fail2ban

Commit Graph

Author	SHA1	Message	Date
sebres	a36b70c7b5	filter.d/znc-adminlog.conf: support logging format of systemd-journal, bypass port after address (optional, removed end-anchor, see gh-2520)	5 years ago
sebres	1cdd618232	Merge branch '0.10' into 0.11	5 years ago
sebres	5d5253dd70	Merge branch '0.10' into 0.11	5 years ago
sebres	91923b5c07	don't need to match identifier exactly (@ is precise enough as prefix), not capturing group; `prefregex` extended, more selective now (denied/NOTAUTH suffix moved from `failregex`, so no catch-all there anymore); update ChangeLog	5 years ago
Joe Horn	4395469226	Update named-refused.conf Log format changed since ver. 9.11.0 Ref. ftp://ftp.isc.org/isc/bind9/9.11.0/RELEASE-NOTES-bind-9.11.0.html "The logging format used for querylog has been altered. It now includes an additional field indicating the address in memory of the client object processing the query."	5 years ago
Sergey G. Brester	a395361de8	Merge pull request #2467 from sebres/logtype-option-rfc5424 New option `logtype` value - `rfc5424`	5 years ago
sebres	581f13c2db	Merge branch '0.10' into 0.11	5 years ago
Sergey G. Brester	0dfd4f1f41	Merge pull request #2404 from benrubson/badprotocol filter.d/sshd.conf: matches "Bad protocol version identification" in ddos and aggressive modes.	5 years ago
Sergey G. Brester	119401fced	Merge pull request #2452 from benrubson/badips Badips key is only used to retrieve list	5 years ago
sebres	af611db859	Merge branch '0.10' into 0.11	5 years ago
sebres	5e980afbb8	filter.d/apache-noscript.conf: closes #2466 - matches "Primary script unknown" without "\n" (optional now)	5 years ago
sebres	62b1712d22	amend to #2387 : - common.conf: rewritten using section-based handling round about option logtype; - option `logtype` extended with `rfc5424` to cover RFC 5424 log-format (see #2309);	5 years ago
benrubson	8b171f7d25	Badips key is only used to retrieve list	6 years ago
sebres	80f97eaf02	Merge branch '0.10' into 0.11	6 years ago
sebres	e751be2c13	normalize, simplify and fix several mail actions (mail and sendmail actions are more similar now, sendmail is configurable via parameter `mailcmd`, etc); added test covering sendmail-whois-lines	6 years ago
sebres	5045c4bb00	Merge branch '0.10' into 0.11	6 years ago
girst	a7dc3614c4	znc-adminlog: use `<ADDR>` instead of `<HOST>`	6 years ago
girst	b288ccd6b6	new filter: znc-adminlog	6 years ago
sebres	2e7a600851	Merge branch '0.10' into 0.11	6 years ago
sebres	22b9304562	action.d/badips.py: fix start of banaction on demand (which may be IP-family related), supplied action info with ticket instead of simulating it with dict; (closes gh-2390)	6 years ago
sebres	0ed3a63151	Merge branch '0.10' into 0.11	6 years ago
sebres	e5ae113215	filter.d/postfix.conf: extended with new postfix filter mode `errors` to match "too many errors" (gh-2439), also included within modes `normal`, `more` (`extra` and `aggressive`), since postfix parameter `smtpd_hard_error_limit` is default 20 (additionally consider `maxretry`)	6 years ago
sebres	3b2f75414c	filter.d/postfix.conf: extended regexp's to accept variable suffix code in status of postfix for precise messages (gh-2442)	6 years ago
sebres	3d4044084a	Merge branch '0.10' into 0.11	6 years ago
Sergey G. Brester	7dbd3a07eb	cut comment to limit documented on abuseipdb, additionally use curl in quiet mode	6 years ago
Carlos Ferreira	7b73cb7639	Switch to AbuseIPDB API v2	6 years ago
sebres	5137cd2ec8	Merge branch '0.10' into 0.11	6 years ago
sebres	49bf6132cc	amend for 3036ed18893b6aae6619e53201aa53deb701b94f: eliminate "invalid sequence" warnings	6 years ago
sebres	f69a8693fc	Merge branch '0.10' into 0.11	6 years ago
