sebres
3a179ec5d7
small code review: (much pretty) handling of filename as key - FileFilter contains (ordered) dict of files (not list), as discussed in gh-1265
2015-12-02 20:45:01 +01:00
Aleksandrs Ļedovskis
fa59a6850f
Add 'Sender address rejected: Domain not found' Postfix failregex
...
Signed-off-by: Aleksandrs Ļedovskis <aleksandrs@ledovskis.lv>
2015-11-22 12:01:15 +02:00
Orion Poplawski
c656cb0d36
Merge branch 'master' into journaldefault
...
Conflicts:
ChangeLog
2015-11-13 15:22:59 -07:00
Yaroslav Halchenko
6af6e40b62
Merge pull request #1241 from sebres/known/param-tag
...
New interpolation feature for definition config readers - `<known/parameter>`
2015-11-10 08:35:57 -05:00
sebres
46b116e86a
filter test cases improved + log captured inside such tests + python 3.x compatibility;
...
changelog entry;
2015-11-09 22:02:05 +01:00
sebres
94cffece12
New interpolation feature for definition config readers - `<known/parameter>`, as extension to interpolation `%(known/parameter)s`, that does not works for filter and action init parameters;
2015-11-02 21:45:03 +01:00
Serg G. Brester
eef7771b4e
Merge pull request #1238 from sebres/fix/gh-1216
...
Fixed directly defined banaction for allports jails like pam-generic, recidive, etc
2015-10-31 13:17:04 +01:00
sebres
e825e977cc
Nginx log paths extended (prefixed with "*" wildcard)
...
closes gh-1237
2015-10-30 17:51:30 +01:00
sebres
f359ed8c36
Fixed directly defined banaction for allports jails like pam-generic, recidive, etc with new default variable `banaction_allports` (+ man entries for both variables added);
...
closes gh-1216
2015-10-30 15:36:18 +01:00
sebres
6884593ab8
New filter `nginx-limit-req` ban hosts, that were failed through nginx by limit request processing rate (ngx_http_limit_req_module)
2015-10-29 23:15:20 +01:00
Orion Poplawski
0661aece46
Merge branch 'master' into journaldefault
...
Conflicts:
ChangeLog
2015-10-29 15:22:37 -06:00
Simon Brown
3dd1c305ce
added entry for new screensharingd filter
2015-10-27 21:20:12 -07:00
sebres
eb87638ead
ChangeLog entry for OpenHAB home automation filter (gh-1223)
2015-10-26 15:56:01 +01:00
Pablo Rodriguez Fernandez
2c576c64f8
Change domain filter regex
...
Change domain filter regex since there are other Google crawlers.
See "Google crawlers"
<https://support.google.com/webmasters/answer/1061943?hl=en >
2015-10-20 10:46:00 +02:00
Orion Poplawski
81a26266a9
Add changlog entry for postfix-rbl logpath change
2015-10-19 19:46:43 -06:00
Orion Poplawski
75d33c0f09
Add *_backend options for services to allow distros to set the default backend
...
per service.
Set default to systemd for Fedora as appropriate.
2015-10-18 20:18:50 -06:00
Pablo Rodriguez Fernandez
a28e6b442e
Add check in apache-fakegooglebot to protect against PTR fake record
...
An attacker may return a PTR record which fakes a Googlebot's domain
name. This modification resolves the PTR records to verify it.
See "Verifying Googlebot":
<https://support.google.com/webmasters/answer/80553?vid=1-635800030504666679-1963774919 >
2015-10-13 17:11:49 +02:00
sebres
2696ede251
mysqld-auth: Updated "Access denied ..." regex for MySQL 5.6 and later
...
closes gh-1211
2015-10-07 14:34:13 +02:00
Kevin Locke
2a5c93cfb5
Update ChangeLog and THANKS for "Auth fail" changes
...
Document the changes from 36919d9f
in the ChangeLog and add myself to
the THANKS file (at @sebres suggestion).
Signed-off-by: Kevin Locke <kevin@kevinlocke.name>
2015-10-05 00:31:13 -07:00
Yaroslav Halchenko
ff06176e9e
Merge remote-tracking branch 'origin/master' into enh-split-comma
...
