github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
1,911 Commits
33 Branches
229 Tags
20 MiB
Commit Graph

300 Commits (a71bb89ccd908bf16678e9cc436c0d317eb8f5a3)

Author SHA1 Message Date
Daniel Black cade746307 BF: jail name mysqld-syslog-iptables too long. removed -iptables. Thanks Stefan (#447) 2013-11-29 21:45:11 +11:00
Daniel Black fb666b69ff BF: firewall-cmd-direct-new was too long. Thanks Joel. 2013-11-28 23:35:05 +11:00
Daniel Black 99838440c8 DOC: document rational behind 20 character jail name limit 2013-11-28 23:18:34 +11:00
Daniel Black 13223c33f5 MRG: recidive-protocol-all 2013-11-25 08:22:09 +11:00
Yaroslav Halchenko 085ebbe1de Changelog entries for the last changes 2013-11-24 11:55:58 -05:00
Daniel Black 9a82bc3c61 BF: kernel messages can have space. Thanks ag4ve(shawn). Closes #448 2013-11-24 18:21:02 +11:00
Yaroslav Halchenko 629e9ae445 Merge pull request #443 from grooverdan/apache-authfix 
BF: apache filters using error log weren't matched when referer existed ...
 2013-11-18 15:53:39 -08:00
Daniel Black 284f811c91 BF: apache filters using error log weren't matched when referer existed in HTTP header 2013-11-19 10:27:55 +11:00
Yaroslav Halchenko 491165c929 Merge pull request #438 from grooverdan/solid-pop3d 
ENH: filter for Solid-pop3d
 2013-11-17 17:34:46 -08:00
Daniel Black 8aa20a7b0e ENH: credits for #440 recidive jail protocol=all 2013-11-18 07:59:56 +11:00
Daniel Black dab2ddb9da ENH: recidive jail to block all protocols. Closes #440 2013-11-18 07:57:16 +11:00
Yaroslav Halchenko 82174ea4c4 Changelog for preceding proftpd date format change 2013-11-16 22:18:51 -05:00
Daniel Black 88eff70774 ENH: filter.d/solid-pop3d added 2013-11-16 09:43:15 +11:00
Daniel Black ed212fcdcc DOC: new ChangeLog header 2013-11-16 09:40:05 +11:00
Daniel Black d0498bec69 DOC: finalise 0.8.11 release 2013-11-13 08:05:08 +11:00
Daniel Black eb9663eb4f BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from <HOST>" regex thanks to Jonathan Lanning 2013-11-12 09:22:41 +11:00
Yaroslav Halchenko 49024fe6ea DOC: minor typos in ChangeLog 2013-11-08 14:36:56 -08:00
Yaroslav Halchenko ea8fce6308 Merge pull request #426 from yarikoptic/bf/openssh6.3-regex-injection 
openssh 6.3 regex injection vectors:  inject into ruser and/or exploiting pre-specified limits set for user provided data
 2013-11-08 14:35:18 -08:00
Daniel Black d6bbe03861 Merge pull request #424 from grooverdan/nginx-auth 
ENH: add filter.d/nginx-http-auth. Partially forfils #405
 2013-11-08 14:24:02 -08:00
Yaroslav Halchenko 750e0c1e3d BF: disallow exploiting of non-greedy .* in previous fix by providing too long rhost -- do not impose length limits for user-provided input 
since daemon might eventually change reported length and we would need to adjust anyways.  So limiting
in length does not provide additional security but allows for a possible injection vector
 2013-11-08 10:10:33 -08:00
Yaroslav Halchenko eace931c19 Changelog for prior changes (gen_buildbots) 2013-11-07 15:47:25 -08:00
Daniel Black a148d35d70 ENH: add filter.d/nginx-http-auth. Partially forfills #405 2013-11-08 10:06:40 +11:00
Yaroslav Halchenko 28ee7ba123 DOC: keeping Changelog release-phrases uniform, simplified intro, unified 2013-11-06 14:04:30 -05:00
Yaroslav Halchenko f26fba9c19 DOC: Untabifying and reindenting a bit ChangeLog 2013-11-06 13:47:45 -05:00
Daniel Black 0730db9b2b Merge pull request #416 from grooverdan/debian-bug-665925-wuftpd-pam 
BF:  wuftpd pam filter fix (Debian bug 665925)
 2013-11-05 18:39:01 -08:00
Daniel Black e55b24c533 BF: fix dovecot filter for newer failure message. Closes Debian bug #709324 2013-11-06 12:51:21 +11:00
Daniel Black 8b54523316 BF: fix to filter.d/wuftp to support pam authentication - Debian bug #665925 2013-11-06 12:13:37 +11:00
Daniel Black ac1f45d18c Merge pull request #412 from grooverdan/firewalld 
ENH: enhance firewall-cmd to use firewall-0.8.3's --remove-rules
 2013-11-05 16:46:18 -08:00
Daniel Black 87f68d7564 firewalld-0.3.8 release that support --remove-rules out so documenting this. 2013-11-06 11:37:56 +11:00
Daniel Black 4ec0e3f087 DOC: version 0.8.11.pre1 2013-10-31 10:51:37 +11:00
Daniel Black 3b2083b06d DOC: ChangeLog header and merge 2013-10-31 10:44:40 +11:00
Daniel Black 2810f97fe5 DOC: merge ChangeLog 2013-10-31 09:07:06 +11:00
Daniel Black 3a4ba2dba6 DOC: ChangeLog - TODO top summary before final release 2013-10-31 01:11:42 +11:00
Daniel Black c19a685ee3 DOC: version 0.8.11.pre 2013-10-31 00:58:48 +11:00
Daniel Black 8441539988 DOC: reorder bits of changelog 
The enhancements list was too long an maybe not always appropriate.