sebres	0426a24719	filter.d/postfix.conf: (closes gh-2426) filter extended to catch "5.1.1" (Recipient address rejected: User unknown in local recipient table) with RCPT (and some session-id instead of "NOQUEUE")	6 years ago
sebres	ca85ddc866	Merge branch '0.10' into 0.11	6 years ago
sebres	d8d71c5a22	action.d/helpers-common.conf: grep arguments are rewritten - using options `-wF` to match only whole words and fixed string (not as pattern)	6 years ago
chtheis	fa727586ff	Fix grep pattern to deal with Apache's error log Apache's error log appends the port to the IP address, other logs don't.	6 years ago
sebres	74eac6c94f	Merge branch '0.10' into 0.11	6 years ago
sebres	23d2281e57	action.d/nginx-block-map.conf: small fix with better RE-rule for removal of ID (token/session) via sed (anchored now)	6 years ago
benrubson	5b2b680bfe	SSHd add Bad protocol version message	6 years ago
Sergey G. Brester	b318eb7e33	closes gh-2408: prevent execution of action `abuseipdb` for restored tickets	6 years ago
sebres	c47bb523b7	Merge branch '0.10' into 0.11	6 years ago
Holston	422a2de7fe	updated	6 years ago
Holston	a581bf3f08	Fixed filter for Apache mod_security	6 years ago
Holston	5d6a84ba78	Updated to correct logging option	6 years ago
sebres	f0c5bd56f4	Merge branch '0.10' into 0.11 (conflicts resolved)	6 years ago
sebres	25f1aa334e	fail2ban.conf: move default settings into DEFAULT section (to be more similar to jail.conf, Definition section overwrites the options, so it is backwards compatible)	6 years ago
sebres	0386df0042	introduced new options: `dbmaxmatches` (fail2ban.conf) and `maxmatches` (jail.conf); setting `maxmatches` and `dbmaxmatches` to 0 saves memory usage and database size (closes gh-2118).	6 years ago
sebres	337be4b36c	Merge remote-tracking branch 'remotes/gh-upstream/0.10' into 0.11	6 years ago
Sergey G. Brester	28c1da33dc	Merge pull request #2387 from sebres/logtype-option-journal New backend-related option `logtype` (`journal` or `file`)	6 years ago
Sergey G. Brester	6c7093c66d	minor amend, refolding branches (SP\|SA -> S[PA])	6 years ago
Amir Caspi	ffd5d0db78	Update sendmail-reject.conf On some distros (e.g., CentOS 7), sendmail default config labels port 465 as TLSMTA and port 587 as MSA. Update failregex to reflect. Relevant loglines included in `9e1fa4ff73`	6 years ago
sebres	ced9828d04	filter.d/sendmail-reject.conf: fixed gh-2385 for some systems (e. g. CentOS): if only identifier set to `sm-mta` (no unit `sendmail`) for some messages.	6 years ago
sebres	ec681a3363	backend `systemd` sets `logtype` to `journal` automatically; sshd-journal: new test covering sshd journal logging format (matches short prefix-line simulating output of formatJournalEntry); samplestestcase-factory extended with new option `fileOptions` to set common filter/test options for whole test-file	6 years ago
sebres	e268bf97d4	introduces new configuration parameter "logtype" (default "file" for file-backends, and "journal" for journal-backends); common.conf: differentiate "__prefix_line" for file/journal logtype's (speedup and fix parsing of systemd-journal); samplestestcase.py: extends testSampleRegexsFactory to allow coverage of journal logtype; closes gh-2383: asterisk can log timestamp if logs into systemd-journal (regex extended with optional part matching this)	6 years ago
sebres	17a4f81e23	Merge branch '0.10' into 0.11	6 years ago
sebres	e8401a7e65	action.d/xarf-login-attack.conf: fixes gh-2372, correction for split of addresses, interpolation is shell-independent now, etc; extended with option `boundary`, additionally dynamic boundary part is used (is not so predictable as it was previously);	6 years ago
Sergey G. Brester	7a7a905ab2	0.9 - Merge pull request #2339 from cFire/master Add override for dovecot failed logins on debian	6 years ago
sebres	4e2c7b9fdd	Merge branch '0.10' into 0.11	6 years ago