* origin/master:
DOC: changelog for the timeout change
Set Timeout at urlopen to 3 seconds
README :: init/service example mentions debian based systems as the example
README :: fitted paragraph style
BF: disable testing on python 3.2 until coverage gets a fix
README :: Some style/grammar tweaks, and init/service script mention. Re: #1193
Set Timeout at urlopen to 3 seconds
2015-09-27 00:52:14 -04:00
Yaroslav Halchenko
6c0f898ec7
DOC: changelog for the timeout change
2015-09-27 00:49:57 -04:00
Yaroslav Halchenko
8cf614e221
ENH: allow to split ignoreip by space and/or comma ( Closes #1197 )
...
Way too many people ran into this gotcha, so lets just do it
2015-09-23 12:13:52 -04:00
Yaroslav Halchenko
55e542b273
Merge remote-tracking branch 'pr/1170/head' -- opensuse paths
...
* pr/1170/head:
Updated ChangeLog regarding openSUSE's path config
Added configuration for opensuse path
2015-09-17 21:59:45 -04:00
Yaroslav Halchenko
db1a3f17e1
ENH: new date pattern with year after day (not after entire entry)
2015-09-16 08:56:46 -04:00
Yaroslav Halchenko
fbdd0b74a1
DOC: Changelog entry for this fix
2015-09-13 10:45:39 -04:00
Ville Skyttä
67a94733a9
logrotate: Do not rotate empty logs
...
As a useful side effect, prevents "Unable to contact server. Is it
running?" mails from cron when fail2ban hasn't been (intentionally)
running nor thus logging anything either.
2015-09-13 11:05:33 +03:00
Edward Beckett
f5b88bd377
Updated Changelog
2015-09-11 10:12:57 -04:00
sebres
4cf3b576b9
Bugfix for dnsToIp resolver for fqdn with large list of IPs;
...
closes #1164
2015-09-08 18:20:48 +02:00
Edward Beckett
4bd7991573
Added apache-badbots.conf
2015-09-06 01:12:19 -04:00
weberho
2d69fd20ae
Updated ChangeLog regarding openSUSE's path config
2015-08-26 15:37:14 +02:00
Yaroslav Halchenko
60fbf7d750
changelog for freshly merged PR (roundcube-auth definition of logpath)
2015-08-26 09:03:23 -04:00
Yaroslav Halchenko
9ebf01293b
Post release tune ups
2015-08-01 09:17:31 -04:00
Yaroslav Halchenko
70ba5cb005
Release changes (too much of manual "labor"! ;))
2015-07-31 21:32:13 -04:00
Yaroslav Halchenko
776322cea3
BF: realpath for /var/run/fail2ban Closes #1142
2015-07-31 10:12:14 -04:00
Yaroslav Halchenko
c37009aec7
Merge branch 'grep-m1k' of github.com:szepeviktor/fail2ban
...
* 'grep-m1k' of github.com:szepeviktor/fail2ban:
Limit the number of log lines in *-lines.conf actions
Conflicts:
ChangeLog -- took both versions and adjusted the new one
for -n 1000 change
2015-07-27 22:37:46 -04:00
Yaroslav Halchenko
a80820e356
Changelog entry for killpg fix
2015-07-27 22:34:40 -04:00
Yaroslav Halchenko
38c320798d
Merge pull request #1127 from yarikoptic/enh-iptables-w-close-1122
...
WIP ENH Add <lockingopt> (Close : #1122 ) and <iptables> to define the iptables call
2015-07-27 22:30:54 -04:00
Yaroslav Halchenko
de69855157
Changelog entries for Serge's fixes
2015-07-27 10:35:14 -04:00
Yaroslav Halchenko
0041bc3770
DOC: Changelog for shorewall-ipset-proto6.conf + adjusted its description
2015-07-26 23:10:08 -04:00
Yaroslav Halchenko
65cd218e10
Merge remote-tracking branch 'origin/master'
...
