fail2ban

Commit Graph

Author	SHA1	Message	Date
Sergey G. Brester	368aa9e775	Merge pull request #2689 from benrubson/gitlab New Gitlab jail	5 years ago
Sergey G. Brester	42aef09d69	Update ChangeLog	5 years ago
Sergey G. Brester	da1652d0d7	Update ChangeLog	5 years ago
sebres	6b90ca820f	filter.d/traefik-auth.conf: filter extended with parameter mode (`normal`, `ddos`, `aggressive`) to handle the match of username differently: - `normal`: matches 401 with supplied username only - `ddos`: matches 401 without supplied username only - `aggressive`: matches 401 and any variant (with and without username) closes gh-2693	5 years ago
sebres	affd9cef5f	filter.d/courier-smtp.conf: prefregex extended to consider port in log-message (closes gh-2697)	5 years ago
sebres	06b46e92eb	jail.conf: don't specify `action` directly in jails (use `action_` or `banaction` instead); no mails-action added per default anymore (e. g. to allow that `action = %(action_mw)s` should be specified per jail or in default section in jail.local), closes gh-2357; ensure we've unique action name per jail (also if parameter `actname` is not set but name deviates from standard name, gh-2686); don't use %(banaction)s interpolation because it can be complex value (containing `[...]`), so would bother the action interpolation.	5 years ago
Sergey G. Brester	78651de7e5	Update ChangeLog	5 years ago
sebres	9905904bba	Merge branch '0.11'	5 years ago
sebres	00c5d33e45	Merge branch '0.10' into 0.11	5 years ago
sebres	bc2b81133c	pyinotify backend: guarantees initial scanning of log-file by start (retarded via pending event if filter not yet active)	5 years ago
sebres	4c22d4a801	Merge branch '0.11'	5 years ago
sebres	d42ec210cc	Merge branch '0.10' into 0.11	5 years ago
sebres	9f1c6f1617	filter stability fix: prevent race condition - no ban if filter (backend) is continuously busy if too many messages will be found in log, e. g. initial scan of large log-file or journal (gh-2660)	5 years ago
sebres	e3737bb7c0	filter stability fix: prevent race condition - no ban if filter (backend) is continuously busy if too many messages will be found in log, e. g. initial scan of large log-file or journal (gh-2660)	5 years ago
Sergey G. Brester	d4da9afd7f	Update ChangeLog	5 years ago
sebres	8b43d54878	Merge branch '0.11'	5 years ago
sebres	32f02ef3b3	Merge branch '0.10' into 0.11	5 years ago
sebres	42714d0849	filter.d/common.conf: closes gh-2650, avoid substitute of default values in related `lt_*` section, `__prefix_line` should be interpolated in definition section (after the config considers all sections that can overwrite it); amend to `62b1712d22` (PR #2387, backend-related option `logtype`); testSampleRegexsZZZ-GENERIC-EXAMPLE covering now negative case also (other daemon in prefix line)	5 years ago
sebres	2ddf687c31	Merge branch '0.10' into 0.11 - test cases only (add ban to database was moved to observer in 0.11)	5 years ago
sebres	15158e4474	closes gh-2647: add ban to database is moved from jail.putFailTicket to actions.__CheckBan; be sure manual ban is written to database, so can be restored by restart; reload/restart test extended	5 years ago
sebres	f088e7bf76	Merge branch '0.10' into 0.11	5 years ago
sebres	4766547e1f	performance optimization of `datepattern` (better search algorithm); datetemplate: improved anchor detection for capturing groups `(^...)`; introduced new prefix `{UNB}` for `datepattern` to disable word boundaries in regex; datedetector: speedup special case if only one template is defined (every match wins - no collision, no sorting, no other best match possible)	5 years ago
sebres	ef1eaf9b37	Merge branch '0.11'	5 years ago
sebres	c15c300d2a	Merge branch '0.10' into 0.11	5 years ago
sebres	e6ca04ca9d	Merge branch '0.10' into 0.11 + version bump (back to dev)	5 years ago