sebres	741cf8fb0e	Merge branch 'master-0.9' into 0.10	6 years ago
sebres	1a9527e6a4	fixed catch-all on user (and simplifying)	6 years ago
jim	a7f3ba87f6	filter.d/sogo-auth.conf: fixes gh-2289 - matching auth-failures when behind a proxy; (broken by commit `72b06479a5`), replacement for gh-2290.	6 years ago
sebres	324f0ed7cc	Merge branch '0.10' into 0.11	6 years ago
sebres	3c70fe298a	closes gh-969: introduces new section `[Thread]` and option `stacksize` to configure default stack-size of the threads running in fail2ban. Example: ```ini [Thread] stacksize = 32 ```	6 years ago
sebres	5126068099	loglevel and shortloglevel combined to single parameter loglevel, below an example logging summary with NOTICE and rest with DEBUG log-levels: action = badips.py[... , loglevel="debug, notice"]	6 years ago
benrubson	689938ee99	Add a shortloglevel badips.py option	6 years ago
sebres	a3b7a0525a	Merge branch '0.10' into 0.11	6 years ago
sebres	140243328f	coverage: try to avoid sporadic "coverage decreased" in CI	6 years ago
Sergey G. Brester	d3f6d6ffdd	Merge pull request #2286 from crazy-max/0.10 New filter `traefik-auth`	6 years ago
Sergey G. Brester	dcede9b3f1	comment rewritten (belongs to the filter)	6 years ago
Sergey G. Brester	d84fb8a4b1	regex rewritten (more secure now, resolves catch-all vulni)	6 years ago
sebres	9ed35c423a	Merge branch '0.9' into 0.10 (gh-2317)	6 years ago
Yaroslav Halchenko	31e6ec3c5b	Merge pull request #2323 from todgru/fix-spelling-abuseipdb-conf fix: correct spelling category	6 years ago
Cool Fire	27526e431b	Changes static logfile string to variable Since we don't want to re-declare a log file name we already have a varialbe for, use the existing variable to set dovecot_log.	6 years ago
Cool Fire	b31a018e7c	Add override for dovecot failed logins on debian	6 years ago
sebres	1647d0090e	Merge branch '0.10' into 0.11	6 years ago
sebres	e651bc7866	amend to #1622 : jail-reader supports now multi-line option for multi-line action parameter: logpath = a.log b.log c.log action = ban[...] = log[logpath="%(logpath)s"] closes gh-2341, ultimate fix for gh-976	6 years ago
todgru	39ed016a1e	fix: correct spelling category	6 years ago
sebres	d88ce7181c	Merge branch '0.10' into 0.11	6 years ago
sebres	a13fdcf4f7	closes gh-2314: extended regex for mysql 8.0.13 if used logging with details (e. g. log-error-verbosity = 3, so log output has few additional words enclosed in brackets after "[Note]").	6 years ago
Yannik Sembritzki	6b4404b1bc	Fix asterisk filter not catching attackers when port is logged (Fixes #2316 )	6 years ago
CrazyMax	7cdabdd7ae	Update traefik-auth failregex	6 years ago
CrazyMax	a51f82770b	New filter `traefik-auth`	6 years ago
sebres	b49c1ab4b3	Merge branch '0.10' into 0.11	6 years ago
sebres	555b29e8e6	Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10	6 years ago
sebres	1c1d2cc435	introduces new failregex-flag tag `<F-MLFGAINED>` signaled that the access to service was gained (ATM used similar to <F-NOFAIL>, but does not added to matches); filter.d/sshd.conf: extended with new rules: - Disconnecting ...: Change of username or service not allowed - Disconnected from ... [preauth] (extra/aggressive mode only)	6 years ago
dienteperro	0df221b54b	"be" instead of "me" in shorewall.conf	6 years ago
sebres	f9f7e29295	Merge branch '0.10' into 0.11 (version bump after r.0.10.4)	6 years ago
Shane Forsythe	8614ca8c41	Update proftpd.conf proftpd 1.3.5e can leave inconsistent error message if ftp or mod_sftp is used Oct 2 15:45:31 ftp01 proftpd[5516]: 10.10.2.13 (10.10.2.189[10.10.2.189]) - SECURITY VIOLATION: Root login attempted Oct 2 15:45:44 ftp01 proftpd[5517]: 10.10.2.13 (10.10.2.189[10.10.2.189]) - SECURITY VIOLATION: Root login attempted. Fix regex to make trailing period optional, otherwise brute force attacks against root account using ftp are not blocked correctly.	6 years ago