* origin/master:
ipjailmatches is on one line with its description in man jail.conf
Added a space between IP address and the following colon
2015-07-26 22:47:43 -04:00
Yaroslav Halchenko
333dd842f9
DOC: moved and adjusted changelog entry from 0.9.2 within 0.9.3 to come
2015-07-26 22:44:52 -04:00
Viktor Szépe
c8b3ee10a0
Limit the number of log lines in *-lines.conf actions
2015-07-27 02:35:21 +02:00
Yaroslav Halchenko
33b204a2ee
DOC: Changelog for iptables -w change
2015-07-26 18:25:42 -04:00
Thomas Mayer
a19cb1b2b9
Merge 923d807ef8
into cf2feea987
2015-07-25 01:23:39 +00:00
Viktor Szépe
ebdfbae559
Added a space between IP address and the following colon
2015-07-24 09:33:47 +02:00
Viktor Szépe
586703dcc2
Test, changelog and fixes to pass2allow
2015-07-13 16:46:04 +02:00
Viktor Szépe
5d60700c0c
Added pass2allow (knocking with fail2ban)
2015-07-10 16:22:43 +02:00
sebres
95c2a2976f
unbanip always deletes ip from database (independent of bantime, also if currently not banned or persistent);
...
merged from #716 where it works;
closes gh-972, closes gh-768
2015-07-10 13:56:26 +02:00
Lee Clemens
fc2b7f8012
Multiple Travis and coverage related changes
...
Reorganize .travis.yml
Separate coverage tests for Python 2 and Python 3
Execute setup.py install using the environment's Python exe
Sanitize Travis execution order
2015-07-09 10:12:40 -04:00
Yaroslav Halchenko
c213d97d25
Moved recently added Changelog (on HEAD addition) to Enhancements
2015-07-07 14:01:24 -04:00
Viktor Szépe
a3b8257b73
Add HEAD method verb to apache-badbots, nginx-badbots
2015-07-07 17:45:40 +02:00
Yaroslav Halchenko
052418a110
Merge pull request #1098 from yarikoptic/enh/man-testcases
...
DOC: rudimentary manpage for fail2ban-testcases (+updated other mans for consistency)
2015-07-06 23:43:30 -04:00
sebres
4a4fe7d76a
extending test cases (increase coverage) + changelog entry for #1099
2015-07-06 22:09:13 +02:00
Yaroslav Halchenko
46510948a7
DOC: rudimentary manpage for fail2ban-testcases (+updated other mans for consistency)
2015-07-05 21:48:14 -04:00
Yaroslav Halchenko
38f8e1a82a
DOC: added changelog for LC_ALL fix, tuned up other ChangeLog entries
2015-07-05 21:39:17 -04:00
Yaroslav Halchenko
e38b4b8cb3
Merge pull request #1051 from leeclemens/bf/roundcube
...
Update regex to work with roundcube 1.0.5 and 1.1.1
2015-07-05 21:35:49 -04:00
Lee Clemens
423d5b761e
Add changelog reference for socket error logging message
2015-07-04 12:37:52 -04:00
Lee Clemens
f7444f16b8
Add optional session id prefix for roundcube 1.1.1
2015-07-04 11:06:51 -04:00
Lee Clemens
2796534a5d
Update regex to work with roundcube 1.0.5 on CentOS 6
2015-07-04 11:02:04 -04:00
Yaroslav Halchenko
e9e00d7599
DOC: ChangeLog -- a better description for cloudflare changes
2015-07-04 10:04:45 -04:00
Viktor Szépe
a00ee15c06
Added Changelog entry
2015-07-04 14:12:38 +02:00
sebres
f2d0230a67
reload in interactive mode appends all the jails twice ( #825 )
2015-06-22 17:57:01 +02:00
sebres
2f283079f8
reload server/jail failed if database used (but was not changed) and some jail active ( #1072 )
2015-06-22 17:56:39 +02:00
Yaroslav Halchenko
345820d2aa
Merge pull request #1056 from ipoddubny/asterisk_security_log
...
Fix support for Asterisk security log
2015-05-25 12:50:13 -04:00
Yaroslav Halchenko
eb091d9b8c
Merge remote-tracking branch 'origin/master' into pr-1039
...