Reclassified changes to filters to catch new versions as bug fixes
since the new version of the application is effectively broken.

Moved large enhancements to New Features.
 2013-10-31 00:43:02 +11:00
Daniel Black c3f9c9aa60 BF: filter.d/dropbear 
Add PAM failures which is in dropbear-2013.60 in srv-authpam.c

Patch
http://www.unchartedbackwaters.co.uk/files/dropbear/dropbear-0.52.patch
obviously has exit with lower case e so adjust regex for both.

svr-authpasswd.c in 2013.60 (at bottom) for second regex ends after the
IP so the regex was altered.

.*\s* can be compressed to .*
 2013-10-31 00:21:30 +11:00
Daniel Black 95f3f38682 MRG: merge ChangeLog and jail.conf 2013-10-30 20:19:41 +11:00
Daniel Black c7b6d789ca DOC: add ChangeLog for #392 2013-10-30 20:16:22 +11:00
Daniel Black e3150044fd BF: fix selinux 
TST: ignore *common.conf files in test cases as these are included
BF: Remove USER_LOGIN from selinux-ssh as its a duplicate message
ENH: add sample jail.conf
 2013-10-30 20:05:49 +11:00
Daniel Black d451c2a231 FIX: vsftp improvements from Rich Mellor on mailing list 2013-10-26 09:51:25 +11:00
Daniel Black 88d8111db1 DOC: changelog for selinux-ssh too 2013-10-22 23:18:10 +11:00
Daniel Black b61fe0f12d Merge pull request #378 from grooverdan/sasl 
ENH: filter.d/postfix-sasl - anchor regex at start and rename from filter.d/sasl
 2013-10-22 04:51:24 -07:00
Daniel Black 4ecc063bd0 ENH: rename filter.d/sasl -> filter.d/postfix-sasl 2013-10-22 22:40:29 +11:00
Daniel Black 9ca5db7059 DOC: firewalld distro agnostic 2013-10-15 06:51:51 +11:00
Daniel Black 0d8d1ae26c ENH: new action.d/firewall-cmd-direct-new.conf from Redhat Bugzilla #979622 2013-10-14 22:36:01 +11:00
Daniel Black 123ad1cc9c MRG: Merge branch 'asterisk-common-jail' 2013-10-14 22:29:56 +11:00
Daniel Black 6ef33981e3 ENH: new asterisk jail to replace asterisk-(tcp|udp) (now that gh-37 is fixed) 2013-10-10 09:41:05 +11:00
Daniel Black 351eb5ec8f ENH: filter.d/qmail - anchor at start. Add another regex for http://www.tjsi.com/rblsmtpd/faq/ patch to rblsmtpd 2013-10-09 16:44:48 +11:00
Daniel Black 2d1bd54439 Merge pull request #379 from grooverdan/webmin 
ENH: filter.d/webmin anchor at start and use syslog
 2013-10-08 20:13:14 -07:00
Yaroslav Halchenko 500968874e Merge pull request #381 from grooverdan/suhosin 
ENH: filter.d/suhosin - anchor regex at start
 2013-10-08 19:49:51 -07:00
Yaroslav Halchenko a7b1b802e0 Merge pull request #382 from grooverdan/vsftpd 
Vsftpd
 2013-10-08 19:47:38 -07:00
Daniel Black 46386412a4 ENH: filter.d/vsftpd - pam regex as syslog and anchored at start 2013-10-05 20:02:40 +10:00
Daniel Black 9637c27873 ENH: filter.d/suhosin - anchor regex at start 2013-10-05 19:39:39 +10:00
Daniel Black 13bcc9aa84 ENH: filter.d/sogo-auth - anchor regex at start 2013-10-05 19:27:07 +10:00
