sebres
201ae0dac2
Merge branch '0.10' into 0.11
2018-01-31 12:20:34 +01:00
Sergey G. Brester
3a1c386958
Update ChangeLog
2018-01-31 12:18:56 +01:00
sebres
9440956575
Update ChangeLog
2018-01-19 19:37:37 +01:00
sebres
c50875ccf6
Update ChangeLog: all major 0.11 changes combined in 0.11th block now
2018-01-19 11:41:54 +01:00
sebres
aa47937d4f
Merge branch '0.10' into 0.11: bum version after release of 0.10.2
2018-01-18 16:47:13 +01:00
sebres
9a38d5697f
bump version (0.10.2 -> 0.10.3.dev1)
2018-01-18 16:40:48 +01:00
sebres
a45488465e
prepare release: bump version, update ChangeLog, man's and MANIFEST etc.
2018-01-18 14:49:01 +01:00
sebres
1ca3df877b
Merge branch '0.10' into 0.11
2018-01-18 14:32:00 +01:00
sebres
81b61fe30c
ChangeLog update
2018-01-18 14:19:55 +01:00
sebres
38b3290516
Merge branch '0.10' into 0.11
2018-01-17 16:43:45 +01:00
sebres
ed22ddbbbb
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2018-01-17 16:42:56 +01:00
Benedikt Seidl
fed6c49c2d
nginx-http-auth: match usernames with spaces
...
# Conflicts:
# ChangeLog
2018-01-17 16:35:31 +01:00
sebres
576eeb70dd
Merge branch '0.10' into 0.11
2018-01-15 18:17:18 +01:00
sebres
2b7b0da943
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2018-01-15 18:16:43 +01:00
sebres
039ac7c7c4
Merge branch '0.10' into 0.11
2018-01-11 10:29:46 +01:00
sebres
1c0fc73e48
Update ChangeLog
2018-01-11 10:27:38 +01:00
sebres
314e402fe0
filter.d/sendmail-auth.conf - extended daemon for Fedora 24/RHEL - the daemon name is "sendmail" (gh-1632)
2018-01-10 14:49:06 +01:00
sebres
0e68c9a720
Merge branch '0.10' into 0.11
2018-01-10 12:22:31 +01:00
sebres
c30144b37a
Merge branch '0.9' into 0.10
...
# Conflicts:
# config/action.d/firewallcmd-ipset.conf
# config/filter.d/asterisk.conf
# Merge-point after cherry-pick, no changes:
# fail2ban/client/jailreader.py
# fail2ban/helpers.py
2018-01-10 12:05:26 +01:00
Serg G. Brester
029cd5aa24
Update ChangeLog
2018-01-10 11:47:59 +01:00
Danila Vershinin
c190631f88
New ban action firewallcmd-ipset-allports. Closes #1167
2018-01-10 10:58:01 +01:00
Serg G. Brester
f7e2d3610b
Update ChangeLog
2018-01-09 21:19:01 +01:00
sebres
5028f17f64
Merge branch '0.10' into 0.11, rewrite updateDb because it can be executed after repair, and some tables can be missing.
...
# Conflicts:
# fail2ban/server/database.py
# fail2ban/tests/fail2banclienttestcase.py
# fail2ban/tests/sockettestcase.py
2017-12-22 17:05:45 +01:00
Serg G. Brester
2d23f35d26
Update ChangeLog
...
typo: missing newline restored.
2017-12-21 22:50:54 +01:00
sebres
79443210ad
Update ChangeLog
2017-12-21 22:49:57 +01:00
sebres
7e5d8f37fd
Merge branch '0.10' into 0.11
...
# Conflicts:
# config/action.d/firewallcmd-ipset.conf
# fail2ban/server/jail.py
# fail2ban/tests/servertestcase.py
2017-12-06 00:14:23 +01:00
Serg G. Brester
ad658a0a95
Merge pull request #1989 from sebres/logging-options
...
New server logging options
2017-12-06 00:07:51 +01:00
sebres
cc9ff31c9c
Update ChangeLog: `action.d/firewallcmd-ipset.conf`: fixed create of set for ipv6 (missing `family inet6`, gh-1990)
2017-12-05 23:35:34 +01:00
sebres
f9833ddee4
Update ChangeLog
2017-12-05 18:55:47 +01:00
Serg G. Brester
b0ba1aa846
Update ChangeLog
2017-12-05 16:24:04 +01:00
sebres
cc153888d5
Merge branch '0.10' into 0.11
2017-12-01 15:55:10 +01:00
sebres
7f89fbc33f
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2017-12-01 15:53:11 +01:00
Peter Nowee
e4bbaf3d58
Update ChangeLog
2017-12-01 15:01:48 +01:00
sebres
5547697401
ChangeLog and typo
2017-12-01 10:16:14 +01:00
sebres
5cc0abbb02
Merge branch '0.10' into 0.11
...
# Conflicts:
# fail2ban/tests/fail2banclienttestcase.py
2017-11-28 16:37:51 +01:00
sebres
b62ab2d51e
ChangeLog updated
2017-11-28 13:46:57 +01:00
sebres
12b55bb8cc
Merge remote-tracking branch '0.10' into 0.11
2017-11-27 12:02:46 +01:00
sebres
6db9ae8574
ChangeLog updated
2017-11-26 23:35:11 +01:00
sebres
8aeaaf06ee
Merge branch '0.10' into 0.11
2017-11-23 22:57:21 +01:00
sebres
159957ab88
filter.d/sshd.conf: extended failregex for modes "extra"/"aggressive": now finds all possible (also future) forms of "no matching (cipher|mac|MAC|compression method|key exchange method|host key type) found", see "ssherr.c" for all possible SSH_ERR_..._ALG_MATCH errors;
...
obsolete (multi-line buffered) variant extended also.
