fail2ban

Commit Graph

Author	SHA1	Message	Date
Pierre-Alain Dupont	3d7504c19e	Forwards bantime to action scripts That way, ipset and afctl will use a real timeout and not default to a fixed value for all jails	11 years ago
leftyfb	cba570cabd	Updated comments	11 years ago
leftyfb	5471e99ebe	Added cloudflare action	11 years ago
Yaroslav Halchenko	6cddc65cee	BF: path to exim's mainlog on Fedora (Thanks Frantisek Sumsal) + changelog entry	11 years ago
Yaroslav Halchenko	43950d8b7e	BF: fix path to the exim log on Debian systems (/var/log/exim4)	11 years ago
Marc Laporte	3777591ab0	typo	11 years ago
Cyril Roos	add8e61036	Added Directadmin filter, jail and log test	11 years ago
Yaroslav Halchenko	0adb10f653	Merge branch 'ainfo-copy' of https://github.com/kwirk/fail2ban * 'ainfo-copy' of https://github.com/kwirk/fail2ban: TST: actions modifying aInfo test more robust TST: Test for actions modifying (un)ban aInfo BF: aInfo could be modified by actions, causing unexpected behaviour	11 years ago
Steven Hiscocks	2d54161696	Merge branch 'kwirk/harmonize-log-msgs' Conflicts: ChangeLog - Keep all additions	11 years ago
Steven Hiscocks	76a5633ff9	Merge pull request #739 from ranvis/enh-iptables-ipsets ENH: Add <chain> to iptables-ipsets.	11 years ago
SATO Kentaro	65ff3e9604	ENH: Introduce iptables-common.conf.	11 years ago
Steven Hiscocks	94232d7c31	Merge pull request #726 from pmarrapese/master Minor improvement to sshd filter	11 years ago
Steven Hiscocks	8268c1641f	BF: aInfo could be modified by actions, causing unexpected behaviour A separate copy of aInfo is passed to each action	11 years ago
Yaroslav Halchenko	93d5c363ca	Merge branch 'enh/oracle_msg_server' * enh/oracle_msg_server: ENH: make oracleims failregex better anchored (more explicit) Update oracleims.conf to be 'less greedy' Update THANKS Update jail.conf for oracleims filter. Create test for oracleims filter Create oracleims.conf in filter.d for new filter	11 years ago
SATO Kentaro	1e1c4ac62a	ENH: Add <chain> to iptables-ipsets.	11 years ago
Yaroslav Halchenko	994fe77e59	ENH: make oracleims failregex better anchored (more explicit)	11 years ago
JoelSnyder	5165d2f6ea	Update oracleims.conf to be 'less greedy' This assumes that the protocol is always a string, which it always is, and that the other four fields in the "tr" are always numeric (which they always are). See port_access documentation at http://docs.oracle.com/cd/E19563-01/819-4428/bgaur/index.html	11 years ago
JoelSnyder	70ed93d8cc	Update jail.conf for oracleims filter. This is the jail.conf update. Hopefully this will go into pull request #734.	11 years ago
Steven Hiscocks	e8131475cd	ENH: Realign and harmonise log messages with getF2BLogger helper	11 years ago
Steven Hiscocks	db023be09b	BF: Fix bad syntax in badips.py action Taken from https://bugzilla.redhat.com/attachment.cgi?id=895966&action=diff	11 years ago
JoelSnyder	9b7c35810a	Create oracleims.conf in filter.d for new filter Created oracleims.conf to catch messages from Sun/Oracle Communications Messaging Server v6.3 and above (including v7)	11 years ago
pmarrapese	96918acee4	more explicit match for sshd filter & added test	11 years ago
pmarrapese	46d6e93800	adjusted sshd filter regex to catch more verbose lines	11 years ago
Steven Hiscocks	77ba065571	Merge pull request #697 from jhmartin/monit_admin_hack Block brute-force attempts against the Monit gui	11 years ago
Steven Hiscocks	bc10b64c69	ENH: Match non "Bye Bye" for sshd locked accounts failregex	11 years ago
Yaroslav Halchenko	596b819bdc	DOC: minor -- tabify docstring in badips.py action	11 years ago
Jason Martin	9c3cb31862	Even stricter monit regex, now covers entire line	11 years ago
Jason Martin	72bfd14330	Tidy up filter.d/monit.conf, make regex more complete. Add ChangeLog / THANKS entry. Add test cases.	11 years ago
Steven Hiscocks	03d90c2f42	BF: recidive filter and samples at wrong log level: WARNING->NOTICE	11 years ago
Jason Martin	7d112430ca	Block brute-force attempts against the Monit gui	11 years ago
Steven Hiscocks	d4427e5a76	Merge pull request #683 from yarikoptic/fix/682 Fix typos referencing paths-common, provide empty defaults for syslog_ log files (Partial fix to #682)	11 years ago
Steven Hiscocks	9fcb92524e	BF: badips.py action logging of exc_info on debug typo	11 years ago