* origin/master:
minor: no tripple empty lines
add froxlor-auth filter and jail
add froxlor-auth filter and jail 0
add froxlor-auth filter and jail
BF: Fix fail2ban-regex not parsing journalmatch correctly
2015-05-25 10:50:34 -04:00
Joern Muehlencord
4296d1a9a9
add froxlor-auth filter and jail
2015-05-25 13:51:06 +02:00
Ivan Poddubny
38d9f3e609
Asterisk security log: add tests and update ChangeLog
2015-05-25 08:32:49 +03:00
Steven Hiscocks
0c869910ea
BF: Fix fail2ban-regex not parsing journalmatch correctly
2015-05-09 10:26:14 +01:00
Anton Shestakov
56e5821c06
Match unknown user in dovecot's passwd-file auth database
2015-04-30 16:53:10 +08:00
Yaroslav Halchenko
fb336276d4
post-release tune ups
...
Conflicts:
ChangeLog
README.md
2015-04-29 09:02:48 -04:00
Yaroslav Halchenko
acc4c2d104
Hope for release tomorrow
2015-04-28 23:52:48 -04:00
Yaroslav Halchenko
840fea9f71
Merge commit '0f75ed5e2ab1159e45a7771a7a4e90c877ec848e'
...
* commit '0f75ed5e2ab1159e45a7771a7a4e90c877ec848e':
Just use a system wide python in the tests digest.py
DOC: Slight tune up to RELEASE doc -- no need for PYTHONPATH to run tests
MANIFEST: updated for some new files, sorted all entries, removed some duplicates
Initial changes for the release -- simplified ChangeLog header etc
2015-04-28 23:51:32 -04:00
Aaron Brice
7ae0ef2408
Fix actions in ufw.conf
...
On Ubuntu 15.04 the ufw action was not working.
- With empty <application>, receiving errors:
2015-04-24 16:28:35,204 fail2ban.filter [8527]: INFO [sshd] Found 43.255.190.157
2015-04-24 16:28:35,695 fail2ban.actions [8527]: NOTICE [sshd] Ban 43.255.190.157
2015-04-24 16:28:35,802 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- stdout: b''
2015-04-24 16:28:35,803 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- stderr: b''
2015-04-24 16:28:35,803 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- returned 1
- With action = ufw[application=OpenSSH], it was silently not doing
anything (no errors after "Ban x.x.x.x", but no IP addresses in ufw
status).
Re-arranged the bash commands on two lines, and it works with or without
<application>.
2015-04-28 11:39:00 -07:00
Lee Clemens
8f792f52fb
Add drupal-auth filter and jail
2015-04-27 13:10:27 -04:00
Yaroslav Halchenko
ca849b93dc
Initial changes for the release -- simplified ChangeLog header etc
2015-04-26 21:39:54 -04:00
Lee Clemens
b530d88eca
Merge remote-tracking branch 'upstream/master' into bf/1000-asteriskBlocksSelf
...
Conflicts:
ChangeLog
2015-04-26 15:13:59 -04:00
Markus Oesterle
b9a09af914
Added changes to ChangeLog & updated sample test cases
2015-04-16 21:33:57 +02:00
Thomas Mayer
c0cf3daac8
Add myself to the changelog
2015-03-27 18:20:25 +01:00
Thomas Mayer
c9b24839e4
Character detection heuristics for whois output via optional setting in mail-whois*.conf ( Closes #1003 )
...
when set by user,
- detects character set of whois output (which is undefined by RFC 3912) via heuristics of the file command
- converts whois data to UTF-8 character set with iconv
- sends the whois output in UTF-8 character set to mail program
- avoids that heirloom mailx creates binary attachment for input with unknown character set
2015-03-27 14:27:41 +01:00
Lee Clemens
72f4bcfbff
Match hacking attempt IP instead of asterisk server IP ( closes #1000 )
2015-03-24 19:03:26 -04:00
Yaroslav Halchenko
320a28a4a4
DOC: make a warning for recidive jail to increase dbpurgeage ( Closes #964 )
2015-03-21 20:50:03 -04:00
Yaroslav Halchenko
31d107d181
BF: asyncore.loop poll=True for recent (>=3.4) pythons too
...
should avoid
File /usr/lib/python3.4/asyncore.py, line 208, in loop
poll_fun(timeout, map)
File /usr/lib/python3.4/asyncore.py, line 145, in poll
r, w, e = select.select(r, w, e, timeout)
OSError: [Errno 9] Bad file descriptor
2015-03-05 22:52:40 -05:00
Yaroslav Halchenko
daa2a9e5d8
Merge pull request #975 from sebres/gh-973-fix
...
