github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
4,896 Commits
32 Branches
229 Tags
17 MiB
Commit Graph

914 Commits (9d7388e68448e9294e568a8ad21599e719c914b0)

Author SHA1 Message Date
Serg G. Brester ad658a0a95
Merge pull request #1989 from sebres/logging-options 
New server logging options
 2017-12-06 00:07:51 +01:00
sebres cc9ff31c9c Update ChangeLog: `action.d/firewallcmd-ipset.conf`: fixed create of set for ipv6 (missing `family inet6`, gh-1990) 2017-12-05 23:35:34 +01:00
sebres f9833ddee4 Update ChangeLog 2017-12-05 18:55:47 +01:00
Serg G. Brester b0ba1aa846
Update ChangeLog 2017-12-05 16:24:04 +01:00
sebres 7f89fbc33f Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10 2017-12-01 15:53:11 +01:00
Peter Nowee e4bbaf3d58
Update ChangeLog 2017-12-01 15:01:48 +01:00
sebres 5547697401 ChangeLog and typo 2017-12-01 10:16:14 +01:00
sebres b62ab2d51e ChangeLog updated 2017-11-28 13:46:57 +01:00
sebres 6db9ae8574 ChangeLog updated 2017-11-26 23:35:11 +01:00
sebres 159957ab88 filter.d/sshd.conf: extended failregex for modes "extra"/"aggressive": now finds all possible (also future) forms of "no matching (cipher|mac|MAC|compression method|key exchange method|host key type) found", see "ssherr.c" for all possible SSH_ERR_..._ALG_MATCH errors; 
obsolete (multi-line buffered) variant extended also.

Closes gh-1943, gh-1944
 2017-11-23 22:21:42 +01:00
Serg G. Brester ee80c52430 Update ChangeLog 2017-11-03 14:15:54 +01:00
Serg G. Brester 4d10c615c4
Update ChangeLog 
typo
 2017-11-03 14:05:17 +01:00
Serg G. Brester 8b26fd2778 Update ChangeLog 2017-11-03 14:03:47 +01:00
Serg G. Brester 1a8fb6290d Merge pull request #1926 from sebres/0.10-pf-actionflush 
action.d/pf.conf: wildcard anchoring example + bulk-unban with command `actionflush`
 2017-10-19 16:35:46 +02:00
sebres 0e66e3cc57 Merge branch 'master' into 0.10 
# Conflicts:
#	config/filter.d/asterisk.conf
 2017-10-18 19:00:23 +02:00
Serg G. Brester d81405adbc Update ChangeLog 
typo
 2017-10-18 18:52:55 +02:00
Serg G. Brester b6ab0aa83f Update ChangeLog 
more detailed entry
 2017-10-18 18:52:12 +02:00
Michael Newton 894a05b843 Update ChangeLog 2017-10-18 09:26:51 -07:00
sebres a1b863fcf6 action.d/pf.conf: extended with bulk-unban, command `actionflush` in order to flush all bans at once (by stop jail, resp. shutdown of fail2ban) 2017-10-17 20:12:48 +02:00
sebres 3c4910a3e2 ChangeLog entry + note for possible incompatibility. 2017-10-17 16:06:39 +02:00
sebres 028f32b74b bump version (0.10.1 -> 0.10.2.dev1) 2017-10-12 14:00:41 +02:00
sebres 351abeb4ff prepare release: bump version, update ChangeLog, man's and MANIFEST etc. 2017-10-12 13:46:46 +02:00
sebres e71f16f6ba Merge branch 'master' into 0.10 
# Conflicts resolved:
#	config/filter.d/dovecot.conf
 2017-10-04 09:57:18 +02:00
sebres ea36e1b3fc filter.d/dovecot.conf: fixed failregex to recognize pam_authenticate failures with "Permission denied" (gh-1897) 2017-10-04 09:55:37 +02:00
sebres 8c804a2290 Merge branch 'master' into 0.10 
# Conflicts resolved:
#	config/filter.d/postfix-rbl.conf
#	config/filter.d/postfix-sasl.conf
#	config/filter.d/postfix.conf
#	fail2ban/tests/files/logs/postfix-sasl
 2017-10-02 15:41:30 +02:00
sebres a2120a9de5 filter.d/postfix-*.conf - added optional port regex (closes gh-1902) 2017-10-02 15:31:55 +02:00
Serg G. Brester 6149df5216 Update ChangeLog 2017-09-12 09:27:16 +02:00
Louis Sautier 152c9d27d5
Fix nftables actions for IPv6 addresses, fixes #1893 
* add [Init?family=inet6] to nftables-common.conf and make nftable
  expressions more modular
* change "ip protocol" to "meta l4proto" in nftables-allports.conf
  since the former only works for IPv4
 2017-09-11 23:32:53 +02:00
Serg G. Brester 72ad904f58 Update ChangeLog 2017-09-11 12:22:43 +02:00
Louis Sautier 2ce0ffb977
Fix Gentoo init script's shebang 
Use openrc-run instead of runscript.
