github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
3,225 Commits
34 Branches
230 Tags
20 MiB
Commit Graph

3225 Commits (b132bd81377107e01dd5f0de5c3d7a7681f45efc)

Author SHA1 Message Date
Daniel Black 8aa20a7b0e ENH: credits for #440 recidive jail protocol=all 2013-11-18 07:59:56 +11:00
Daniel Black dab2ddb9da ENH: recidive jail to block all protocols. Closes #440 2013-11-18 07:57:16 +11:00
Daniel Black 2c63b1fe93 Merge pull request #439 from yarikoptic/bf/proftpd-millisec 
ENH: proftpd in Debian (now or forever) has ",milliseconds" in its date format
 2013-11-17 12:44:44 -08:00
Daniel Black b3b9ea4559 ENH: jail for solid-pop3d 2013-11-18 07:42:45 +11:00
Yaroslav Halchenko 19a472928d More of changelog entries to close bugs addressed in this release 2013-11-16 22:58:15 -05:00
Yaroslav Halchenko 4dba65f685 debian/NEWS - information for change of default iptables action to REJECT now (Closes: #711463) 2013-11-16 22:30:31 -05:00
Yaroslav Halchenko 82174ea4c4 Changelog for preceding proftpd date format change 2013-11-16 22:18:51 -05:00
Yaroslav Halchenko d4f6ca4f85 ENH: adding custom date format for proftpd when logging in its own log file (default on Debian) -- includes milliseconds 
Should resolve Debian #648276
 2013-11-16 22:15:58 -05:00
Yaroslav Halchenko 2d068572bc debian/jail.conf - dropbear jail: use dropbear filter (instead of ssh) and monitor auth.log instead of non-existing /var/log/dropbear (Closes: #620760) 2013-11-16 21:35:04 -05:00
Yaroslav Halchenko 7d8dc0f322 fresh changelog 2013-11-16 21:30:15 -05:00
Yaroslav Halchenko b2f5a79eeb Merge tag '0.8.11' into debian 
* tag '0.8.11':
  DOC: finalise 0.8.11 release
  BF/ENH: DoS resistant roundcube-auth with test cases and more variation in IMAP error given
  BF: exim filter to be DoS resistant
  ENH: DoS resistant dropbear filter
  BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from <HOST>" regex thanks to Jonathan Lanning
  ENH: apache-2.4 message IDs for filter apache-noscript
  TST: change source URL
  ENH: apache-overflow filter to have HTTP-2.4 message IDs and test samples
  ENH: apache-overflows - more detail on "request failed: URI too long (longer than %d)" with test case
  TST: end of json in sshd sample log
  TST: fix space in sshd sample log
  TST: test case that shows injection
  DOC: more on filter regexes - DEVELOP
  DOC: filter regex debugging
  BF: anchor introduced nginx-http-auth at the end
 2013-11-16 21:19:48 -05:00
Daniel Black 88eff70774 ENH: filter.d/solid-pop3d added 2013-11-16 09:43:15 +11:00
Daniel Black ed212fcdcc DOC: new ChangeLog header 2013-11-16 09:40:05 +11:00
Daniel Black 84f915c1f7 fix nginx-http-auth lof file location and MANIFEST 2013-11-13 09:57:13 +11:00
Daniel Black a7604c899f DOC: list Wiki pages to update after a release 2013-11-13 09:43:36 +11:00
Daniel Black 1ac7b53cad MRG: merge from master 2013-11-13 09:16:45 +11:00
Daniel Black 752ea054db DOC: post release version change 2013-11-13 09:01:52 +11:00
Daniel Black fc213a103e Merge pull request #437 from grooverdan/0.8.11_release 
DOC: finalise 0.8.11 release
 2013-11-12 13:06:54 -08:00
Daniel Black d0498bec69 DOC: finalise 0.8.11 release 2013-11-13 08:05:08 +11:00
Daniel Black 286d78e13c Merge pull request #430 from grooverdan/apache-overflows 
ENH: Apache overflows - httpd-2.4 message IDs + samples
 2013-11-12 12:46:52 -08:00
Daniel Black 50ca16e50e Merge pull request #431 from grooverdan/apache-noscript 
ENH: apache-2.4 message IDs for filter apache-noscript
 2013-11-12 12:46:09 -08:00
Daniel Black 947c6ff9cc Merge pull request #433 from grooverdan/asterisk 
BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from " regex thanks to Jonathan Lanning
 2013-11-12 12:45:52 -08:00
Daniel Black 38503a5848 Merge pull request #434 from grooverdan/dos-resistant-dropbear 
ENH: DoS resistant dropbear filter
 2013-11-12 12:45:12 -08:00
Daniel Black 62b1f98dff Merge pull request #435 from grooverdan/dos-resistant-exim 
BF: exim filter to be DoS resistant
 2013-11-12 12:44:53 -08:00
Daniel Black 0d47ea3348 Merge pull request #436 from grooverdan/dos-resistant-roundcube-auth 
BF/ENH: DoS resistant roundcube-auth with test cases and more variation from IMAP responses
 2013-11-12 12:44:36 -08:00
Daniel Black be60518218 BF/ENH: DoS resistant roundcube-auth with test cases and more variation in IMAP error given 2013-11-12 18:57:01 +11:00