Closes gh-1943, gh-1944
2017-11-23 22:21:42 +01:00
sebres
70b933f405
Merge branch '0.10' into 0.11
2017-11-06 18:57:53 +01:00
Serg G. Brester
ee80c52430
Update ChangeLog
2017-11-03 14:15:54 +01:00
Serg G. Brester
4d10c615c4
Update ChangeLog
...
typo
2017-11-03 14:05:17 +01:00
Serg G. Brester
8b26fd2778
Update ChangeLog
2017-11-03 14:03:47 +01:00
sebres
12419b75f2
Merge branch '0.10' into 0.11
...
# Conflicts:
# fail2ban/tests/servertestcase.py
2017-10-30 14:02:41 +01:00
Serg G. Brester
1a8fb6290d
Merge pull request #1926 from sebres/0.10-pf-actionflush
...
action.d/pf.conf: wildcard anchoring example + bulk-unban with command `actionflush`
2017-10-19 16:35:46 +02:00
sebres
76f5e3659e
Merge branch '0.10' into 0.11
2017-10-18 19:03:08 +02:00
sebres
0e66e3cc57
Merge branch 'master' into 0.10
...
# Conflicts:
# config/filter.d/asterisk.conf
2017-10-18 19:00:23 +02:00
Serg G. Brester
d81405adbc
Update ChangeLog
...
typo
2017-10-18 18:52:55 +02:00
Serg G. Brester
b6ab0aa83f
Update ChangeLog
...
more detailed entry
2017-10-18 18:52:12 +02:00
Michael Newton
894a05b843
Update ChangeLog
2017-10-18 09:26:51 -07:00
sebres
a1b863fcf6
action.d/pf.conf: extended with bulk-unban, command `actionflush` in order to flush all bans at once (by stop jail, resp. shutdown of fail2ban)
2017-10-17 20:12:48 +02:00
sebres
3c4910a3e2
ChangeLog entry + note for possible incompatibility.
2017-10-17 16:06:39 +02:00
sebres
028f32b74b
bump version (0.10.1 -> 0.10.2.dev1)
2017-10-12 14:00:41 +02:00
sebres
351abeb4ff
prepare release: bump version, update ChangeLog, man's and MANIFEST etc.
2017-10-12 13:46:46 +02:00
sebres
6c1d481135
Merge branch '0.10' into 0.11
2017-10-04 09:57:43 +02:00
sebres
e71f16f6ba
Merge branch 'master' into 0.10
...
# Conflicts resolved:
# config/filter.d/dovecot.conf
2017-10-04 09:57:18 +02:00
sebres
ea36e1b3fc
filter.d/dovecot.conf: fixed failregex to recognize pam_authenticate failures with "Permission denied" (gh-1897)
2017-10-04 09:55:37 +02:00
sebres
037a0be3ae
Merge branch '0.10' into 0.11
2017-10-02 15:43:55 +02:00
sebres
8c804a2290
Merge branch 'master' into 0.10
...
# Conflicts resolved:
# config/filter.d/postfix-rbl.conf
# config/filter.d/postfix-sasl.conf
# config/filter.d/postfix.conf
# fail2ban/tests/files/logs/postfix-sasl
2017-10-02 15:41:30 +02:00
sebres
a2120a9de5
filter.d/postfix-*.conf - added optional port regex (closes gh-1902)
2017-10-02 15:31:55 +02:00
Serg G. Brester
6149df5216
Update ChangeLog
2017-09-12 09:27:16 +02:00
Louis Sautier
152c9d27d5
Fix nftables actions for IPv6 addresses, fixes #1893
...
* add [Init?family=inet6] to nftables-common.conf and make nftable
expressions more modular
* change "ip protocol" to "meta l4proto" in nftables-allports.conf
since the former only works for IPv4
2017-09-11 23:32:53 +02:00
Serg G. Brester
72ad904f58
Update ChangeLog
2017-09-11 12:22:43 +02:00
Louis Sautier
2ce0ffb977
Fix Gentoo init script's shebang
...
Use openrc-run instead of runscript.
5d5856c193
2017-09-11 12:19:33 +02:00
sebres
e0fede621e
Merge branch '0.10' into 0.11
2017-09-08 11:33:19 +02:00
Serg G. Brester
8be4569d51
Update ChangeLog
...
several fixes of 0.10th branch
2017-09-08 11:32:08 +02:00
sebres
b185e7cb04
Merge remote-tracking branch 'upstream/master' into 0.10
2017-09-08 11:11:05 +02:00
Serg G. Brester
983b128c54
Update ChangeLog
...
several fixes of 0.9th branch
2017-09-08 11:07:48 +02:00
Serg G. Brester
a287d0a05c
Merge pull request #1872 from kmzby/master
...
Added filter for phpMyAdmin+syslog
2017-08-25 12:22:58 +02:00
Pavel Mihadyuk
5b4bc2aafd
Added filter for phpMyAdmin+syslog (>=4.7.0). Closes #1713
2017-08-22 18:20:01 +03:00
sebres
b80692f602
Merge branch '0.10' into 0.11
2017-08-18 15:44:43 +02:00
sebres
1d5fbb95ae
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2017-08-18 15:44:22 +02:00
sebres
3be32adefb
Replace not posix-compliant grep option: fgrep with `-q` option can cause 141 exit code in some cases (see gh-1389).
2017-08-18 14:37:29 +02:00
sebres
aa140f0fa7
Merge branch 0.10 to 0.11, restores merge-point after rebased PR gh-1866 (mistakenly created and merged on 0.11th base);
2017-08-16 17:58:52 +02:00
sebres
19e59fff3e
ChangeLog: added incompatibility list (compared to v.0.9)
2017-08-16 15:38:44 +02:00
Serg G. Brester
b5dd5adb08
Merge pull request #1460 from sebres/0.10-full
...