5d5856c193
 2017-09-11 12:19:33 +02:00
Serg G. Brester 8be4569d51 Update ChangeLog 
several fixes of 0.10th branch
 2017-09-08 11:32:08 +02:00
sebres b185e7cb04 Merge remote-tracking branch 'upstream/master' into 0.10 2017-09-08 11:11:05 +02:00
Serg G. Brester 983b128c54 Update ChangeLog 
several fixes of 0.9th branch
 2017-09-08 11:07:48 +02:00
Serg G. Brester a287d0a05c Merge pull request #1872 from kmzby/master 
Added filter for phpMyAdmin+syslog
 2017-08-25 12:22:58 +02:00
Pavel Mihadyuk 5b4bc2aafd Added filter for phpMyAdmin+syslog (>=4.7.0). Closes #1713 2017-08-22 18:20:01 +03:00
sebres 1d5fbb95ae Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10 2017-08-18 15:44:22 +02:00
sebres 3be32adefb Replace not posix-compliant grep option: fgrep with `-q` option can cause 141 exit code in some cases (see gh-1389). 2017-08-18 14:37:29 +02:00
sebres 19e59fff3e ChangeLog: added incompatibility list (compared to v.0.9) 2017-08-16 15:38:44 +02:00
sebres 28076618fd back to development edition: README.md, ChangeLog, version.py 2017-08-09 17:37:40 +02:00
sebres c60784540c version bump: release 0.10.0 2017-08-09 16:53:05 +02:00
sebres 30219b54c4 Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10 2017-08-09 16:38:29 +02:00
Serg G. Brester c540217844 Update ChangeLog 
action.d/cloudflare.conf - Cloudflare API v4 implementation (gh-1651)
 2017-08-09 16:34:37 +02:00
sebres 6f4fde2c29 Update changelog and man/jail.conf.5 2017-08-08 21:50:38 +02:00
sebres 51c54b3253 ChangeLog entry for 9a42ce12f4 2017-08-08 13:04:36 +02:00
sebres a12ac4242b ChangeLog updated 2017-07-12 11:59:42 +02:00
sebres c9385a2e04 ChangeLog updated 2017-07-11 15:28:04 +02:00
sebres ea3a6aa971 ChangeLog updated 2017-07-11 15:02:59 +02:00
sebres e26cc5de45 restore backwards compatibility (jail postfix-sasl); changelog update 2017-07-11 11:57:48 +02:00
sebres 546cd55342 Merge branch 'master' into 0.10 2017-07-03 13:02:25 +02:00
sebres a1d0633e69 filter.d/asterisk.conf - fixed failregex AMI Asterisk authentification failed (see gh-1302): 
- optional space between NOTICE and pid;
- optional part "Host " before IP-address;
 2017-07-03 12:57:28 +02:00
sebres 33fcf8d809 Merge branch 'master' into 0.10 2017-07-03 12:43:48 +02:00
Serg G. Brester 001c0898d6 Merge branch 'master' into master 2017-06-30 18:07:38 +02:00
Serg G. Brester 986dd3107d Merge branch '0.10' into patch-12 2017-06-19 18:37:28 +02:00
sebres 9b0f39a17d ChangeLog updated 2017-06-19 18:12:37 +02:00
Serg G. Brester 3294840c2a Merge pull request #1801 from jeaye/postfix-updates 
filter.d/postfix.conf: update to the latest postfix logging format
 2017-06-19 16:44:37 +02:00
sebres dcdf677438 Merge remote-tracking branch 'master' into 0.10 2017-06-15 11:49:51 +02:00
sebres e1234a5249 ChangeLog update 2017-06-15 11:47:16 +02:00
jeaye 6f3d425c4d
Update postfix filters and tests 2017-06-12 18:56:19 -07:00
sebres bbea73d79d Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10 2017-06-12 13:11:45 +02:00
Serg G. Brester 23c2d05250 Update changelog (new enhancements from gh-1792) 2017-06-09 20:51:28 +02:00
Georges Racinet 12259bb3c7 man and ChangeLog for logtimezone 2017-06-09 20:39:03 +02:00
Serg G. Brester 5214c1c5d1 Update changelog (gh-1455) 2017-05-30 20:31:48 +02:00
sebres 2b08847f3a Reintegrate 'master' into 0.10 (merge point) + small code review 2017-05-19 16:32:13 +02:00
sebres c7ddf1f940 [systemd-backend] implicit closing journal descriptor by stop filter. 