Yaroslav Halchenko	8bcb25c3a2	defining empty defaults for syslog_ log targets for common (Thanks @chtheis, partial fix to #682 )	11 years ago
Yaroslav Halchenko	7dcea0d48d	typos of paths-common (Thanks @chtheis, partial fix to #682 )	11 years ago
Yaroslav Halchenko	5bccec61e4	ENH: adding pruned with previous merge trailing \s* in nginx filter	11 years ago
Yung-Chin Oei	941a38ea8e	nginx-http-auth: match when "referrer" is present A sample log-line is provided. The updated regex successfully matches this line. Signed-off-by: Yung-Chin Oei <yungchin@yungchin.nl>	11 years ago
shawn	d7e888238c	Correct grammar	11 years ago
yungchin	6e8c1b2871	nginx-http-auth filter: match server_name = "" As documented at http://nginx.org/en/docs/http/server_names.html#miscellaneous_names "If no server_name is defined in a server block then nginx uses the empty name as the server name." This regex change allows us to match error output for such a configuration. The log line added to the tests was lifted from our logs verbatim; it did not match without the patched regex. Signed-off-by: Yung-Chin Oei <yungchin@yungchin.nl>	11 years ago
yungchin	3a155ed2e0	Update comments in shorewall.conf for new settings	11 years ago
Ruben Kerkhof	1c36da9df9	Fix 2 more typos that codespell didn't catch	11 years ago
Ruben Kerkhof	1695d5c076	Fix a few typos Found with https://github.com/lucasdemarchi/codespell Signed-off-by: Ruben Kerkhof <ruben@rubenkerkhof.com>	11 years ago
Manuel Rüger	5a1ad75114	Fix typo in comment	11 years ago
Steven Hiscocks	41cbbbc248	BF: Remove unused imports and variables. All highlighted by using pyflakes.	11 years ago
Steven Hiscocks	16125ec81a	BF: badips.py action methods not static due to use of self._logSys	11 years ago
Steven Hiscocks	6c5a978d6f	BF: journalmatch for recidive should be NOTICE level not WARNING	11 years ago
Daniel Black	7611096162	Merge branch '0.9' of https://github.com/fail2ban/fail2ban into 0.9	11 years ago
Daniel Black	aa7e8fb9ce	DOC: Credits. close gh-644	11 years ago
Steven Hiscocks	9e374b159e	ENH: Allow setting of badips.py key for reporting and blacklisting	11 years ago
Steven Hiscocks	de43d1d6d5	ENH: Change badips.py default score to "3" As per recommendation from Amy from badips.com	11 years ago
Daniel Black	476d79d3cc	ENH: asterisk filter to support syslog format	11 years ago
Daniel Black	415f187644	ENH: sendmail-reject for all smtp ports.	11 years ago
Steven Hiscocks	a78a9d282c	DOC: Document that badips.py action should be last action for jail	11 years ago
Steven Hiscocks	0222ff4677	Merge branch 'badips-blacklist' into 0.9 Conflicts: ChangeLog - entires added in both branches. Change: config/action.d/badips.py - jail.getName() changed to jail.name	11 years ago
Steven Hiscocks	0c63d0061a	DOC: Add documentation for badips.py action	11 years ago
Steven Hiscocks	dfb46cfda6	BF: Require Python 2.7+ for badips.py action	11 years ago
Daniel Black	df882feb16	ENH: expand sendmail-reject jail to 465,submission	11 years ago
Daniel Black	ef29d7bd29	ENH: paths-{common,distro} normalisation	11 years ago
Daniel Black	50d938e0bf	MRG: merge filter sendmail-spam into sendmail-reject	11 years ago
Daniel Black	666fd5eceb	ENH: purge excessive jail variations	11 years ago
Daniel Black	69f5baae36	ENH: jail.conf to use syslog_mail	11 years ago
Daniel Black	2d45becb0e	Merge branch '0.9' into distro-paths-gh-315	11 years ago
Daniel Black	2d8c497ce5	ENH: highlight missing osx paths	11 years ago
Daniel Black	cc8ec826c5	MRG: from master 2014-03-02	11 years ago
Daniel Black	853bed8e4f	ENH: more sendmail-reject filter items thanks to fab23	11 years ago
Daniel Black	d0ec09a3b5	BF: move to right location	11 years ago
Daniel Black	c10cc20928	ENH: rename sendmail-spam to sendmail-reject	11 years ago
Daniel Black	d34569fb8d	BF: email address as arg1 in sendmail filters	11 years ago
Daniel Black	72c84fe9b0	ENH: wider regex for RBL and sendmail-spam	11 years ago
Daniel Black	fe1725c603	BF: add jail.conf definitions for sendmail* filters	11 years ago
Daniel Black	3d776afbb0	ENH: add filter for sendmail-{auth,spam}. Closes gh-20	11 years ago
Steven Hiscocks	a9b9c6ea03	Merge branch 'logging' into 0.9 Conflicts: fail2ban/server/actions.py jail getName()->name fail2ban/server/filter.py jail getName()->name	11 years ago