0.11 ban-time-incr
2017-08-10 15:23:18 +02:00
sebres
1c06a8b1ef
0.11 - prepared new development edition: README.md, ChangeLog, version.py
2017-08-10 15:19:43 +02:00
sebres
28076618fd
back to development edition: README.md, ChangeLog, version.py
2017-08-09 17:37:40 +02:00
sebres
c60784540c
version bump: release 0.10.0
2017-08-09 16:53:05 +02:00
sebres
30219b54c4
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2017-08-09 16:38:29 +02:00
Serg G. Brester
c540217844
Update ChangeLog
...
action.d/cloudflare.conf - Cloudflare API v4 implementation (gh-1651)
2017-08-09 16:34:37 +02:00
sebres
6f4fde2c29
Update changelog and man/jail.conf.5
2017-08-08 21:50:38 +02:00
sebres
51c54b3253
ChangeLog entry for 9a42ce12f4
2017-08-08 13:04:36 +02:00
sebres
a12ac4242b
ChangeLog updated
2017-07-12 11:59:42 +02:00
sebres
c9385a2e04
ChangeLog updated
2017-07-11 15:28:04 +02:00
sebres
ea3a6aa971
ChangeLog updated
2017-07-11 15:02:59 +02:00
sebres
e26cc5de45
restore backwards compatibility (jail postfix-sasl); changelog update
2017-07-11 11:57:48 +02:00
sebres
546cd55342
Merge branch 'master' into 0.10
2017-07-03 13:02:25 +02:00
sebres
a1d0633e69
filter.d/asterisk.conf - fixed failregex AMI Asterisk authentification failed (see gh-1302):
...
- optional space between NOTICE and pid;
- optional part "Host " before IP-address;
2017-07-03 12:57:28 +02:00
sebres
33fcf8d809
Merge branch 'master' into 0.10
2017-07-03 12:43:48 +02:00
Serg G. Brester
001c0898d6
Merge branch 'master' into master
2017-06-30 18:07:38 +02:00
Serg G. Brester
986dd3107d
Merge branch '0.10' into patch-12
2017-06-19 18:37:28 +02:00
sebres
9b0f39a17d
ChangeLog updated
2017-06-19 18:12:37 +02:00
Serg G. Brester
3294840c2a
Merge pull request #1801 from jeaye/postfix-updates
...
filter.d/postfix.conf: update to the latest postfix logging format
2017-06-19 16:44:37 +02:00
sebres
d2c39d2e45
Merge branch '0.10' into 0.10-full
...
# Conflicts:
# fail2ban/server/database.py - resolved and test-case with persistent ban-time fixed/extended (bantime presents in database)
2017-06-16 09:35:27 +02:00
sebres
dcdf677438
Merge remote-tracking branch 'master' into 0.10
2017-06-15 11:49:51 +02:00
sebres
e1234a5249
ChangeLog update
2017-06-15 11:47:16 +02:00
jeaye
6f3d425c4d
Update postfix filters and tests
2017-06-12 18:56:19 -07:00
sebres
bbea73d79d
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2017-06-12 13:11:45 +02:00
Serg G. Brester
23c2d05250
Update changelog (new enhancements from gh-1792)
2017-06-09 20:51:28 +02:00
Georges Racinet
12259bb3c7
man and ChangeLog for logtimezone
2017-06-09 20:39:03 +02:00
Serg G. Brester
5214c1c5d1
Update changelog (gh-1455)
2017-05-30 20:31:48 +02:00
sebres
2b08847f3a
Reintegrate 'master' into 0.10 (merge point) + small code review
2017-05-19 16:32:13 +02:00
sebres
c7ddf1f940
[systemd-backend] implicit closing journal descriptor by stop filter.
...
Partially cherry-picked from 0.10 (d153555a07
)
2017-05-19 15:36:06 +02:00
sebres
17a03ebc11
changelog update / typos fixed
2017-05-17 21:03:35 +02:00
sebres
6724de54e6
Merge branch '0.10' into 0.10-full
2017-05-17 11:35:33 +02:00
Serg G. Brester
17b0945a70
Update ChangeLog
2017-05-16 09:43:52 +02:00
sebres
94c793ff89
Merge branch 'master' into 0.10
2017-05-15 16:48:11 +02:00
Yaroslav Halchenko
407b2ea936
life is going on
2017-05-11 11:17:27 -04:00
Yaroslav Halchenko
35280044ff
Preparing for 0.9.7 release
2017-05-10 21:38:57 -04:00
sebres
b13d9d4e22
Merge branch 'master' into 0.10
2017-05-07 21:29:12 +02:00
sebres
bea3a62a37
update ChangeLog
2017-05-07 14:02:45 +02:00
Serg G. Brester
b5d59e8883
small fix of changelog entry
2017-05-02 16:59:05 +02:00
Viktor Szépe
1ed958521c
Courier auth changelog
2017-04-28 17:08:36 +02:00
sebres
8839bcbb09
Merge remote-tracking branch master into 0.10
2017-04-25 10:07:19 +02:00
sebres
462442a517
Update ChangeLog #1757
2017-04-25 10:04:45 +02:00
sebres
f75c3d8a02
code review and ChangeLog entry
2017-04-24 21:18:16 +02:00
Serg G. Brester
e35ed1cdf7
Update ChangeLog
...
Changes of #1645
2017-04-21 11:24:32 +02:00
Serg G. Brester
17922b621c
Update ChangeLog
...
replaced german in entry ;)
2017-04-20 15:23:59 +02:00
Georges Racinet
4fc6323ff0
haproxy-http-auth: avoid port number in IPv6 addresses
...
The solution taken is to consume the port number explicitely in
the regexp.
2017-04-07 13:59:22 +02:00
Serg G. Brester
e7f1fc5cb3
Update ChangeLog
...
enhancements of #1743
2017-03-31 10:39:50 +02:00
Serg G. Brester
44a26c6159
Update ChangeLog
...
amend to gh-1742
2017-03-29 23:14:33 +02:00
sebres
873f97c6c5
Merge branch '0.9-log-level-msg' into 0.10
2017-03-27 11:36:36 +02:00
sebres
7982d1e627
Update ChangeLog
2017-03-27 11:31:41 +02:00
Serg G. Brester
d26060ead0
Update ChangeLog
...
belongs to #1733
2017-03-27 09:38:53 +02:00
sebres
6c4b1c7204
Update ChangeLog
2017-03-23 15:54:53 +01:00
Serg G. Brester
7a03c964c2
Update ChangeLog
2017-03-21 14:04:18 +01:00
sebres
875295320e
Merge remote-tracking branch 'remotes/gh-upstream/0.10' into 0.10-full
2017-03-13 02:12:39 +01:00
sebres
30b53bb2ce
update ChangeLog and man/fail2ban-regex.1
2017-03-13 02:07:14 +01:00
sebres
8af7a73bfc
update ChangeLog
2017-03-10 22:14:39 +01:00
sebres
52ed6597b2
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2017-03-09 16:27:14 +01:00
sebres
0f8cb1749f
Update ChangeLog
2017-03-09 16:15:45 +01:00
Serg G. Brester
d042981954
Merge pull request #1655 from ajcollett/0.10
...
