github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
2,486 Commits
33 Branches
229 Tags
18 MiB
Commit Graph

2486 Commits (a78a9d282c0e7603d2946bf1eabbc9d51d13281d)

Author SHA1 Message Date
Daniel Black 353b84a648 Merge branch 'patch-4' of https://github.com/truxoft/fail2ban into exim-auth 2014-01-13 19:25:46 +11:00
Lars Kneschke 47dd8fb897 ENH: filter for Tine 2.0 2014-01-13 06:04:59 +01:00
Ivo Truxa 2d8c0b26e4 Matching any Exim authentication name 
As explained in https://github.com/grooverdan/fail2ban/pull/4, in Exim there can be used plenty of other standard authentication names, and in fact the names can be custom. The failregex in Exim filter should catch authentication errors regardless of the name of the authentication. Hence replacing the plain|login with the general \w+
 2014-01-13 01:38:49 +01:00
Ivo Truxa 9f107403e8 Update exim 
When using Dovecot authentication for Exim, which is relatively common, the current regex for catching authentication failures needs a small tweak. The current plain|login options are too limiting and will only work in the cases when only the Exim's rudimentary built-in authentication is used. There can be not only the dovecot_login shown in this log example, but also dovecot_plain, ntlm, cram, cyrus, md5, and plenty of others. In fact many admins may opt for their own authentication labels, when setting up Exim. For this reason the regex should catch any label. I suggest modifying the regex in the following way:

<pre>^%(pid)s \w+ authenticator failed for (\S+ )?\(\S+\) \[<HOST>\]: 535 Incorrect authentication data( \(set_id=.*\)|: \d+ Time\(s\))?\s*$</pre>
 2014-01-13 01:18:09 +01:00
Daniel Black 6b0e6b9bca ENH: add improper command pipelining postfix filter 2014-01-13 06:59:59 +11:00
Steven Hiscocks d41f372c6c BF: Typo in "z" regex addition for TimeRE 2014-01-12 19:09:11 +00:00
Steven Hiscocks 5c16ac3a89 ENH: Full regex for datepattern, utilising modified Python `_strptime` 2014-01-12 18:59:31 +00:00
Daniel Black a443b8b4d3 BF: remove second jail definition 2014-01-12 21:45:39 +11:00
Daniel Black 7b6ee64b9e DOC: add over pruned bits of jail.conf.5 2014-01-12 21:43:11 +11:00
Daniel Black cd3e94140c MRG: complete merge 2014-01-12 21:16:55 +11:00
Daniel Black f2e55e8499 ENH: add filter for squirrelmail. Closes gh-261 2014-01-12 20:27:36 +11:00
Daniel Black 1e8ed55a36 MRG: from 0.9 2014-01-12 20:15:34 +11:00
Daniel Black 5deb1f8ddc Merge pull request #578 from dozepih/asterisk-acl 
ENH: Support ACL-events without AccountID. Typically happens when a registration from unknown domain
 2014-01-11 18:32:53 -08:00
Tomas Pihl b52a4441fd Support ACL-events without AccountID. Typically happens when a registration 
from an unknown domain is performed.

