Commit Graph

5234 Commits (9905904bbae068f9848106a358d591923f5fb90f)

Author SHA1 Message Date
sebres 7b3ee3dadc allow to set all standard options of filter (like prefregex, journalmatch, etc) directly in jail (without filter or supplying parameters to filter);
normalize stream generation of filter-related parameters across FilterReader and JailReader (uses stream generator of filter now);
test cases extended (testOverrideFilterOptInJail) to cover this possibility.
2019-09-11 16:14:46 +02:00
sebres a36b70c7b5 filter.d/znc-adminlog.conf: support logging format of systemd-journal, bypass port after address (optional, removed end-anchor, see gh-2520) 2019-09-10 21:02:26 +02:00
sebres fbd4bfc595 extend murmur test cases to cover systemd journal log-format (gh-2520, note we don't use any time-stamp as systemd-backend does not expect it) 2019-09-10 19:46:44 +02:00
sebres 822f8adb6a Merge branch '0.10' into 0.11 2019-08-22 21:33:58 +02:00
sebres e547927075 tests: extend server test cases for some stock jails (e. g. check issue with sendmail filters gh-2493 + covering `maxmatches` / `dbmaxmatches` in server tests) 2019-08-22 21:29:46 +02:00
sebres 65da15327e curtail some bothering continuously repeatable debug messages of filters (backend-related) to level 4 (below extra heavy-debug, so simplifying debugging and testing with level 5) 2019-08-22 21:17:45 +02:00
sebres 16b3993be6 actions: improve conditional execution of some operations, also allow to start action on demand (by first ban if `actionstart_on_demand` enabled) for non-conditional actions (backwards compatible, so actionstart_on_demand is on per default only for the actions having family-conditional sections);
small bug fixing (stop/flush/restore env etc) and code simplification.
2019-08-22 21:05:38 +02:00
sebres 6b7825b8c8 closes gh-2506: don't increase attempt count if `bantime.increment` is not enabled for the jail 2019-08-22 14:11:08 +02:00
sebres 15734a923b Merge branch '0.10' into 0.11 2019-07-29 14:25:19 +02:00
sebres 39d9133baa amend to 7520d250b0 (#2444): don't use default flags (SYSTEM) if journalfiles are specified (similar journalflags set to 0);
fix failure of testJournalFilesArg and cover both cases now.
2019-07-29 14:23:53 +02:00
sebres 1cdd618232 Merge branch '0.10' into 0.11 2019-07-29 13:26:37 +02:00
sebres 5d5253dd70 Merge branch '0.10' into 0.11 2019-07-29 13:25:49 +02:00
sebres 19052d9789 * Merge pull request #2406 from JoeHorn/0.11
support bind-9.11.0 log format
2019-07-29 13:23:25 +02:00
sebres 91923b5c07 don't need to match identifier exactly (@ is precise enough as prefix), not capturing group;
`prefregex` extended, more selective now (denied/NOTAUTH suffix moved from `failregex`, so no catch-all there anymore);
update ChangeLog
2019-07-29 13:21:00 +02:00
Sergey G. Brester 5a3859c163 Update named-refused 2019-07-29 13:06:51 +02:00
Joe Horn 4395469226 Update named-refused.conf
Log format changed since ver. 9.11.0
Ref. ftp://ftp.isc.org/isc/bind9/9.11.0/RELEASE-NOTES-bind-9.11.0.html
"The logging format used for querylog has been altered. It now includes an additional field indicating the address in memory of the client object processing the query."
2019-07-29 13:06:49 +02:00
Sergey G. Brester a395361de8
Merge pull request #2467 from sebres/logtype-option-rfc5424
New option `logtype` value - `rfc5424`
2019-07-24 00:02:04 +02:00
Sergey G. Brester 70280bfa12
Update ChangeLog 2019-07-24 00:00:24 +02:00
sebres 581f13c2db Merge branch '0.10' into 0.11 2019-07-22 19:07:15 +02:00
Sergey G. Brester d3b5befe44
update changelog (#2404) 2019-07-22 12:50:48 +02:00
Sergey G. Brester 0dfd4f1f41
Merge pull request #2404 from benrubson/badprotocol
filter.d/sshd.conf: matches "Bad protocol version identification" in ddos and aggressive modes.