Steven Hiscocks	df8d700d17	RF: Refactor Jail and JailThread Includes: - documentation to new format and use of properties - change isActive->is_active as former no longer documented for python3, and later introduction and documented in python2.6 - status formatter in beautifier somewhat more automatically formatted; no changes are required for additional status elements - JailThread now set to active within `start` method, complimenting `stop` method	11 years ago
Steven Hiscocks	a4731ef988	DOC: Correct log levels	11 years ago
Steven Hiscocks	5630c56c75	ENH: Change logging levels and make info more verbose	11 years ago
Daniel Black	9be22a96a6	Merge pull request #614 from kwirk/complain-abusix BF: Use abusix Abuse Contact DB to get more accurate abuse addresses	11 years ago
Daniel Black	cc463aa60d	Merge pull request #620 from kwirk/xarf-tweaks BF: Fix misplaced ";", and duplicate {ip,}matches	11 years ago
Daniel Black	b6f9b9161d	BF: remove self reference	11 years ago
Daniel Black	a044517cb7	MRG: from master to 0.9 2014-02-20	11 years ago
Daniel Black	79e6543eca	Merge branch '0.9' into distro-paths-gh-315	11 years ago
Daniel Black	83266eb668	ENH: framework for distro paths	11 years ago
Steven Hiscocks	8c5525163b	BF: Fix misplaced ";", and duplicate {ip,}matches	11 years ago
Steven Hiscocks	997729e274	BF: Fix complain action for multiple recipients and misplaced ";"	11 years ago
Steven Hiscocks	7c76f7f204	BF: $EUID not avilable in all shells, replaced with `id -u` in xt_recent	11 years ago
Steven Hiscocks	2a37ee2fb7	ENH: Add root user check in xt_recent, and add missing actionstop Thanks to Helmut Grohne on IRC for suggestion	11 years ago
Steven Hiscocks	5c7630c4be	ENH: Allow separate blacklist category for badips.py action	11 years ago
Steven Hiscocks	cf81ddd8e2	BF: Add error handling in badips.py action	11 years ago
Steven Hiscocks	31f4ea59cb	BF: Use abusix Abuse Contact DB to get more accurate abuse addresses Taken from xarf-login-attack action from 0.9 branch by Daniel Black	11 years ago
Steven Hiscocks	f68d85a6ac	Merge branch 'master' into 0.9 Conflicts: ChangeLog Spelling correction of 0.8.13 fixed in master config/jail.conf Added nagios and duplicate php-url removal in master Just nagios added, duplicate not issue in 0.9	11 years ago
Daniel Black	c701ac9276	DOC: document LogLevel requirement for "Connection from" regex"	11 years ago
Daniel Black	5f4d0ed576	ENH: ssh filter - "Disconnecting: Too many authentication failures.." matching Connection log message	11 years ago
Aarón Nieves Fernández	993b7d3dfb	Duplicate jail "php-url-fopen"	11 years ago
Steven Hiscocks	dff8909473	ENH: Add badips.com reporting and blacklisting action (python based)	11 years ago
Ivo Truxa	c207ad6058	removing ignoreip at [nagios] I removed the ignoreip setting from the nagios section. As pointed out, it is redundant here. Nagios server, under normal circumstances should not trigger any access errors, and would be included in the global ignoreips anyway.	11 years ago
Ivo Truxa	f5f434f846	removing the second failregex The second failregex was supposed to catch an error concerning an ACL denial over IPv6, but this message is no more generated by the nrpe version (v2.15) that introduced the IPv6 support, so the first failregex seems to be sufficient.	11 years ago
Ivo Truxa	a71bb89ccd	removing a dot (typo) The dot at the ignoregex did not belong there. Somehow it was added during the copying and pasting. Thanks for reporting it, I did not see it. Otherwise, empty ignoregexes are in all filters, and if they are missing, fail2ban client shows warnings when starting the filter, which I prefer avoiding.	11 years ago
Ivo Truxa	dac4dd465e	ENH: Nagios filter added typical configuration settings for the nagios filter	11 years ago
Ivo Truxa	c91fda8619	ENH: Nagios filter Sample log for the first failregex is available in the testcases. No example available for the IPv6 denial yet.	11 years ago
Daniel Black	ef82eac790	DOC: openssh real protection is pubkey	11 years ago
Daniel Black	59b9045e88	MRG: from master 2014-02-02	11 years ago
Daniel Black	273b2f45a3	MRG: remove the "no auth attempts" as per aseques gh-600	11 years ago
Daniel Black	9b614ce486	ENH: dovecot filter enhancements	11 years ago
Joan	84617fa6da	Fixed a failing case	11 years ago
Joan	08171ba52f	Removed the -no auth attempts- from the triggers because of lots of FP	11 years ago
Daniel Black	a749a2780e	Merge pull request #593 from grooverdan/tine ENH: Tine20 filter	11 years ago
