fail2ban

Commit Graph

Author	SHA1	Message	Date
sebres	8b0f6c5413	badips test cases check availability of badips service (and skip this tests if it not available)	8 years ago
sebres	d71a525a85	Merge branch 'master' into 0.10 (resolve conflicts and cleaning tree points after back-porting gh-1508 0.10 -> 0.9)	8 years ago
Yaroslav Halchenko	c0994b0c6c	DOC: minor typo (thanks John Bernard) Closes #1496	8 years ago
Serg G. Brester	af8b650a37	badip timeout option introduced, set to 30 seconds in our test cases (#1463 ) cherry-picked from 0.10 (little bit modified in test_badips.py, because no --fast option in test cases)	9 years ago
sebres	e39126f630	badip timeout option introduced, set to 30 seconds in our test cases	9 years ago
sebres	0fdc56546f	Fixed misunderstanding of port in (ban)action: port will be always specified in jail config ([DEFAULT] or jail)	9 years ago
Yaroslav Halchenko	1ebc3facb1	BF: maintain previous default beh for pf -- ban a port (ssh) only	9 years ago
sebres	4d51c591c1	pf.conf: warranted consistently echoing for the pf actiontype if actiontype or multiport tags will be customized;	9 years ago
Alexander Koeppe	b5e031f3c3	some documentation for multiport use in pf.conf	9 years ago
sebres	1e7fd26f5f	rename `actionoptions` to `actiontype` in pf-action (multiport) + fixed test cases	9 years ago
Alexander Koeppe	e74047ae49	revert to common config for PF covering multi and allports	9 years ago
Alexander Koeppe	3e1328c83b	split PF config files between all- and multi port	9 years ago
sebres	0c44ecfc77	action.d/firewallcmd-ipset.conf: different name of the match set's for IPv4/IPv6, using conditional <ipmset>, analog to the iptables-ipset; test cases for 3 firewallcmd extended;	9 years ago
TorontoMedia	ffebde68e0	Update firewallcmd-multiport.conf	9 years ago
TorontoMedia	07de83e04a	Update firewallcmd-common.conf	9 years ago
TorontoMedia	810d5996b5	Update firewallcmd-rich-logging.conf	9 years ago
TorontoMedia	7e54cee8d6	updated firewallcmd actions	9 years ago
sebres	504e5ba6f2	actions support IPv6 now: - introduced "conditional" sections, see for example `[Init?family=inet6]`; - iptables-common and other iptables config(s) made IPv6 capable; - several small code optimizations; * all test cases passed (py3.x compatible);	9 years ago
sebres	75028585c0	test cases extended for verifying ipv4/ipv6, normalized pf-action with test case	9 years ago
Alexander Koeppe	ed2f3ef77d	improve PF action and make IPv6 aware	9 years ago
TorontoMedia	3d239215cd	Two new firewalld actions with rich rules for firewalld-0.3.1+ (gh-1367) closes #1367	9 years ago
Serg G. Brester	fe14c8fa05	Merge pull request #1292 from albel727/master Add nftables actions	9 years ago
Alexander Belykh	985e8938a4	Refactor nftables actionstop into smaller parts	9 years ago
Alexander Belykh	9779eeb986	Add nftables_type/family/table parameters	9 years ago
Alexander Belykh	260c30535d	Escape curly braces in nftables actions	9 years ago
Alexander Belykh	1983e15580	Add empty line between parameters in nftables-common.conf	9 years ago
Alexander Belykh	f7f91a8bd4	Refactor common code out of nftables-multiport/allports.conf	9 years ago
sebres	69f5623f83	code simplifying (remove duplication): agent will be always supplied as parameter from jail.conf	9 years ago
Alexander Belykh	618e97bce8	Add nftables actions	9 years ago
sebres	ac31121432	amend to fix fail2ban-version: correct user-agent for badips.py "Fail2Ban/ver", changeable within jail/config now;	9 years ago
sebres	cf334421bd	Provides fail2ban version to jail (as interpolation variable during parse of jail.conf); BF: use `fail2ban_agent` as user-agent in actions badips, blocklist_de, etc. (closes #1271, closes #1272)	9 years ago
