sebres
c60784540c
version bump: release 0.10.0
2017-08-09 16:53:05 +02:00
sebres
30219b54c4
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2017-08-09 16:38:29 +02:00
Serg G. Brester
c540217844
Update ChangeLog
...
action.d/cloudflare.conf - Cloudflare API v4 implementation (gh-1651)
2017-08-09 16:34:37 +02:00
Serg G. Brester
c0eb7752a8
Merge pull request #1651 from szepeviktor/patch-9
...
Introduce Cloudflare API v4
2017-08-09 16:28:52 +02:00
Serg G. Brester
2ed8a38eca
Update cloudflare.conf
...
Switch to API v1 to API v4 per default
2017-08-09 16:27:53 +02:00
Serg G. Brester
da7072d40e
Merge pull request #1846 from Chocobozzz/patch-3
...
Fix empty logfile.log in xarf login attack action
2017-08-09 16:21:47 +02:00
sebres
94b163936a
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
...
Removed init section (not needed in filter for 0.10).
# Conflicts:
# config/filter.d/sendmail-reject.conf
2017-08-09 16:16:31 +02:00
Serg G. Brester
af25a9d203
Merge pull request #1566 from opoplawski/journalmatch
...
Add sendmail journalmatch options
2017-08-09 16:14:10 +02:00
Orion Poplawski
84f552881c
Add sendmail journalmatch options
2017-08-09 16:03:34 +02:00
Serg G. Brester
5b7375c614
Merge pull request #1638 from roedie/shorewall-ipv6
...
Add shorewall IPv6 support
2017-08-09 15:54:57 +02:00
Serg G. Brester
9a3716465b
Merge pull request #1750 from sebres/0.10-fix-default-backend
...
fixes default backend handling (as default used value of `%(default/backend)s`...
2017-08-09 15:49:45 +02:00
sebres
7549f44ded
code review: removed unused (unneeded) code, coverage increase...
2017-08-09 15:36:36 +02:00
sebres
6f4fde2c29
Update changelog and man/jail.conf.5
2017-08-08 21:50:38 +02:00
sebres
9a768c19d0
Fixes raw to interpolated value by recursive substitution. Avoid too deeply recursive extended interpolation cross sections (test covered now);
2017-08-08 21:48:50 +02:00
sebres
0782b28460
allow usage of "-" character in the name of sections by extended interpolation (like `%(my-section/some-value)s`).
2017-08-08 21:13:49 +02:00
sebres
e52f483557
Config reader's: introduced new syntax `%(section/option)s`, in opposite to extended interpolation of python 3 `${section:option}` work with all supported python version in fail2ban and this syntax is like our another features like `%(known/option)s`, etc.;
...
Variable `default_backend` switched to `%(default/backend)s`, so totally backwards compatible now, but now the setting of parameter `backend` in default section of `jail.local` can overwrite default backend also.
Test cases extended: test targeted section options "section/option" (default and cross sections options);
2017-08-08 20:21:44 +02:00
sebres
5ce8d4f741
fixes default backend handling (as default used value of `known/backend`, which can now be overridden in default section of jail.local);
...
introduces fallback for `known/option`: interpolate missing `known/option` as `option` from default section
2017-08-08 18:41:15 +02:00
sebres
51c54b3253
ChangeLog entry for 9a42ce12f4
2017-08-08 13:04:36 +02:00
sebres
8f76a052ec
rebuild man's and MANIFEST
2017-08-08 13:00:10 +02:00
sebres
9a42ce12f4
amend to gh-1792: introduced new fail2ban-regex option "--timezone" ("--TZ"), to set time-zone used by convert of time format.
2017-08-08 12:55:13 +02:00
sebres
2fe1479484
Merge branch '_0.9/gh-1849' into 0.10
2017-08-07 18:07:36 +02:00
sebres
5c538fb658
Recognize "unknown user" for additional auth-methods (pam, passwd-file, ldap, sql, etc); simplifying regular expressions (put "unknown user" and "invalid credentials" together as one regex).
2017-08-07 18:04:09 +02:00
sebres
cb0f7ba4b9
Merge amend to PR #1850 : removed greedy catch-all
2017-08-07 15:25:37 +02:00
sebres
0ef5b7c4d4
small amend to gh-1850: removed greedy catch-all at end.
2017-08-07 15:24:16 +02:00
Serg G. Brester
047d516661
Merge pull request #1850 from MarcelWaldvogel/ejabberd-17-06
...
Support ejabberd 17.06 log format
2017-08-07 15:16:34 +02:00
Yaroslav Halchenko
8c218d566b
changelog to upload to unstable
2017-08-03 22:50:58 -04:00
Marcel Waldvogel
ebd1e2c969
Add testcase
2017-07-29 20:05:25 +02:00
Marcel Waldvogel
daf57547c6
Parse ejabberd 17.06 output
...
