github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
3,596 Commits
33 Branches
229 Tags
19 MiB
Commit Graph

3596 Commits (bea3a62a37a6bbfdf65057d6769147a2bfe7cd5f)

Author SHA1 Message Date
sebres bea3a62a37 update ChangeLog 2017-05-07 14:02:45 +02:00
sebres 0600d51511 filter.d/exim.conf: added new reason for "rejected RCPT" regex: Unrouteable address 2017-05-07 14:02:38 +02:00
sebres 3d64d705f3 try to fix travis integration of pypy3: setuptools recently dropped support for Python 3.0 - 3.2, but old pypy3 based on Python 3.2.5 2017-05-07 13:28:35 +02:00
sebres c546f85207 filter.d/exim.conf: cherry-picked from 0.10, match complex time like `D=2m42s` (closes gh-1766) 2017-05-07 13:02:32 +02:00
Serg G. Brester fafe11d326 Merge pull request #1757 from sebres/0.9-fix-gh-1751 
filter.d/exim.conf: optional part `(...)` by authenticator failed for ...
 2017-04-25 10:05:27 +02:00
sebres 462442a517 Update ChangeLog #1757 2017-04-25 10:04:45 +02:00
sebres 3161bcf78b filter.d/exim.conf: optional part `(...)` after host-name before `[IP]`, normalized over whole config file. 
# Conflicts:
#	config/filter.d/exim.conf
 2017-04-24 19:21:26 +02:00
Yaroslav Halchenko a0cf31903d Merge pull request #1754 from yarikoptic/bf-tzdata 
BF: specify explicit time offset not a time zone name to avoid needing tzdata during testing
 2017-04-17 10:26:37 -04:00
Paul Brook a639f0b083 BF: specify explicit time offset not a time zone name to avoid needing tzdata during testing 2017-04-16 12:11:05 -04:00
sebres 7982d1e627 Update ChangeLog 2017-03-27 11:31:41 +02:00
sebres e8596cfce7 amend resp. restore of change from 59c35bc44a (gh-129): 
- logging of "Log rotation detected" with new MSG level
- introduces new log-level MSG (as INFO-2, 18)
 2017-03-27 11:27:41 +02:00
Serg G. Brester 52c1950371 Update mysqld-auth.conf 
small typo, closes gh-1725 (Thx @seth-reeser)
 2017-03-24 19:03:17 +01:00
Serg G. Brester d3b644acae Merge pull request #1708 from sebres/fix-gh-1707 
filter.d/cyrus-imap.conf: accept entries without login-info resp. hostname before IP address (gh-1707)
 2017-03-09 16:26:06 +01:00
sebres 0f8cb1749f Update ChangeLog 2017-03-09 16:15:45 +01:00
sebres 8768776d68 filter.d/cyrus-imap.conf: fixed `failregex` - accept entries without login-info resp. hostname before IP address 2017-03-09 16:13:45 +01:00
sebres c4dc698d98 evil symlink removed: does not supported by some file systems (e. g. development over net share) 2017-01-23 09:26:05 +01:00
sebres c4d56ea84a Merge branch 'ssh-filter-new-regexp' 2017-01-23 08:58:03 +01:00
sebres 9d06f0ee40 sshd-amend: optional space after port part 2017-01-23 08:56:47 +01:00
Serg G. Brester 3ccb026840 Merge pull request #1209 from sebres/ssh-filter-new-regexp 
sshd-aggressive (new ssh rules added (gh-864) and code review...)