Added config for AbuseIPDB
2017-03-09 15:15:26 +01:00
sebres
6a2c95da95
`action.d/sendmail-geoip-lines.conf` fixed using new tag `<ip-host>` (dns-cache and without external command execution);
...
changelog updated;
2017-03-08 16:51:08 +01:00
sebres
28b5262976
Merge branch '0.10' into 0.10-full
2017-02-28 15:14:51 +01:00
Serg G. Brester
32ac383d06
Update ChangeLog
2017-02-27 15:51:33 +01:00
Serg G. Brester
2fa18a74c4
Merge branch 'master' into master
2017-02-17 09:06:09 +01:00
Christoph Theis
861ce4177c
#1689 : Make lowest rule number in action.d/bsd-ipfw.conf configurable
2017-02-14 18:31:42 +01:00
sebres
99634638ba
Merge branch '0.10' into 0.10-full
2017-01-23 09:51:36 +01:00
sebres
e8a1556562
Merge remote-tracking branch 'master' into 0.10
...
# Conflicts:
# fail2ban/tests/samplestestcase.py
2017-01-21 16:59:41 +01:00
sebres
8aa9516d50
sshd.conf: fixed expression "received disconnect ... auth fail" - optional space after port part (gh-1652)
2017-01-21 16:18:03 +01:00
sebres
c8f473110c
change log update after rebase
2017-01-21 15:59:27 +01:00
sebres
dd373dba9f
test all config-regexp, that contains greedy catch-all before <HOST>, that is hard-anchored at end or precise sub expression after <HOST>;
...
new ssh rule(s) added:
- Connection reset by peer (multi-line rule during authorization process);
- No supported authentication methods available;
Single line and multi-line expression optimized, added optional prefixes and suffix (logged from several ssh versions);
closes gh-864
2017-01-21 15:53:48 +01:00
Serg G. Brester
5e08298b6b
Update ChangeLog
2017-01-20 08:47:30 +01:00
Serg G. Brester
40f294e6bf
Merge pull request #1663 from jjeziorny/netscaler-action
...
Introduced citrix netscaler action
2017-01-19 16:25:23 +01:00
Serg G. Brester
75b252e47f
Update ChangeLog
2017-01-19 15:00:08 +01:00
Juliano Jeziorny
1fe554dd25
Introduced Citrix Netscaler action
2017-01-19 14:30:25 +01:00
Christoph Theis
fe76cd9b7d
#1667 : changelog entry
2017-01-17 14:05:20 +01:00
sebres
f35da076df
ChangeLog entry
2017-01-16 09:55:01 +01:00
sebres
de49f0c27f
ChangeLog entry
2017-01-13 19:45:10 +01:00
sebres
7019640eb3
Merge branch 'fix-gh-1658' into 0.10
2017-01-10 12:59:51 +01:00
sebres
a9523aefbb
sshd.conf: fixed non-anchored part of regex (misleading match of colon inside IPv6 address instead of `: ` in the reason-part by missing space).
2017-01-10 12:58:44 +01:00
sebres
c9f32f75e6
Merge branch '0.9-fix-regex-using-journal' into 0.10-fix-regex-using-journal (merge point against 0.9 after back-porting gh-1660 from 0.10)
2017-01-10 11:25:41 +01:00
sebres
f8d35a7c9c
changelog entry
2017-01-10 11:16:17 +01:00
Andrew James Collett
18d09b6d8e
Updated changelog.
2017-01-08 09:50:58 +02:00
Yaroslav Halchenko
4a1fd888f0
Carry on development
2016-12-11 00:49:09 -05:00
Yaroslav Halchenko
482252dbd4
ENH: prep for 0.9.6 release (as of tomorrow)
2016-12-09 09:35:03 -05:00
Serg G. Brester
556a9373ce
Update ChangeLog
2016-11-28 23:40:33 +01:00
sebres
45f1d811c9
Merge branch 'alex1702-1586'
2016-11-28 18:54:02 +01:00
sebres
67c14afd8e
ChangeLog entry added + jail.conf review
2016-11-28 18:51:23 +01:00
sebres
b8c41dcb49
ChangeLog update
2016-11-28 11:31:51 +01:00
sebres
40cbe96352
Merge remote-tracking branch 0.10 into _0.10/fix-datedetector-grave-fix-v2
2016-11-28 11:03:11 +01:00
sebres
5678d08a79
filter.d/dovecot.conf update:
...
- fixes failregex, that ignores failures through some irrelevant info (closes #1623 );
- ignores whole additionally irrelevant info in anchored regex before fixed failure data `\((?:auth failed, \d+ attempts( in \d+ secs)?|tried to use (disabled|disallowed) \S+ auth)\)`
- review, IPv6 compatibility fix, non-capturing groups
2016-11-26 16:50:37 +01:00
sebres
b856e1dadc
Merge pull request #1618 from sebres/_0.10/systemd-service
2016-11-24 20:45:17 +01:00
sebres
308bba448c
ChangeLog update
2016-11-24 20:43:55 +01:00
sebres
d908688b56
ChangeLog update
2016-11-24 20:25:08 +01:00
sebres
701abfd250
ChangeLog entry added
...
