fail2ban

Commit Graph

Author	SHA1	Message	Date
Sergey G. Brester	67df796f93	Merge pull request #2088 from sebres/fix-gh-2073 filter.d/apache-noscript.conf: extended to match "Primary script unknown", got from php-fpm module	7 years ago
sebres	79019967a7	datepattern: fix epoch/long-epoch name, if custom pattern specified	7 years ago
Sergey G. Brester	6dc9c23a25	fixed typo in pragma-comment	7 years ago
Sergey G. Brester	80725ae870	Update sshd comment/minimalistic: no functional change	7 years ago
sebres	e5735b9951	ChangeLog updated	7 years ago
sebres	4f6532f810	filter.d/sshd.conf: mode `ddos` (and `aggressive`) extended to catch `Connection closed by ... [preauth]`, so in DDOS mode it causes failure now on closed within preauth stage; at least using both modes can ban port-scanners and prevent for other annoying "intruders", closing connection within preauth-stage (see gh-2085 for example).	7 years ago
sebres	cd7f1354c6	remove end-anchors for expressions that are precise enough (with clear flow, simple branches, without catch-all's, etc.)	7 years ago
sebres	ed7d5d8ea1	ChangeLog updated	7 years ago
sebres	c31eb1c562	quick optimization: normalizes pam-generic prefregex (more similar to the same regex within sshd-filter) + datepattern anchored now;	7 years ago
sebres	4129f940bb	revert non-empty incremental multi-line failure merge (just simply overwrite method used ATM); revert sshd test case (better to use last given failure-id, so ipv6 instead ipv4, e. g. because of some wrong multi-line-id recognition); improved output on AssertionError in samples-testcase factory.	7 years ago
sebres	25cc42129a	hold all user names affected by interim attempts in order to avoid forget a failures after success login: intruder (as legitimate user) firstly tries to login with another user-name (brute-force), so hopes to reset failure counter by succeeded login; this is fixed and covered in tests now; sshd-filter extended to cover multiple-login attempts (also fully implements gh-2070);	7 years ago
sebres	a9c94686b6	fixed multiple regexs matched	7 years ago
sebres	5603055a58	failregex: introduced capturing alternate groups, for example non-empty values of `alt_user_1`, `alt_user_2` will overwrite `user` if it is empty (or `alt_host` -> `host`, etc.)	7 years ago
sebres	8028d3940d	amend with better match of optional suffix-groups; remove end-anchors for expressions are precise enough (with clear flow, simple branches, without catch-all's, etc.);	7 years ago
sebres	66d2436f21	filter.d/sshd.conf: extend suffix with optional port, move it to `prefregex` at end outside of the content	7 years ago
sebres	7b3442c4e2	amend to 185cb998e7c7f2509830bed4a9f2fe6179f77e7b: capture error prefix outside of the failure content;	7 years ago
sebres	185cb998e7	make `prefregex` more precise in order to avoid catch the content for non failure lines	7 years ago
sebres	8763cf0a36	ChangeLog updated	7 years ago
sebres	e8ffab28fb	filter.d/apache-noscript.conf: extended to match "Primary script unknown", got from php-fpm module.	7 years ago
Sergey G. Brester	20fffc44c1	Merge pull request #2087 from sebres/fix-recidive-by-syslog filter.d/recidive.conf: fixed if logging into systemd-journal (SYSLOG)	7 years ago
sebres	a6fb33bdec	filter.d/recidive.conf: fixed if logging into systemd-journal (SYSLOG) with daemon name in prefix, gh-2069	7 years ago
sebres	2e533a3a3a	better handling of default date templates (bounds, replacement using own expressions `...{DATE}...`, etc.)	7 years ago
sebres	ce6ca0029a	minimize log output in trace case (index instead of full-regexp by "matched" log-line)	7 years ago
sebres	a3739bbf27	trim name and add one space after padding	7 years ago
sebres	71b19d9eba	stability of time-related test-cases: a bit increased timeouts; code normalization, review and coverage	7 years ago