agentmoller001	617302fcc2	Updated route.conf to clear warnings Does not throw warnings when starting/restarting by adding three lines of code.	9 years ago
Viktor Szépe	0d8968daa9	Added CloudFlare API error codes URL	9 years ago
M. Maraun	2895d981fa	Set Timeout at urlopen to 3 seconds	9 years ago
Yaroslav Halchenko	c37009aec7	Merge branch 'grep-m1k' of github.com:szepeviktor/fail2ban * 'grep-m1k' of github.com:szepeviktor/fail2ban: Limit the number of log lines in *-lines.conf actions Conflicts: ChangeLog -- took both versions and adjusted the new one for -n 1000 change	9 years ago
Yaroslav Halchenko	38c320798d	Merge pull request #1127 from yarikoptic/enh-iptables-w-close-1122 WIP ENH Add <lockingopt> (Close: #1122) and <iptables> to define the iptables call	9 years ago
Yaroslav Halchenko	0041bc3770	DOC: Changelog for shorewall-ipset-proto6.conf + adjusted its description	9 years ago
Yaroslav Halchenko	de2f9504c0	Merge pull request #978 from ediazrod/patch-2 shorewall-ipset-proto6.conf for shorewall	9 years ago
Yaroslav Halchenko	65cd218e10	Merge remote-tracking branch 'origin/master' * origin/master: ipjailmatches is on one line with its description in man jail.conf Added a space between IP address and the following colon	9 years ago
Viktor Szépe	c8b3ee10a0	Limit the number of log lines in *-lines.conf actions	9 years ago
Thomas Mayer	a19cb1b2b9	Merge `923d807ef8` into `cf2feea987`	9 years ago
Yaroslav Halchenko	3c0d7f5a4c	BF: do not wrap iptables into itself. Thanks Lee	9 years ago
Viktor Szépe	ebdfbae559	Added a space between IP address and the following colon	9 years ago
Yaroslav Halchenko	749d3c160c	BF: symbiosis-blacklist-allports now also requires iptables-common.conf	9 years ago
Yaroslav Halchenko	916937bb6a	RF: use <iptables> to take effect of it being a parameter	9 years ago
Yaroslav Halchenko	31dc4e2263	ENH: added lockingopt option for iptables actions, made iptables cmd itself a parameter	9 years ago
Viktor Szépe	5b7e1de2f4	Instead of allow-iptables-multiport actions swap blocktype and (new) returntype	10 years ago
Viktor Szépe	5d60700c0c	Added pass2allow (knocking with fail2ban)	10 years ago
Yaroslav Halchenko	8c4c17a880	Merge pull request #1004 from tsabi/fix-lc_time Fix of LC_TIME usage, it should be LC_ALL	10 years ago
Lee Clemens	fdc3172aec	Fix PEP8 E302 expected 2 blank lines, found X	10 years ago
Viktor Szépe	b65a8b065d	Other actions do not dive into this gory descriptions, but we do.	10 years ago
Viktor Szépe	2063ce4b23	All the arguments must be listed in [Init]	10 years ago
Viktor Szépe	79457112e9	Updated CF action	10 years ago
Aaron Brice	7ae0ef2408	Fix actions in ufw.conf On Ubuntu 15.04 the ufw action was not working. - With empty <application>, receiving errors: 2015-04-24 16:28:35,204 fail2ban.filter [8527]: INFO [sshd] Found 43.255.190.157 2015-04-24 16:28:35,695 fail2ban.actions [8527]: NOTICE [sshd] Ban 43.255.190.157 2015-04-24 16:28:35,802 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- stdout: b'' 2015-04-24 16:28:35,803 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- stderr: b'' 2015-04-24 16:28:35,803 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- returned 1 - With action = ufw[application=OpenSSH], it was silently not doing anything (no errors after "Ban x.x.x.x", but no IP addresses in ufw status). Re-arranged the bash commands on two lines, and it works with or without <application>.	10 years ago
Thomas Mayer	923d807ef8	use human-readable variable names (issue #1003 )	10 years ago
Thomas Mayer	675c3a7c95	use printf instead of echo for POSIX compatibility (issue #1003 )	10 years ago
Thomas Mayer	ac1e41ea70	Revert "remove '-ne' option as it's not interpreted any way (issue #1003 )" This reverts commit `4a598070c8`.	10 years ago
Thomas Mayer	4a598070c8	remove '-ne' option as it's not interpreted any way (issue #1003 )	10 years ago
