github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
2,261 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

499 Commits (93f30fe4f60396aa3936584f5c358a041684ee9d)

Author SHA1 Message Date
Yaroslav Halchenko ccd26578ec Merge pull request #425 from grooverdan/asterisk-simplify 
ENH: condense asterisk regexs for speed
 2013-11-08 14:42:35 -08:00
Yaroslav Halchenko ea8fce6308 Merge pull request #426 from yarikoptic/bf/openssh6.3-regex-injection 
openssh 6.3 regex injection vectors:  inject into ruser and/or exploiting pre-specified limits set for user provided data
 2013-11-08 14:35:18 -08:00
Yaroslav Halchenko bf245f9640 DOC: adding DEV Notes for for non-greedy matchin within sshd.conf 2013-11-08 14:34:31 -08:00
Daniel Black d6bbe03861 Merge pull request #424 from grooverdan/nginx-auth 
ENH: add filter.d/nginx-http-auth. Partially forfils #405
 2013-11-08 14:24:02 -08:00
Yaroslav Halchenko 750e0c1e3d BF: disallow exploiting of non-greedy .* in previous fix by providing too long rhost -- do not impose length limits for user-provided input 
since daemon might eventually change reported length and we would need to adjust anyways.  So limiting
in length does not provide additional security but allows for a possible injection vector
 2013-11-08 10:10:33 -08:00
Yaroslav Halchenko abb012ae5c BF: fixing injection for OpenSSH 6.3 -- making .* before <HOST> non-greedy 2013-11-08 10:00:37 -08:00
Daniel Black d7560d4041 ENH: condense asterisk regexs for speed 2013-11-08 10:24:50 +11:00
Daniel Black ab9d921162 BF: missed action in nginx-http-auth 2013-11-08 10:09:19 +11:00
Daniel Black a148d35d70 ENH: add filter.d/nginx-http-auth. Partially forfills #405 2013-11-08 10:06:40 +11:00
Yaroslav Halchenko 4522308354 ENH: regenerated config/filter.d/apache-badbots.conf 2013-11-07 14:26:18 -08:00
Daniel Black 0730db9b2b Merge pull request #416 from grooverdan/debian-bug-665925-wuftpd-pam 
BF:  wuftpd pam filter fix (Debian bug 665925)
 2013-11-05 18:39:01 -08:00
Daniel Black e55b24c533 BF: fix dovecot filter for newer failure message. Closes Debian bug #709324 2013-11-06 12:51:21 +11:00
Daniel Black 8b54523316 BF: fix to filter.d/wuftp to support pam authentication - Debian bug #665925 2013-11-06 12:13:37 +11:00
Daniel Black ac1f45d18c Merge pull request #412 from grooverdan/firewalld 
ENH: enhance firewall-cmd to use firewall-0.8.3's --remove-rules
 2013-11-05 16:46:18 -08:00
Daniel Black 87f68d7564 firewalld-0.3.8 release that support --remove-rules out so documenting this. 2013-11-06 11:37:56 +11:00
Daniel Black ee1edfbf0c BF: remove duplication definition secion in webmin-auth 2013-11-04 17:54:36 +11:00
Daniel Black b5c10488c1 Merge pull request #409 from grooverdan/filter-doco 
DOC: in filters, put user relevant doc at top, and developer info at bot...
 2013-10-30 15:11:46 -07:00
Daniel Black 5eddd5d12d DOC: document required firewalld version as > 0.3.7.1 2013-10-31 09:10:59 +11:00
Daniel Black 27d257d5a6 Merge pull request #408 from grooverdan/dropbear 
BF: filter.d/dropbear
 2013-10-30 14:43:07 -07:00
Daniel Black 8ac6081555 ENH: fix to use upstream --remove-rules 
https://fedorahosted.org/firewalld/ticket/10
 2013-10-31 01:23:00 +11:00
Daniel Black 93de46ac72 BF: maxretry=5 for ssh as per DEVELOP. align = in jail.conf 2013-10-31 00:52:47 +11:00
Daniel Black c3f9c9aa60 BF: filter.d/dropbear 
Add PAM failures which is in dropbear-2013.60 in srv-authpam.c

Patch
http://www.unchartedbackwaters.co.uk/files/dropbear/dropbear-0.52.patch
obviously has exit with lower case e so adjust regex for both.

svr-authpasswd.c in 2013.60 (at bottom) for second regex ends after the
IP so the regex was altered.