Add credits
 2014-01-12 01:28:55 +01:00
Steven Hiscocks 0dd6533680 BF: Add ejabberd-auth to jail.conf 2014-01-09 23:22:12 +00:00
Steven Hiscocks e73090d040 Merge pull request #577 from grooverdan/rel-imports 
ENH: fix test case imports to relative
 2014-01-09 15:14:20 -08:00
Daniel Black e9752d8d29 ENH: fix test case imports to relative 2014-01-10 10:04:05 +11:00
Daniel Black 928f566d19 Merge pull request #576 from kwirk/ejabberd-filter 
ENH: ejabberd filter
 2014-01-09 14:52:18 -08:00
Steven Hiscocks 62cfad3c2d Merge pull request #575 from grooverdan/no-dot-filters 
ENH: dont run samples on filter filenames beginning with .
 2014-01-09 14:49:47 -08:00
Steven Hiscocks 6a6139f1e1 Merge pull request #574 from grooverdan/master-tag-subst 
TST: for tag substition, multiple on same line
 2014-01-09 14:49:08 -08:00
Steven Hiscocks 128112d51c ENH: ejabberd filter 2014-01-09 22:47:17 +00:00
Daniel Black 8e8c80d980 ENH: dont run samples on filter filenames beginning with . 2014-01-10 09:44:30 +11:00
Daniel Black cd5aab5ff1 TST: for tag substition, multiple on same line 2014-01-10 09:20:56 +11:00
Daniel Black 8333abe420 Merge pull request #557 from grooverdan/apache-botsearch 
ENH: Apache botsearch + BF: tag substition
 2014-01-09 14:11:00 -08:00
Daniel Black b0baab3a0e ENH: more test cases and wider regex 2014-01-10 08:40:24 +11:00
Daniel Black 9e358541b7 BF: fix multiple tag substitutions on the same line 2014-01-10 08:39:39 +11:00
Daniel Black 4b33f96db4 DOC: fix comment regarding apache version in apache-noscript 2014-01-10 08:35:37 +11:00
Daniel Black 8e5366a7e9 DOC: for apache-botsearch and apache-botsearch 2014-01-10 07:34:01 +11:00
Steven Hiscocks 7e8da15fc6 Merge pull request #572 from grooverdan/counterstrike 
ENH: Counter Strike filter
 2014-01-08 12:47:10 -08:00
Daniel Black 4d4060930b DOC: spelling + GPL2+ for license 2014-01-08 21:46:32 +11:00
Daniel Black 932a952096 Merge branch 'enh/jail-manpage' of https://github.com/yarikoptic/fail2ban into y-man-fix 2014-01-08 18:08:13 +11:00
Daniel Black b6676dbadc DOC: spelling of Counter Strike 2014-01-08 07:45:26 +11:00
Yaroslav Halchenko e6627185b0 DOC: fixing formatting in the section names of the manpage - \fB to return into bold 2014-01-07 13:41:16 -05:00
Yaroslav Halchenko 6532a2e2f7 Merge pull request #548 from grooverdan/exim-honeypot 
Exim honeypot
 2014-01-07 06:14:42 -08:00
Daniel Black d94efe719d ENH: jail.conf for counter-strike 2014-01-07 20:50:50 +11:00
Daniel Black 7e44257e7e Merge pull request #569 from grooverdan/master_to_0.9 
MRG: Master to 0.9
 2014-01-07 01:36:54 -08:00
Daniel Black 0fb6bc7188 ENH: add filter for Counter Strike 1.6. Closes gh-347 2014-01-07 20:33:57 +11:00
Daniel Black a115297ebd TST: add datepattern for samplestestcases 2014-01-07 20:32:55 +11:00
Daniel Black aabdc51e87 BF: revert separate jail for exim-honeypot as only exim-spam exists. 2014-01-07 16:26:29 +11:00
Daniel Black 9e087b508d MRG: from 0.9 2014-01-07 16:11:40 +11:00
Daniel Black 58ebf659e4 MRG: from 0.9 to make history cleaner 2014-01-07 16:07:58 +11:00
Yaroslav Halchenko 9a8b449086 DOC: some typos, fixes from Vincent Lefevre 2014-01-06 23:38:52 -05:00
Yaroslav Halchenko 16f55d2d56 DOC: pass through jail.conf.5 -- unification and some restructuring/shortening 2014-01-06 23:30:13 -05:00
Daniel Black 9e390d6549 ENH: jail.conf for exim-honeypot 2014-01-07 11:53:20 +11:00
Daniel Black 809581ae99 ENH: jail.conf for apache-botsearch 2014-01-07 11:52:21 +11:00
Daniel Black ed9ed6d0cb TST/ENH: fix test case for ReadStockJailFilterComplete and add missing jails 2014-01-07 11:27:54 +11:00
Daniel Black ad41b2d198 TST: correct name. Still dont know why it isnt called 2014-01-07 11:12:59 +11:00
Daniel Black 10fa5e3439 BF: fix jails for gssftpd and qmail 2014-01-07 10:49:11 +11:00
Daniel Black 549f64e86c BF: remove imap2 - not an IANA and probably not used 2014-01-07 10:25:29 +11:00
Daniel Black 320861b7dc Merge branch 'more-jails-0.9' into master_to_0.9 2014-01-07 10:24:27 +11:00