Yaroslav Halchenko
abb012ae5c
BF: fixing injection for OpenSSH 6.3 -- making .* before <HOST> non-greedy
2013-11-08 10:00:37 -08:00
Daniel Black
0730db9b2b
Merge pull request #416 from grooverdan/debian-bug-665925-wuftpd-pam
...
BF: wuftpd pam filter fix (Debian bug 665925)
2013-11-05 18:39:01 -08:00
Daniel Black
e55b24c533
BF: fix dovecot filter for newer failure message. Closes Debian bug #709324
2013-11-06 12:51:21 +11:00
Daniel Black
8b54523316
BF: fix to filter.d/wuftp to support pam authentication - Debian bug #665925
2013-11-06 12:13:37 +11:00
Daniel Black
95f3f38682
MRG: merge ChangeLog and jail.conf
2013-10-30 20:19:41 +11:00
Daniel Black
e3150044fd
BF: fix selinux
...
TST: ignore *common.conf files in test cases as these are included
BF: Remove USER_LOGIN from selinux-ssh as its a duplicate message
ENH: add sample jail.conf
2013-10-30 20:05:49 +11:00
Daniel Black
0f85aef609
Merge pull request #407 from grooverdan/dovecot-jail
...
ENH: Dovecot jail
2013-10-29 15:15:19 -07:00
Daniel Black
7596b96d4f
TST: fix date in test comparison for dovecot
2013-10-30 09:05:09 +11:00
Daniel Black
cde389cadc
ENH: additional tweek to dovecot regex based on http://chrisgilligan.com/portfolio/fail2ban-regex/
2013-10-29 10:15:54 +11:00
Daniel Black
d451c2a231
FIX: vsftp improvements from Rich Mellor on mailing list
2013-10-26 09:51:25 +11:00
Daniel Black
b61fe0f12d
Merge pull request #378 from grooverdan/sasl
...
ENH: filter.d/postfix-sasl - anchor regex at start and rename from filter.d/sasl
2013-10-22 04:51:24 -07:00
Daniel Black
92f9e049ee
TST: rename test log file to match
2013-10-22 22:44:49 +11:00
Daniel Black
e417a2112c
Merge pull request #386 from grooverdan/qmail
...
ENH: filter.d/qmail - anchor at start. Add another regex
2013-10-14 04:24:32 -07:00
Daniel Black
e227568c3b
Merge pull request #384 from grooverdan/dovecot-325
...
ENH: added to dovecot filter. closes gh-325
2013-10-14 04:23:03 -07:00
Daniel Black
351eb5ec8f
ENH: filter.d/qmail - anchor at start. Add another regex for http://www.tjsi.com/rblsmtpd/faq/ patch to rblsmtpd
2013-10-09 16:44:48 +11:00
Daniel Black
2d1bd54439
Merge pull request #379 from grooverdan/webmin
...
ENH: filter.d/webmin anchor at start and use syslog
2013-10-08 20:13:14 -07:00
Daniel Black
d60f470096
ENH: added to dovecot filter. closes gh-325
2013-10-09 10:09:06 +11:00
Daniel Black
bc10c90ffe
ENH: filter.d/vsftpd - disable regex for Pam pre 0.99.2.0
2013-10-05 20:02:30 +10:00
Daniel Black
b64bf3fa7b
ENH: filter.d/webmin anchor at start and use syslog
2013-10-05 19:18:44 +10:00
Daniel Black
23dd734aa9
Merge pull request #366 from grooverdan/dovecot
...
ENH: dovecot regex to match failure reported by Bob Cohen on mailing lis...
2013-10-01 15:50:39 -07:00
Daniel Black
f998e01590
Merge pull request #359 from grooverdan/pureftpd
...
ENH: Pureftpd syslog prefixing and filter achoring
2013-10-01 15:14:33 -07:00
Daniel Black
ba8183b116
Merge pull request #372 from grooverdan/uw-imap
...