Partially cherry-picked from 0.10 (d153555a07)
 2017-05-19 15:36:06 +02:00
Serg G. Brester 17b0945a70 Update ChangeLog 2017-05-16 09:43:52 +02:00
sebres 94c793ff89 Merge branch 'master' into 0.10 2017-05-15 16:48:11 +02:00
Yaroslav Halchenko 407b2ea936 life is going on 2017-05-11 11:17:27 -04:00
Yaroslav Halchenko 35280044ff Preparing for 0.9.7 release 2017-05-10 21:38:57 -04:00
sebres b13d9d4e22 Merge branch 'master' into 0.10 2017-05-07 21:29:12 +02:00
sebres bea3a62a37 update ChangeLog 2017-05-07 14:02:45 +02:00
Serg G. Brester b5d59e8883 small fix of changelog entry 2017-05-02 16:59:05 +02:00
Viktor Szépe 1ed958521c Courier auth changelog 2017-04-28 17:08:36 +02:00
sebres 8839bcbb09 Merge remote-tracking branch master into 0.10 2017-04-25 10:07:19 +02:00
sebres 462442a517 Update ChangeLog #1757 2017-04-25 10:04:45 +02:00
sebres f75c3d8a02 code review and ChangeLog entry 2017-04-24 21:18:16 +02:00
Serg G. Brester e35ed1cdf7 Update ChangeLog 
Changes of #1645
 2017-04-21 11:24:32 +02:00
Serg G. Brester 17922b621c Update ChangeLog 
replaced german in entry ;)
 2017-04-20 15:23:59 +02:00
Georges Racinet 4fc6323ff0 haproxy-http-auth: avoid port number in IPv6 addresses 
The solution taken is to consume the port number explicitely in
the regexp.
 2017-04-07 13:59:22 +02:00
Serg G. Brester e7f1fc5cb3 Update ChangeLog 
enhancements of #1743
 2017-03-31 10:39:50 +02:00
Serg G. Brester 44a26c6159 Update ChangeLog 
amend to gh-1742
 2017-03-29 23:14:33 +02:00
sebres 873f97c6c5 Merge branch '0.9-log-level-msg' into 0.10 2017-03-27 11:36:36 +02:00
sebres 7982d1e627 Update ChangeLog 2017-03-27 11:31:41 +02:00
Serg G. Brester d26060ead0 Update ChangeLog 
belongs to #1733
 2017-03-27 09:38:53 +02:00
sebres 6c4b1c7204 Update ChangeLog 2017-03-23 15:54:53 +01:00
Serg G. Brester 7a03c964c2 Update ChangeLog 2017-03-21 14:04:18 +01:00
sebres 30b53bb2ce update ChangeLog and man/fail2ban-regex.1 2017-03-13 02:07:14 +01:00
sebres 8af7a73bfc update ChangeLog 2017-03-10 22:14:39 +01:00
sebres 52ed6597b2 Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10 2017-03-09 16:27:14 +01:00
sebres 0f8cb1749f Update ChangeLog 2017-03-09 16:15:45 +01:00
Serg G. Brester d042981954 Merge pull request #1655 from ajcollett/0.10 
Added config for AbuseIPDB
 2017-03-09 15:15:26 +01:00
sebres 6a2c95da95 `action.d/sendmail-geoip-lines.conf` fixed using new tag `<ip-host>` (dns-cache and without external command execution); 
changelog updated;
 2017-03-08 16:51:08 +01:00
Serg G. Brester 32ac383d06 Update ChangeLog 2017-02-27 15:51:33 +01:00
Serg G. Brester 2fa18a74c4 Merge branch 'master' into master 2017-02-17 09:06:09 +01:00
Christoph Theis 861ce4177c #1689: Make lowest rule number in action.d/bsd-ipfw.conf configurable 2017-02-14 18:31:42 +01:00
sebres e8a1556562 Merge remote-tracking branch 'master' into 0.10 
# Conflicts:
#	fail2ban/tests/samplestestcase.py
 2017-01-21 16:59:41 +01:00
sebres 8aa9516d50 sshd.conf: fixed expression "received disconnect ... auth fail" - optional space after port part (gh-1652) 2017-01-21 16:18:03 +01:00
sebres c8f473110c change log update after rebase 2017-01-21 15:59:27 +01:00
