Daniel Black
|
9e390d6549
|
ENH: jail.conf for exim-honeypot
|
2014-01-07 11:53:20 +11:00 |
Daniel Black
|
55688395fb
|
DOC: doco for exim-spam
|
2014-01-01 22:56:08 +11:00 |
Daniel Black
|
9c7bb3b97e
|
ENH: exim-spam to take honeypot email address as argument. Closes #541
|
2014-01-01 22:45:13 +11:00 |
Daniel Black
|
ea2a13946e
|
TST: more test of filters
|
2013-12-29 05:29:59 +00:00 |
Daniel Black
|
c9cfdca396
|
ENH: add filter for apache-modsecurity
|
2013-12-28 22:28:11 +00:00 |
Daniel Black
|
a1a219189f
|
Merge pull request #493 from grooverdan/xarf-ipmatch
ENH: use ipmatches for action xarf-login-attack
|
2013-12-19 01:28:49 -08:00 |
Daniel Black
|
ed2f46759c
|
MRG: restore accidently deleted pam comment in jail.conf
|
2013-12-19 09:21:12 +00:00 |
Daniel Black
|
44a0981495
|
MRG: fix recidive filter
|
2013-12-19 09:18:18 +00:00 |
Daniel Black
|
7c0efc8ec8
|
MRG: merge so far - flushLogs not working yet
|
2013-12-16 15:08:34 +00:00 |
Daniel Black
|
4eedf9d4e1
|
ENH: use ipmatches for action xarf-login-attack
|
2013-12-15 23:49:38 +00:00 |
Daniel Black
|
a398c51d6c
|
ENH: simplify actioncheck on firewallcmd-new a little more
|
2013-12-15 22:36:47 +00:00 |
Daniel Black
|
772def1095
|
Merge pull request #491 from kwirk/ipmatches
ENH: Add <ipmatches> and <ipjailmatches> tags + sendmail implementations
|
2013-12-15 14:29:02 -08:00 |
Steven Hiscocks
|
40007abc1d
|
ENH: Refactor and add database matches and failures for sendmail actions
|
2013-12-15 21:41:43 +00:00 |
Steven Hiscocks
|
2deb76e3f9
|
Merge pull request #492 from grooverdan/abusix-disclaimer
ENH: full abusix disclaimer in action xarf-login-attack
|
2013-12-14 13:35:43 -08:00 |
Daniel Black
|
1c6c011154
|
EHH missed trailing .
|
2013-12-14 21:22:46 +00:00 |
Daniel Black
|
868a4ea470
|
ENH: full abusix disclaimer in action xarf-login-attack
|
2013-12-14 21:18:20 +00:00 |
Daniel Black
|
4ffc57e14f
|
ENH: simplify firewallcmd-new actioncheck and provide output samples
|
2013-12-14 07:11:29 +00:00 |
Daniel Black
|
13ccebe78f
|
BF: fix actioncheck in firewallcmd
|
2013-12-13 23:40:51 +00:00 |
Steven Hiscocks
|
0bcff771b8
|
ENH: Add <ipmatches> and <ipjailmatches> tags
Example use filter also added for sendmail-whois with ipmatches rather
than grepped lines
|
2013-12-13 22:40:11 +00:00 |
Steven Hiscocks
|
2c3dbc8046
|
BF: In 0.9 recidive bans come from fail2ban.server.actions
Also changed journalmatch to limit to WARNING priority to avoid the
recidive + DEBUG combo issue
|
2013-12-13 21:55:43 +00:00 |
Steven Hiscocks
|
b7d1579c9d
|
MRG: branch 'kwirk/database' into 0.9 - gh-480
Conflicts:
fail2ban/tests/utils.py
- Another test suite added in separate commit e09b700
|
2013-12-13 17:15:19 +00:00 |
Steven Hiscocks
|
e18af48e34
|
ENH: Database now optional, by setting dbfile to "None"
|
2013-12-10 21:16:36 +00:00 |
Daniel Black
|
9d532828fc
|
BF: multiple _ separated values according to http://wiki.squid-cache.org/SquidFaq/SquidLogs#Squid_result_codes. Thanks Steven
|
2013-12-11 07:44:41 +11:00 |
Daniel Black
|
66374913ec
|
ENH: add squid filter
|
2013-12-10 21:24:37 +11:00 |
Daniel Black
|
db4c21acde