Daniel Black	1a1e3bec86	ENH: framework for distro paths	11 years ago
Daniel Black	256c732bcd	BF/ENH: filter pure-ftpd - re-add _daemon. Add translations _daemon was accidently removed in `89fd792dfb` Added translations from source code	11 years ago
Daniel Black	1e1261ccb4	MRG: from master 2014-01-23	11 years ago
Daniel Black	ca57427080	BF: firewallcmd-ipset had non-working actioncheck	11 years ago
Daniel Black	c8ae064b79	ENH: tighten regex and change failJSON to support timezone. Closes gh-583	11 years ago
Daniel Black	2063d96e59	MRG: import Lars' PR for tine20	11 years ago
Steven Hiscocks	8221c7ca71	TST+BF: Add tests for python actions, including test for smtp.py Also fix bug when specifying multiple recipients for smtp.py action	11 years ago
Steven Hiscocks	a0f39255bc	BF: Kerio log datepattern fix for recent datepattern full regex merge	11 years ago
Daniel Black	a650178bd1	MRG: merge from master 2014-01-19	11 years ago
Daniel Black	263ac32730	ENH: test log samples for kerio thanks to Tony Lawrence	11 years ago
Daniel Black	1452be4a3a	Merge pull request #588 from grooverdan/badips ENH: Badips action (reporting)	11 years ago
Daniel Black	f566cab766	Merge branch 'master' into badips	11 years ago
Daniel Black	657da2041c	BF: dovecot filters, session characters and order of session/tls in log messages	11 years ago
Daniel Black	2333b2d5d9	MRG: from 0.9	11 years ago
Daniel Black	c7f887642d	Merge branch '0.9' into master_to_0.9	11 years ago
Daniel Black	3de80545e0	MRG: from master 2014/01/13	11 years ago
Daniel Black	01e5ae1234	Merge pull request #584 from grooverdan/exim-auth ENH: Exim auth	11 years ago
Daniel Black	08b4f3e5f2	Merge branch 'patch-5' of https://github.com/truxoft/fail2ban into exim-auth	11 years ago
Lars Kneschke	47dd8fb897	ENH: filter for Tine 2.0	11 years ago
Ivo Truxa	2d8c0b26e4	Matching any Exim authentication name As explained in https://github.com/grooverdan/fail2ban/pull/4, in Exim there can be used plenty of other standard authentication names, and in fact the names can be custom. The failregex in Exim filter should catch authentication errors regardless of the name of the authentication. Hence replacing the plain\|login with the general \w+	11 years ago
Daniel Black	6b0e6b9bca	ENH: add improper command pipelining postfix filter	11 years ago
Daniel Black	a443b8b4d3	BF: remove second jail definition	11 years ago
Daniel Black	cd3e94140c	MRG: complete merge	11 years ago
Daniel Black	f2e55e8499	ENH: add filter for squirrelmail. Closes gh-261	11 years ago
Daniel Black	1e8ed55a36	MRG: from 0.9	11 years ago
Tomas Pihl	b52a4441fd	Support ACL-events without AccountID. Typically happens when a registration from an unknown domain is performed. Add credits	11 years ago
Steven Hiscocks	0dd6533680	BF: Add ejabberd-auth to jail.conf	11 years ago
Steven Hiscocks	128112d51c	ENH: ejabberd filter	11 years ago
Daniel Black	8333abe420	Merge pull request #557 from grooverdan/apache-botsearch ENH: Apache botsearch + BF: tag substition	11 years ago
Daniel Black	b0baab3a0e	ENH: more test cases and wider regex	11 years ago
Daniel Black	4b33f96db4	DOC: fix comment regarding apache version in apache-noscript	11 years ago
Daniel Black	8e5366a7e9	DOC: for apache-botsearch and apache-botsearch	11 years ago
Steven Hiscocks	7e8da15fc6	Merge pull request #572 from grooverdan/counterstrike ENH: Counter Strike filter	11 years ago
Yaroslav Halchenko	6532a2e2f7	Merge pull request #548 from grooverdan/exim-honeypot Exim honeypot	11 years ago
Daniel Black	d94efe719d	ENH: jail.conf for counter-strike	11 years ago
Daniel Black	0fb6bc7188	ENH: add filter for Counter Strike 1.6. Closes gh-347	11 years ago
Daniel Black	aabdc51e87	BF: revert separate jail for exim-honeypot as only exim-spam exists.	11 years ago
Daniel Black	9e087b508d	MRG: from 0.9	11 years ago
Daniel Black	58ebf659e4	MRG: from 0.9 to make history cleaner	11 years ago
Yaroslav Halchenko	9a8b449086	DOC: some typos, fixes from Vincent Lefevre	11 years ago
Daniel Black	9e390d6549	ENH: jail.conf for exim-honeypot	11 years ago
Daniel Black	809581ae99	ENH: jail.conf for apache-botsearch	11 years ago
Daniel Black	ed9ed6d0cb	TST/ENH: fix test case for ReadStockJailFilterComplete and add missing jails	11 years ago
Daniel Black	10fa5e3439	BF: fix jails for gssftpd and qmail	11 years ago