Thomas Mayer	80f11a4d28	Add empty Init Section to pass tests (issue #1003 )	10 years ago
Thomas Mayer	c9b24839e4	Character detection heuristics for whois output via optional setting in mail-whois*.conf (Closes #1003 ) when set by user, - detects character set of whois output (which is undefined by RFC 3912) via heuristics of the file command - converts whois data to UTF-8 character set with iconv - sends the whois output in UTF-8 character set to mail program - avoids that heirloom mailx creates binary attachment for input with unknown character set	10 years ago
Csaba Tóth	0720c831b7	Fix of LC_TIME usage, it should be LC_ALL	10 years ago
ediazrod	5fdd1d1ded	Update shorewall-ipset-proto6.conf	10 years ago
ediazrod	e26a1ad6b6	Update shorewall-ipset-proto6.conf	10 years ago
Yaroslav Halchenko	56aacf872c	Merge pull request #952 from ache/master Update bsd-ipfw.conf	10 years ago
ediazrod	d0887f3234	This is a especific configuration for shorewall ipset proto6 Use ipset proto6 in shorewall. You must follow the rules to enable ipset in you blacklist if you have a lot of spam (my case) is better use ipset rather than shorewall command line (is my firewall) stop fail2ban with shorewall on one list of 1000 Ips takes 5 min with ipset in shorewall 10 sec.	10 years ago
Yaroslav Halchenko	e788e3823e	Merge pull request #965 from TorontoMedia/master Split output of firewallcmd list into separate lines for grepping (Close #908)	10 years ago
TorontoMedia	b4f1f613bb	Update firewallcmd-allports.conf	10 years ago
TorontoMedia	0fac7e40b6	Update firewallcmd-multiport.conf	10 years ago
Yaroslav Halchenko	07b0ab07ad	Merge branch 'master' of https://github.com/rumple010/fail2ban * 'master' of https://github.com/rumple010/fail2ban: Changed default TTL value to 60 seconds. Added a reminder to create an nsupdate.local file to set required options. Modified the ChangeLog and THANKS files to reflect the addition of action.d/nsupdate.conf. add nsupdate action Conflicts: ChangeLog	10 years ago
Yaroslav Halchenko	d5e68abf95	ENH: check badips.com response on presence of "categories" in it As https://travis-ci.org/fail2ban/fail2ban/jobs/50609529 query might fail in that response would not contain "categories". With this change we will handle it explicitly and will spit out ValueError, providing information about the response so it could be troubleshooted	10 years ago
Ache	ae1451b29f	Update bsd-ipfw.conf Deleting not existent is not error. Adding already present is not error. Otherwise all those entries becomes stale forever, not removed and its number increases over time.	10 years ago
Luke Hollins	549ab24e70	Fixed grammatical error in emails sent	10 years ago
Yaroslav Halchenko	119a7bbb16	Merge pull request #939 from szepeviktor/geoip Added sendmail-geoip-lines.conf	10 years ago
Viktor Szépe	4c88a00c28	Line notes implemented	10 years ago
Viktor Szépe	1619ab3145	Added sendmail-geoip-lines.conf	10 years ago
Andrew St. Jean	6bdfe756cf	Changed default TTL value to 60 seconds.	10 years ago
Andrew St. Jean	43732acae1	Added a reminder to create an nsupdate.local file to set required options.	10 years ago
Yaroslav Halchenko	085d0f72ed	ENH: use non-UTC date invocation (without -u) and report offset for localzone (%z)	10 years ago
rumple010	eb76dcd5a0	add nsupdate action Adds a new action file that uses nsupdate to dynamically update a BIND zone file with a TXT resource record representing a banned IP address. Resource record is deleted from the zone when the ban expires.	10 years ago
Yaroslav Halchenko	083031524d	BF: adding missing Definition section header to firewallcmd-allports	10 years ago
TorontoMedia	d7b7f4bc91	Update firewallcmd-allports.conf	10 years ago
TorontoMedia	7eed55266b	Created firewallcmd-multiport	10 years ago