Sergey G. Brester	1752c19b6f	Merge pull request #2205 from benrubson/patch-1 Add loglevel option to badips.py	6 years ago
Sergey G. Brester	65676baf8c	fixed py3 incompatibility (for some reasons this file seems to be excluded from 2to3), anyway not needed, because int-type is already checked in str2LogLevel	6 years ago
Sergey G. Brester	4b751c84c3	badips.py: Rewrite new bool option "log" as "loglevel" and revert default to log-level (DEBUG).	6 years ago
sebres	6b52f90ad6	Merge branch '0.10' into 0.11	6 years ago
sebres	58b510a5be	filter.d/domino-smtp.conf: - recognizes failures logged using another format (something like session-id, IP enclosed in square brackets); - failregex extended to catch connections rejected for policy reasons (gh-2228);	6 years ago
sebres	8a0c06ba9e	Merge branch '0.10' into 0.11	6 years ago
sebres	d01fe9d22a	action.d/*.conf: correct comments for actionstart/actionstop	6 years ago
Ben RUBSON	9d7c0e00c1	Also log number of IPs removed/added	6 years ago
Ben RUBSON	70e53b55c5	Typo	6 years ago
Ben RUBSON	ec4c4b12c1	Add yes/no log option to badips.py	6 years ago
sebres	714fd8c915	Merge branch '0.10' into 0.11	6 years ago
Sergey G. Brester	ee207d8c31	Merge pull request #2151 from benrubson/merge Apache SNI error / misredirect attempts rules are combined in one regex	6 years ago
Ben RUBSON	77b35b8db7	Improvement	6 years ago
sebres	addd26ae55	Merge branch '0.10' into 0.11	6 years ago
sebres	e2a255d104	fixed typo in comments by "ignoreself" parameter	6 years ago
sebres	606761b3c7	Merge branch '0.10' into 0.11	6 years ago
sebres	e995d5a0b6	filter.d/freeswitch.conf: provide mode parameter, allows to avoid matching of messages like `auth challenge (REGISTER)` (see gh-2163) (currently `extra` as default to be backwards-compatible), see comments in filter how to set it to mode `normal`.	6 years ago
sebres	bc2dbacc9a	filter.d/freeswitch.conf: provide compatibility for log-format from gh-2193: - extended with new default date-pattern `^(?:%%Y-)?%%m-%%d[ T]%%H:%%M:%%S(?:\.%%f)?` to cover `YYYY-mm-dd HH:MM::SS.ms` as well as `mm-dd HH:MM::SS.ms` (so year is optional); - more optional arguments in log-line (so accept [WARN] as well as [WARNING] and optional [SOFIA] hereafter);	6 years ago
sebres	eb1156b099	Merge branch '0.10' into 0.11	6 years ago
sebres	22d37cdce2	sshd: fixed failregex for ddos (resp. aggressive) mode, to cover "authenticating user" case in log-message: Connection closed by authenticating user root 192.0.2.10 ... [preauth] tests extended (also with few injection tries). closes gh-2185.	6 years ago
sebres	6a81cc9d8c	Merge branch '0.10' into 0.11	6 years ago
sebres	8fe07e29ad	filter.d/dovecot.conf: failregex enhancement to catch disconnected with "proxy dest auth failed"; closes gh-2184	6 years ago
sebres	57f2d9e31c	Merge branch '0.10' into 0.11	7 years ago
Sergey G. Brester	75330568d9	Merge pull request #2168 from dpavlin/dovecot-add-F-USER dovecot: collect F-USER and variants	7 years ago
sebres	9de1657aab	Merge branch '0.10' into 0.11	7 years ago
sebres	6ce67a6d21	coverage	7 years ago
Dobrica Pavlinusic	6f1e789f31	dovecot: collect F-USER and variants We are prefering ruser= if availble because this are credentials presented to dovecot from remote client.	7 years ago
sebres	0eaa0ecd86	Merge branch '0.10' into 0.11	7 years ago
sebres	8cbe1e6b13	Merge pull request #2155	7 years ago
cheese1	43db4411de	small typo	7 years ago
sebres	9fdc6e0e82	Merge branch '0.10' into 0.11	7 years ago
Boris Gulay	a923cd209b	`filter.d/dovecot.conf`: failregex enhancement to catch sql password mismatch errors;	7 years ago
benrubson	f54f6caece	Merge Apache SNI error / misredirect attempts rules	7 years ago
sebres	0d40dd42b1	Merge branch '0.10' into 0.11	7 years ago