Daniel Black 52972164a2 BF: exim filter to be DoS resistant 2013-11-12 18:13:35 +11:00
Daniel Black c272573fe3 ENH: DoS resistant dropbear filter 2013-11-12 18:06:16 +11:00
Daniel Black eb9663eb4f BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from <HOST>" regex thanks to Jonathan Lanning 2013-11-12 09:22:41 +11:00
Daniel Black 648d48c355 ENH: apache-2.4 message IDs for filter apache-noscript 2013-11-11 10:49:11 +11:00
Daniel Black c81ed53805 TST: change source URL 2013-11-11 10:40:12 +11:00
Daniel Black a4718eb644 ENH: apache-overflow filter to have HTTP-2.4 message IDs and test samples 2013-11-11 10:38:02 +11:00
Daniel Black 87516eb92b ENH: apache-overflows - more detail on "request failed: URI too long (longer than %d)" with test case 2013-11-11 09:46:40 +11:00
Daniel Black e8aa676cf5 Merge pull request #429 from grooverdan/filter-develop-doco 
DOC: Filter development doco
 2013-11-10 14:10:10 -08:00
Daniel Black 191c4fda1b Merge pull request #428 from grooverdan/ssh-dos 
TST: test case that shows injection into username
 2013-11-10 13:39:03 -08:00
Daniel Black f1c98a799f Merge pull request #421 from grooverdan/sendmail-spam 
ENH: multiline filter for sendmail-spam. Closes gh-418
 2013-11-10 13:37:33 -08:00
Daniel Black d90130234d TST: end of json in sshd sample log 2013-11-11 08:29:54 +11:00
Daniel Black 061a26c408 TST: fix space in sshd sample log 2013-11-11 08:28:09 +11:00
Daniel Black d955714d26 TST: test case that shows injection 2013-11-11 08:11:32 +11:00
Daniel Black b8f40fef1b DOC: more on filter regexes - DEVELOP 2013-11-11 08:08:10 +11:00
Yaroslav Halchenko 8f54c1990a provide Closes statements for Debian bugs 2013-11-10 12:17:13 -08:00
Yaroslav Halchenko a4ab39ea82 minor jail.conf tune ups. More needed to adopt the jails/filter added upstrean 2013-11-10 00:24:24 -08:00
Yaroslav Halchenko 93f30fe4f6 added patch changeset_ac061155f093464fb6cd2329d3d513b15c68e256.diff to "cherry-pick" ac061155f0 (BF: anchor introduced nginx-http-auth at the end) 2013-11-08 17:30:35 -08:00
Yaroslav Halchenko 521f8062bc Changelog entry/new version 2013-11-08 17:29:55 -08:00
Yaroslav Halchenko 128c4c978d Merge commit '0.8.11.pre1-29-gccd2657' into debian 
* commit '0.8.11.pre1-29-gccd2657': (363 commits)
  DOC: minor typos in ChangeLog
  DOC: adding DEV Notes for for non-greedy matchin within sshd.conf
  BF: disallow exploiting of non-greedy .* in previous fix by providing too long rhost -- do not impose length limits for user-provided input
  BF: fixing injection for OpenSSH 6.3 -- making .* before <HOST> non-greedy
  Changelog for prior changes (gen_buildbots)
  ENH: condense asterisk regexs for speed
  BF: missed action in nginx-http-auth
  ENH: add filter.d/nginx-http-auth. Partially forfills #405
  ENH: regenerated config/filter.d/apache-badbots.conf
  NF: gen_badbots script to (re)generate/update config/filter.d/apache-badbots.conf
  DOC: keeping Changelog release-phrases uniform, simplified intro, unified
  DOC: Untabifying and reindenting a bit ChangeLog
  DOC: few more links for DEVELOP
  BF: fix dovecot filter for newer failure message. Closes Debian bug #709324
  BF: fix to filter.d/wuftp to support pam authentication - Debian bug #665925
  Add Fedora git repo of fail2ban package to DEVELOP
  firewalld-0.3.8 release that support --remove-rules out so documenting this.
  BF: remove duplication definition secion in webmin-auth
  DOC: alter release notes a bit more and versions in README.md
  BF/DOC: fix hopefully final MANIFEST and release instructions
  ...
 2013-11-08 17:25:40 -08:00
Daniel Black c5021b55f6 Merge pull request #427 from yarikoptic/bf/nginx-regex-injection 
BF: anchor introduced nginx-http-auth at the end
 2013-11-08 17:23:03 -08:00
Daniel Black 724c6bfd92 DOC: filter regex debugging 2013-11-09 10:35:13 +11:00
Yaroslav Halchenko ccd26578ec Merge pull request #425 from grooverdan/asterisk-simplify 
ENH: condense asterisk regexs for speed
 2013-11-08 14:42:35 -08:00
Yaroslav Halchenko ac061155f0 BF: anchor introduced nginx-http-auth at the end 
needed since request probably could be not a correct HTTP statement but continue with
all those to match till the end and then injected ", client: VICTIM, server..." thus allowing
injection.  We better anchor at the end then
 2013-11-08 14:40:52 -08:00
Yaroslav Halchenko 49024fe6ea DOC: minor typos in ChangeLog 2013-11-08 14:36:56 -08:00