Daniel Black	549f64e86c	BF: remove imap2 - not an IANA and probably not used	11 years ago
Daniel Black	320861b7dc	Merge branch 'more-jails-0.9' into master_to_0.9	11 years ago
Daniel Black	76468942f9	MRG: complete merge from master	11 years ago
Daniel Black	fa6a183e94	BF: typos in jail.conf corrected	11 years ago
Daniel Black	a31c76f126	ENH: jail cleanup and fill in missing for 0.9	11 years ago
Daniel Black	755af0a51e	Merge pull request #562 from grooverdan/jail.conf-complete_and_correct ENH: Jail.conf now has all filters and TST: a mechanism to test this is truee	11 years ago
Daniel Black	90fdf5fc21	ENH: jail.conf entry for groupoffice	11 years ago
Daniel Black	ab3ded2205	Merge pull request #549 from kwirk/python-actions ENH: Python actions	11 years ago
Daniel Black	50eab4df81	ENH: add filter groupoffice. Closes gh-566	11 years ago
Daniel Black	f137c7b107	BF: stunnel doesnt need datepattern as its inbuilt	11 years ago
Daniel Black	1687505995	BF: Fix datepattern	11 years ago
Steven Hiscocks	6c301ae210	Merge pull request #563 from grooverdan/gh-289-ssh BF: add expression for ssh filter for code 3: SSH2_DISCONNECT_KEY_EXCHAN...	11 years ago
Daniel Black	03aba92238	ENH: add kerio filter	11 years ago
Daniel Black	1c5787174f	BF: escape . in stunnel filter	11 years ago
Daniel Black	a8e0498389	BF: add expression for ssh filter for code 3: SSH2_DISCONNECT_KEY_EXCHANGE_FAILED. closes gh-289	11 years ago
Daniel Black	a9f804e443	ENH: complete stock jail.conf to contain all filters	11 years ago
Daniel Black	6ce2ba2895	ENH: additional phpmyadmin tips from Tom on http://www.fail2ban.org/wiki/index.php?title=Fail2ban:Community_Portal . Block is now a prefix of a path	11 years ago
Daniel Black	c37ee4cc52	DOC: filter.d/vsftpd doco from wiki	11 years ago
Daniel Black	6602937ee1	DOC: filter.d./pure-ftpd doco from wiki	11 years ago
Steven Hiscocks	69a850d226	DOC: Update docstrings for smtp.py action	11 years ago
Steven Hiscocks	6e63f0ea5a	RF: Change Jails and Actions to Mapping types	11 years ago
Daniel Black	d7666c8942	DOC: bit more on how to use freeswitch	11 years ago
Daniel Black	23f0b854da	MRG: merge in freeswitch	11 years ago
Daniel Black	69b3a1cf64	BF: catchin DEBUG messages will result in duplicates	11 years ago
Daniel Black	05b159c74b	Merge pull request #464 from grooverdan/increase-jail-name-length ENH: Actions to have f2b- as prefix instead of fail2ban- as per #462	11 years ago
Daniel Black	3d1a1afca4	MRG: to more recent 0.9	11 years ago
Daniel Black	5fe75436cc	DOC: DEV NOTES before author names	11 years ago
Daniel Black	477f30665a	DOC: ignoreip for internal ips on freeswitch	11 years ago
Daniel Black	36533de6bc	ENH: more filter expressions for freeswitch. Anchored existing one at end too	11 years ago
Daniel Black	d1faae3b3b	BF: port not used in jail definition for freeswitch	11 years ago
Daniel Black	938ef689de	DOC: dev notes on stunnel	11 years ago
Steven Hiscocks	80d6f74ee8	RF: Refactor actions further, include removing server proxy interface This allows direct setting of action properties and calling of methods from the fail2ban-client if so required.	11 years ago
Daniel Black	7c09a61ca5	ENH: add apache-botsearch. Closes gh-544	11 years ago
Daniel Black	b8536490ef	ENH: filter for stunnel from fail2ban wiki	11 years ago
Daniel Black	a0c2de3e4d	DOC: document incompatiblity between APF and iptables-* actions. Closes gh-510	11 years ago
Daniel Black	04d28fd2e1	ENH: add filter freeswitch - as raised on mailing list	11 years ago
Daniel Black	117d3b0466	MRG: horde filter from master	11 years ago
Daniel Black	83f3aeb308	ENH: filter for horde	11 years ago
Steven Hiscocks	98bf511443	BF: Incorrect number of arguments in smtp.py action connect log	11 years ago
Steven Hiscocks	5b2b59d752	ENH: python actions use initOpts as **kwargs Adds an easy way to handle case where mandatory arguments are missed, or not valid arguments are passed	11 years ago
Steven Hiscocks	6ef911185d	ENH: Add matches to smtp.py action	11 years ago
Daniel Black	55688395fb	DOC: doco for exim-spam	11 years ago
Daniel Black	9c7bb3b97e	ENH: exim-spam to take honeypot email address as argument. Closes #541	11 years ago
Daniel Black	391b5fc883	MRG: from master again 2014-01-01	11 years ago