sebres dd373dba9f test all config-regexp, that contains greedy catch-all before <HOST>, that is hard-anchored at end or precise sub expression after <HOST>; 
new ssh rule(s) added:
- Connection reset by peer (multi-line rule during authorization process);
- No supported authentication methods available;
Single line and multi-line expression optimized, added optional prefixes and suffix (logged from several ssh versions);
closes gh-864
 2017-01-21 15:53:48 +01:00
Serg G. Brester 5e08298b6b Update ChangeLog 2017-01-20 08:47:30 +01:00
Serg G. Brester 40f294e6bf Merge pull request #1663 from jjeziorny/netscaler-action 
Introduced citrix netscaler action
 2017-01-19 16:25:23 +01:00
Serg G. Brester 75b252e47f Update ChangeLog 2017-01-19 15:00:08 +01:00
Juliano Jeziorny 1fe554dd25 Introduced Citrix Netscaler action 2017-01-19 14:30:25 +01:00
Christoph Theis fe76cd9b7d #1667: changelog entry 2017-01-17 14:05:20 +01:00
sebres f35da076df ChangeLog entry 2017-01-16 09:55:01 +01:00
sebres de49f0c27f ChangeLog entry 2017-01-13 19:45:10 +01:00
sebres 7019640eb3 Merge branch 'fix-gh-1658' into 0.10 2017-01-10 12:59:51 +01:00
sebres a9523aefbb sshd.conf: fixed non-anchored part of regex (misleading match of colon inside IPv6 address instead of `: ` in the reason-part by missing space). 2017-01-10 12:58:44 +01:00
sebres c9f32f75e6 Merge branch '0.9-fix-regex-using-journal' into 0.10-fix-regex-using-journal (merge point against 0.9 after back-porting gh-1660 from 0.10) 2017-01-10 11:25:41 +01:00
sebres f8d35a7c9c changelog entry 2017-01-10 11:16:17 +01:00
Andrew James Collett 18d09b6d8e Updated changelog. 2017-01-08 09:50:58 +02:00
Yaroslav Halchenko 4a1fd888f0 Carry on development 2016-12-11 00:49:09 -05:00
Yaroslav Halchenko 482252dbd4 ENH: prep for 0.9.6 release (as of tomorrow) 2016-12-09 09:35:03 -05:00
Serg G. Brester 556a9373ce Update ChangeLog 2016-11-28 23:40:33 +01:00
sebres 45f1d811c9 Merge branch 'alex1702-1586' 2016-11-28 18:54:02 +01:00
sebres 67c14afd8e ChangeLog entry added + jail.conf review 2016-11-28 18:51:23 +01:00
sebres b8c41dcb49 ChangeLog update 2016-11-28 11:31:51 +01:00
sebres 40cbe96352 Merge remote-tracking branch 0.10 into _0.10/fix-datedetector-grave-fix-v2 2016-11-28 11:03:11 +01:00
sebres 5678d08a79 filter.d/dovecot.conf update: 
- fixes failregex, that ignores failures through some irrelevant info (closes #1623);
- ignores whole additionally irrelevant info in anchored regex before fixed failure data `\((?:auth failed, \d+ attempts( in \d+ secs)?|tried to use (disabled|disallowed) \S+ auth)\)`
- review, IPv6 compatibility fix, non-capturing groups
 2016-11-26 16:50:37 +01:00
sebres b856e1dadc Merge pull request #1618 from sebres/_0.10/systemd-service 2016-11-24 20:45:17 +01:00
sebres 308bba448c ChangeLog update 2016-11-24 20:43:55 +01:00
sebres d908688b56 ChangeLog update 2016-11-24 20:25:08 +01:00
sebres 701abfd250 ChangeLog entry added 
+ indentation fix (space-tab replacement)
 2016-11-21 17:13:43 +01:00
sebres b5433f48b7 amend after code review of merge gh-1581 2016-11-11 11:09:46 +01:00
sebres ea4c1f6356 Merge branch 'master' into 0.10 2016-11-11 10:29:45 +01:00