Daniel Black b64bf3fa7b ENH: filter.d/webmin anchor at start and use syslog 2013-10-05 19:18:44 +10:00
Daniel Black f4c7c8f4b3 ENH: sasl - anchor regex at start 2013-10-05 18:59:41 +10:00
Daniel Black dd10eaa5c0 DOC: improve ChangeLog entry 2013-10-02 12:19:41 +10:00
Daniel Black caf284d518 DOC: ChangeLog deconflict 2013-10-02 09:11:15 +10:00
Daniel Black ba8183b116 Merge pull request #372 from grooverdan/uw-imap 
ENH: filter.d/uwimap-auth added. Closes #18
 2013-10-01 15:13:11 -07:00
Daniel Black a1eaa5f755 ENH: filter.d/selinxu added. Closes #296 2013-10-01 09:59:15 +10:00
Daniel Black 778f09debe DOC/ENH: __md5hex regex defination to common.conf. Document debian bug # 2013-10-01 09:03:33 +10:00
Daniel Black b3b62d65bf ENH: filter.d/uwimap-auth added. Closes #18 2013-09-29 18:06:27 +10:00
Daniel Black 2ad26682a9 DOC: ChangeLog for filter.d/sshd 2013-09-29 17:31:49 +10:00
Daniel Black e12d389c65 MRG/DOC: jail.conf resolution, ChangeLog fixes 2013-09-29 08:21:13 +10:00
Mark McKinstry ea112b450b add ChangeLog and THANKS entry 2013-09-25 18:04:05 -04:00
Daniel Black 4b5ecbccd1 ENH: debuggex URLs with fail2ban-regex 2013-09-22 13:20:17 +10:00
Daniel Black 8c2a5612ed DOC: resolve ChangeLog conflicts 2013-09-19 19:38:28 +10:00
Daniel Black 2a805452c6 DOC: resolve ChangeLog conflicts 2013-09-19 19:28:39 +10:00
Daniel Black 3be7dcd701 DOC: resolve ChangeLog conflicts 2013-09-19 19:23:02 +10:00
Yaroslav Halchenko 596abde712 Merge pull request #352 from grooverdan/recidive 
ENH: filter.d/recidive - anchor regex at start and support f2b SYSLOG target
 2013-09-16 19:51:42 -07:00
Daniel Black 30bb1a77a3 ENH: added syslog prefix to pam-generic filter. Disable regex match for pre 2006 (< 0.99.2.0) versions on linux-pam 2013-09-17 10:50:46 +10:00
Daniel Black ee497ff1cb ENH: filter mysqld-auth can be a is a syslog based service so anchor it using syslog prefix 2013-09-17 07:57:19 +10:00
Daniel Black 13ec9d58c0 ENH: filter gssftpd is a syslog based service so anchor it using syslog prefix 2013-09-17 07:25:23 +10:00
Yaroslav Halchenko bb32295b50 DOC: minor - untabified few entries in the ChangeLog 2013-09-16 09:49:24 -04:00
Yaroslav Halchenko 38b07ca46e BF: catch and report exceptions while executing commands in client interactive mode (Close #353) 2013-09-15 23:05:32 -04:00
Daniel Black 504111b0b1 ENH: filter.d/recidive - anchor regex at start and support f2b SYSLOG target 2013-09-16 01:22:42 +10:00
Daniel Black ad291d7e38 Merge pull request #346 from grooverdan/bsd-ipfw-default-unreach-port 
BF: action.d/bsd-ipfw - use blocktype instead of unused action for icmp ...
 2013-09-04 16:18:19 -07:00
Daniel Black e5f1a7f050 Merge pull request #344 from grooverdan/osx 
ENH: OSX ipfw based on Andy Fragen's work