+ indentation fix (space-tab replacement)
2016-11-21 17:13:43 +01:00
sebres
b5433f48b7
amend after code review of merge gh-1581
2016-11-11 11:09:46 +01:00
sebres
ea4c1f6356
Merge branch 'master' into 0.10
2016-11-11 10:29:45 +01:00
sebres
dab5f56609
Merge branch 'fix-gh-1477'
2016-11-11 10:17:07 +01:00
sebres
c8b036456d
changelog entries
2016-10-17 12:47:42 +02:00
sebres
519e355bf2
ChangeLog entry added
2016-10-15 14:59:36 +02:00
sebres
53adc9d84a
Merge branch 0.10-full with 0.10
...
Resolved several conflicts and code review after merge
2016-10-14 19:55:20 +02:00
sebres
c809c3e61e
Merge branch 'master' into 0.10
2016-10-13 19:01:13 +02:00
Nils
f7df6026a3
Update Changelog to reflect the new np.conf action
2016-10-13 18:53:16 +02:00
sebres
310d4e224d
Merge branch master (0.9) into 0.10
2016-09-29 19:46:11 +02:00
Serg G. Brester
8e3e333d54
Update ChangeLog
2016-09-27 14:17:45 +02:00
sebres
5151c4fa6d
ChangeLog entries added
2016-09-26 15:12:50 +02:00
sebres
0f1d1a0d4d
ChangeLog: FIPS compliant
2016-09-21 09:22:18 +02:00
sebres
9fb167b5e1
filter.d/vsftpd.conf: optional reason message after FAIL LOGIN, closes #1543
2016-09-09 09:20:15 +02:00
sebres
387aa6ba47
Merge master branch '_0.9/systemd-journal-path-gh-1408' into 0.10
...
# Conflicts:
# fail2ban/tests/filtertestcase.py
# fail2ban/tests/utils.py
2016-09-01 16:26:21 +02:00
sebres
c0e0cfb39d
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2016-09-01 16:23:13 +02:00
sebres
7ed6cab120
jail configuration extended with new syntax to pass options to the backend (see gh-1408),
...
examples:
- `backend = systemd[journalpath=/run/log/journal/machine-1]`
- `backend = systemd[journalfiles="/run/log/journal/machine-1/system.journal, /run/log/journal/machine-1/user.journal"]`
- `backend = systemd[journalflags=2]`
2016-09-01 16:17:02 +02:00
sebres
4a1d720344
filter.d/asterisk.conf: another part ` chan_sip.c:28468 handle_request_register:` in log prefix
2016-08-22 14:10:50 +02:00
sebres
2c54f90469
sshd-filter: better universal regexp, that matches more complex different injects, using conditional expressions (on username and auth-info section), see new test cases also.
2016-08-19 10:19:12 +02:00
sebres
a544c5abac
sshd-filter: recognized "Failed publickey for" now (gh-1477) + improved regexp (not anchored now to recognize all "Failed anything for ... from <HOST>"
...
ChangeLog entry added
2016-08-18 21:38:55 +02:00
sebres
18ebd9ac21
Merge branches 0.10-full and 0.10
2016-08-17 18:00:25 +02:00
sebres
5509ba37a2
Merge pull request #1512 from 'remotes/gh-upstream/0.9' into 0.10
2016-08-15 20:08:42 +02:00
sebres
9935cf19c1
description provided, ChangeLog entries added
2016-08-15 19:54:11 +02:00
sebres
d71a525a85
Merge branch 'master' into 0.10 (resolve conflicts and cleaning tree points after back-porting gh-1508 0.10 -> 0.9)
2016-08-12 18:51:56 +02:00
sebres
cb340db220
ChangeLog entry for gh-1508
2016-08-12 18:37:46 +02:00
Yaroslav Halchenko
123f4ceaee
Changelog for postfix-sasl fix
2016-08-08 17:11:07 -04:00
sebres
70658d7a19
Merge pull request #1494 from rhardy613/master (branch 'sebres:pr-1494')
2016-08-08 18:49:32 +02:00
rhardy613
89f8999fe5
Add changelog entry for ASSP filter changes
...
Add changelog entry for ASSP filter changes
2016-08-06 01:07:04 -04:00
sebres
eb6e3c52ae
ChangeLog entries for the last fix (cherry pick from 0.10)
2016-08-01 18:04:00 +02:00
sebres
f5b7ffeb4b
DOC: Reformatted ChangeLog into legit Markdown (after merge of master to 0.10)
2016-08-01 15:18:59 +02:00
sebres
0eea362aa0
Merge branch 'master' into 0.10
2016-08-01 15:10:52 +02:00
sebres
922213f3d9
Merge tag '0.10.0a1' into 0.10-full
2016-07-15 10:32:42 +02:00
Yaroslav Halchenko
5714ac201b
DOC: preparations for 0.9.5 release
2016-07-14 21:35:49 -04:00
Yaroslav Halchenko
21056c995d
Merge remote-tracking branch 'origin/master' into doc-changelog
...
* origin/master:
another variant of regex
add trailing anchor to failregex
add PR id to ChangeLog
improved failregex according to @sebres recomendations
* add `__prefix_line` to regex * fix time in log file
add info to log file
added sample log lines for slapd
adding openldap slapd filter
2016-07-14 21:21:35 -04:00
Yaroslav Halchenko
28a0605f69
Merge pull request #1478 from gips0n/master
...
adding openldap slapd filter
2016-07-14 08:30:42 -04:00
sebres
683f8fc56c
Merge branch 'master' into 0.10
2016-07-13 19:41:46 +02:00
Yaroslav Halchenko
33ed71b3de
DOC: Reformatted ChangeLog into legit Markdown ( Closes #962 )
2016-07-10 19:53:54 -04:00
Yaroslav Halchenko
ec9c4a27f3
DOC: tuned up ChangeLog entries for 0.9.5
...
unified capitalized beginning of each entry
no trailing spaces or dots etc
2016-07-10 18:40:20 -04:00
Andrii Melnyk
2c5a489bc7
add PR id to ChangeLog
2016-07-08 13:55:58 +03:00
sebres
f5f204ca7c
Improved changes of gh-1458:
...