TorontoMedia	9f91cb2fd8	Created firewallcmd-allports	10 years ago
TorontoMedia	50e5fd9ed7	Create firewallcmd-multiport.conf	10 years ago
TorontoMedia	591e444753	Create firewallcmd-allports.conf	10 years ago
Yaroslav Halchenko	967485c2d0	improving grepping	10 years ago
Yaroslav Halchenko	efbf5064a1	Merge pull request #807 from xslidian/patch-1 grep IP at the start of lines	10 years ago
Orion Poplawski	01b2673e34	Use multiport for firewallcmd-new	10 years ago
Dean Lee	ba44ff312b	grep IP at the start of lines I'm not sure if this regex works best, so I'm patching this single file as a sample. Don't forget to update `mail-whois-lines.conf` after this patch got merged. For the following logs, `grep '[^0-9]199.48.161.87[^0-9]'` will output nothing, while `grep '\([^0-9]\\|^\)199.48.161.87[^0-9]'` works: <pre>199.48.161.87 - - [09/Sep/2014:13:38:54 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com 199.48.161.87 - - [09/Sep/2014:13:38:56 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com 199.48.161.87 - - [09/Sep/2014:13:38:58 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com 199.48.161.87 - - [09/Sep/2014:13:39:00 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com 199.48.161.87 - - [09/Sep/2014:13:39:05 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com 199.48.161.87 - - [09/Sep/2014:13:39:05 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com 199.48.161.87 - - [09/Sep/2014:13:39:13 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com 199.48.161.87 - - [09/Sep/2014:13:39:21 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com 199.48.161.87 - - [09/Sep/2014:13:39:32 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com 199.48.161.87 - - [09/Sep/2014:13:39:34 +0800] "POST /wp-login.php HTTP/1.1" 403 4674 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com 199.48.161.87 - - [09/Sep/2014:13:39:34 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com 199.48.161.87 - - [09/Sep/2014:13:39:34 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com 199.48.161.87 - - [09/Sep/2014:13:39:35 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com 199.48.161.87 - - [09/Sep/2014:13:39:35 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com 199.48.161.87 - - [09/Sep/2014:13:39:35 +0800] "POST /wp-login.php HTTP/1.1" 403 168 "-" "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0" - hitsjapan.com</pre>	10 years ago
Yaroslav Halchenko	0d9cfb84e3	Merge pull request #778 from yarikoptic/enh/symbiosis ENH: symbiosis-blacklist-allports action	10 years ago
Yaroslav Halchenko	93243e7d57	ENH: Ignore errors while unbaning in symbiosis firewall Fail2Ban at times "interfers" with the firewall reflashing thus leading to the sporadic errors. IMHO should be safe to ignore	10 years ago
Yaroslav Halchenko	818dd59d65	ENH: symbiosis-blacklist-allports action	10 years ago
Markus Amalthea Magnuson	7b76322898	Fix typos.	10 years ago
leftyfb	6dbd449f77	Changed to Cloudflare JSON API	10 years ago
leftyfb	cba570cabd	Updated comments	11 years ago
leftyfb	5471e99ebe	Added cloudflare action	11 years ago
Yaroslav Halchenko	0adb10f653	Merge branch 'ainfo-copy' of https://github.com/kwirk/fail2ban * 'ainfo-copy' of https://github.com/kwirk/fail2ban: TST: actions modifying aInfo test more robust TST: Test for actions modifying (un)ban aInfo BF: aInfo could be modified by actions, causing unexpected behaviour	11 years ago
SATO Kentaro	65ff3e9604	ENH: Introduce iptables-common.conf.	11 years ago
Steven Hiscocks	8268c1641f	BF: aInfo could be modified by actions, causing unexpected behaviour A separate copy of aInfo is passed to each action	11 years ago
SATO Kentaro	1e1c4ac62a	ENH: Add <chain> to iptables-ipsets.	11 years ago

1 2 3 4 5 ...

349 Commits (b615a9854019589c87d68dd586f45c61f8fe886d)