E.g.:
2017-07-29 08:24:04.773 [info] <0.6668.0>@ejabberd_c2s:handle_auth_failure:433 (http_bind|ejabberd_bosh) Failed c2s PLAIN authentication for test@example.ch from ::FFFF:192.0.2.3: Invalid username or password
2017-07-29 19:58:06 +02:00
Bigard Florian
f4551d02c9
Fix empty logfile.log in xarf login attack action
...
Fix empty 3rd MIME part which contains the attack evidence (logfile.log).
2017-07-25 13:44:29 +02:00
sebres
1a562bed0f
Merge remote-tracking branch 'master' into 0.10
...
# Conflicts:
# config/filter.d/asterisk.conf
2017-07-19 08:57:23 +02:00
Serg G. Brester
babb76cb3c
Merge pull request #1839 from sebres/asterisk-patch
...
Asterisk improvements
2017-07-19 08:50:05 +02:00
sebres
a5b62a7f36
failregex extended and simplified (partially ported from gh-1409).
2017-07-18 16:34:22 +02:00
sebres
098abae4e6
Remove greedy catch-all before `<HOST>`, make regex more universal, fewer prone to errors (should avoid future changes, if some optional parameters coming again before/after `RemoteAddress`) + non-captured groups now.
...
Test for possible injection (5.6.7.8 in session-id) already available, line 59 (thus already covered).
2017-07-18 16:09:53 +02:00
sebres
2ea22b9d30
test coverage for gh-1427
2017-07-18 15:46:53 +02:00
Kirill
4c0c7b97c0
Update asterisk.conf to new log message
...
I got an issue like this:
[2016-05-15 22:53:00] SECURITY[26428] res_security_log.c: SecurityEvent="FailedACL",EventTV="2016-05-15T22:53:00.203+0300",Severity="Error",Service="AMI",EventVersion="1",AccountID="admin",SessionID="0x7fb580001518",LocalAddress="IPV4/TCP/0.0.0.0/5038",RemoteAddress="IPV4/TCP/78.129.227.4/62389",SessionTV="1970-01-01T03:00:00.000+0300"
# [sebres] rebased to current master and resolving conflicts.
2017-07-18 15:40:32 +02:00
Serg G. Brester
34cb55fd91
Merge pull request #1695 from benrubson/issue1693
...
Apache, detect syslog prefix
2017-07-14 02:05:23 +02:00
sebres
a12ac4242b
ChangeLog updated
2017-07-12 11:59:42 +02:00
sebres
0e33125129
be more precise using common `__prefix_line` expression (set `_daemon` to recognize apache and httpd only)
2017-07-12 11:59:02 +02:00
sebres
b561af45ef
apache-common.conf: introduced parameter `logging` for possibility to match lines, if apache logs into syslog/systemd journal;
...
added test cases to cover `apache-auth[logging=syslog]`.
2017-07-12 11:45:44 +02:00
benrubson
10cc7e6e59
Apache, detect syslog prefix, add test
2017-07-12 11:39:20 +02:00
benrubson
b662cf03ac
Apache, detect syslog prefix, simple example
2017-07-12 11:36:34 +02:00
Serg G. Brester
6c030c5e10
Merge pull request #1717 from szepeviktor/patch-11
...
Updated xarf-specification repo URL in xarf action
2017-07-12 09:54:15 +02:00
Serg G. Brester
99b668a3cc
Merge pull request #1390 from khumarahn/xxx
...
ensure /var/run/fail2ban is created in systemd service file
2017-07-11 15:53:42 +02:00
Serg G. Brester
4126b16e7c
Merge pull request #1828 from sebres/filter-ejabberd-auth-gh-993
...
Accept new format for filter ejabberd-auth
2017-07-11 15:43:28 +02:00
Serg G. Brester
5dcbcb99b9
Merge pull request #1648 from hlein/master
...
gentoo-initd: wait up to 30 seconds on "stop" to avoid errors.
2017-07-11 15:41:48 +02:00
sebres
c9385a2e04
ChangeLog updated
2017-07-11 15:28:04 +02:00
sebres
7217ef5c9e
filter.d/ejabberd-auth.conf: fixed ejabberd filter - accept new log-format with `wait_for_sasl_response` instead of `wait_for_feature_request` + optional part "IP " (gh-993)
2017-07-11 15:25:51 +02:00
Serg G. Brester
ad9f364800
Merge pull request #1827 from sebres/filter-roundcube-fix-gh-1303
...
Filter roundcube: fixed gh-1303 - X-Real-IP or/and X-Forwarded-For after host
2017-07-11 15:21:04 +02:00
sebres
ea3a6aa971
ChangeLog updated
2017-07-11 15:02:59 +02:00
sebres
dae4988aea
filter.d/roundcube-auth.conf: fixes failregex not working with `X-Real-IP` or/and `X-Forwarded-For` (gh-1303)
2017-07-11 14:59:24 +02:00