2019-07-22 12:47:39 +02:00
Sergey G. Brester eb308d0fc8
add test for injection on version identification 2019-07-22 11:50:01 +02:00
Sergey G. Brester 119401fced
Merge pull request #2452 from benrubson/badips
Badips key is only used to retrieve list
2019-07-20 12:08:22 +02:00
Ben RUBSON a98315386d
Update zzz-sshd-obsolete-multiline.conf 2019-07-19 17:59:16 +02:00
Sergey G. Brester d5a5efcd5a
amend to #2174 for fail2ban.service, fix legacy path, closes gh-2474 2019-07-17 13:38:42 +02:00
sebres 0a209f01c2 Merge branch '0.10' into 0.11 2019-07-11 13:28:47 +02:00
Sergey G. Brester 7520d250b0
Merge pull request #2444 from sebres/gh-2392
systemd-backend: switched default flags to SYSTEM_ONLY(4)
2019-07-11 13:25:58 +02:00
sebres af611db859 Merge branch '0.10' into 0.11 2019-07-10 12:47:03 +02:00
sebres 5e980afbb8 filter.d/apache-noscript.conf: closes #2466 - matches "Primary script unknown" without "\n" (optional now) 2019-07-10 12:45:53 +02:00
sebres 62b1712d22 amend to #2387:
- common.conf: rewritten using section-based handling round about option logtype;
- option `logtype` extended with `rfc5424` to cover RFC 5424 log-format (see #2309);
2019-07-09 21:48:43 +02:00
sebres 439f97fc52 Merge branch '0.10' into 0.11 2019-07-09 20:07:59 +02:00
sebres 595054639b tests/samplestestcase.py: fixes retrieving of microseconds by epoch (and comparison within tests factory) 2019-07-09 20:07:14 +02:00
Sergey G. Brester 5bc8d73220
test_badips.py: parameter `key` is removed in #2452 2019-06-26 20:52:37 +02:00
benrubson 8b171f7d25 Badips key is only used to retrieve list 2019-06-26 18:34:20 +02:00
sebres 80f97eaf02 Merge branch '0.10' into 0.11 2019-06-26 17:29:08 +02:00
sebres 4a2f4226b8 testIpToName: fixed for reverse IP of google dns (resolving another name now), more dynamic now 2019-06-26 17:28:09 +02:00
Sergey G. Brester 8a386103c1
Update ChangeLog 2019-06-25 15:49:07 +02:00
Sergey G. Brester 978c2fa8dd
Merge pull request #2448 from sebres/norm-mail-actions
Normalization of mailing actions
2019-06-25 15:39:12 +02:00
sebres e751be2c13 normalize, simplify and fix several mail actions (mail and sendmail actions are more similar now, sendmail is configurable via parameter `mailcmd`, etc);
added test covering sendmail-whois-lines
2019-06-15 23:14:41 +02:00
sebres 3d04a99d25 fail2ban-regex: (verbose only) avoid errors by dump of real options (if filter doesn't have some optional parameter, like `datepattern`) 2019-06-15 22:08:31 +02:00
sebres 5045c4bb00 Merge branch '0.10' into 0.11 2019-06-12 16:28:57 +02:00
sebres 809e7c4e82 Merge pull request #2264 from girst/0.11 (rebased to 0.10) 2019-06-12 16:28:32 +02:00
girst a7dc3614c4 znc-adminlog: use `<ADDR>` instead of `<HOST>` 2019-06-12 16:26:34 +02:00
girst b288ccd6b6 new filter: znc-adminlog 2019-06-12 16:25:50 +02:00
sebres 2e7a600851 Merge branch '0.10' into 0.11 2019-06-12 11:44:05 +02:00
sebres 326f5d4e3f Merge fix of gh-2390 2019-06-12 11:43:07 +02:00
sebres 4c81338944 update ChangeLog (gh-2390) 2019-06-12 11:28:19 +02:00
sebres 22b9304562 action.d/badips.py: fix start of banaction on demand (which may be IP-family related), supplied action info with ticket instead of simulating it with dict;
(closes gh-2390)
2019-06-12 11:23:52 +02:00
sebres 9e44c30659 systemd-backend: switched default flags to SYSTEM_ONLY(4), that avoid to open the user session files, so can prevent "Too many open files" errors (like gh-2208) on a lot of user sessions;
(following Orion's proposal in gh-2392)
2019-06-12 00:42:01 +02:00
sebres 686a8bdc54 Merge branch '0.10' into 0.11 2019-06-12 00:13:39 +02:00