`[^']*` after callid was wrong, changed to `[^\)]*`;
regexp anchored at the end;
almost the same regex grouped to one;
Closes #1458
2016-07-08 11:45:25 +02:00
Andrii Melnyk
b2e3affaa0
adding openldap slapd filter
2016-07-08 04:50:57 +03:00
Yaroslav Halchenko
593b1210c0
Merge master (commit '0.9.4-79-gaf8b650') into 0.10
...
* commit '0.9.4-79-gaf8b650':
badip timeout option introduced, set to 30 seconds in our test cases (#1463 )
DOC: changelog for recent exim filters tune up
Asterisk pjsip (#1456 )
BF: finalize that sample log line for exim4
RF: for consistency use (?:XXX)? instead of (?:|XXX)
ENH: use non-capturing regex groups in exim-common and exim filters
ENH: exim filters -- make more use of %(host_info)s which in turn made more flexible
BF: make :port and I=[ip]:port optional for a "AUTH command used when not advertised"
2016-06-19 20:06:16 -04:00
sebres
12ff119841
Merge branch 'ban-time-incr' into 0.10-full
2016-06-09 22:50:31 +02:00
Yaroslav Halchenko
11f7cf5ad8
DOC: changelog for recent exim filters tune up
2016-06-07 21:38:39 -04:00
Ludovic Gasc
f85fb45b29
Asterisk pjsip ( #1456 )
...
* Improve PJSIP log support for Asterisk 13+
* Update changelog: filter.d/asterisk.conf - fix security log support for PJSIP and Asterisk 13+
* Change pjsip regexp with sebres observation, thanks to @nturcksin
2016-06-07 11:40:35 +02:00
sebres
f62266659f
Merge branch 'master' into '0.10'
2016-05-21 13:48:00 +02:00
sebres
baafac36a4
ChangeLog entry
2016-05-20 14:51:13 +02:00
sebres
34ae0b916e
Merge pull request #1421 from sebres/fix-1405
...
filter.d/common.conf: fixes unexpected extra regex-space in generic `__prefix_line` (gh-1405)
2016-05-20 11:20:34 +02:00
sebres
932708de9e
fixed --pidfile bug, introduced in gh-1322:
...
gentoo-initd fixed --pidfile bug: `--pidfile` is option of start-stop-daemon, not argument of fail2ban (see gh-1434)
closes gh-1434
2016-05-20 11:01:00 +02:00
sebres
de813acf51
extends generic `__prefix_line` with optional brackets for the date ambit (gh-1421), added new parameter `__date_ambit` + test case added;
2016-05-17 11:54:43 +02:00
sebres
3e49522b7a
fixes unexpected extra regex-space in generic `__prefix_line` (gh-1405, misleadingly committed in d2a9537568
);
...
all optional spaces normalized in generic include `common.conf` + test cases are extended (using new example pseudo-filter and test log `zzz-generic-example`);
2016-05-13 20:26:37 +02:00
sebres
cce63926ce
ChangeLog entry added
2016-05-13 16:11:38 +02:00
sebres
3df97beaa6
changelog entries from sebres:f2b-perfom-prepare-716 (gh-1346)
2016-05-11 18:03:22 +02:00
sebres
c22ba5413d
changes from ipv6-support-0.10 after merge
2016-05-11 16:58:13 +02:00
sebres
f9ea845595
Merge branch 'ipv6-support-0.10' into 0.10
2016-05-11 16:57:16 +02:00
Yaroslav Halchenko
5040c95bdb
DOC: stub for 0.10.0 release changelog
2016-05-10 21:17:09 -04:00
Alexander Koeppe
ce196744d1
Update ChangeLog / THANKS entries
2016-05-09 15:34:15 +02:00
sebres
e595fefc9b
change log and thanks entries
2016-04-14 14:50:17 +02:00
Serg G. Brester
b9b7ecbf6b
Merge pull request #1357 from sebres/monit-new-fltr
...
monit filter fixup for the new version (gh-1355)
2016-03-26 11:39:26 +01:00
TorontoMedia
3d239215cd
Two new firewalld actions with rich rules for firewalld-0.3.1+ (gh-1367)
...
closes #1367
2016-03-25 17:28:30 +01:00
sebres
ac27c9cb96
Merge branch 'patch-2' (gh-1371)
2016-03-25 17:05:23 +01:00
theDogOfPavlov
28e246b5d7
added note to cover additional exim filters
2016-03-23 11:52:09 +00:00
theDogOfPavlov
42f43d0f8a
added note to cover dovecot ldap regex
2016-03-23 11:51:12 +00:00
Yaroslav Halchenko
bfac42eb2e
changelog for journalmatch pure-ftpd
2016-03-14 11:10:28 -04:00
sebres
9d13bb0c3a
ChangeLog and THANKS entries
2016-03-09 20:11:14 +01:00
Yaroslav Halchenko
634e68036e
Get ready for further developments
2016-03-08 08:36:29 -05:00
Yaroslav Halchenko
5ffc15ac68
Changes for the 0.9.4 release
2016-03-07 21:45:44 -05:00
Yaroslav Halchenko
19850d71e9
changelog about gentoo initd
2016-03-07 10:52:47 -05:00
sebres
bf0adc1fdf
Merge remote-tracking branch 'f2b-perfom-prepare-716-cs' into ban-time-incr (+ conflicts resolved)
2016-03-06 15:12:48 +01:00
Yaroslav Halchenko
2adf5855ac
Changelog for the recent PR and added Tom to THANKS
2016-02-28 12:03:13 -05:00
sebres
667785b608
mysqld: failregex fixed (accepts different log level, more secure expression now);
...
closes #1332
2016-02-24 17:17:51 +01:00
Yaroslav Halchenko
905c87ca4a
Merge pull request #1310 from yarikoptic/pr-1288
...
NF: HAProxy HTTP Auth filter
2016-02-11 08:35:48 -05:00
Yaroslav Halchenko
3dc57af19c
Merge branch 'logrotate' of https://github.com/sbraz/fail2ban
...
* 'logrotate' of https://github.com/sbraz/fail2ban :
Remove compression and count from logrotate
2016-02-10 18:41:01 -05:00
3eBoP
257b7049d8
Update asterisk filter: changed regex for "Call from ...". Sometimes extension can have a plus symbol (+) because they can be phone number.