Steven Hiscocks	f37c90cdba	ENH: Python based actions Python actions are imported from action.d config folder, which have .py file extension. This imports and creates an instance of the Action class (Action can be a variable that points to a class of another name). fail2ban.server.action.ActionBase is a base class which can be inherited from or as a minimum has a subclass hook which is used to ensure any imported actions implements the methods required. All calls to the execAction are also wrapped in a try except such that any errors won't cripple the jail. Action is renamed CommandAction, to clearly distinguish it from other actions. Include is an example smtp.py python action for sending emails via smtp. This is work in progress, as looking to add the <matches> and whois elements, and also SSL/TLS support.	11 years ago
Daniel Black	e8710b679d	ENH: stronger regex for failregex	11 years ago
Daniel Black	856407379b	ENH: add filter openwebmail. Closes gh-543.	11 years ago
Daniel Black	ccb64e68b4	DOC: for exim-spam to say how to enable the log lines for the latest regex	11 years ago
Daniel Black	b5f5ddf123	ENH: end anchor for exim-spam	11 years ago
Daniel Black	d727ba639a	ENH: exim-spam to include spamassassin log entry. Closes gh-533	11 years ago
Daniel Black	c074773805	ENH: apache modsecurity from 0.9 branch	11 years ago
Daniel Black	be382dae4d	MRG: ufw changelog conflicts	11 years ago
Daniel Black	1f6ece2a40	Merge pull request #490 from grooverdan/firewallcmd-ipset ENH: add firewallcmd-ipset	11 years ago
Daniel Black	ea2a13946e	TST: more test of filters	11 years ago
Daniel Black	c9cfdca396	ENH: add filter for apache-modsecurity	11 years ago
Daniel Black	ddac79c15c	TST: include blank ignorecommand in jail.conf to indicate default value and to raise test coverage	11 years ago
bes.internal	ebd89ec077	New ignorecommand that is added to the ignoreip list from output of an external program ignorecommand update man and fix protocol help ENH: run ignore command only after internal list has been examined. Change interface on ignorecommand to take IP as environment variable and return true if it is to be banned ENH: ignore IP command to take tagged command DOC: man pages for ingorecommand TST: add test cases for ignorecommand	11 years ago
Daniel Black	382d68f0fe	DOC: perfork model for apache log format	11 years ago
Daniel Black	1b7df1181f	BF: apache-2.4 log format fix. Closes gh-516	11 years ago
Yaroslav Halchenko	7af58b9984	Merge branch 'apache-noscripts' of https://github.com/grooverdan/fail2ban * 'apache-noscripts' of https://github.com/grooverdan/fail2ban: ENH: apache-noscript now matched php-cgi scripts. Closes gh-503 Conflicts: ChangeLog -- two new entries collided, Reformatted the merged one a bit	11 years ago
Daniel Black	a9b7d33c51	ENH: apache-noscript now matched php-cgi scripts. Closes gh-503	11 years ago
Daniel Black	a1a219189f	Merge pull request #493 from grooverdan/xarf-ipmatch ENH: use ipmatches for action xarf-login-attack	11 years ago
Daniel Black	ed2f46759c	MRG: restore accidently deleted pam comment in jail.conf	11 years ago
Daniel Black	44a0981495	MRG: fix recidive filter	11 years ago
Steven Hiscocks	d22716ab63	ENH: Add nsd filter and amend DateEpoch to match date format	11 years ago
Daniel Black	7c0efc8ec8	MRG: merge so far - flushLogs not working yet	11 years ago
Daniel Black	4eedf9d4e1	ENH: use ipmatches for action xarf-login-attack	11 years ago
Daniel Black	a398c51d6c	ENH: simplify actioncheck on firewallcmd-new a little more	11 years ago
Daniel Black	772def1095	Merge pull request #491 from kwirk/ipmatches ENH: Add <ipmatches> and <ipjailmatches> tags + sendmail implementations	11 years ago
Steven Hiscocks	40007abc1d	ENH: Refactor and add database matches and failures for sendmail actions	11 years ago
Steven Hiscocks	2deb76e3f9	Merge pull request #492 from grooverdan/abusix-disclaimer ENH: full abusix disclaimer in action xarf-login-attack	11 years ago
Daniel Black	1c6c011154	EHH missed trailing .	11 years ago
Daniel Black	868a4ea470	ENH: full abusix disclaimer in action xarf-login-attack	11 years ago
Daniel Black	9fe0a69852	ENH: add firewallcmd-ipset	11 years ago
Daniel Black	4ffc57e14f	ENH: simplify firewallcmd-new actioncheck and provide output samples	11 years ago
Daniel Black	ed816afbcd	ENH: add badips action	11 years ago
Daniel Black	1ff52dfe4d	DOC: document ufw a bit more. Change insertpos default to 1 to allow it to work if the user run ufw enable	11 years ago