Christopher Gurnee	df885586d4	close Popen() pipes explicitly for PyPy Waiting for garbage collection to close pipes opened by Popen() can lead to "Too many open files" errors with PyPy; close them explicitly.	5 years ago
sebres	e57e950ef5	version bump (back to dev)	5 years ago
sebres	8cbc1e0ebb	ChangeLog (change actioncheck behavior)	5 years ago
sebres	bb0f732ae6	version bump (master is 1.0.x-dev now)	5 years ago
sebres	d004a2c79b	release 0.11.1 -- This is the Way	5 years ago
sebres	27fb4790fb	Merge branch '0.10' into 0.11	5 years ago
sebres	b25d8565fc	release 0.10.5 -- Deserve more respect a jedi's weapon must. Hrrrm, Yes	5 years ago
sebres	4860d69909	Merge branch '0.10' into 0.11	5 years ago
sebres	f77398c49d	filter.d/sshd.conf: captures `Disconnected from ... [preauth]`, preauth phase only, different handling by `extra` (with supplied user only) and `ddos`/`aggressive` mode (`normal` mode is not affected, used there just as a helper with `<F-NOFAIL>` to capture IP for multiline failures without IP); closes gh-2115, gh-2362.	5 years ago
sebres	d1b7e2b5fb	fail2ban-regex - several enhancements and fixes: - improved usage output (don't put a long help if an error occurs); - new option `--no-check-all` to avoid check of all regex's (first matched only); - new option `-o`, `--out` to set token provided in output (disables check-all and outputs only expected data); - test cases optimized and extended	5 years ago
sebres	587e4ff573	Merge branch '0.10' into 0.11 (conflicts resolved)	5 years ago
sebres	f30b7ae244	update ChangeLog + spelling	5 years ago
sebres	24d1ea9aa2	Merge branch '0.10' into 0.11	5 years ago
Sergey G. Brester	e86e9b2ee9	Merge branch '0.10' into gh-927-subnet	5 years ago
sebres	27e6b0021c	ChangeLog update gh-2563	5 years ago
sebres	e5d02bc2e9	grouped tags (`<ADDR>`, `<HOST>`, `<SUBNET>`) recognize IP addresses enclosed in square brackets, closes gh-2494	5 years ago
sebres	d44607a161	part of #927 - filter enhancement to parse IP sub-nets (IP/CIDR with correct recognition of IP-family), provides new replacement tags for failregex to match subnets in form of IP-addresses with CIDR mask (gh-2559): - `<CIDR>` - helper regex to match CIDR (simple integer form of net-mask); - `<SUBNET>` - regex to match sub-net adresses (in form of IP/CIDR, also single IP is matched, so part /CIDR is optional);	5 years ago
sebres	0824ad0d73	Merge branch '0.10' into 0.11	5 years ago
Sergey G. Brester	8b850864cf	amend to #2254 : update changelog	5 years ago
sebres	d1a73d3004	filter.d/apache-auth.conf: - ignore errors from mod_evasive in `normal` mode (mode-controlled now) (gh-2548); - extended with option `mode` - `normal` (default) and `aggressive` close gh-2548	5 years ago
sebres	1cdd618232	Merge branch '0.10' into 0.11	5 years ago
sebres	5d5253dd70	Merge branch '0.10' into 0.11	5 years ago
sebres	91923b5c07	don't need to match identifier exactly (@ is precise enough as prefix), not capturing group; `prefregex` extended, more selective now (denied/NOTAUTH suffix moved from `failregex`, so no catch-all there anymore); update ChangeLog	5 years ago
Sergey G. Brester	a395361de8	Merge pull request #2467 from sebres/logtype-option-rfc5424 New option `logtype` value - `rfc5424`	5 years ago
Sergey G. Brester	70280bfa12	Update ChangeLog	5 years ago
sebres	581f13c2db	Merge branch '0.10' into 0.11	5 years ago
Sergey G. Brester	d3b5befe44	update changelog (#2404 )	5 years ago
sebres	0a209f01c2	Merge branch '0.10' into 0.11	5 years ago
Sergey G. Brester	7520d250b0	Merge pull request #2444 from sebres/gh-2392 systemd-backend: switched default flags to SYSTEM_ONLY(4)	5 years ago
Sergey G. Brester	8a386103c1	Update ChangeLog	6 years ago
sebres	5045c4bb00	Merge branch '0.10' into 0.11	6 years ago
girst	b288ccd6b6	new filter: znc-adminlog	6 years ago
sebres	2e7a600851	Merge branch '0.10' into 0.11	6 years ago
sebres	4c81338944	update ChangeLog (gh-2390)	6 years ago
sebres	686a8bdc54	Merge branch '0.10' into 0.11	6 years ago