...
Closes #1309
2016-02-08 11:51:37 +01:00
Pierre GINDRAUD
b5a07741c8
Add new regex into postfix filter. The new regexp is able to detect bad formatted SMTP EHLO command
2016-02-08 11:11:59 +01:00
Louis Sautier
869d99dd37
Remove compression and count from logrotate
...
Initially reported at https://bugs.gentoo.org/show_bug.cgi?id=549856
2016-01-29 00:15:48 +01:00
Yaroslav Halchenko
3f437b32db
Merge remote-tracking branch 'pr/1288/head'
...
* pr/1288/head:
Update haproxy-http-auth.conf
Added HAProxy HTTP Auth filter
Conflicts:
config/jail.conf - resolved + removed unnecessary filter/enabled (defaults should be as good)
2016-01-28 08:51:45 -05:00
Yaroslav Halchenko
377ea32441
Merge pull request #1295 from obounaim/master
...
The sender option is ignored by some actions
2016-01-28 08:48:22 -05:00
Serg G. Brester
fe14c8fa05
Merge pull request #1292 from albel727/master
...
Add nftables actions
2016-01-24 23:55:50 +01:00
local
58a8736e0f
Updating changelog.
2016-01-10 00:10:05 +01:00
Alexander Belykh
cb2d70d7a8
Add ChangeLog entry for new nftables actions
2016-01-05 19:04:44 +06:00
sebres
25a09352e4
+ ChangeLog entry
2016-01-04 14:46:43 +01:00
Jordan Moeser
e133762a28
Added HAProxy HTTP Auth filter
2015-12-31 11:16:23 +10:00
Yaroslav Halchenko
69aa1feac0
Merge "Mac OS Screen Sharing filter" PR 1232
...
* pr/1232/head:
removed system.log
Removed old svn revision comment
removed false matches
Removed includes comment for screensharing jail
Now using a literal logpath for screensharing jail
Fixed blatant typo in regex
clarified comments on sample log format
Fixed name (again?)
Made screensharing jail off by default
Changed regex prequel
added entry for new screensharingd filter
name change & new sample data
Added json metadata
Sample log for test case
Replaced .* with literal
Update jail.conf
Added new path variable for system.log
Added in settings for screensharingd filter
Created file
Conflicts:
ChangeLog - moved to New Features
config/jail.conf - kept at the end
2015-12-29 19:36:59 -05:00
Yaroslav Halchenko
16710237e3
Merge remote-tracking branch 'origin/master'
...
* origin/master:
Add 'Sender address rejected: Domain not found' Postfix failregex
2015-12-29 19:31:04 -05:00
sebres
9d4f163e88
code review and minor repair after merge with performance branch (changed naming convention, wrong resolved conflicts, etc)
2015-12-29 17:36:00 +01:00
sebres
21f058a9f7
Merge remote-tracking branch 'remotes/gh-origin/f2b-perfom-prepare-716' into ban-time-incr
2015-12-29 14:04:41 +01:00
Yaroslav Halchenko
26dd6d7425
Merge pull request #1258 from aleksandrs-ledovskis/feature/postfix-domain-not-found-failregex
...
Add 'Sender address rejected: Domain not found' Postfix failregex
2015-12-18 09:23:54 -05:00
Yaroslav Halchenko
dfaf82d68a
Changelog entry for PartOf in .service fix
2015-12-18 09:23:12 -05:00
Ross Brown
8d12dba245
Merge remote-tracking branch 'upstream/master'
2015-12-17 18:01:17 +00:00
Ross Brown
16aa2fa13e
Updated ChangeLog to include new murmur jail.
2015-12-17 17:57:45 +00:00
Ross Brown
ba535826a8
Updated ChangeLog to include new murmur filter.
2015-12-15 21:46:35 +00:00
Yaroslav Halchenko
5d6cead996
ENH: sshd filter -- match new "maximum auth attempts exceeded" ( Closes #1269 )
2015-12-13 23:21:04 -05:00
sebres
6d984717b5
ordered dict replaced with dict + change log entry fix
...
# Conflicts:
# fail2ban/server/filter.py
2015-12-12 15:48:49 +01:00
sebres
3a179ec5d7
small code review: (much pretty) handling of filename as key - FileFilter contains (ordered) dict of files (not list), as discussed in gh-1265
2015-12-02 20:45:01 +01:00
Aleksandrs Ļedovskis
fa59a6850f
Add 'Sender address rejected: Domain not found' Postfix failregex
...
Signed-off-by: Aleksandrs Ļedovskis <aleksandrs@ledovskis.lv>
2015-11-22 12:01:15 +02:00
Orion Poplawski
c656cb0d36
Merge branch 'master' into journaldefault
...
Conflicts:
ChangeLog
2015-11-13 15:22:59 -07:00
Yaroslav Halchenko
6af6e40b62
Merge pull request #1241 from sebres/known/param-tag
...
New interpolation feature for definition config readers - `<known/parameter>`
2015-11-10 08:35:57 -05:00
sebres
46b116e86a
filter test cases improved + log captured inside such tests + python 3.x compatibility;
...
changelog entry;
2015-11-09 22:02:05 +01:00
sebres
94cffece12
New interpolation feature for definition config readers - `<known/parameter>`, as extension to interpolation `%(known/parameter)s`, that does not works for filter and action init parameters;
2015-11-02 21:45:03 +01:00
Serg G. Brester
eef7771b4e
Merge pull request #1238 from sebres/fix/gh-1216
...
Fixed directly defined banaction for allports jails like pam-generic, recidive, etc
2015-10-31 13:17:04 +01:00
sebres
e825e977cc
Nginx log paths extended (prefixed with "*" wildcard)
...
closes gh-1237
2015-10-30 17:51:30 +01:00
sebres
f359ed8c36
Fixed directly defined banaction for allports jails like pam-generic, recidive, etc with new default variable `banaction_allports` (+ man entries for both variables added);
...
closes gh-1216
2015-10-30 15:36:18 +01:00
sebres
6884593ab8
New filter `nginx-limit-req` ban hosts, that were failed through nginx by limit request processing rate (ngx_http_limit_req_module)
2015-10-29 23:15:20 +01:00
Orion Poplawski
0661aece46
Merge branch 'master' into journaldefault
...