 2013-09-04 16:16:16 -07:00
Yaroslav Halchenko 8ae55fe03b ChangeLog entries (+few typo fixes) for the last merges 2013-08-31 10:04:03 -04:00
Daniel Black 6b0e2289d4 Merge pull request #335 from grooverdan/gh-333-bind 
ENH: filter.d/named-refused.conf - BIND 9.9.3 regex changes. Closes gh-333
 2013-08-30 21:34:22 -07:00
Daniel Black f2bcf84893 BF: action.d/bsd-ipfw - use blocktype instead of unused action for icmp rejecting blocked packets 2013-08-31 11:40:04 +10:00
Daniel Black b31799a322 ENH: add action.d/osx-afctl anonymously contributed on f2b wiki 2013-08-31 10:51:04 +10:00
Daniel Black 908d4adf6f DOC: credits and thanks for Andy for osx-ipfw 2013-08-31 09:37:15 +10:00
Daniel Black 7cc3e8a8c0 BF: Invert expression on actionstop in bsd-ipfw.conf to ensure exit status 0 on success. Closes gh-343 2013-08-31 08:59:02 +10:00
Daniel Black d5684a0834 BF: filter.d/routecube-auth - time offset can be positive or negative 2013-08-28 11:57:38 +10:00
Daniel Black 1aabee20f6 DOC: credits for gh-338 2013-08-26 08:42:00 +10:00
Daniel Black ef903db3c9 ENH: filter.d/named-refused.conf - BIND 9.9.3 regex changes. Closes gh-333 2013-08-25 22:44:30 +10:00
Daniel Black cfb7dba268 DOC: merge ChangeLog 2013-08-25 21:26:13 +10:00
Daniel Black b589533d69 Merge branch 'master' into kwirk-merge 
Conflicts:
	ChangeLog
	testcases/files/logs/dropbear
 2013-08-25 21:21:14 +10:00
Daniel Black ced271b908 ENH: date for apache-2.4 - adds milliseconds 2013-08-25 21:11:47 +10:00
Yaroslav Halchenko c84a2e595a ENH(BF): put 'standard' template after more detailed ones with day of week and year 
otherwise years present in the freshly contributed by Dan apache regexes do not match
although should have.  I had also to adjust failing now vsftpd test
 2013-08-25 17:52:12 +10:00
Daniel Black a9eb8a76c6 merge of change log and apache-auth differences 2013-08-25 16:51:35 +10:00
Yaroslav Halchenko 42f3aa9f62 Merge pull request #329 from grooverdan/bind-unauth-zonetransfer 
Bind unauth zonetransfer.  Closes #323
 2013-08-19 06:48:13 -07:00
Daniel Black 6a36ff1a4a BF: order mailx arguments with dest email address last - redhat bugzilla 998020. Closes gh-328 2013-08-19 22:36:58 +10:00
Daniel Black 61d43608ae ENH: filter.d/postfix - add filter for VRFY. Closes gh-322 2013-08-19 18:42:39 +10:00
Daniel Black 5d451bc4d6 ENH: add refused zone tranfer to named-refused filter. closes #323 2013-08-18 22:19:31 +10:00
Daniel Black 56faf7f5ad DOC: fix ChangeLog merge 2013-07-28 18:02:38 +10:00
Steven Hiscocks 11100a2fc0 DOC: Changelog additions for regex changes 2013-07-26 17:20:05 +01:00
Daniel Black fcf79b475f ENH: new filter perdition.conf 2013-07-19 20:14:53 +10:00
Yaroslav Halchenko 90ec82669c DOC: changelog entries for preceeding changes 2013-07-16 15:10:41 -04:00