fail2ban

Commit Graph

Author	SHA1	Message	Date
Daniel Black	9e53892708	BF: did remove instead of move	11 years ago
Daniel Black	fb666b69ff	BF: firewall-cmd-direct-new was too long. Thanks Joel.	11 years ago
Daniel Black	f80fa7d7a0	Merge pull request #456 from grooverdan/apffix BF: add init section with name for action.d/apf. Closes #398	11 years ago
Daniel Black	13223c33f5	MRG: recidive-protocol-all	11 years ago
Daniel Black	dc154c792e	BF: add init section with name for action.d/apf. Closes #398	11 years ago
Yaroslav Halchenko	a26d4f42b7	ENH: added optional [PID] matching in recidive.conf	11 years ago
Daniel Black	9a82bc3c61	BF: kernel messages can have space. Thanks ag4ve(shawn). Closes #448	11 years ago
Yaroslav Halchenko	629e9ae445	Merge pull request #443 from grooverdan/apache-authfix BF: apache filters using error log weren't matched when referer existed ...	11 years ago
Daniel Black	284f811c91	BF: apache filters using error log weren't matched when referer existed in HTTP header	11 years ago
Daniel Black	1ea68b2d0c	DOC: filter.d/solid-pop3d - document lack of PAM support. Thanks to Jacques for the log messages	11 years ago
Daniel Black	0eea0a35db	ENH: filter.d/solid-pop3d - added log messages and regexes	11 years ago
Daniel Black	dab2ddb9da	ENH: recidive jail to block all protocols. Closes #440	11 years ago
Daniel Black	b3b9ea4559	ENH: jail for solid-pop3d	11 years ago
Daniel Black	88eff70774	ENH: filter.d/solid-pop3d added	11 years ago
Daniel Black	286d78e13c	Merge pull request #430 from grooverdan/apache-overflows ENH: Apache overflows - httpd-2.4 message IDs + samples	11 years ago
Daniel Black	50ca16e50e	Merge pull request #431 from grooverdan/apache-noscript ENH: apache-2.4 message IDs for filter apache-noscript	11 years ago
Daniel Black	947c6ff9cc	Merge pull request #433 from grooverdan/asterisk BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from " regex thanks to Jonathan Lanning	11 years ago
Daniel Black	38503a5848	Merge pull request #434 from grooverdan/dos-resistant-dropbear ENH: DoS resistant dropbear filter	11 years ago
Daniel Black	62b1f98dff	Merge pull request #435 from grooverdan/dos-resistant-exim BF: exim filter to be DoS resistant	11 years ago
Daniel Black	be60518218	BF/ENH: DoS resistant roundcube-auth with test cases and more variation in IMAP error given	11 years ago
Daniel Black	52972164a2	BF: exim filter to be DoS resistant	11 years ago
Daniel Black	c272573fe3	ENH: DoS resistant dropbear filter	11 years ago
Daniel Black	eb9663eb4f	BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from <HOST>" regex thanks to Jonathan Lanning	11 years ago
Daniel Black	648d48c355	ENH: apache-2.4 message IDs for filter apache-noscript	11 years ago
Daniel Black	a4718eb644	ENH: apache-overflow filter to have HTTP-2.4 message IDs and test samples	11 years ago
Daniel Black	87516eb92b	ENH: apache-overflows - more detail on "request failed: URI too long (longer than %d)" with test case	11 years ago
Daniel Black	c5021b55f6	Merge pull request #427 from yarikoptic/bf/nginx-regex-injection BF: anchor introduced nginx-http-auth at the end	11 years ago
Yaroslav Halchenko	ccd26578ec	Merge pull request #425 from grooverdan/asterisk-simplify ENH: condense asterisk regexs for speed	11 years ago
Yaroslav Halchenko	ac061155f0	BF: anchor introduced nginx-http-auth at the end needed since request probably could be not a correct HTTP statement but continue with all those to match till the end and then injected ", client: VICTIM, server..." thus allowing injection. We better anchor at the end then	11 years ago
Yaroslav Halchenko	ea8fce6308	Merge pull request #426 from yarikoptic/bf/openssh6.3-regex-injection openssh 6.3 regex injection vectors: inject into ruser and/or exploiting pre-specified limits set for user provided data	11 years ago
Yaroslav Halchenko	bf245f9640	DOC: adding DEV Notes for for non-greedy matchin within sshd.conf	11 years ago
