github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
3,630 Commits
33 Branches
229 Tags
18 MiB
Commit Graph

3630 Commits (babb76cb3c4990c4ee119c969d91b9dd9a755a4d)

Author SHA1 Message Date
Serg G. Brester babb76cb3c Merge pull request #1839 from sebres/asterisk-patch 
Asterisk improvements
 2017-07-19 08:50:05 +02:00
sebres a5b62a7f36 failregex extended and simplified (partially ported from gh-1409). 2017-07-18 16:34:22 +02:00
sebres 098abae4e6 Remove greedy catch-all before `<HOST>`, make regex more universal, fewer prone to errors (should avoid future changes, if some optional parameters coming again before/after `RemoteAddress`) + non-captured groups now. 
Test for possible injection (5.6.7.8 in session-id) already available, line 59 (thus already covered).
 2017-07-18 16:09:53 +02:00
sebres 2ea22b9d30 test coverage for gh-1427 2017-07-18 15:46:53 +02:00
Kirill 4c0c7b97c0 Update asterisk.conf to new log message 
I got an issue like this:
[2016-05-15 22:53:00] SECURITY[26428] res_security_log.c: SecurityEvent="FailedACL",EventTV="2016-05-15T22:53:00.203+0300",Severity="Error",Service="AMI",EventVersion="1",AccountID="admin",SessionID="0x7fb580001518",LocalAddress="IPV4/TCP/0.0.0.0/5038",RemoteAddress="IPV4/TCP/78.129.227.4/62389",SessionTV="1970-01-01T03:00:00.000+0300"

# [sebres] rebased to current master and resolving conflicts.
 2017-07-18 15:40:32 +02:00
Serg G. Brester 99b668a3cc Merge pull request #1390 from khumarahn/xxx 
ensure /var/run/fail2ban is created in systemd service file
 2017-07-11 15:53:42 +02:00
Serg G. Brester 5dcbcb99b9 Merge pull request #1648 from hlein/master 
gentoo-initd: wait up to 30 seconds on "stop" to avoid errors.
 2017-07-11 15:41:48 +02:00
Serg G. Brester d05d9f4c28 Merge pull request #1816 from sebres/fix-gh-1302 
filter.d/asterisk.conf - fixed failregex AMI Asterisk authentification failed
 2017-07-03 12:59:46 +02:00
sebres a1d0633e69 filter.d/asterisk.conf - fixed failregex AMI Asterisk authentification failed (see gh-1302): 
- optional space between NOTICE and pid;
- optional part "Host " before IP-address;
 2017-07-03 12:57:28 +02:00
sebres 9f55ed86df fixed testCymruInfoNxdomain (since cymru does not provide ASN mapping info for "10.0.0.0" anymore) 2017-07-03 12:41:54 +02:00
Serg G. Brester 205edff65d Merge pull request #1690 from chtheis/master 
#1689: Make lowest rule number in action.d/bsd-ipfw.conf configurable
 2017-07-01 17:16:50 +02:00
Serg G. Brester f27e053592 Update bsd-ipfw.conf 
increased starting rule number (lowest_rule_num = 111)
 2017-07-01 17:10:53 +02:00
Serg G. Brester 001c0898d6 Merge branch 'master' into master 2017-06-30 18:07:38 +02:00
Serg G. Brester 6110ba9cc3 filter.d/proftpd.conf: added option `journalmatch` for systemd backend (closes gh-1613) 2017-06-30 18:00:01 +02:00
Serg G. Brester d54c40bba5 Merge pull request #1805 from sebres/fix-gh-1790 
filter.d/apache-overflows.conf: rewritten without end-anchor ($)...
 2017-06-15 11:48:45 +02:00
sebres e1234a5249 ChangeLog update 2017-06-15 11:47:16 +02:00
sebres 2b358bc1a4 filter.d/apache-overflows.conf: rewritten without end-anchor ($), because apache-log could contain very long URLs (and/or referrer), the parsing of it anchored way may be very vulnerable (at least as regards the system resources, see gh-1790). 2017-06-15 11:16:19 +02:00
Serg G. Brester 08591a52a4 Merge pull request #1796 from peternowee/fix-dovecot-empty-user 
dovecot: revert `<[^>]+>` back to `<[^>]*>` - allows empty user again [mistakenly changed in 5678d08]
 2017-05-31 19:03:34 +02:00
Peter Nowee b93e47b12f
dovecot: Match also when user field is empty 
Commit 5678d08 of 2016-11-26 changed:

    ( user=<\S*>,)?

to:

    ( user=<[^>]+>,)?

The change from `*` (zero or more times) to `+` (one or more times) may
not have been intended. It will miss lines containing, for example:

    Aborted login (tried to use disallowed plaintext auth): user=<>

This commit reverts the `+` back to `*`.
 2017-05-31 15:54:30 +02:00
Serg G. Brester 5214c1c5d1 Update changelog (gh-1455) 2017-05-30 20:31:48 +02:00
Marcel Bischoff 228d25c548 Update Kerio Connect filter (#1455) 
* Update Kerio Connect filter

Fixed regex for some log entries that did not get recognized and some additional error formats are added.