sebres	2725acb64b	amend to 809acb69e5928c0e678ad25b43e53b567cb23a3b: extended to avoid the vice versa race (too many outdated tickets to unban) - max count of outdated tickets is restricted also.	6 years ago
sebres	0ed3a63151	Merge branch '0.10' into 0.11	6 years ago
sebres	e5ae113215	filter.d/postfix.conf: extended with new postfix filter mode `errors` to match "too many errors" (gh-2439), also included within modes `normal`, `more` (`extra` and `aggressive`), since postfix parameter `smtpd_hard_error_limit` is default 20 (additionally consider `maxretry`)	6 years ago
sebres	3b2f75414c	filter.d/postfix.conf: extended regexp's to accept variable suffix code in status of postfix for precise messages (gh-2442)	6 years ago
sebres	3d4044084a	Merge branch '0.10' into 0.11	6 years ago
sebres	8da9bfb83a	Update ChangeLog (gh-2302, rebased to 0.10)	6 years ago
sebres	f48677db7d	Merge branch '0.10' into 0.11	6 years ago
sebres	3b51c005f8	update ChangeLog (multi-line parsing fix, gh-2431)	6 years ago
sebres	ca85ddc866	Merge branch '0.10' into 0.11	6 years ago
sebres	4d08bc4ad5	update ChangeLog	6 years ago
sebres	f0c5bd56f4	Merge branch '0.10' into 0.11 (conflicts resolved)	6 years ago
Sergey G. Brester	7d6db7391e	Update ChangeLog	6 years ago
sebres	337be4b36c	Merge remote-tracking branch 'remotes/gh-upstream/0.10' into 0.11	6 years ago
Sergey G. Brester	28c1da33dc	Merge pull request #2387 from sebres/logtype-option-journal New backend-related option `logtype` (`journal` or `file`)	6 years ago
Sergey G. Brester	d920dd4014	Update ChangeLog	6 years ago
Sergey G. Brester	ec9f698f5b	removed new-line	6 years ago
Amir Caspi	7ac2f167f9	Update ChangeLog Fixing typo I introduced in commit `eed1de0ceb`	6 years ago
Amir Caspi	eed1de0ceb	Update ChangeLog Updated to reflect sendmail-reject changes `9e1fa4ff73` and `ffd5d0db78`	6 years ago
sebres	1e59d53bbe	fixed typo	6 years ago
sebres	324f0ed7cc	Merge branch '0.10' into 0.11	6 years ago
Sergey G. Brester	6c14f1987f	Update ChangeLog	6 years ago
Sergey G. Brester	410a9804b1	Update ChangeLog	6 years ago
Ben RUBSON	34edec297b	Add changelog entry	6 years ago
sebres	a3b7a0525a	Merge branch '0.10' into 0.11	6 years ago
Sergey G. Brester	d3f6d6ffdd	Merge pull request #2286 from crazy-max/0.10 New filter `traefik-auth`	6 years ago
sebres	e44cd671b2	Merge branch '0.10' into 0.11 (conflicts resolved, tests fixed)	6 years ago
Sergey G. Brester	a48d50efc0	Update ChangeLog	6 years ago
sebres	1647d0090e	Merge branch '0.10' into 0.11	6 years ago
Sergey G. Brester	c819a18a0a	Update ChangeLog	6 years ago
sebres	d88ce7181c	Merge branch '0.10' into 0.11	6 years ago
Sergey G. Brester	4108e04ab4	Update ChangeLog	6 years ago
sebres	f959f58e15	extend protocol (command-line) and regenerate man's	6 years ago
sebres	df97fd33cf	ip-list is sorted now (by end of ban) per default; extended with new option `--with-time` to provide more pretty and informative result (separated by new-line, including time strings: time of ban + ban-time = end of ban): 192.0.2.1 2019-01-06 22:24:48 + 300 = 2019-01-06 22:29:48 192.0.2.2 2019-01-06 22:24:48 + 600 = 2019-01-06 22:34:48 also it is possible now to provide separator-character as extra-parameter after `get <jail> banip ?sep-char?` (default is space). removed unneeded test-cases (test code-base minimization) and unexpected manually changed files.	6 years ago
SP	3d477d229d	ENH: added new command `fail2ban-client get <JAIL> banip` to get the banned ip addresses (gh-1916)	6 years ago
sebres	2010dda6fa	Merge branch '0.10' into 0.11	6 years ago
Sergey G. Brester	3fa54559e5	Update ChangeLog	6 years ago
sebres	9b96a7de89	fix of SafeConfigParserWithIncludes	6 years ago
CrazyMax	a51f82770b	New filter `traefik-auth`	6 years ago
sebres	b49c1ab4b3	Merge branch '0.10' into 0.11	6 years ago
Sergey G. Brester	0ac5c8941c	Update ChangeLog	6 years ago

1 2 3 4 5 ...

1092 Commits (9272cce13dc343c5284d6a425f6bff93a8720cbe)