fail2ban

Commit Graph

Author	SHA1	Message	Date
sebres	8ac49b5858	Merge branch '0.10' into 0.11	3 years ago
László Károlyi	f380d6202d	cherry pick #3210 from master	3 years ago
sebres	498e473a10	filter.d/courier-auth.conf: consider optional port after IP, regex is rewritten without catch-all's and right anchor, so it is more stable against further modifications now; closes #3211	3 years ago
sebres	810386a265	filter.d/dovecot.conf: parse everything in parenthesis by auth-worker info, e. g. can match (pid=...,uid=...) too (amend to `92f90038fa`)	3 years ago
sebres	35d73d9758	Merge branch '0.10' into 0.11	3 years ago
sebres	bf689c27b8	filter.d/sshd.conf: `ddos` mode extended - recognizes messages "kex_exchange_identification: Connection closed / reset by pear" (fixed possible regression of `f77398c49d`); closes gh-3086	3 years ago
sebres	8bf15db688	filter.d/sshd.conf: `ddos` mode extended - recognizes new message "banner exchange: invalid format" generated by port scanner, https payload on ssh port; closes gh-3169	3 years ago
sebres	0b3ad780fe	Merge branch '0.10' into 0.11	3 years ago
sebres	4b54a07d71	Revert "`action.d/firewallcmd-*.conf` (multiport only): fixed port range selector, replacing `:` with `-`;" This reverts the incompatibility #3047 introduced by commit `a038fd5dfe` (#2821).	3 years ago
Sylvestre Ledru	3245b8018b	Add the Debian path to roundcube error logs	3 years ago
Sergey G. Brester	ba839af8ad	filter.d/lighttpd-auth.conf: adjusted to the current source code + avoiding catch-all's, etc (gh-3116)	3 years ago
sebres	c03fe6682c	merge 0.10 to 0.11 (GHSA-m985-3f3v-cwmm)	3 years ago
sebres	410a6ce5c8	fixed possible RCE vulnerability, unset escape variable (default tilde) stops consider "~" char after new-line as composing escape sequence	3 years ago
sebres	d2f5c7de09	Merge branch '0.10' into 0.11	4 years ago
sebres	92f90038fa	filter.d/dovecot.conf: extended to match prefix like `conn unix:auth-worker (uid=143): auth-worker<13247>:` (authenticate from external service like exim), gh-2553	4 years ago
sebres	8b984a0135	filter.d\exim-common.conf: pid-prefix extended to match `mx1 exim[...]:` (gh-2553)	4 years ago
sebres	6be1a5a0b1	filter.d/dovecot.conf: fixed "Authentication failure" regex, matches "Password mismatch" in title case (gh-2880)	4 years ago
sebres	8afea37494	filter.d/sendmail-auth.conf: covering several "authentication failure" messages, sendmail 8.16.1 (gh-2757)	4 years ago
sebres	c5f1598a21	filter.d/postfix.conf: extended to cover new vectors: - reject: BDAT/DATA from (gh-2927) - (since regex is more precise now) token selector changed to `[A-Z]{4}`, e. g. no matter what a command is supplied now (RCPT, EHLO, VRFY, DATA, BDAT or something else) - matches "Command rejected" and "Data command rejected" now	4 years ago
sebres	ae3e9b9149	filter.d/postfix.conf: extended to cover 2 new vectors: - RCPT from unknown, 504 5.5.2, need fully-qualified hostname, gh-2995 - 550 5.7.25 Client host rejected, gh-2996 review combining several regex to single one	4 years ago
sebres	87f717e0e0	filter.d/sendmail-reject.conf: fix reverse DNS for ... (gh-3012)	4 years ago
sebres	3312b8cb95	Merge branch '0.10' into 0.11	4 years ago
sebres	1627d4f573	filter.d/sendmail-auth.conf: user not found, closes gh-3030	4 years ago
sebres	b5b615731e	Merge branch '0.10' into 0.11	4 years ago
sebres	f0214b3d36	filter.d/sendmail-reject.conf: fixed regex to consider "Connection rate limit exceeded" with different combination of arguments	4 years ago
Sergey G. Brester	d74dd9321b	Merge pull request #2565 from caronc/0.11 Add Apprise Support (50+ Notifications)	4 years ago
Sergey G. Brester	b2f6a3a658	remove unneeded substitution it is enough to add `apprise` to action	4 years ago
sebres	3eaefe8da0	Merge branch '0.10' into 0.11	4 years ago
sebres	a45b1c974c	filter.d/ignorecommands/apache-fakegooglebot: added timeout parameter (default 55 seconds) - avoid fail with timeout (default 1 minute) by reverse lookup on some slow DNS services (googlebots must be resolved fast); closes gh-2951	4 years ago
sebres	63acc862b1	`action.d/nginx-block-map.conf`: reload nginx only if it is running (also avoid error in nginx-errorlog, gh-2949) and better test coverage for the action	4 years ago
sebres	fb6315ea5e	Merge branch '0.10' into 0.11	4 years ago
sebres	6f4b6ec8cc	action.d/badips.* removed (badips.com is no longer active, gh-2889)	4 years ago
sebres	6198b4566c	Merge branch '0.10' into 0.11	4 years ago
sebres	c75748c5d3	fail2ban.conf: added new fail2ban configuration option "allowipv6" (default auto), can be used to allow or disallow IPv6 interface in fail2ban immediately by start (e. g. if fail2ban starts before network interfaces). closes gh-2804	4 years ago
sebres	dbc77c47c3	Merge branch '0.10' into 0.11	4 years ago
Sergey G. Brester	5f3f4d1e2f	action.d/cloudflare.conf: better IPv6 capability closes gh-2891	4 years ago
sebres	9df332fdef	filter.d/apache-overflows.conf: extended to match AH00126 error (Invalid URI ...); closes gh-2908	4 years ago
sebres	fe334590cd	Merge branch '0.10' into 0.11	4 years ago
sebres	73b39e0894	filter.d/named-refused.conf: fixes prefix for messages from systemd journal (no mandatory space ahead, because don't have timestamp) closes gh-2899	4 years ago
sebres	b78d1e439a	Merge branch '0.10' into 0.11	4 years ago
sebres	7965d652a1	filter.d/dovecot.conf: allow more verbose logging closes #2573	4 years ago
sebres	a6de9459fc	typo	4 years ago
RyuaNerin	bba8844af8	typo	4 years ago
mpoliwczak834	595ee7ed74	add submission	4 years ago
mpoliwczak834	0c12cb7970	add managesieve support dovecot filter	4 years ago
sebres	cc64ef25f6	filter.d/apache-noscript.conf: extended to match "script not found" with error AH02811 (and cgi-bin path segment in script) closes gh-2805	4 years ago
sebres	adbfdc222d	Merge branch '0.10' into 0.11	4 years ago
Sergey G. Brester	1c1a9b868c	no catch-alls, user name and error message stored in ticket	4 years ago
benrubson	840f0ff10a	Add Grafana jail	4 years ago
sebres	25e006e137	review and small tweaks (more precise and safe RE)	4 years ago

1 2 3 4 5 ...

1775 Commits (8c4d02403b4768fb1a76372a7a462fc903c2711e)