Sergey G. Brester	92f19d0604	Merge pull request #2067 from fail2ban/sebres-fix-hostdeny-ipv6 action.d/hostdeny.conf: fixes IPv6 syntax	7 years ago
sebres	5b63ad17c6	stability of the test-cases: avoid echoing of server-ready in configure thread, if heavy-debug (only answer from new internal command "server-status").	7 years ago
Sergey G. Brester	b16aafe233	Update ChangeLog	7 years ago
Sergey G. Brester	b34ae5999e	action.d/hostdeny.conf: fixes IPv6 syntax differentiate the IPv4 and IPv6 syntax (where it is enclosed in square brackets)	7 years ago
sebres	cfc3979c84	Merge branch '0.10' with 'socket-stability-fix'	7 years ago
sebres	1bdda6c8eb	cache coverage	7 years ago
sebres	96836cb199	fix several errors (shutdown in test-cases during stop communication, better error handling by unpickle/deserialization, etc)	7 years ago
sebres	29bedd70d5	socket stability and coverage: cherry picked from 0.11 version (avoid many sporadic unhandled exceptions)	7 years ago
Sergey G. Brester	9f969e7aab	Merge pull request #2062 from MatthieuBarbu/patch-2 filter.d/sshd.conf: fixed normal and ddos-mode regex (extended with port)	7 years ago
sebres	caa2bdfee6	amendment for gh-2061: it looks like the port was added here also	7 years ago
sebres	a3bcbe2d1b	backwards-compatibility, test-cases and ChangeLog update	7 years ago
MatthieuBarbu	6b5516b851	fix sshd rule #2 in line 58, rule don't match with "%(__suff)s" but work fine if I replace with "%(__on_port_opt)s" Debian 9 stretch : fail2ban 0.10.3	7 years ago
Sergey G. Brester	e9a43f739c	Merge pull request #2061 from MatthieuBarbu/patch-1 fix sshd rule (space before "11:" is optional now)	7 years ago
sebres	1d7aa2ff21	filter.d/sshd.conf: rewrite fix (for new ssh log-format) backwards compatible + test-cases extended to cover both cases	7 years ago
MatthieuBarbu	9f5c873526	fix sshd rule just remove the space before ":11" line 52 because don't match on my Debian 9 stretch... I don't know if this is wrong on all OS	7 years ago
sebres	5f021aa648	shutdown sockets before close, avoid socket leakage by use of the explicit socket close in async_chat; better error handling with error counting, differentiate special case ([Errno 24] Too many open files), with resulting stop of the server (avoid flood the log file, closes gh-991 and similar issues); restored auto-garbage, because of non-reference-counting python's (like pypy), otherwise it may leak there on objects like unix-socket, etc.	7 years ago
sebres	fa520f36c3	stability test-cases fix: avoid rare sporadic error on start of server (threaded in foreground); additionally show the log output of the thread-server in case of any error there.	7 years ago
sebres	8c291cad38	filter.d/asterisk.conf: fixed failregex prefix by log over remote syslog server (gh-2060)	7 years ago
Ben RUBSON	b112250ef0	(Free)BSD IPFW does not allow 2 identical rules (#2054 ) ipfw actionban fixed to allow same rule added several times (and actionunban to ignore error by deletion of missing rule)	7 years ago
Ben RUBSON	857767f04b	Add 'any' badips.py bancategory (#2056 ) action.d/badips.py: allow `any` as bancategory to retrieve IPs from all categories	7 years ago
sebres	07fcb24ff6	Merge pull request #2057 from benrubson/https Use httpS with badips	7 years ago
Sergey G. Brester	117dcca414	Merge pull request #2059 from benrubson/str badips.py, solve a str() issue - expected string, IPAddr found	7 years ago
sebres	933670d034	pragma: no cover - availability (once after error case only)	7 years ago
sebres	f52c67238a	action.d/badips.py: code review, ban command covered, debug log-messages, etc;	7 years ago
sebres	095a909c84	action.d/badips.py: increases score in test-cases (5 now, ssh/3 returns to large list, which can cause timeout if badips server to busy);	7 years ago

... 2 3 4 5 6 ...

4658 Commits (9ed35c423aab1983050f933b128439587947294d) All Branches Search

4658 Commits (9ed35c423aab1983050f933b128439587947294d)

All Branches