 2017-01-21 16:29:42 +01:00
sebres 54a8c681ce suhosin.conf: removed greedy match 2017-01-21 16:26:07 +01:00
sebres 8aa9516d50 sshd.conf: fixed expression "received disconnect ... auth fail" - optional space after port part (gh-1652) 2017-01-21 16:18:03 +01:00
sebres c8f473110c change log update after rebase 2017-01-21 15:59:27 +01:00
sebres 3276bd6d54 sshd: additionally aggressive filter rules - no matching cipher resp. no matching key exchange method (gh-1545, gh-1117) 2017-01-21 15:57:05 +01:00
sebres 628789f9a9 sshd: conditional parameter "mode" for sshd jail (normal, ddos, aggressive) 
filter sshd-ddos and new filter sshd-aggressive are both derivation of sshd-filter
 2017-01-21 15:54:49 +01:00
sebres dd373dba9f test all config-regexp, that contains greedy catch-all before <HOST>, that is hard-anchored at end or precise sub expression after <HOST>; 
new ssh rule(s) added:
- Connection reset by peer (multi-line rule during authorization process);
- No supported authentication methods available;
Single line and multi-line expression optimized, added optional prefixes and suffix (logged from several ssh versions);
closes gh-864
 2017-01-21 15:53:48 +01:00
Serg G. Brester 5e08298b6b Update ChangeLog 2017-01-20 08:47:30 +01:00
Christian Brandlehner a4d8426401 Support for IBM Domino SMTP task (#1603) 
filter.d/domino-smtp.conf
 2017-01-20 08:44:20 +01:00
Serg G. Brester 40f294e6bf Merge pull request #1663 from jjeziorny/netscaler-action 
Introduced citrix netscaler action
 2017-01-19 16:25:23 +01:00
Serg G. Brester 75b252e47f Update ChangeLog 2017-01-19 15:00:08 +01:00
Juliano Jeziorny 1fe554dd25 Introduced Citrix Netscaler action 2017-01-19 14:30:25 +01:00
Serg G. Brester 063a11564b Merge pull request #1673 from chtheis/master 
Wrong paths for apache and nginx under FreeBSD
 2017-01-18 17:12:20 +01:00
Christoph Theis fe76cd9b7d #1667: changelog entry 2017-01-17 14:05:20 +01:00
Christoph Theis 6187431629 #1667: Wrong paths for apache and nginx under FreeBSD 2017-01-17 11:48:25 +01:00
sebres a9523aefbb sshd.conf: fixed non-anchored part of regex (misleading match of colon inside IPv6 address instead of `: ` in the reason-part by missing space). 2017-01-10 12:58:44 +01:00
sebres f8d35a7c9c changelog entry 2017-01-10 11:16:17 +01:00
sebres 2009f1c434 fail2ban-regex: fix for systemd-journal (see gh-1657) 2017-01-10 11:13:18 +01:00
Yaroslav Halchenko 31a1560eaa minor typos (thanks Vincent Lefevre, Debian #847785) 2016-12-11 15:13:11 -05:00
Yaroslav Halchenko 4a1fd888f0 Carry on development 2016-12-11 00:49:09 -05:00
Yaroslav Halchenko 3605155978 updated man pages 2016-12-09 09:36:08 -05:00
Yaroslav Halchenko 482252dbd4 ENH: prep for 0.9.6 release (as of tomorrow) 2016-12-09 09:35:03 -05:00
Yaroslav Halchenko e550850b9c BF: added missing entires into MANIFEST 2016-12-09 09:34:44 -05:00
Serg G. Brester 556a9373ce Update ChangeLog 2016-11-28 23:40:33 +01:00
sebres 45f1d811c9 Merge branch 'alex1702-1586' 2016-11-28 18:54:02 +01:00
sebres 67c14afd8e ChangeLog entry added + jail.conf review 2016-11-28 18:51:23 +01:00
sebres 425170cef3 code review, makes the test cases workable, added dev-notes 2016-11-28 18:39:07 +01:00
Serg G. Brester f827675822 Merge pull request #1627 from sebres/fix-gh-1626 
Fix gh-1626: one space after ModSecurity
 2016-11-28 12:00:53 +01:00
sebres b8c41dcb49 ChangeLog update 2016-11-28 11:31:51 +01:00
sebres 931eab84b5 `filter.d/apache-modsecurity.conf` 
- fixed for newer version (one space, closes gh-1626)
reviewed and optimized:
  - non-greedy catch-all replaced for safer match
  - unneeded catch-all anchoring removed
  - non-capturing groups
 2016-11-28 11:28:27 +01:00
Serg G. Brester b8b5907706 Merge pull request #1624 from sebres/fix-gh-1623 
filter.d/dovecot.conf update: ignore additionally irrelevant info in anchored regex before "auth failed"
 2016-11-26 17:07:39 +01:00
sebres 5678d08a79 filter.d/dovecot.conf update: 
- fixes failregex, that ignores failures through some irrelevant info (closes #1623);
- ignores whole additionally irrelevant info in anchored regex before fixed failure data `\((?:auth failed, \d+ attempts( in \d+ secs)?|tried to use (disabled|disallowed) \S+ auth)\)`
- review, IPv6 compatibility fix, non-capturing groups
 2016-11-26 16:50:37 +01:00