ENH: filter.d/uwimap-auth added. Closes #18
2013-10-01 15:13:11 -07:00
Daniel Black
262616f7a7
ENH: filter.d/uwimap-auth - failure of an admin override to regex
2013-10-01 22:32:57 +10:00
Daniel Black
9211179d30
ENH: filter.d/uwimap-auth - add "disabled" to regex
2013-10-01 22:10:33 +10:00
Daniel Black
4649cf9608
ENH: separate selinux and selinux-ssh
2013-10-01 20:21:45 +10:00
Daniel Black
cbdf4ceedd
TST: test cases for uw-imapd thanks to Internet
2013-10-01 10:21:11 +10:00
Daniel Black
a1eaa5f755
ENH: filter.d/selinxu added. Closes #296
2013-10-01 09:59:15 +10:00
Daniel Black
b3b62d65bf
ENH: filter.d/uwimap-auth added. Closes #18
2013-09-29 18:06:27 +10:00
Daniel Black
1eeb6e94bd
BF: fix regex for openssh-6.3
2013-09-29 17:28:33 +10:00
Daniel Black
8c2a5612ed
DOC: resolve ChangeLog conflicts
2013-09-19 19:38:28 +10:00
Daniel Black
3be7dcd701
DOC: resolve ChangeLog conflicts
2013-09-19 19:23:02 +10:00
Daniel Black
89e0520675
ENH: dovecot regex to match failure reported by Bob Cohen on mailing list
2013-09-19 08:25:50 +10:00
Daniel Black
9ce1e33313
TST: pureftpd - everything I've seen suggests that pureftpd only does syslog - even back to 2004. Not sure how this second example came into existance
2013-09-17 22:24:28 +10:00
Daniel Black
ad5fb81f4b
TST: failJSON set match to false on longer supported pam version
2013-09-17 21:18:24 +10:00
Daniel Black
bec723b21d
TST: failJSON date fix
2013-09-17 10:51:48 +10:00
Daniel Black
7e756dfada
TST: correct failJSON for www3.google.com -> www.google.com changes. Disable test case for pre-0.99.2.0 version of linux-pam failure messages
2013-09-17 10:48:09 +10:00
Daniel Black
8f41422262
TST: domains need to exist for fail2ban-regex to work
2013-09-17 10:09:19 +10:00
Daniel Black
ee497ff1cb
ENH: filter mysqld-auth can be a is a syslog based service so anchor it using syslog prefix
2013-09-17 07:57:19 +10:00
Daniel Black
504111b0b1
ENH: filter.d/recidive - anchor regex at start and support f2b SYSLOG target
2013-09-16 01:22:42 +10:00
Daniel Black
317e82e144
TST: one more exim test case
2013-09-02 17:10:49 +10:00
Daniel Black
6b0e2289d4
Merge pull request #335 from grooverdan/gh-333-bind
...
ENH: filter.d/named-refused.conf - BIND 9.9.3 regex changes. Closes gh-333
2013-08-30 21:34:22 -07:00
Daniel Black
cbed57bffd
TST: fix year in named-bind test case
2013-08-28 08:52:56 +10:00
Daniel Black
a401d11644
ENH: add regex for bad zone transfer request/ TST: add test for bind-9.9 zone transfer denied
2013-08-28 00:53:08 +10:00
Yaroslav Halchenko
265a85ec1f
RF: do not catch for now "invalid nonce \S* received - hash is not \S*" -- imho needs more analysis
2013-08-26 09:48:56 -04:00
François Boulogne
e133b9f1d1
MAINT: add support for lightty1.4.31
2013-08-25 21:29:43 +02:00
Daniel Black
ca4729e943
ENH: filter.d/exim.conf - add authentication failures for "plain" authentication
2013-08-25 23:02:10 +10:00
Daniel Black
ef903db3c9
ENH: filter.d/named-refused.conf - BIND 9.9.3 regex changes. Closes gh-333
2013-08-25 22:44:30 +10:00
Daniel Black
cfb7dba268
DOC: merge ChangeLog
2013-08-25 21:26:13 +10:00
Daniel Black
b589533d69
Merge branch 'master' into kwirk-merge
...
Conflicts:
ChangeLog
testcases/files/logs/dropbear
2013-08-25 21:21:14 +10:00
Daniel Black
8e467437b2
TST: fix year on asctime
2013-08-25 18:09:39 +10:00