github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
4,734 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

4734 Commits (a92f25b48ecb8bc46e191fcb06ac437caaf0a25c)

Author SHA1 Message Date
sebres cd7f1354c6 remove end-anchors for expressions that are precise enough (with clear flow, simple branches, without catch-all's, etc.) 2018-03-20 18:47:42 +01:00
sebres ed7d5d8ea1 ChangeLog updated 2018-03-20 16:04:42 +01:00
sebres c31eb1c562 quick optimization: normalizes pam-generic prefregex (more similar to the same regex within sshd-filter) + datepattern anchored now; 2018-03-20 16:00:21 +01:00
sebres 4129f940bb revert non-empty incremental multi-line failure merge (just simply overwrite method used ATM); 
revert sshd test case (better to use last given failure-id, so ipv6 instead ipv4, e. g. because of some wrong multi-line-id recognition);
improved output on AssertionError in samples-testcase factory.
 2018-03-20 15:27:59 +01:00
sebres 25cc42129a hold all user names affected by interim attempts in order to avoid forget a failures after success login: 
intruder (as legitimate user) firstly tries to login with another user-name (brute-force), so hopes to reset failure counter by succeeded login;
this is fixed and covered in tests now;
sshd-filter extended to cover multiple-login attempts (also fully implements gh-2070);
 2018-03-20 13:09:05 +01:00
sebres a9c94686b6 fixed multiple regexs matched 2018-03-20 09:09:42 +01:00
sebres 5603055a58 failregex: introduced capturing alternate groups, for example non-empty values of `alt_user_1`, `alt_user_2` will overwrite `user` if it is empty (or `alt_host` -> `host`, etc.) 2018-03-20 09:05:02 +01:00
sebres 8028d3940d amend with better match of optional suffix-groups; 
remove end-anchors for expressions are precise enough (with clear flow, simple branches, without catch-all's, etc.);
 2018-03-19 17:29:26 +01:00
sebres 66d2436f21 filter.d/sshd.conf: extend suffix with optional port, move it to `prefregex` at end outside of the content 2018-03-19 16:50:49 +01:00
sebres 7b3442c4e2 amend to 185cb998e7c7f2509830bed4a9f2fe6179f77e7b: capture error prefix outside of the failure content; 2018-03-19 14:53:56 +01:00
sebres 185cb998e7 make `prefregex` more precise in order to avoid catch the content for non failure lines 2018-03-19 14:38:47 +01:00
sebres 8763cf0a36 ChangeLog updated 2018-03-19 14:26:51 +01:00
sebres e8ffab28fb filter.d/apache-noscript.conf: extended to match "Primary script unknown", got from php-fpm module. 2018-03-19 14:23:24 +01:00
Sergey G. Brester 20fffc44c1
Merge pull request #2087 from sebres/fix-recidive-by-syslog 
filter.d/recidive.conf: fixed if logging into systemd-journal (SYSLOG)
 2018-03-19 14:08:46 +01:00
sebres a6fb33bdec filter.d/recidive.conf: fixed if logging into systemd-journal (SYSLOG) with daemon name in prefix, gh-2069 2018-03-09 13:56:38 +01:00
sebres 2e533a3a3a better handling of default date templates (bounds, replacement using own expressions `...{DATE}...`, etc.) 2018-03-09 13:54:04 +01:00
sebres ce6ca0029a minimize log output in trace case (index instead of full-regexp by "matched" log-line) 2018-03-07 16:27:42 +01:00
sebres a3739bbf27 trim name and add one space after padding 2018-03-07 16:25:54 +01:00
sebres 71b19d9eba stability of time-related test-cases: a bit increased timeouts; code normalization, review and coverage 2018-03-07 15:25:27 +01:00
Sergey G. Brester 92f19d0604
Merge pull request #2067 from fail2ban/sebres-fix-hostdeny-ipv6 
action.d/hostdeny.conf: fixes IPv6 syntax
 2018-03-07 12:35:07 +01:00
sebres 5b63ad17c6 stability of the test-cases: avoid echoing of server-ready in configure thread, if heavy-debug (only answer from new internal command "server-status"). 2018-03-05 21:54:18 +01:00
Sergey G. Brester b16aafe233
Update ChangeLog 2018-03-05 19:42:05 +01:00
Sergey G. Brester b34ae5999e
action.d/hostdeny.conf: fixes IPv6 syntax 
differentiate the IPv4 and IPv6 syntax (where it is enclosed in square brackets)
 2018-03-05 19:35:10 +01:00
