github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
248 Commits
32 Branches
229 Tags
17 MiB
Commit Graph

248 Commits (95d17ee3182b8f5cdbcb83408be918551b61c356)

Author SHA1 Message Date
Yaroslav Halchenko 95d17ee318 * Adjusted failregex for sshd filter: 
- anchored properly at the end of line, and source code has .examples
    files to perform testing of the rules.
  - added new explicit rule for users not in the AllowUsers lists
 2007-07-29 17:20:23 +00:00
Yaroslav Halchenko 3aef16b773 * jail.conf has specification of protocol (default to tcp) to be provided to 
banaction
 2007-07-25 03:47:32 +00:00
Yaroslav Halchenko 990bd15dd5 specified default protocol (tcp) and specified udp for jail for named 2007-07-25 03:46:41 +00:00
Yaroslav Halchenko ac7e1696d4 fixed named filter to account for optional (cache) 2007-07-24 20:04:20 +00:00
Yaroslav Halchenko 14d3ffc6de * Added a filter for named to catch refused/denied queries 2007-07-24 18:10:05 +00:00
Yaroslav Halchenko 2a3d710cad adjusted pam_generic patch in example to catch ftp 2007-07-24 17:25:38 +00:00
Yaroslav Halchenko d63bea24f5 tuned pam_generic to catch some weird log lines 2007-07-21 02:29:45 +00:00
Yaroslav Halchenko a843d0da04 tuned pam_generic to catch some weird log lines 2007-07-21 02:27:30 +00:00
Yaroslav Halchenko f58421eabf * Use /var/run to keep socket file (closes: #425746) 2007-07-05 17:12:17 +00:00
Yaroslav Halchenko a9ecd98ffe Added port param in jail since otherwise -- crashes 2007-06-25 17:08:49 +00:00
Yaroslav Halchenko 2e55bc57c7 * Added a filter pam_generic to catch any login errors. 
* Added iptables-allports.
 2007-06-25 16:51:05 +00:00
Yaroslav Halchenko bc0806d459 * Moved <HOST> expansion into regex.py (closes: #429263). Thanks James 
Andrewartha.
* Added optional regexp entry for process PID in some entries (closes:
  #426050). Thanks Roderick Schertler.
 2007-06-21 01:47:02 +00:00
Yaroslav Halchenko cc5ec4dcde releasing 2007-05-16 18:14:13 +00:00
Yaroslav Halchenko e55dfeaf3a untabified last entry 2007-05-15 14:37:09 +00:00
Yaroslav Halchenko cc1ed23b40 * Applied changes submitted by Bernd Zeimetz (thanks Bernd): 
- Removed obsolete Build-Depends-Indep on help2man, python-dev
	- Explicit removal of *.pyc files compiled during build
	- Invoke 'python setup.py clean' in clean target, which required also
	  to move python into Build-Depends
* Minor clean up of debian/rules
 2007-05-15 14:26:28 +00:00
Yaroslav Halchenko be824f4e00 adjusted to be prerelease of the package 2007-05-10 15:35:43 +00:00
Yaroslav Halchenko c58a100259 * Manually changing the order of debhelper inserted scripts in prerm 
(Closes: #422655)
* Removed obsolete hack to have /bin/env invocation of python for
  fail2ban-* scripts
 2007-05-10 15:34:09 +00:00
Yaroslav Halchenko e9397ea375 * New stable upstream release 2007-05-05 16:35:58 +00:00
Yaroslav Halchenko 10718c1036 initial upgrade to 0.8.0 2007-05-05 16:17:50 +00:00
Yaroslav Halchenko ab18d77f6a pre 0.8.0 release -- I decided to do not do mergeWithUpstream and rather carry full source 2007-05-05 16:14:31 +00:00
Yaroslav Halchenko d15f9d0206 * New upstream release 
* Updated copyright to include current year
* Removed patches absorbed upstream
 2007-04-20 01:44:43 +00:00
Yaroslav Halchenko 5dcec130f6 adjusted changelog -- releasing finally 2007-03-26 21:53:30 +00:00
Yaroslav Halchenko 7c30a3097b * Applied post-release upstream changes to resolve issues with 
- Close opened handlers to log file
 - Fixed "reload" bug
 2007-03-26 21:47:10 +00:00
Yaroslav Halchenko dc21820c80 adjusted paths in patches 2007-03-24 22:40:42 +00:00
Yaroslav Halchenko d345865621 * New upstream release 
* Applied post-release changes to resolve issues with gamin and not closed
  on reload log file
 2007-03-24 22:27:09 +00:00
Yaroslav Halchenko ee3f91176c * New upstream release (included most of the debian-provided patches -- new 
filters and actions)
* Refreshed and made verbatim homepage in description
 2007-02-09 03:22:15 +00:00
Yaroslav Halchenko a4c15ea883 * NOT RELEASED YET 
* Made homepage in description verbatim
 2007-02-07 15:25:11 +00:00
Yaroslav Halchenko 936fee7c40 * Use /usr/bin/python interpreter instead of wrapped call to python by 
/usr/bin/env
 2007-01-19 16:08:10 +00:00
Yaroslav Halchenko 30eb0566bd making it using /usr/bin/python directly 2007-01-19 15:56:21 +00:00
Yaroslav Halchenko f92e887994 minor more changes 2007-01-19 15:53:21 +00:00
Yaroslav Halchenko 878fa0dedd * Synchronized action.d/iptables-* rules from upstream SVN (closes: 
#407561)
* Minor: options renames in the comments to be in sync with upstream
 2007-01-19 15:51:11 +00:00
Yaroslav Halchenko e3102eb28a had to rename filter for courierauth 2007-01-18 15:52:48 +00:00
Yaroslav Halchenko 7a1dd9e98c * iptables-multiport is default action to take since Debian kernel arrives 
with multiport module. That is to address the fact that most services
  listen on multiple port (for encrypted and non-encrypted connections)
* Added [courierauth] jail (First 2 items are to partially address #407404
 2007-01-18 15:41:49 +00:00
Yaroslav Halchenko 85d8604209 removed empty lines 2007-01-04 20:34:41 +00:00
Yaroslav Halchenko 36b1833e31 * Adjusted default log file for postfix to be /var/log/mail.log 
(Closes: #404921)
 2007-01-04 20:25:45 +00:00
Yaroslav Halchenko acfebf3475 adjusted multiport section as promised in changelog 2007-01-04 20:19:58 +00:00
Yaroslav Halchenko e570f14a5d releasing 2007-01-04 19:48:58 +00:00
Yaroslav Halchenko f01c74581d fixed action_ shortcuts 
adjusted initd script to be verbose on start if socketfile exists
 2007-01-04 19:47:00 +00:00
Yaroslav Halchenko 7fa686a7f2 * New upstream release, which incorporates fixes introduced in 3~pre 
non-released versions (which were suggested to the users to overcome
  problems reported in bug reports). In particular attention should be paid
  to upstream changelog entries