|
BF/DOC: fix filename in documentation for filter.d/proftpd
|
2013-12-09 14:46:01 +11:00 |
Daniel Black
|
e8eab11615
|
DOC: proftp - turn off ReverseDNS
|
2013-12-09 14:45:09 +11:00 |
Daniel Black
|
f385439a41
|
MRG: ChangeLog merge
|
2013-12-09 09:28:42 +11:00 |
Daniel Black
|
36917d7517
|
BF: action.d/complain - match IP at beginning and end of lines
|
2013-12-09 09:21:55 +11:00 |
Steven Hiscocks
|
d8c7bca9b0
|
BF: Fix dbpurgeage default value, and change default dbfile extension
|
2013-12-08 11:35:12 +00:00 |
Steven Hiscocks
|
bbadef847b
|
ENH: Add fail2ban persistent data storage
|
2013-12-07 23:23:28 +00:00 |
Daniel Black
|
135c759dbb
|
Merge pull request #477 from kwirk/blocklist.de
ENH: Added blocklist.de reporting API action
|
2013-12-06 16:16:39 -08:00 |
Steven Hiscocks
|
630dd91dcd
|
BF: Add [Init] section to blocklist.de action
|
2013-12-07 00:09:31 +00:00 |
Steven Hiscocks
|
b3c173795e
|
ENH: blocklist.de action error on HTTP response code 4xx
|
2013-12-06 08:22:21 +00:00 |
Daniel Black
|
51f2619878
|
Merge pull request #473 from grooverdan/whois-missing
ENH: Whois missing in actions? Include output to say so
|
2013-12-05 12:44:35 -08:00 |
Daniel Black
|
e07ba41870
|
Merge pull request #463 from grooverdan/firewall-cmd-direct-new-length-too-long
BF: firewall-cmd-direct-new was too long. Thanks Joel.
|
2013-12-05 12:42:55 -08:00 |
Steven Hiscocks
|
a19b33cc72
|
ENH: blocklist.de action added fail2ban version as user agent
|
2013-12-05 18:12:15 +00:00 |
Steven Hiscocks
|
f742ed0e4b
|
DOC: when to use blocklist.de reporting
Taken from commit 1846056606
|
2013-12-05 18:06:53 +00:00 |
Steven Hiscocks
|
e810ec009d
|
ENH: Added blocklist.de reporting API action
|
2013-12-05 08:22:20 +00:00 |
Daniel Black
|
4dc51e5def
|
BF: put notice in email if whois program could not provide more information. Closes gh-471
|
2013-12-04 22:43:06 +11:00 |
Daniel Black
|
97d7f46bb7
|
DOC: correct grammar - s/Here are more information/Here is more information/
|
2013-12-04 22:40:48 +11:00 |
Daniel Black
|
8aead9ab79
|
BF: escape quotes when splitting addresses for xarf
|
2013-12-04 08:19:05 +11:00 |
Daniel Black
|
1846056606
|
DOC: when to use xarf messages to network owner
|
2013-12-03 20:40:42 +11:00 |
Daniel Black
|
8c37d2e4de
|
ENH: remove dependency on querycontacts
|
2013-12-03 20:34:21 +11:00 |
Daniel Black
|
bfd435091d
|
ENH: jail examples for xarf-login-attack
|
2013-12-01 20:29:43 +11:00 |
Daniel Black
|
dd356c3cef
|
BF: fixed for sendmail and tested the MTA aspects of this action
|
2013-12-01 19:08:28 +11:00 |
Daniel Black
|
9df5f4eec8
|
BF: remove debugging tee command on xarf-login-attack
|
2013-12-01 17:53:34 +11:00 |
Daniel Black
|
d015f7f4fc
|
BF/ENH: fixed so xarf-login-attack works
|
2013-12-01 17:49:35 +11:00 |
Daniel Black
|
0495aa098e
|
BF: grep matches on <ip> shouldn't include other IPs
|
2013-11-30 18:01:45 +11:00 |
Daniel Black
|
95845b7b65
|
BF: complain action could match too many IP addresses
|
2013-11-30 17:47:10 +11:00 |
Daniel Black
|
5cc7173fd4
|
ENH: add xarf email sender for login-attack type
|
2013-11-30 14:16:26 +11:00 |