sebres	bba7a6c5cf	amend to (gh-2067) / b34ae5999e0d8ee1af8939527305c13152844b3d: fix parameter in config (dynamic parameters stating with '_' are protected and don't allowed in command-actions); the interpolation of hostsdeny is test-covered now; closes gh-2114.	7 years ago
sebres	0707695146	Merge branch '0.10' into 0.11, version bump # Conflicts resolved: # fail2ban/server/database.py	7 years ago
sebres	8069eef50c	badips: try to fix sporadic test errors if badips-server timed out resp. not available (502 bad gateway or similar).	7 years ago
sebres	70d099bbd6	Merge branch '0.10' into 0.11	7 years ago
Michael Grant	57bc502d5c	Update sendmail-reject.conf	7 years ago
Michael Grant	2ab6a5ae62	Update sendmail-auth.conf	7 years ago
Michael Grant	87520e8008	Sendmail logs IPv6 addresses with the prefix 'IPv6:'. Added (IPv6:)? before all <HOST> regexes to match the IPv6 address (but not the prefix).	7 years ago
sebres	1fdad90b4d	Merge branch '0.10' into 0.11	7 years ago
Luis Aranguren	fc76ccf192	Fixes abuseipdb curl cypher error and comment $f2bV_matches Fixed https://github.com/fail2ban/fail2ban/issues/2044 #2044 and used https://github.com/fail2ban/fail2ban/issues/2039 to fix comment in abuseipdb.com only showing $f2bV_matches	7 years ago
Sergey G. Brester	7bbc26d67e	Merge pull request #2097 from benrubson/sni Detect Apache SNI error / misredirect attempts	7 years ago
benrubson	bd74f7ba8b	Detect Apache SNI error / misredirect attempts, typos	7 years ago
sebres	7dfd61f462	Merge branch '0.10' into 0.11-2	7 years ago
sebres	8423f017e7	Merge branch 'sshd-ddos-mode-closed-preauth' into 0.10	7 years ago
sebres	4ee07adde6	Merge branch '0.10' into fix-sshd-filter-suff # Conflicts resolved: # fail2ban/server/filter.py	7 years ago
benrubson	30dc22fb2e	Detect Apache SNI error / misredirect attempts	7 years ago
sebres	4f6532f810	filter.d/sshd.conf: mode `ddos` (and `aggressive`) extended to catch `Connection closed by ... [preauth]`, so in DDOS mode it causes failure now on closed within preauth stage; at least using both modes can ban port-scanners and prevent for other annoying "intruders", closing connection within preauth-stage (see gh-2085 for example).	7 years ago
sebres	cd7f1354c6	remove end-anchors for expressions that are precise enough (with clear flow, simple branches, without catch-all's, etc.)	7 years ago
sebres	c31eb1c562	quick optimization: normalizes pam-generic prefregex (more similar to the same regex within sshd-filter) + datepattern anchored now;	7 years ago
sebres	25cc42129a	hold all user names affected by interim attempts in order to avoid forget a failures after success login: intruder (as legitimate user) firstly tries to login with another user-name (brute-force), so hopes to reset failure counter by succeeded login; this is fixed and covered in tests now; sshd-filter extended to cover multiple-login attempts (also fully implements gh-2070);	7 years ago
sebres	a9c94686b6	fixed multiple regexs matched	7 years ago
sebres	8028d3940d	amend with better match of optional suffix-groups; remove end-anchors for expressions are precise enough (with clear flow, simple branches, without catch-all's, etc.);	7 years ago
sebres	66d2436f21	filter.d/sshd.conf: extend suffix with optional port, move it to `prefregex` at end outside of the content	7 years ago
sebres	7b3442c4e2	amend to 185cb998e7c7f2509830bed4a9f2fe6179f77e7b: capture error prefix outside of the failure content;	7 years ago
sebres	185cb998e7	make `prefregex` more precise in order to avoid catch the content for non failure lines	7 years ago
sebres	e8ffab28fb	filter.d/apache-noscript.conf: extended to match "Primary script unknown", got from php-fpm module.	7 years ago
sebres	a6fb33bdec	filter.d/recidive.conf: fixed if logging into systemd-journal (SYSLOG) with daemon name in prefix, gh-2069	7 years ago