sebres dab5f56609 Merge branch 'fix-gh-1477' 2016-11-11 10:17:07 +01:00
sebres c8b036456d changelog entries 2016-10-17 12:47:42 +02:00
sebres 519e355bf2 ChangeLog entry added 2016-10-15 14:59:36 +02:00
sebres c809c3e61e Merge branch 'master' into 0.10 2016-10-13 19:01:13 +02:00
Nils f7df6026a3 Update Changelog to reflect the new np.conf action 2016-10-13 18:53:16 +02:00
sebres 310d4e224d Merge branch master (0.9) into 0.10 2016-09-29 19:46:11 +02:00
Serg G. Brester 8e3e333d54 Update ChangeLog 2016-09-27 14:17:45 +02:00
sebres 5151c4fa6d ChangeLog entries added 2016-09-26 15:12:50 +02:00
sebres 0f1d1a0d4d ChangeLog: FIPS compliant 2016-09-21 09:22:18 +02:00
sebres 9fb167b5e1 filter.d/vsftpd.conf: optional reason message after FAIL LOGIN, closes #1543 2016-09-09 09:20:15 +02:00
sebres 387aa6ba47 Merge master branch '_0.9/systemd-journal-path-gh-1408' into 0.10 
# Conflicts:
#	fail2ban/tests/filtertestcase.py
#	fail2ban/tests/utils.py
 2016-09-01 16:26:21 +02:00
sebres c0e0cfb39d Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10 2016-09-01 16:23:13 +02:00
sebres 7ed6cab120 jail configuration extended with new syntax to pass options to the backend (see gh-1408), 
examples:
  - `backend = systemd[journalpath=/run/log/journal/machine-1]`
  - `backend = systemd[journalfiles="/run/log/journal/machine-1/system.journal, /run/log/journal/machine-1/user.journal"]`
  - `backend = systemd[journalflags=2]`
 2016-09-01 16:17:02 +02:00
sebres 4a1d720344 filter.d/asterisk.conf: another part ` chan_sip.c:28468 handle_request_register:` in log prefix 2016-08-22 14:10:50 +02:00
sebres 2c54f90469 sshd-filter: better universal regexp, that matches more complex different injects, using conditional expressions (on username and auth-info section), see new test cases also. 2016-08-19 10:19:12 +02:00
sebres a544c5abac sshd-filter: recognized "Failed publickey for" now (gh-1477) + improved regexp (not anchored now to recognize all "Failed anything for ... from <HOST>" 
ChangeLog entry added
 2016-08-18 21:38:55 +02:00
sebres 5509ba37a2 Merge pull request #1512 from 'remotes/gh-upstream/0.9' into 0.10 2016-08-15 20:08:42 +02:00
sebres 9935cf19c1 description provided, ChangeLog entries added 2016-08-15 19:54:11 +02:00
sebres d71a525a85 Merge branch 'master' into 0.10 (resolve conflicts and cleaning tree points after back-porting gh-1508 0.10 -> 0.9) 2016-08-12 18:51:56 +02:00
sebres cb340db220 ChangeLog entry for gh-1508 2016-08-12 18:37:46 +02:00
Yaroslav Halchenko 123f4ceaee Changelog for postfix-sasl fix 2016-08-08 17:11:07 -04:00
sebres 70658d7a19 Merge pull request #1494 from rhardy613/master (branch 'sebres:pr-1494') 2016-08-08 18:49:32 +02:00
rhardy613 89f8999fe5 Add changelog entry for ASSP filter changes 
Add changelog entry for ASSP filter changes
 2016-08-06 01:07:04 -04:00
sebres eb6e3c52ae ChangeLog entries for the last fix (cherry pick from 0.10) 2016-08-01 18:04:00 +02:00
sebres f5b7ffeb4b DOC: Reformatted ChangeLog into legit Markdown (after merge of master to 0.10) 2016-08-01 15:18:59 +02:00
sebres 0eea362aa0 Merge branch 'master' into 0.10 2016-08-01 15:10:52 +02:00