.*\s* can be compressed to .*
 2013-10-31 00:21:30 +11:00
Daniel Black 89fd792dfb DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
Daniel Black de9977441a DOC: move named and mysql instructions into the filters from jail.conf 2013-10-30 21:12:16 +11:00
Daniel Black 7ab909d056 DOC: space out jail.conf consistantly 2013-10-30 20:34:06 +11:00
Daniel Black 95f3f38682 MRG: merge ChangeLog and jail.conf 2013-10-30 20:19:41 +11:00
Daniel Black e3150044fd BF: fix selinux 
TST: ignore *common.conf files in test cases as these are included
BF: Remove USER_LOGIN from selinux-ssh as its a duplicate message
ENH: add sample jail.conf
 2013-10-30 20:05:49 +11:00
Daniel Black 0f85aef609 Merge pull request #407 from grooverdan/dovecot-jail 
ENH: Dovecot jail
 2013-10-29 15:15:19 -07:00
Daniel Black a991adb83f ENH: add submission, smtps and sieve to blocked ports since this also typically rely on dovecot auth 2013-10-29 14:33:45 +11:00
Daniel Black 8412303131 ENH: dovecot jail examples 2013-10-29 10:17:45 +11:00
Daniel Black cde389cadc ENH: additional tweek to dovecot regex based on http://chrisgilligan.com/portfolio/fail2ban-regex/ 2013-10-29 10:15:54 +11:00
Daniel Black 0c14707201 ENH: add dovecot jail 2013-10-26 10:01:04 +11:00
Daniel Black d451c2a231 FIX: vsftp improvements from Rich Mellor on mailing list 2013-10-26 09:51:25 +11:00
Daniel Black b61fe0f12d Merge pull request #378 from grooverdan/sasl 
ENH: filter.d/postfix-sasl - anchor regex at start and rename from filter.d/sasl
 2013-10-22 04:51:24 -07:00
Daniel Black 4ecc063bd0 ENH: rename filter.d/sasl -> filter.d/postfix-sasl 2013-10-22 22:40:29 +11:00
Daniel Black c2b76d1fd0 Merge pull request #397 from yarikoptic/_enh/unify_default_strings 
DOC: enh/unify "Default:" strings
 2013-10-22 04:36:41 -07:00
Daniel Black b4cbf82912 DOC: remove Default: on action firewall-cmd-direct-new 2013-10-15 08:34:42 +11:00
Yaroslav Halchenko 4149c7495d Options in actions to be specified in jails have no "Default"s besides those specified in the files -- thus removing from comments 2013-10-14 16:29:16 -04:00
Yaroslav Halchenko d12eb2526a Fixing up default values in fail2ban.conf + unifying formatting 2013-10-14 16:28:19 -04:00
Daniel Black f1bb08aa6a ENH: base blocktype off iptables-blocktype.conf for firewall-cmd-direct-new.conf like other iptables based actions 2013-10-14 23:06:38 +11:00
Daniel Black 12f7ea7ec4 DOC: remove excessive comments from firewall-cmd-direct-new 2013-10-14 22:39:38 +11:00
Daniel Black 0d8d1ae26c ENH: new action.d/firewall-cmd-direct-new.conf from Redhat Bugzilla #979622 2013-10-14 22:36:01 +11:00
Daniel Black 123ad1cc9c MRG: Merge branch 'asterisk-common-jail' 2013-10-14 22:29:56 +11:00
Daniel Black 8421007f32 MRG: merge man/jail.conf.5 entries 2013-10-14 22:28:34 +11:00
Daniel Black ef62d0d4c1 Merge pull request #391 from grooverdan/jail-mysql-doc 
ENH: mysql syslog jail.conf base
 2013-10-14 04:25:49 -07:00
Daniel Black e417a2112c Merge pull request #386 from grooverdan/qmail 
ENH: filter.d/qmail - anchor at start. Add another regex
 2013-10-14 04:24:32 -07:00
Daniel Black e227568c3b Merge pull request #384 from grooverdan/dovecot-325 
ENH: added to dovecot filter. closes gh-325
 2013-10-14 04:23:03 -07:00
Daniel Black 0022cca786 Merge pull request #385 from grooverdan/ipset 
ENH/BF: Ipset  - add iptables-ipset-proto6-allports / use blocktype on iptables-ipset-proto6*
 2013-10-14 04:21:52 -07:00
Daniel Black 8fe542ca9f DOC: reintroduce comment on comments 2013-10-11 06:48:31 +11:00
Daniel Black 6b6169178f ENH: mysql syslog jail.conf base 2013-10-10 10:00:20 +11:00