Sergey G. Brester	b34ae5999e	action.d/hostdeny.conf: fixes IPv6 syntax differentiate the IPv4 and IPv6 syntax (where it is enclosed in square brackets)	7 years ago
sebres	2b282ead09	Merge branch '0.10' into 0.11	7 years ago
sebres	caa2bdfee6	amendment for gh-2061: it looks like the port was added here also	7 years ago
sebres	a3bcbe2d1b	backwards-compatibility, test-cases and ChangeLog update	7 years ago
MatthieuBarbu	6b5516b851	fix sshd rule #2 in line 58, rule don't match with "%(__suff)s" but work fine if I replace with "%(__on_port_opt)s" Debian 9 stretch : fail2ban 0.10.3	7 years ago
sebres	1d7aa2ff21	filter.d/sshd.conf: rewrite fix (for new ssh log-format) backwards compatible + test-cases extended to cover both cases	7 years ago
MatthieuBarbu	9f5c873526	fix sshd rule just remove the space before ":11" line 52 because don't match on my Debian 9 stretch... I don't know if this is wrong on all OS	7 years ago
sebres	5ea76789c6	Merge branch '0.10' into 0.11	7 years ago
sebres	8c291cad38	filter.d/asterisk.conf: fixed failregex prefix by log over remote syslog server (gh-2060)	7 years ago
Ben RUBSON	b112250ef0	(Free)BSD IPFW does not allow 2 identical rules (#2054 ) ipfw actionban fixed to allow same rule added several times (and actionunban to ignore error by deletion of missing rule)	7 years ago
Ben RUBSON	857767f04b	Add 'any' badips.py bancategory (#2056 ) action.d/badips.py: allow `any` as bancategory to retrieve IPs from all categories	7 years ago
sebres	47a7f83a0b	Merge branch '0.10' into 0.11	7 years ago
sebres	07fcb24ff6	Merge pull request #2057 from benrubson/https Use httpS with badips	7 years ago
sebres	f52c67238a	action.d/badips.py: code review, ban command covered, debug log-messages, etc;	7 years ago
benrubson	fce2a50165	badips.py, solve a str() issue under FreeBSD	7 years ago
benrubson	e2665d39fd	Use httpS with badips	7 years ago
sebres	a5155f55e7	Merge branch '0.10' into 0.11	7 years ago
sebres	e636567d23	filter.d/exim.conf: failregex extended with SMTP call dropped: too many syntax or protocol errors.	7 years ago
sebres	19a5a2f8c0	filter.d/murmur.conf: fixed detection of failures reading from journal (systemd-backend only): - extended with optional prefix for the systemd-journal (with second date-pattern as optional match); - added `journalmatch` filtering; closes gh-2043	7 years ago
sebres	201ae0dac2	Merge branch '0.10' into 0.11	7 years ago
sebres	0be0e43d47	amend to 03b577d7b92a120e325abe20a99b6956a7e0657c: add new-line after matches via tag `<br>` without usage of interim variable	7 years ago
sebres	03b577d7b9	action.d/blocklist_de.conf: fixed tag substitution (in 0.10 it can be variables supplied via shell-arguments), expand `<matches>` with trailing newline; tests extended; closes gh-2028	7 years ago
sebres	faab77cc79	Merge branch '0.10' into 0.11, with resolved conflicts.	7 years ago
Yaroslav Halchenko	527bb9a7c3	dos2unix for helpers-common.conf Original report: http://bugs.debian.org/888110	7 years ago
sebres	1ca3df877b	Merge branch '0.10' into 0.11	7 years ago
sebres	f69e28adfc	action.d/pf.conf: compatibility fix - recognizes that parameter `port` specified as empty, with or without braces (should be more backwards compatible to 0.9 now).	7 years ago
sebres	38b3290516	Merge branch '0.10' into 0.11	7 years ago
sebres	ed22ddbbbb	Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10	7 years ago
sebres	63e906b2c1	regex rewritten: a bit fewer vulnerable now and using non-capturing groups, test-cases extended in order to cover trying of injection on user name	7 years ago
Benedikt Seidl	fed6c49c2d	nginx-http-auth: match usernames with spaces # Conflicts: # ChangeLog	7 years ago
Sergey G. Brester	b6c6565a7e	regex updated using non-capturing groups	7 years ago
