': adjusted `filter.d/exim.conf` and `filter.d/exim-spam.conf`: 
- messages are prefiltered by `prefregex` now
- filter can bypass additional timestamp or pid that may be logged via systemd-journal or syslog-ng (gh-3060)
closes #3060
 2024-03-25 15:56:10 +01:00
sebres 1ec9237e53 bypass additional pid in prefix (may be logged by syslog-ng, gh-3060); matches protocol error with authentication mechanism not supported 2024-03-25 15:52:06 +01:00
sebres c80908837f `filter.d/exim.conf`: 
- messages are prefiltered by `prefregex` now
  - filter can bypass additional timestamp that may be logged via systemd-journal (gh-3060)
 2024-03-25 15:31:23 +01:00
Sergey G. Brester e0f1a1e02a
Merge pull request #3702 from bes-internal/exim 
exim: final `<HOST>` to `<ADDR>` conversion
 2024-03-22 22:52:11 +01:00
Vladimir Varlamov 8da0a99cde pid part may contain full hostname 2024-03-22 22:38:33 +03:00
Vladimir Varlamov 806a27cb4f final `<HOST>` to `<ADDR>` conversion 2024-03-22 22:38:33 +03:00
Sergey G. Brester 5ecc26d3ba
Merge pull request #3701 from bes-internal/exim 
filter.d/exim.conf: rewrite host line regex for all varied exim's log_selector states
 2024-03-22 16:52:33 +01:00
sebres e605415f61 simplify fields-group a bit (everything up to 4 chars long but H), so it'll be faster (no multiple branches) as well as would theoretically accept future enhancements of logged fields. 2024-03-22 16:47:54 +01:00
sebres c22a83933b let's use `<ADDR>` instead `<HOST>` - only IPs expected, since host-name bypassed before it (directly after H=) 2024-03-22 16:35:46 +01:00
Vladimir Varlamov df94ec4c52 filter.d/exim.conf: rewrite host line regex for all varied exim's log_selector states 
Depending on Exim's log_selector settings, log lines may contain additional information about the connection. And also the line itself with the address of the remote host can vary greatly. But fortunately, all states can be found in the Exim code itself and taken into account. Makes it easier to add new regexps.
Closes #3263
 2024-03-22 00:16:41 +03:00
Anton Samets 0c125ec9c9
filter.d/postfix.conf: add Sender address rejected: Malformed DNS server reply (#3590) 
* add Sender address rejected: Malformed DNS server reply
 2024-03-19 20:30:45 +01:00