* Add missing colon, GitHub address

* Add filter tests

* Add missing test
 2017-05-30 20:27:44 +02:00
sebres c7ddf1f940 [systemd-backend] implicit closing journal descriptor by stop filter. 
Partially cherry-picked from 0.10 (d153555a07)
 2017-05-19 15:36:06 +02:00
sebres 0a707d0302 Merge branch 'travis-fix-pypy' 2017-05-15 16:41:22 +02:00
sebres f099558bcf try to fix travis build for pypy3 (after switch to 'pypy3.3-5.2-alpha1' the test cases seems to never run anymore). 2017-05-15 16:32:41 +02:00
Filippo Tessarotto ff1c6718da Postfix RBL: 554 & SMTP 
Cherry-pick of 607568f5da (see gh-1686)
 2017-05-15 14:42:37 +02:00
Yaroslav Halchenko 407b2ea936 life is going on 2017-05-11 11:17:27 -04:00
Yaroslav Halchenko bc60d6feb6 Merge remote-tracking branch 'origin/master' 
* origin/master:
  exim test cases extended: cover short form of the logging (without session-id, gh-1771)
 2017-05-11 11:13:07 -04:00
sebres a5cdb9c977 exim test cases extended: cover short form of the logging (without session-id, gh-1771) 2017-05-11 09:10:45 +02:00
Yaroslav Halchenko 35280044ff Preparing for 0.9.7 release 2017-05-10 21:38:57 -04:00
Yaroslav Halchenko 663d526d74 Added newly added files to MANIFEST 2017-05-10 21:31:09 -04:00
sebres bea3a62a37 update ChangeLog 2017-05-07 14:02:45 +02:00
sebres 0600d51511 filter.d/exim.conf: added new reason for "rejected RCPT" regex: Unrouteable address 2017-05-07 14:02:38 +02:00
sebres 3d64d705f3 try to fix travis integration of pypy3: setuptools recently dropped support for Python 3.0 - 3.2, but old pypy3 based on Python 3.2.5 2017-05-07 13:28:35 +02:00
sebres c546f85207 filter.d/exim.conf: cherry-picked from 0.10, match complex time like `D=2m42s` (closes gh-1766) 2017-05-07 13:02:32 +02:00
Serg G. Brester fafe11d326 Merge pull request #1757 from sebres/0.9-fix-gh-1751 
filter.d/exim.conf: optional part `(...)` by authenticator failed for ...
 2017-04-25 10:05:27 +02:00
sebres 462442a517 Update ChangeLog #1757 2017-04-25 10:04:45 +02:00
sebres 3161bcf78b filter.d/exim.conf: optional part `(...)` after host-name before `[IP]`, normalized over whole config file. 
# Conflicts:
#	config/filter.d/exim.conf
 2017-04-24 19:21:26 +02:00
Yaroslav Halchenko a0cf31903d Merge pull request #1754 from yarikoptic/bf-tzdata 
BF: specify explicit time offset not a time zone name to avoid needing tzdata during testing
 2017-04-17 10:26:37 -04:00
Paul Brook a639f0b083 BF: specify explicit time offset not a time zone name to avoid needing tzdata during testing 2017-04-16 12:11:05 -04:00
sebres 7982d1e627 Update ChangeLog 2017-03-27 11:31:41 +02:00
sebres e8596cfce7 amend resp. restore of change from 59c35bc44a (gh-129): 
- logging of "Log rotation detected" with new MSG level
- introduces new log-level MSG (as INFO-2, 18)
 2017-03-27 11:27:41 +02:00
Serg G. Brester 52c1950371 Update mysqld-auth.conf 
small typo, closes gh-1725 (Thx @seth-reeser)
 2017-03-24 19:03:17 +01:00
Serg G. Brester d3b644acae Merge pull request #1708 from sebres/fix-gh-1707 
filter.d/cyrus-imap.conf: accept entries without login-info resp. hostname before IP address (gh-1707)
 2017-03-09 16:26:06 +01:00
sebres 0f8cb1749f Update ChangeLog 2017-03-09 16:15:45 +01:00
sebres 8768776d68 filter.d/cyrus-imap.conf: fixed `failregex` - accept entries without login-info resp. hostname before IP address 2017-03-09 16:13:45 +01:00
Serg G. Brester 2fa18a74c4 Merge branch 'master' into master 2017-02-17 09:06:09 +01:00
Christoph Theis 861ce4177c #1689: Make lowest rule number in action.d/bsd-ipfw.conf configurable 2017-02-14 18:31:42 +01:00
sebres c4dc698d98 evil symlink removed: does not supported by some file systems (e. g. development over net share) 2017-01-23 09:26:05 +01:00
sebres c4d56ea84a Merge branch 'ssh-filter-new-regexp' 2017-01-23 08:58:03 +01:00
sebres 9d06f0ee40 sshd-amend: optional space after port part 2017-01-23 08:56:47 +01:00