Daniel Black	f35345ecaa	ENH: add ufw action based off Guilhem Lettron's work in lp-#701522. Closes gh-455	11 years ago
Daniel Black	13ccebe78f	BF: fix actioncheck in firewallcmd	11 years ago
Steven Hiscocks	0bcff771b8	ENH: Add <ipmatches> and <ipjailmatches> tags Example use filter also added for sendmail-whois with ipmatches rather than grepped lines	11 years ago
Steven Hiscocks	2c3dbc8046	BF: In 0.9 recidive bans come from fail2ban.server.actions Also changed journalmatch to limit to WARNING priority to avoid the recidive + DEBUG combo issue	11 years ago
Steven Hiscocks	b7d1579c9d	MRG: branch 'kwirk/database' into 0.9 - gh-480 Conflicts: fail2ban/tests/utils.py - Another test suite added in separate commit `e09b700`	11 years ago
Steven Hiscocks	e18af48e34	ENH: Database now optional, by setting dbfile to "None"	11 years ago
Daniel Black	9d532828fc	BF: multiple _ separated values according to http://wiki.squid-cache.org/SquidFaq/SquidLogs#Squid_result_codes . Thanks Steven	11 years ago
Daniel Black	66374913ec	ENH: add squid filter	11 years ago
Daniel Black	db4c21acde	BF/DOC: fix filename in documentation for filter.d/proftpd	11 years ago
Daniel Black	e8eab11615	DOC: proftp - turn off ReverseDNS	11 years ago
Daniel Black	f385439a41	MRG: ChangeLog merge	11 years ago
Daniel Black	36917d7517	BF: action.d/complain - match IP at beginning and end of lines	11 years ago
Steven Hiscocks	d8c7bca9b0	BF: Fix dbpurgeage default value, and change default dbfile extension	11 years ago
Steven Hiscocks	bbadef847b	ENH: Add fail2ban persistent data storage	11 years ago
Daniel Black	135c759dbb	Merge pull request #477 from kwirk/blocklist.de ENH: Added blocklist.de reporting API action	11 years ago
Steven Hiscocks	630dd91dcd	BF: Add [Init] section to blocklist.de action	11 years ago
Steven Hiscocks	b3c173795e	ENH: blocklist.de action error on HTTP response code 4xx	11 years ago
Daniel Black	51f2619878	Merge pull request #473 from grooverdan/whois-missing ENH: Whois missing in actions? Include output to say so	11 years ago
Daniel Black	e07ba41870	Merge pull request #463 from grooverdan/firewall-cmd-direct-new-length-too-long BF: firewall-cmd-direct-new was too long. Thanks Joel.	11 years ago
Steven Hiscocks	a19b33cc72	ENH: blocklist.de action added fail2ban version as user agent	11 years ago
Steven Hiscocks	f742ed0e4b	DOC: when to use blocklist.de reporting Taken from commit `1846056606`	11 years ago
Steven Hiscocks	e810ec009d	ENH: Added blocklist.de reporting API action	11 years ago
Daniel Black	4dc51e5def	BF: put notice in email if whois program could not provide more information. Closes gh-471	11 years ago
Daniel Black	97d7f46bb7	DOC: correct grammar - s/Here are more information/Here is more information/	11 years ago
Daniel Black	8aead9ab79	BF: escape quotes when splitting addresses for xarf	11 years ago
Daniel Black	1846056606	DOC: when to use xarf messages to network owner	11 years ago
Daniel Black	8c37d2e4de	ENH: remove dependency on querycontacts	11 years ago
Daniel Black	bfd435091d	ENH: jail examples for xarf-login-attack	11 years ago
Daniel Black	dd356c3cef	BF: fixed for sendmail and tested the MTA aspects of this action	11 years ago
Daniel Black	9df5f4eec8	BF: remove debugging tee command on xarf-login-attack	11 years ago
Daniel Black	d015f7f4fc	BF/ENH: fixed so xarf-login-attack works	11 years ago
Daniel Black	0495aa098e	BF: grep matches on <ip> shouldn't include other IPs	11 years ago
Daniel Black	95845b7b65	BF: complain action could match too many IP addresses	11 years ago
Daniel Black	5cc7173fd4	ENH: add xarf email sender for login-attack type	11 years ago
Yaroslav Halchenko	3a5983ab0b	Merge branch 'bf/syslog-format' of https://github.com/yarikoptic/fail2ban * 'bf/syslog-format' of https://github.com/yarikoptic/fail2ban: Changelog entries for the last changes ENH: added optional [PID] matching in recidive.conf ENH: reintroducing levelnameinto syslog msgs, time stamp and indentation in non-syslog msgs BF/ENH: include [PID] into logging msgs, remove indentation from syslog messages Conflicts: ChangeLog	11 years ago
Daniel Black	f7504d5b64	MRG: conflict in THANKS	11 years ago
Daniel Black	56b6bf7d25	ENH: reduce firewalld-cmd-new -> firewallcmd-new	11 years ago
Daniel Black	04438cd1a1	BF/ENH: mysql jail - rename to mysql-syslog to be consistent with 0.8.13. Add port to syslog defination. Document mysql configuration required for mysql jails	11 years ago
