Commit Graph

5014 Commits (bba8844af8c04b95dbc59a767f478515d85484a6)

Author SHA1 Message Date
sebres 00a6717953 fail2ban-client: extended with new feature which allows to inform fail2ban about single or multiple attempts (failure) for IP (failure-ID), syntax:
set <JAIL> attempt <IP> [<failure1> ... <failureN>]
2019-02-20 16:47:53 +01:00
sebres 84cec5e861 implements gh-2349: `fail2ban-client set jain banip/unbanip ip1 .. ipN` extended to ban/unban multiple tickets;
reorganized banning facilities (addBannedIP moved from filter to actions in order to ban directly without implication of fail-manager in between.
2019-02-20 14:56:00 +01:00
sebres e30ebb1f3b closes gh-2277: fixed and optimized cache facilities (operations on OrderedDict are not atomic); increased max-size of IPAddr cache; don't cache raw objects (it is fast enough). 2019-02-18 17:05:11 +01:00
sebres 14f997231d add test case to cover gh-2277, testOverflowedIPCache testing overflow of IP-cache multi-threaded (2 "parasite" threads flooding cache) 2019-02-18 16:56:43 +01:00
Viktor Szépe 824afbf52d Fix whitespaces 2019-02-17 09:12:30 +00:00
Viktor Szépe 24b0e048d1 Normalizing quote usage in initd 2019-02-17 09:08:59 +00:00
Yaroslav Halchenko c545315192 ENH: travis - run shellcheck on files/debian-initd 2019-02-17 09:08:43 +00:00
Yaroslav Halchenko 62f957973d ENH: disable shell check for $DAEMON_ARGS expansion 2019-02-17 09:08:32 +00:00
Viktor Szépe dfd2a2063d Safer, nicer, uniform Debian initd script 2019-02-17 09:08:29 +00:00
Cool Fire 27526e431b Changes static logfile string to variable
Since we don't want to re-declare a log file name we already
have a varialbe for, use the existing variable to set dovecot_log.
2019-02-13 10:10:24 +01:00
Cool Fire b31a018e7c Add override for dovecot failed logins on debian 2019-02-13 10:01:14 +01:00
sebres 5a54a44559 provide more meaningful error-message if invalid `datepattern` set;
fail2ban-regex: catch errors/exceptions by set of parameter, more verbose output if needed (`-v` or log-level `debug` would produce output of call-stack additionally).
2019-02-12 14:36:40 +01:00
Sergey G. Brester c819a18a0a
Update ChangeLog 2019-02-11 19:15:11 +01:00
sebres e651bc7866 amend to #1622: jail-reader supports now multi-line option for multi-line action parameter:
logpath = a.log
            b.log
            c.log
  action  = ban[...]
          = log[logpath="%(logpath)s"]
closes gh-2341, ultimate fix for gh-976
2019-02-11 11:54:58 +01:00
sebres 89c611064d test-cases: be sure the test-files always written with new-line at end 2019-01-14 19:00:42 +01:00
Sergey G. Brester 4108e04ab4
Update ChangeLog 2019-01-07 01:50:44 +01:00
sebres a13fdcf4f7 closes gh-2314: extended regex for mysql 8.0.13 if used logging with details (e. g. log-error-verbosity = 3, so log output has few additional words enclosed in brackets after "[Note]"). 2019-01-07 01:34:12 +01:00
Sergey G. Brester 67247999ff
closes #2313: missing dependency to nftables.service 2019-01-06 17:03:09 +01:00
Yannik Sembritzki 547504873e
Add test case for new asterisk pjsip log syntax which includes the port 2019-01-03 23:59:38 +01:00
Yannik Sembritzki 6b4404b1bc
Fix asterisk filter not catching attackers when port is logged (Fixes #2316) 2019-01-03 23:55:42 +01:00
sebres c9ba695ba3 minor, no cover for 3.x (2.6 only) 2018-12-28 00:04:15 +01:00
sebres 4a4780be04 test-cases: prevent sporadic timing errors (unban if ban still not occurred) 2018-12-27 18:10:09 +01:00
sebres 0298c8a31e closes gh-2277: fixed cache-object clean-up process (if max-size reached) used multi-threaded (del can throw KeyError if get/unset changes the list);
additionally OrderedDict is used now for cache (if available, so >= 2.7) - avoids (slow) search of expired items in full cache and always prefers older objects to remove (like FIFO).
2018-12-27 18:07:23 +01:00
Alexander Koeppe df9b352bac Update information reg. ipdns.py as successor for dnsutils.py 2018-12-19 12:17:44 +01:00
Sergey G. Brester c540babfb6
matches not empty username only 2018-12-17 12:30:46 +01:00
CrazyMax 7cdabdd7ae
Update traefik-auth failregex 2018-12-14 19:06:09 +01:00
sebres c1ccabc1f9 fixed read of included config-files (`.local` overwrites options of `.conf` for config-files included with before/after) 2018-12-11 15:43:25 +01:00
sebres 9b96a7de89 fix of SafeConfigParserWithIncludes 2018-12-11 15:39:43 +01:00
sebres 0245777c84 SafeConfigParserWithIncludes: fixed read of included config-files (expands with localized version, so `inc.local` overwrites options of `inc.conf` for config-files included with before/after);
added new test to cover this case.
2018-12-11 14:48:48 +01:00
CrazyMax 90516d6b67
Add login success example for traefik-auth 2018-11-28 00:37:24 +01:00
CrazyMax a160c38211
Fix UTC Time mismatch 2018-11-24 23:16:27 +01:00
CrazyMax a8fbdd6a87
Fix UTC Time mismatch 2018-11-24 23:13:50 +01:00
CrazyMax a51f82770b
New filter `traefik-auth` 2018-11-24 22:44:44 +01:00
sebres 555b29e8e6 Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10 2018-11-21 13:05:42 +01:00
Sergey G. Brester c40e4c7bad
Merge pull request #2279 from sebres/sshd-filter-gh-2239
sshd filter enhancements (gh-2239)
2018-11-21 11:50:32 +01:00
Sergey G. Brester 0ac5c8941c
Update ChangeLog 2018-11-20 12:39:38 +01:00
sebres 1c1d2cc435 introduces new failregex-flag tag `<F-MLFGAINED>` signaled that the access to service was gained (ATM used similar to <F-NOFAIL>, but does not added to matches);
filter.d/sshd.conf: extended with new rules:
- Disconnecting ...: Change of username or service not allowed
- Disconnected from ... [preauth] (extra/aggressive mode only)
2018-11-19 21:19:57 +01:00
Sergey G. Brester 189c3f964b
Merge pull request #2276 from dienteperro/patch-1
"be" instead of "me" in shorewall.conf
2018-11-15 21:47:33 +01:00
dienteperro 0df221b54b
"be" instead of "me" in shorewall.conf 2018-11-15 14:34:51 -05:00
sebres 657b147c0d fixed dependency issue if setup invoked using python 3.x: invocation of 2to3 takes place after setup (and __init__.py) loaded;
closes gh-2255.
2018-10-10 12:25:53 +02:00
sebres e99635650a dnsToIp and other DNSUtils primitives uses sets instead of lists now (speed-up search of ip, e. g. ignoreself/ignoreip check process) 2018-10-09 18:24:50 +02:00
sebres 0ae02ba2a1 version bump (back to dev-version) 2018-10-04 11:57:56 +02:00
sebres aa565eb80e release 0.10.4 - ten-four-on-due-date-ten-four 2018-10-04 11:26:22 +02:00
Shane Forsythe 8614ca8c41
Update proftpd.conf
proftpd 1.3.5e can leave inconsistent error message if ftp or mod_sftp is used

