1029 Commits (b40c6cbd9a0c1b51e0cc0f0c4629b84d60c2c129)

Author	SHA1	Message	Date
Serg G. Brester	eef7771b4e	Merge pull request #1238 from sebres/fix/gh-1216 ... Fixed directly defined banaction for allports jails like pam-generic, recidive, etc	9 years ago
sebres	e825e977cc	Nginx log paths extended (prefixed with "*" wildcard) ... closes gh-1237	9 years ago
sebres	f359ed8c36	Fixed directly defined banaction for allports jails like pam-generic, recidive, etc with new default variable `banaction_allports` (+ man entries for both variables added); ... closes gh-1216	9 years ago
sebres	53b39162a1	Shortly, much faster and stable version of regexp (possible because expression is start-anchored and does not contains closely to catch-all sub expressions)	9 years ago
sebres	6884593ab8	New filter `nginx-limit-req` ban hosts, that were failed through nginx by limit request processing rate (ngx_http_limit_req_module)	9 years ago
1technophile	2861a957a9	filter for openhab domotic software authentication failure with the rest api and web interface + test cases; ... closes gh-1223	9 years ago
Pablo Rodriguez Fernandez	2c576c64f8	Change domain filter regex ... Change domain filter regex since there are other Google crawlers. See "Google crawlers" <https://support.google.com/webmasters/answer/1061943?hl=en>	9 years ago
Pablo Rodriguez Fernandez	74fcb219ab	Enhanced Google domain detection in apache-fakegooglebot ... Previously, an attacker could fake a domain like crawl-1-1-1-1.googlebot.com.fake.net and get resolved. This change avoids to resolve fake Google domains.	9 years ago
Pablo Rodriguez Fernandez	a28e6b442e	Add check in apache-fakegooglebot to protect against PTR fake record ... An attacker may return a PTR record which fakes a Googlebot's domain name. This modification resolves the PTR records to verify it. See "Verifying Googlebot": <https://support.google.com/webmasters/answer/80553?vid=1-635800030504666679-1963774919>	9 years ago
agentmoller001	617302fcc2	Updated route.conf to clear warnings ... Does not throw warnings when starting/restarting by adding three lines of code.	9 years ago
sebres	2696ede251	mysqld-auth: Updated "Access denied ..." regex for MySQL 5.6 and later ... closes gh-1211	9 years ago
Kevin Locke	36919d9f97	ssh.conf: Fix disconnect "Auth fail" matching ... The regex for matching against "Auth fail" disconnect log message does not match against current versions of ssh. OpenSSH 5.9 introduced privilege separation of the pre-auth process, which included [logging through monitor.c](http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/monitor.c.diff?r1=1.113&r2=1.114) which adds " [preauth]" to the end of each message and causes the log level to be prepended to each message. It also fails to match against clients which send a disconnect message with a description that is either empty or includes a space, since this is the content in the log message after the disconnect code, per [packet.c:1785](http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/packet.c?annotate=1.215), which was matched by \S+. Although I have not observed this yet, I couldn't find anything which would preclude it in [RFC 4253](https://tools.ietf.org/html/rfc4253#section-11.1) and since the message is attacker-controlled it provides a way to avoid getting banned. This commit fixes both issues. Signed-off-by: Kevin Locke <kevin@kevinlocke.name>	9 years ago
Viktor Szépe	0d8968daa9	Added CloudFlare API error codes URL	9 years ago
Yaroslav Halchenko	ff06176e9e	Merge remote-tracking branch 'origin/master' into enh-split-comma ... * origin/master: DOC: changelog for the timeout change Set Timeout at urlopen to 3 seconds README :: init/service example mentions debian based systems as the example README :: fitted paragraph style BF: disable testing on python 3.2 until coverage gets a fix README :: Some style/grammar tweaks, and init/service script mention. Re: #1193 Set Timeout at urlopen to 3 seconds	9 years ago
M. Maraun	2895d981fa	Set Timeout at urlopen to 3 seconds	9 years ago