riceru	6a1bbbf101	Update lighttpd-auth.conf I have lighttpd 1.4.45 (Debian 9) and auth error log is different. Now printing mod_auth and not http_auth. I think that the change was in Lighttp 1.4.42	7 years ago
sebres	576eeb70dd	Merge branch '0.10' into 0.11	7 years ago
sebres	2b7b0da943	Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10	7 years ago
Serg G. Brester	7e05976ead	action.d/hostsdeny.conf: actionunban rewritten using sed, also dots in IP were escaped now. Closes #2000	7 years ago
sebres	039ac7c7c4	Merge branch '0.10' into 0.11	7 years ago
sebres	2112145eb4	stop ban of legitimate users with multiple public keys (e. g. git, etc), thereby differentiate between "invalid user" (going banned earlier) and valid users with public keys, for which the rejects of not valid public keys (failures) will be retarded up to "Too many authentication failures" resp. disconnect without success (accepted public key).	7 years ago
sebres	314e402fe0	filter.d/sendmail-auth.conf - extended daemon for Fedora 24/RHEL - the daemon name is "sendmail" (gh-1632)	7 years ago
sebres	0e68c9a720	Merge branch '0.10' into 0.11	7 years ago
sebres	c30144b37a	Merge branch '0.9' into 0.10 # Conflicts: # config/action.d/firewallcmd-ipset.conf # config/filter.d/asterisk.conf # Merge-point after cherry-pick, no changes: # fail2ban/client/jailreader.py # fail2ban/helpers.py	7 years ago
sebres	131b94e11e	firewallcmd-ipset-allports: implemented in `action.d/firewallcmd-ipset.conf` now (`action.d/firewallcmd-ipset-allports.conf` removed), usage: banaction = firewallcmd-ipset[actiontype="<allports>"]	7 years ago
Danila Vershinin	c190631f88	New ban action firewallcmd-ipset-allports. Closes #1167	7 years ago
Yannik Sembritzki	94f0b15c32	Allow faster parsing of hosts without ' characters in them	7 years ago
Yannik Sembritzki	b28dfb965a	Fix filter not catching asterisk requests with quote character in username (fixes #2010 )	7 years ago
sebres	5028f17f64	Merge branch '0.10' into 0.11, rewrite updateDb because it can be executed after repair, and some tables can be missing. # Conflicts: # fail2ban/server/database.py # fail2ban/tests/fail2banclienttestcase.py # fail2ban/tests/sockettestcase.py	7 years ago
root	79f414c6a2	fix <family> typo	7 years ago
root	7c63eb2378	In the CentOS7 and epel environment, result of "firewall-cmd -direct -get -chains ipv4 filter" is displayed one line Changed to be multiple lines with reference to firewallcmd-multiport.conf	7 years ago
sebres	309a1cb337	restore timeout for ipset-based actions: on some systems ipset created without default timeout may cause "Kernel error received: Unknown error -1" (gh-1994); thus new option `default-timeout` introduced (because of dynamical bantime in 0.10, it cannot be used here).	7 years ago
sebres	6ccaa03e00	action.d/firewallcmd-ipset.conf: extended with actionflush to bulk unban resp. flush ipset	7 years ago
sebres	7e5d8f37fd	Merge branch '0.10' into 0.11 # Conflicts: # config/action.d/firewallcmd-ipset.conf # fail2ban/server/jail.py # fail2ban/tests/servertestcase.py	7 years ago
sebres	2712f72650	Merge remote-tracking branch 'master' into 0.10	7 years ago
sebres	e384acca5f	action.d/firewallcmd-ipset.conf: fixed create of set for ipv6 (missing `family inet6`)	7 years ago
Kevin Maradona	6c705d572b	filter.d/nginx-limit-req.conf: nginx limit-req log-level can be set to warn or error therefore having this regex will include both of them.	7 years ago
sebres	ffd6b9f6de	jail.conf: extended with new parameter `mode` for the filters supporting it;	7 years ago
sebres	2b68882502	filter.d/exim.conf: provides mode "aggressive" to ban flood resp. DDOS-similar failures; Closes #1983	7 years ago

... 2 3 4 5 6 ...

1775 Commits (8c4d02403b4768fb1a76372a7a462fc903c2711e)