BF: binding parameter error (unsupported type) (closes gh-973) ...
2015-03-05 22:47:45 -05:00
Teubel György
0254cbf7fb
Flush logs at USR1 signal
2015-02-26 23:23:10 +01:00
sebres
2bfe22aa66
makes test case more precise;
2015-02-25 15:05:32 +01:00
sebres
6c788a32ee
BF: binding parameter error (unsupported type) by writing json with invalid encoded lines into sqlite database (gh-973);
...
especially python < 3.0; try to prevent occurring such errors in the future;
2015-02-25 11:56:11 +01:00
Yaroslav Halchenko
83805ee5dc
Changelog for preceding merge
2015-02-14 16:07:28 -05:00
Yaroslav Halchenko
54e182e017
Merge pull request #955 from sebres/fail2ban-regex-gh-954
...
BF: fail2ban-regex does not read '.local' file of given filter (Close #954 )
2015-02-14 09:44:54 -05:00
Yaroslav Halchenko
ae2af0d51b
Minor tune up to changelog (we should eventually just make it into .md format)
2015-02-14 09:37:13 -05:00
Yaroslav Halchenko
07b0ab07ad
Merge branch 'master' of https://github.com/rumple010/fail2ban
...
* 'master' of https://github.com/rumple010/fail2ban :
Changed default TTL value to 60 seconds.
Added a reminder to create an nsupdate.local file to set required options.
Modified the ChangeLog and THANKS files to reflect the addition of action.d/nsupdate.conf.
add nsupdate action
Conflicts:
ChangeLog
2015-02-14 09:32:05 -05:00
sebres
74c6f6ac4b
BF: fail2ban-regex does not read '.local' file of given filter (gh-954)
2015-02-13 15:36:00 +01:00
Yaroslav Halchenko
3fb2becddb
Merge pull request #949 from leeclemens/enh/configSyslogSocket
...
Configure Syslog Socket Path (closes #814 )
2015-02-06 20:08:15 -05:00
Yaroslav Halchenko
119a7bbb16
Merge pull request #939 from szepeviktor/geoip
...
Added sendmail-geoip-lines.conf
2015-02-06 11:32:41 -05:00
Lee Clemens
d676a9fd4f
update ChangeLog with syslogsocket config enhancement
2015-02-05 23:48:18 -05:00
Yaroslav Halchenko
40068f5f31
Merge pull request #933 from mrc0mmand/nginx-botsearch
...
Add jail nginx-botsearch and refactor common with apache-botsearch regexes into botsearch-common
2015-02-04 09:27:43 -05:00
Yaroslav Halchenko
eaca33e227
Merge branch 'enh/clarifyDnsUtilsMethods' of https://github.com/leeclemens/fail2ban
...
* 'enh/clarifyDnsUtilsMethods' of https://github.com/leeclemens/fail2ban :
Update ChangeLog
Clarify filter.DNSUtils functions' terminology and add unittests
Conflicts:
ChangeLog -- rephrased a bit as well
2015-02-03 20:29:03 -05:00
Lee Clemens
ed71a7cd22
Update ChangeLog
2015-02-03 20:23:25 -05:00
František Šumšal
9bd25f51c1
Added ChangeLog and THANKS entry
2015-02-04 02:19:15 +01:00
Lee Clemens
4091fdde27
Update ChangeLog from PR 930
2015-02-03 19:54:23 -05:00
Orion Poplawski
e7ff7e90b7
[postfix-sasl] update regexes
...
- Add : to match "SASL LOGIN authentication failed: Password:"
- Add ignoreregex to ignore system authentication issues:
"warning: unknown[1.1.1.1]: SASL LOGIN authentication failed: Connection lost to authentication server"
- Add test log messages for both
2015-02-03 11:30:16 -07:00