Oct  2 15:45:31 ftp01 proftpd[5516]: 10.10.2.13 (10.10.2.189[10.10.2.189]) - SECURITY VIOLATION: Root login attempted
Oct  2 15:45:44 ftp01 proftpd[5517]: 10.10.2.13 (10.10.2.189[10.10.2.189]) - SECURITY VIOLATION: Root login attempted.

Fix regex to make trailing period optional, otherwise brute force attacks against root account using ftp are not blocked correctly.
2018-10-02 17:24:33 -04:00
Sergey G. Brester 1752c19b6f
Merge pull request #2205 from benrubson/patch-1
Add loglevel option to badips.py
2018-10-02 13:12:03 +02:00
Sergey G. Brester 65676baf8c fixed py3 incompatibility (for some reasons this file seems to be excluded from 2to3), anyway not needed, because int-type is already checked in str2LogLevel 2018-10-02 13:00:20 +02:00
Sergey G. Brester 4b751c84c3
badips.py: Rewrite new bool option "log" as "loglevel" and revert default to log-level (DEBUG). 2018-10-02 12:32:15 +02:00
sebres 6067579464 Fixed action parameter `timeout`: it is a time (integer), so avoid to convert it to string (for replacement); fix substituteRecursiveTags using auto-convert to string.
Closes gh-2241.
2018-09-27 12:51:57 +02:00
sebres 17da4943df use short log-names for special pure numeric log-level (e.g. "Level 25" could be truncated by short formats) 2018-09-26 21:00:51 +02:00
sebres 2a4c47ea32 .travis.yml: coveralls doesn't support python 2.6 now 2018-09-21 15:31:37 +02:00