sebres ccb1daf30a Merge branch '0.10' into 0.11 2018-03-02 21:42:07 +01:00
sebres cfc3979c84 Merge branch '0.10' with 'socket-stability-fix' 2018-03-02 21:40:13 +01:00
sebres 1bdda6c8eb cache coverage 2018-03-02 21:39:13 +01:00
sebres 96836cb199 fix several errors (shutdown in test-cases during stop communication, better error handling by unpickle/deserialization, etc) 2018-03-02 21:39:08 +01:00
sebres 29bedd70d5 socket stability and coverage: cherry picked from 0.11 version (avoid many sporadic unhandled exceptions) 2018-03-02 21:31:19 +01:00
sebres 2b282ead09 Merge branch '0.10' into 0.11 2018-03-02 19:48:15 +01:00
Sergey G. Brester 9f969e7aab
Merge pull request #2062 from MatthieuBarbu/patch-2 
filter.d/sshd.conf: fixed normal and ddos-mode regex (extended with port)
 2018-03-02 19:31:10 +01:00
sebres caa2bdfee6 amendment for gh-2061: it looks like the port was added here also 2018-03-02 19:24:47 +01:00
sebres a3bcbe2d1b backwards-compatibility, test-cases and ChangeLog update 2018-03-02 19:15:10 +01:00
MatthieuBarbu 6b5516b851 fix sshd rule #2 
in line 58, rule don't match with "%(__suff)s" but work fine if I replace with "%(__on_port_opt)s"
Debian 9 stretch : fail2ban 0.10.3
 2018-03-02 18:40:36 +01:00
Sergey G. Brester e9a43f739c
Merge pull request #2061 from MatthieuBarbu/patch-1 
fix sshd rule (space before "11:" is optional now)
 2018-03-02 18:19:24 +01:00
sebres 1d7aa2ff21 filter.d/sshd.conf: rewrite fix (for new ssh log-format) backwards compatible + test-cases extended to cover both cases 2018-03-02 18:17:17 +01:00
MatthieuBarbu 9f5c873526 fix sshd rule 
just remove the space before ":11" line 52 because don't match on my Debian 9 stretch...
I don't know if this is wrong on all OS
 2018-03-02 17:53:35 +01:00
sebres 5ea76789c6 Merge branch '0.10' into 0.11 2018-03-02 17:18:37 +01:00
sebres 5f021aa648 shutdown sockets before close, avoid socket leakage by use of the explicit socket close in async_chat; 
better error handling with error counting, differentiate special case ([Errno 24] Too many open files), with resulting stop of the server
(avoid flood the log file, closes gh-991 and similar issues);
restored auto-garbage, because of non-reference-counting python's (like pypy), otherwise it may leak there on objects like unix-socket, etc.
 2018-03-02 17:08:23 +01:00
sebres fa520f36c3 stability test-cases fix: avoid rare sporadic error on start of server (threaded in foreground); 
additionally show the log output of the thread-server in case of any error there.
 2018-03-02 17:00:01 +01:00
sebres 8c291cad38 filter.d/asterisk.conf: fixed failregex prefix by log over remote syslog server (gh-2060) 2018-03-02 09:17:04 +01:00
Ben RUBSON b112250ef0 (Free)BSD IPFW does not allow 2 identical rules (#2054) 
ipfw actionban fixed to allow same rule added several times (and actionunban to ignore error by deletion of missing rule)
 2018-02-27 10:18:59 +01:00
Ben RUBSON 857767f04b Add 'any' badips.py bancategory (#2056) 
action.d/badips.py: allow `any` as bancategory to retrieve IPs from all categories
 2018-02-27 10:12:22 +01:00
sebres 47a7f83a0b Merge branch '0.10' into 0.11 2018-02-26 19:30:54 +01:00
sebres 07fcb24ff6 Merge pull request #2057 from benrubson/https 
Use httpS with badips
 2018-02-26 18:50:35 +01:00
Sergey G. Brester 117dcca414
Merge pull request #2059 from benrubson/str 
badips.py, solve a str() issue - expected string, IPAddr found
 2018-02-26 18:42:32 +01:00
sebres 933670d034 pragma: no cover - availability (once after error case only) 2018-02-26 18:35:30 +01:00
sebres f52c67238a action.d/badips.py: code review, ban command covered, debug log-messages, etc; 2018-02-26 18:16:20 +01:00
sebres 095a909c84 action.d/badips.py: increases score in test-cases (5 now, ssh/3 returns to large list, which can cause timeout if badips server to busy); 2018-02-26 18:14:44 +01:00
benrubson 8ed892b8bb Changelog 2018-02-26 16:15:29 +01:00
benrubson fce2a50165 badips.py, solve a str() issue under FreeBSD 2018-02-26 15:55:21 +01:00