github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5,971 Commits
32 Branches
229 Tags
17 MiB
Commit Graph

1132 Commits (9a558589d7e67bfd553641bd9c074f85f97c50f4)

Author SHA1 Message Date
sebres 93810fff75 consider CONNECT and other rejected commands as a valid `_pref`; 
closes gh-3800
 2024-07-26 19:25:36 +02:00
Sergey G. Brester 216622adb2
Update ChangeLog 2024-07-03 19:42:19 +02:00
sebres 59c5e78ce9 `filter.d/apache-overflows.conf` - consider AH10244: invalid URI path; 
closes gh-3778
 2024-06-28 12:50:14 +02:00
sebres a7f3a04b0e `filter.d/recidive.conf` - restore possibility to set jail name in the filter, _jailname is positive now (but by default it uses now negative lookahead to exclude recidive jail); 
closes gh-3769
 2024-06-21 13:24:46 +02:00
sebres 2533526827 extend ipset actions with new parameter `ipsettype` for the type of set (gh-3760), affected actions: 
`action.d/firewallcmd-ipset.conf`, `action.d/iptables-ipset.conf`, `action.d/shorewall-ipset-proto6.conf`
 2024-06-09 23:38:58 +02:00
sebres 17daf0ec78 `action.d/firewallcmd-ipset.conf`: rename `ipsettype` to `ipsetbackend` (`ipsettype` will be used now to the real set type); 
amend to #2620
 2024-06-09 23:32:03 +02:00
sebres d0d0728523 cherry-pick from debian: debian default banactions are nftables, systemd backend for sshd 
closes gh-3292
 2024-04-26 02:26:55 +02:00
sebres c14327565d version bump 2024-04-26 02:06:09 +02:00
sebres 61799e15e1 release 1.1.0 -- object-found--norad-59479-cospar-2024-069a--altitude-36267km 2024-04-25 23:08:13 +02:00
sebres 22ffe12abb preparing release 2024-04-25 22:43:51 +02:00
sebres 44f32d6132 changelog 2024-03-25 16:36:21 +01:00
sebres 4550e3ad27 ChangeLog: reorder (filters after actions) 2024-03-25 16:34:12 +01:00
sebres a4ca2e83bd Merge branch 'gh-3060': adjusted `filter.d/exim.conf` and `filter.d/exim-spam.conf`: 
- messages are prefiltered by `prefregex` now
- filter can bypass additional timestamp or pid that may be logged via systemd-journal or syslog-ng (gh-3060)
closes #3060
 2024-03-25 15:56:10 +01:00
sebres 1ec9237e53 bypass additional pid in prefix (may be logged by syslog-ng, gh-3060); matches protocol error with authentication mechanism not supported 2024-03-25 15:52:06 +01:00
sebres c80908837f `filter.d/exim.conf`: 
- messages are prefiltered by `prefregex` now
  - filter can bypass additional timestamp that may be logged via systemd-journal (gh-3060)
 2024-03-25 15:31:23 +01:00
Vladimir Varlamov df94ec4c52 filter.d/exim.conf: rewrite host line regex for all varied exim's log_selector states 
Depending on Exim's log_selector settings, log lines may contain additional information about the connection. And also the line itself with the address of the remote host can vary greatly. But fortunately, all states can be found in the Exim code itself and taken into account. Makes it easier to add new regexps.
Closes #3263
 2024-03-22 00:16:41 +03:00
sebres 4f679a56e0 filter.d/sshd.conf: ddos/aggressive mode extended to match new messages caused by port scanner, wrong payload on ssh port: 
- message authentication code incorrect [preauth]
  - connection corrupted [preauth]
  - timeout before authentication
closes gh-3486
 2024-02-13 16:53:21 +01:00
sebres 302252b25c ChangeLog, gh-2655 2024-01-03 13:38:14 +01:00
Logic-32 419e380870 Add support for TLS SMTP connections. 2023-12-30 16:42:18 +01:00
Yaroslav Halchenko 8ef0d3c7a9 [DATALAD RUNCMD] run codespell throughout fixing typo automagically 
=== Do not change lines below ===
{
 "chain": [],
 "cmd": "codespell -w",
 "exit": 0,
 "extra_inputs": [],
 "inputs": [],
 "outputs": [],
 "pwd": "."