Conflicts:
ChangeLog
2015-10-29 15:22:37 -06:00
Simon Brown
3dd1c305ce
added entry for new screensharingd filter
2015-10-27 21:20:12 -07:00
sebres
eb87638ead
ChangeLog entry for OpenHAB home automation filter (gh-1223)
2015-10-26 15:56:01 +01:00
Pablo Rodriguez Fernandez
2c576c64f8
Change domain filter regex
...
Change domain filter regex since there are other Google crawlers.
See "Google crawlers"
<https://support.google.com/webmasters/answer/1061943?hl=en >
2015-10-20 10:46:00 +02:00
Orion Poplawski
81a26266a9
Add changlog entry for postfix-rbl logpath change
2015-10-19 19:46:43 -06:00
Orion Poplawski
75d33c0f09
Add *_backend options for services to allow distros to set the default backend
...
per service.
Set default to systemd for Fedora as appropriate.
2015-10-18 20:18:50 -06:00
Pablo Rodriguez Fernandez
a28e6b442e
Add check in apache-fakegooglebot to protect against PTR fake record
...
An attacker may return a PTR record which fakes a Googlebot's domain
name. This modification resolves the PTR records to verify it.
See "Verifying Googlebot":
<https://support.google.com/webmasters/answer/80553?vid=1-635800030504666679-1963774919 >
2015-10-13 17:11:49 +02:00
sebres
2696ede251
mysqld-auth: Updated "Access denied ..." regex for MySQL 5.6 and later
...
closes gh-1211
2015-10-07 14:34:13 +02:00
Kevin Locke
2a5c93cfb5
Update ChangeLog and THANKS for "Auth fail" changes
...
Document the changes from 36919d9f
in the ChangeLog and add myself to
the THANKS file (at @sebres suggestion).
Signed-off-by: Kevin Locke <kevin@kevinlocke.name>
2015-10-05 00:31:13 -07:00
Yaroslav Halchenko
ff06176e9e
Merge remote-tracking branch 'origin/master' into enh-split-comma
...
* origin/master:
DOC: changelog for the timeout change
Set Timeout at urlopen to 3 seconds
README :: init/service example mentions debian based systems as the example
README :: fitted paragraph style
BF: disable testing on python 3.2 until coverage gets a fix
README :: Some style/grammar tweaks, and init/service script mention. Re: #1193
Set Timeout at urlopen to 3 seconds
2015-09-27 00:52:14 -04:00
Yaroslav Halchenko
6c0f898ec7
DOC: changelog for the timeout change
2015-09-27 00:49:57 -04:00
Yaroslav Halchenko
8cf614e221
ENH: allow to split ignoreip by space and/or comma ( Closes #1197 )
...
Way too many people ran into this gotcha, so lets just do it
2015-09-23 12:13:52 -04:00
Yaroslav Halchenko
55e542b273
Merge remote-tracking branch 'pr/1170/head' -- opensuse paths
...
* pr/1170/head:
Updated ChangeLog regarding openSUSE's path config
Added configuration for opensuse path
2015-09-17 21:59:45 -04:00
Yaroslav Halchenko
db1a3f17e1
ENH: new date pattern with year after day (not after entire entry)
2015-09-16 08:56:46 -04:00
Yaroslav Halchenko
fbdd0b74a1
DOC: Changelog entry for this fix
2015-09-13 10:45:39 -04:00
Ville Skyttä
67a94733a9
logrotate: Do not rotate empty logs
...
As a useful side effect, prevents "Unable to contact server. Is it
running?" mails from cron when fail2ban hasn't been (intentionally)
running nor thus logging anything either.
2015-09-13 11:05:33 +03:00
Edward Beckett
f5b88bd377
Updated Changelog
2015-09-11 10:12:57 -04:00
sebres
4cf3b576b9
Bugfix for dnsToIp resolver for fqdn with large list of IPs;
...
closes #1164
2015-09-08 18:20:48 +02:00
Edward Beckett
4bd7991573
Added apache-badbots.conf
2015-09-06 01:12:19 -04:00
weberho
2d69fd20ae
Updated ChangeLog regarding openSUSE's path config
2015-08-26 15:37:14 +02:00
Yaroslav Halchenko
60fbf7d750
changelog for freshly merged PR (roundcube-auth definition of logpath)
2015-08-26 09:03:23 -04:00
Yaroslav Halchenko
9ebf01293b
Post release tune ups
2015-08-01 09:17:31 -04:00
Yaroslav Halchenko
70ba5cb005
Release changes (too much of manual "labor"! ;))
2015-07-31 21:32:13 -04:00
Yaroslav Halchenko
776322cea3
BF: realpath for /var/run/fail2ban Closes #1142
2015-07-31 10:12:14 -04:00
Yaroslav Halchenko
c37009aec7
Merge branch 'grep-m1k' of github.com:szepeviktor/fail2ban
...
* 'grep-m1k' of github.com:szepeviktor/fail2ban:
Limit the number of log lines in *-lines.conf actions
Conflicts:
ChangeLog -- took both versions and adjusted the new one
for -n 1000 change
2015-07-27 22:37:46 -04:00
Yaroslav Halchenko
a80820e356
Changelog entry for killpg fix
2015-07-27 22:34:40 -04:00
Yaroslav Halchenko
38c320798d
Merge pull request #1127 from yarikoptic/enh-iptables-w-close-1122
...
WIP ENH Add <lockingopt> (Close : #1122 ) and <iptables> to define the iptables call
2015-07-27 22:30:54 -04:00
Yaroslav Halchenko
de69855157
Changelog entries for Serge's fixes
2015-07-27 10:35:14 -04:00
Yaroslav Halchenko
0041bc3770
DOC: Changelog for shorewall-ipset-proto6.conf + adjusted its description
2015-07-26 23:10:08 -04:00