Daniel Black	d6bbe03861	Merge pull request #424 from grooverdan/nginx-auth ENH: add filter.d/nginx-http-auth. Partially forfils #405	11 years ago
Yaroslav Halchenko	750e0c1e3d	BF: disallow exploiting of non-greedy .* in previous fix by providing too long rhost -- do not impose length limits for user-provided input since daemon might eventually change reported length and we would need to adjust anyways. So limiting in length does not provide additional security but allows for a possible injection vector	11 years ago
Yaroslav Halchenko	abb012ae5c	BF: fixing injection for OpenSSH 6.3 -- making .* before <HOST> non-greedy	11 years ago
Daniel Black	d7560d4041	ENH: condense asterisk regexs for speed	11 years ago
Daniel Black	ab9d921162	BF: missed action in nginx-http-auth	11 years ago
Daniel Black	a148d35d70	ENH: add filter.d/nginx-http-auth. Partially forfills #405	11 years ago
Yaroslav Halchenko	4522308354	ENH: regenerated config/filter.d/apache-badbots.conf	11 years ago
Daniel Black	0730db9b2b	Merge pull request #416 from grooverdan/debian-bug-665925-wuftpd-pam BF: wuftpd pam filter fix (Debian bug 665925)	11 years ago
Daniel Black	e55b24c533	BF: fix dovecot filter for newer failure message. Closes Debian bug #709324	11 years ago
Daniel Black	8b54523316	BF: fix to filter.d/wuftp to support pam authentication - Debian bug #665925	11 years ago
Daniel Black	ac1f45d18c	Merge pull request #412 from grooverdan/firewalld ENH: enhance firewall-cmd to use firewall-0.8.3's --remove-rules	11 years ago
Daniel Black	87f68d7564	firewalld-0.3.8 release that support --remove-rules out so documenting this.	11 years ago
Daniel Black	ee1edfbf0c	BF: remove duplication definition secion in webmin-auth	11 years ago
Daniel Black	b5c10488c1	Merge pull request #409 from grooverdan/filter-doco DOC: in filters, put user relevant doc at top, and developer info at bot...	11 years ago
Daniel Black	5eddd5d12d	DOC: document required firewalld version as > 0.3.7.1	11 years ago
Daniel Black	27d257d5a6	Merge pull request #408 from grooverdan/dropbear BF: filter.d/dropbear	11 years ago
Daniel Black	8ac6081555	ENH: fix to use upstream --remove-rules https://fedorahosted.org/firewalld/ticket/10	11 years ago
Daniel Black	93de46ac72	BF: maxretry=5 for ssh as per DEVELOP. align = in jail.conf	11 years ago
Daniel Black	c3f9c9aa60	BF: filter.d/dropbear Add PAM failures which is in dropbear-2013.60 in srv-authpam.c Patch http://www.unchartedbackwaters.co.uk/files/dropbear/dropbear-0.52.patch obviously has exit with lower case e so adjust regex for both. svr-authpasswd.c in 2013.60 (at bottom) for second regex ends after the IP so the regex was altered. .\s can be compressed to .*	11 years ago
Daniel Black	89fd792dfb	DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page	11 years ago
Daniel Black	de9977441a	DOC: move named and mysql instructions into the filters from jail.conf	11 years ago
Daniel Black	7ab909d056	DOC: space out jail.conf consistantly	11 years ago
Daniel Black	95f3f38682	MRG: merge ChangeLog and jail.conf	11 years ago
Daniel Black	e3150044fd	BF: fix selinux TST: ignore *common.conf files in test cases as these are included BF: Remove USER_LOGIN from selinux-ssh as its a duplicate message ENH: add sample jail.conf	11 years ago
Daniel Black	0f85aef609	Merge pull request #407 from grooverdan/dovecot-jail ENH: Dovecot jail	11 years ago
Daniel Black	a991adb83f	ENH: add submission, smtps and sieve to blocked ports since this also typically rely on dovecot auth	11 years ago
Daniel Black	8412303131	ENH: dovecot jail examples	11 years ago
Daniel Black	cde389cadc	ENH: additional tweek to dovecot regex based on http://chrisgilligan.com/portfolio/fail2ban-regex/	11 years ago
Daniel Black	0c14707201	ENH: add dovecot jail	11 years ago
Daniel Black	d451c2a231	FIX: vsftp improvements from Rich Mellor on mailing list	11 years ago
Daniel Black	b61fe0f12d	Merge pull request #378 from grooverdan/sasl ENH: filter.d/postfix-sasl - anchor regex at start and rename from filter.d/sasl	11 years ago