}
^^^ Do not change lines above ^^^
 2023-11-18 10:04:04 -05:00
Sergey G. Brester f7ee023661
ChangeLog: gh-3564 2023-08-23 12:38:12 +02:00
nodiscc 77f80e8c3f
action.d/*ipset*: make maxelem ipset option configurable through banaction arguments 
- previously there was no way to override this value and ipsets would stop being updated when full (Hash is full, cannot add more elements)
- preserve ipset's default value of 65536
- update tests
- Closes #3549
 2023-08-23 12:19:07 +02:00
sebres 101d6923e3 ChangeLog (gh-3485) 2023-06-13 18:57:05 +02:00
Sergey G. Brester 3c8d5fd4ef
Update ChangeLog 2023-04-24 17:11:04 +02:00
Sergey G. Brester e73748c442
Merge branch 'master' into mikrotik 2023-04-13 19:09:00 +02:00
Sergey G. Brester 212a4c236a
update changeLog, nginx-forbidden, gh-2226 2023-03-23 12:12:55 +01:00
Sergey G. Brester 3d4bed50c2
changelog entry (gh-3479) 2023-03-15 15:08:45 +01:00
Duncan Bellamy b892133d51 move new comment in changelog 2023-03-08 09:20:51 +00:00
Duncan Bellamy 9997807fb3 Add action for mikrotik routerOS 2023-03-08 09:17:13 +00:00
sebres ed135b6a93 changelog entries (gh-3438, gh-3132) 2023-01-11 18:30:37 +01:00
sebres eba33d6205 version bump 2022-11-14 18:13:01 +01:00
sebres e1d3006b03 update 1.0.2 -- finally-war-game-test-tape-not-a-nuclear-alarm 2022-11-09 16:46:15 +01:00
sebres fd3805b40a changelog: backend `systemd`: code review and several fixes 2022-11-08 19:26:23 +01:00
sebres d8e2b03a24 `filter.d/named-refused.conf` extended (closes gh-3388): 
- support BIND named log categories
  - allow `info:` as possible error prefix too ("query (cache) denied" may occur as info)
 2022-11-03 11:41:21 +01:00
sebres ca2b94c522 fixes gh-3370: resolve extremely long search by repeated apply of non-greedy RE `(?:: (?:[^\(]+|\w+\([^\)]*\))+)?` with following branches (it may be extremely slow up to infinite search depending on message); added new regression tests 
amend to gh-3210: fixes regression and matches new format in aggressive mode too
 2022-10-04 14:10:45 +02:00
sebres f8fcaf943b version bump 2022-09-27 22:57:50 +02:00
sebres 677da51562 release 1.0.1 -- energy-equals-mass-times-the-speed-of-light-squared 2022-09-27 18:27:51 +02:00
sebres bd94b7a47d make up leeway of ChangeLog (prepare release of 1.0) 2022-09-23 21:52:14 +02:00
sebres d6896eb26d New logtarget: systemd-journal; 
rebased #1403 from da2x:feature-systemd-journal
 2022-08-29 12:30:05 +02:00
Logic-32 7e7b9f4a35 Adding support for Cloudflare Token API. 
Closes #3080
 2022-04-27 14:19:18 -06:00
Viktor Szépe 45e08cc07f
Render Changelog as Markdown 2022-02-21 18:29:04 +00:00
Sergey G. Brester 8e62c8a569
syntax 2022-02-21 17:02:24 +01:00
sebres b903059419 ChangeLog for RFE gh-3217 (with compat warning) 2022-02-18 20:19:43 +01:00
sebres ff7fe572bf drop support for python 2.6 (hardly possible in modern CIs, new features would expect OrderedDicts, etc) 2022-02-10 15:48:51 +01:00
Sylvestre Ledru 1cd3118da3 Fix typo found by lintian (Debian static analyzer) 2021-10-23 17:06:13 +02:00
Sergey G. Brester 2958ad8636
Update ChangeLog 2021-05-06 22:19:38 +02:00
Sergey G. Brester dda70d60c0
Merge branch 'master' into master 2021-04-04 00:04:08 +02:00
Sergey G. Brester c5d43d7573
Update ChangeLog 2021-04-04 00:00:59 +02:00
sebres 4b17dddc23 update ChangeLog 2021-03-25 12:07:34 +01:00
sebres abc5a4e062 ChangeLog (#2742) 2021-02-17 19:02:22 +01:00