  - Several "failregex" and "ignoreregex" are now accepted.
    Creation of rules should be easier now.
  
    This is an alternative solution to 'multiple <HOST>' entries fix,
    which is not applied to this shipped version - pay cautios if upgrading
    from 0.7.5-3~pre?
 
  - Allow comma in action options. The value of the option must
    be escaped with " or '. 
    That allowed to implement requested ability to ban multiple ports
    at once (See 373592). README.Debian and jail.conf adjusted to reflect
    possible use of iptables-mport
  - Now Fail2ban goes in /usr/share/fail2ban instead of
    /usr/lib/fail2ban. This is more compliant with FHS.
    Patch 00_share_insteadof_lib no longer applied
* Refactored installed by debian package jail.conf:
  - Added option banaction which is to incorporate banning agent
    (usually some flavor of iptables rule), which can then be easily
    overriden globally or per section
  
  - Multiple actions are defined as action_* to serve as shortcuts
 2007-01-04 18:08:09 +00:00
Yaroslav Halchenko e8ce484c05 reworked init script a bit: waiting on stop and ping instead of status 2007-01-04 17:03:35 +00:00
Yaroslav Halchenko a81dd8b103 boosted version 2007-01-03 16:09:43 +00:00
Yaroslav Halchenko 97ab74de5f * Not applying patch any more for rigid python2.4 - it is default now in 
sid/etch
 2007-01-03 16:09:01 +00:00
Yaroslav Halchenko 4d5ec804f5 * Added filter ssh-ddos to fight DDOS attacks. Must be used with caution if 
there is a possibility of clients accessing through unreliable connection 
  (Closes: #404487)
 2006-12-28 07:28:53 +00:00
Yaroslav Halchenko 832a8a4346 * Moved call to dh_pycentral before dh_installinit 
* Removed unnecessary call of dh_shlibdeps
 2006-12-22 18:56:51 +00:00
Yaroslav Halchenko ebc5c6106f HOSTisized vsftpd regex 2006-12-22 18:39:57 +00:00
Yaroslav Halchenko caf85bf265 * Made fail2ban-server tollerate multiple <HOST> entries in failregex 2006-12-22 18:36:01 +00:00
Yaroslav Halchenko ae96eaa40c made failregex universal for both PAM and native vsftpd logging 2006-12-22 04:54:14 +00:00
Yaroslav Halchenko 2e992c2353 * Fail2ban now bans vsftpd logins (corrected logfile path and failregex) 
(Closes: #404060)
 2006-12-21 16:54:39 +00:00
Yaroslav Halchenko 14a2a45dbc releasing 2006-12-10 23:56:17 +00:00
Yaroslav Halchenko 762d1a188a * NEWS.Debian confusions - the latest NEWS entry and postinst message were 
rephrased (Closes: #402350)
* Added mail-whois-lines action, which emails log lines containing abuser
  IP. Those lines are often required for proper abuse reports sent to the
  Internet providers.  Forwarding of such received emails to the email
  addresses of abuse departments present in the output of whois is a
  tentative solution for semi-automatic abuse reporting (Closes: #358810)
 2006-12-10 23:40:04 +00:00