Daniel Black	3f4d179612	BF: smtps not an IANA port - from #447	11 years ago
Daniel Black	fe9e077acf	BF: correct spelling of port for solid-pop3 jail in jail.conf	11 years ago
Daniel Black	86a0a5962a	BF: revert to fail2ban- prefix as f2b- was intended for 0.9	11 years ago
Yaroslav Halchenko	25e967f23b	Merge branch 'mysqld-syslog-iptables-name-too-long' of https://github.com/grooverdan/fail2ban * 'mysqld-syslog-iptables-name-too-long' of https://github.com/grooverdan/fail2ban: BF: jail name mysqld-syslog-iptables too long. removed -iptables. Thanks Stefan (#447) Conflicts: ChangeLog	11 years ago
Daniel Black	b9b2ddf996	BF: smtps not IANA standard. Closes #447	11 years ago
Daniel Black	cade746307	BF: jail name mysqld-syslog-iptables too long. removed -iptables. Thanks Stefan (#447 )	11 years ago
Daniel Black	9e53892708	BF: did remove instead of move	11 years ago
Daniel Black	af4feb0c92	Actions to have f2b- as prefix instead of fail2ban- as per #462	11 years ago
Daniel Black	fb666b69ff	BF: firewall-cmd-direct-new was too long. Thanks Joel.	11 years ago
Daniel Black	227f27ce6b	ENH: added multiline filter for sshd filter	11 years ago
Daniel Black	f80fa7d7a0	Merge pull request #456 from grooverdan/apffix BF: add init section with name for action.d/apf. Closes #398	11 years ago
Daniel Black	13223c33f5	MRG: recidive-protocol-all	11 years ago
Daniel Black	dc154c792e	BF: add init section with name for action.d/apf. Closes #398	11 years ago
Yaroslav Halchenko	a26d4f42b7	ENH: added optional [PID] matching in recidive.conf	11 years ago
Daniel Black	9a82bc3c61	BF: kernel messages can have space. Thanks ag4ve(shawn). Closes #448	11 years ago
Daniel Black	98eacdf333	MRG/BF: merge from master. Fix bugs in iso8601	11 years ago
Yaroslav Halchenko	629e9ae445	Merge pull request #443 from grooverdan/apache-authfix BF: apache filters using error log weren't matched when referer existed ...	11 years ago
Daniel Black	284f811c91	BF: apache filters using error log weren't matched when referer existed in HTTP header	11 years ago
Daniel Black	1ea68b2d0c	DOC: filter.d/solid-pop3d - document lack of PAM support. Thanks to Jacques for the log messages	11 years ago
Daniel Black	0eea0a35db	ENH: filter.d/solid-pop3d - added log messages and regexes	11 years ago
Daniel Black	dab2ddb9da	ENH: recidive jail to block all protocols. Closes #440	11 years ago
Daniel Black	b3b9ea4559	ENH: jail for solid-pop3d	11 years ago
Daniel Black	88eff70774	ENH: filter.d/solid-pop3d added	11 years ago
Daniel Black	1ac7b53cad	MRG: merge from master	11 years ago
Daniel Black	286d78e13c	Merge pull request #430 from grooverdan/apache-overflows ENH: Apache overflows - httpd-2.4 message IDs + samples	11 years ago
Daniel Black	50ca16e50e	Merge pull request #431 from grooverdan/apache-noscript ENH: apache-2.4 message IDs for filter apache-noscript	11 years ago
Daniel Black	947c6ff9cc	Merge pull request #433 from grooverdan/asterisk BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from " regex thanks to Jonathan Lanning	11 years ago
Daniel Black	38503a5848	Merge pull request #434 from grooverdan/dos-resistant-dropbear ENH: DoS resistant dropbear filter	11 years ago
Daniel Black	62b1f98dff	Merge pull request #435 from grooverdan/dos-resistant-exim BF: exim filter to be DoS resistant	11 years ago
Daniel Black	be60518218	BF/ENH: DoS resistant roundcube-auth with test cases and more variation in IMAP error given	11 years ago
Daniel Black	52972164a2	BF: exim filter to be DoS resistant	11 years ago
Daniel Black	c272573fe3	ENH: DoS resistant dropbear filter	11 years ago
Daniel Black	eb9663eb4f	BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from <HOST>" regex thanks to Jonathan Lanning	11 years ago
Daniel Black	648d48c355	ENH: apache-2.4 message IDs for filter apache-noscript	11 years ago
Daniel Black	a4718eb644	ENH: apache-overflow filter to have HTTP-2.4 message IDs and test samples	11 years ago
Daniel Black	87516eb92b	ENH: apache-overflows - more detail on "request failed: URI too long (longer than %d)" with test case	11 years ago
Daniel Black	c5021b55f6	Merge pull request #427 from yarikoptic/bf/nginx-regex-injection BF: anchor introduced nginx-http-auth at the end	11 years ago

... 4 5 6 7 8 ...

1098 Commits (add67227f4d7dd03ba840c3faae2d7211d4e3d39)