Yaroslav Halchenko	8cf614e221	ENH: allow to split ignoreip by space and/or comma (Closes #1197) ... Way too many people ran into this gotcha, so lets just do it	9 years ago
Yaroslav Halchenko	55e542b273	Merge remote-tracking branch 'pr/1170/head' -- opensuse paths ... * pr/1170/head: Updated ChangeLog regarding openSUSE's path config Added configuration for opensuse path	9 years ago
Edward Beckett	835b3ff483	Update apache-badbots.conf ... Useragent strings including `+http` need to be escaped to be valid.	9 years ago
weberho	f7af93a677	Added configuration for opensuse path	9 years ago
weberho	d278fbca30	Fixed line suspected to be faulty	9 years ago
Yaroslav Halchenko	c37009aec7	Merge branch 'grep-m1k' of github.com:szepeviktor/fail2ban ... * 'grep-m1k' of github.com:szepeviktor/fail2ban: Limit the number of log lines in *-lines.conf actions Conflicts: ChangeLog -- took both versions and adjusted the new one for -n 1000 change	9 years ago
Yaroslav Halchenko	38c320798d	Merge pull request #1127 from yarikoptic/enh-iptables-w-close-1122 ... WIP ENH Add <lockingopt> (Close: #1122) and <iptables> to define the iptables call	9 years ago
Yaroslav Halchenko	0041bc3770	DOC: Changelog for shorewall-ipset-proto6.conf + adjusted its description	9 years ago
Yaroslav Halchenko	de2f9504c0	Merge pull request #978 from ediazrod/patch-2 ... shorewall-ipset-proto6.conf for shorewall	9 years ago
Yaroslav Halchenko	65cd218e10	Merge remote-tracking branch 'origin/master' ... * origin/master: ipjailmatches is on one line with its description in man jail.conf Added a space between IP address and the following colon	9 years ago
Viktor Szépe	c8b3ee10a0	Limit the number of log lines in *-lines.conf actions	9 years ago
Thomas Mayer	a19cb1b2b9	Merge 923d807ef8 into cf2feea987	9 years ago
Yaroslav Halchenko	3c0d7f5a4c	BF: do not wrap iptables into itself. Thanks Lee	9 years ago
Viktor Szépe	ebdfbae559	Added a space between IP address and the following colon	9 years ago
Yaroslav Halchenko	749d3c160c	BF: symbiosis-blacklist-allports now also requires iptables-common.conf	9 years ago
Yaroslav Halchenko	916937bb6a	RF: use <iptables> to take effect of it being a parameter	9 years ago
Yaroslav Halchenko	31dc4e2263	ENH: added lockingopt option for iptables actions, made iptables cmd itself a parameter	9 years ago
Yaroslav Halchenko	7a011fca1b	DOC: adjusted comment in pass2allow-ftp to my suggested wording	9 years ago
Viktor Szépe	948b12e5df	Fixed definition of knocking_url for pass2allow	10 years ago
Viktor Szépe	b638e807ad	Explicitly stating that knocking_url needs to be customized	10 years ago
Viktor Szépe	586703dcc2	Test, changelog and fixes to pass2allow	10 years ago
Viktor Szépe	5b7e1de2f4	Instead of allow-iptables-multiport actions swap blocktype and (new) returntype	10 years ago
Viktor Szépe	5d60700c0c	Added pass2allow (knocking with fail2ban)	10 years ago
Viktor Szépe	a3b8257b73	Add HEAD method verb to apache-badbots, nginx-badbots	10 years ago
Yaroslav Halchenko	8c4c17a880	Merge pull request #1004 from tsabi/fix-lc_time ... Fix of LC_TIME usage, it should be LC_ALL	10 years ago
Yaroslav Halchenko	e38b4b8cb3	Merge pull request #1051 from leeclemens/bf/roundcube ... Update regex to work with roundcube 1.0.5 and 1.1.1	10 years ago
Lee Clemens	3e902d7b3a	Define roundcube_errors_log in paths-common.conf ... Remove from paths-debian	10 years ago
Lee Clemens	fdc3172aec	Fix PEP8 E302 expected 2 blank lines, found X	10 years ago
Lee Clemens	f7444f16b8	Add optional session id prefix for roundcube 1.1.1	10 years ago
Lee Clemens	2796534a5d	Update regex to work with roundcube 1.0.5 on CentOS 6	10 years ago
Viktor Szépe	b65a8b065d	Other actions do not dive into this gory descriptions, but we do.	10 years ago
Viktor Szépe	2063ce4b23	All the arguments must be listed in [Init]	10 years ago
Viktor Szépe	79457112e9	Updated CF action	10 years ago
Yaroslav Halchenko	345820d2aa	Merge pull request #1056 from ipoddubny/asterisk_security_log ... Fix support for Asterisk security log	10 years ago
Yaroslav Halchenko	f41872f034	Merge pull request #1013 from szepeviktor/patch-4 ... Non-US locale warning for proftpd	10 years ago