Daniel Black	4ecc063bd0	ENH: rename filter.d/sasl -> filter.d/postfix-sasl	11 years ago
Daniel Black	c2b76d1fd0	Merge pull request #397 from yarikoptic/_enh/unify_default_strings DOC: enh/unify "Default:" strings	11 years ago
Daniel Black	b4cbf82912	DOC: remove Default: on action firewall-cmd-direct-new	11 years ago
Yaroslav Halchenko	4149c7495d	Options in actions to be specified in jails have no "Default"s besides those specified in the files -- thus removing from comments	11 years ago
Yaroslav Halchenko	d12eb2526a	Fixing up default values in fail2ban.conf + unifying formatting	11 years ago
Daniel Black	f1bb08aa6a	ENH: base blocktype off iptables-blocktype.conf for firewall-cmd-direct-new.conf like other iptables based actions	11 years ago
Daniel Black	12f7ea7ec4	DOC: remove excessive comments from firewall-cmd-direct-new	11 years ago
Daniel Black	0d8d1ae26c	ENH: new action.d/firewall-cmd-direct-new.conf from Redhat Bugzilla #979622	11 years ago
Daniel Black	123ad1cc9c	MRG: Merge branch 'asterisk-common-jail'	11 years ago
Daniel Black	8421007f32	MRG: merge man/jail.conf.5 entries	11 years ago
Daniel Black	ef62d0d4c1	Merge pull request #391 from grooverdan/jail-mysql-doc ENH: mysql syslog jail.conf base	11 years ago
Daniel Black	e417a2112c	Merge pull request #386 from grooverdan/qmail ENH: filter.d/qmail - anchor at start. Add another regex	11 years ago
Daniel Black	e227568c3b	Merge pull request #384 from grooverdan/dovecot-325 ENH: added to dovecot filter. closes gh-325	11 years ago
Daniel Black	0022cca786	Merge pull request #385 from grooverdan/ipset ENH/BF: Ipset - add iptables-ipset-proto6-allports / use blocktype on iptables-ipset-proto6*	11 years ago
Daniel Black	8fe542ca9f	DOC: reintroduce comment on comments	11 years ago
Daniel Black	6b6169178f	ENH: mysql syslog jail.conf base	11 years ago
Daniel Black	ee58696531	DOC: try to encourage jail.local jail.d/*.local a lot more	11 years ago
Daniel Black	6ef33981e3	ENH: new asterisk jail to replace asterisk-(tcp\|udp) (now that gh-37 is fixed)	11 years ago
Daniel Black	6b519d54db	ENH: filter.d/recidive - replace ignore regex with a negative lookahead assertion	11 years ago
Daniel Black	351eb5ec8f	ENH: filter.d/qmail - anchor at start. Add another regex for http://www.tjsi.com/rblsmtpd/faq/ patch to rblsmtpd	11 years ago
Daniel Black	eb59a57b7f	ENH: tighten pam_unix expression for dovecot	11 years ago
Daniel Black	864d2f41b9	ENH: auth-worker as per of _daemon definition for dovecot	11 years ago
Daniel Black	2d1bd54439	Merge pull request #379 from grooverdan/webmin ENH: filter.d/webmin anchor at start and use syslog	11 years ago
Yaroslav Halchenko	500968874e	Merge pull request #381 from grooverdan/suhosin ENH: filter.d/suhosin - anchor regex at start	11 years ago
Yaroslav Halchenko	a7b1b802e0	Merge pull request #382 from grooverdan/vsftpd Vsftpd	11 years ago
Yaroslav Halchenko	f0b91fcede	Merge pull request #380 from grooverdan/sogo ENH: filter.d/sogo-auth - anchor regex at start	11 years ago
Daniel Black	df313649a4	ENH: escape . in recidive filter	11 years ago
Daniel Black	1a5e17f2a3	BF: use blocktype for iptables-ipset-proto6*	11 years ago
Daniel Black	dcb845f17c	ENH: add iptables-ipset-proto6-allports for blocking all ports	11 years ago
Daniel Black	2a1d629d88	BF: webmin -> webmin-auth	11 years ago
Daniel Black	ab457acc4d	BF: fix name in action for uwimap-auth	11 years ago
Daniel Black	0beea03914	ENH: jail.conf example for webmin	11 years ago
Daniel Black	d60f470096	ENH: added to dovecot filter. closes gh-325	11 years ago
Daniel Black	46386412a4	ENH: filter.d/vsftpd - pam regex as syslog and anchored at start	11 years ago
Daniel Black	1519712972	ENH: filter.d/vsftpd anchor internal regex at start	11 years ago
Daniel Black	9637c27873	ENH: filter.d/suhosin - anchor regex at start	11 years ago
Daniel Black	13bcc9aa84	ENH: filter.d/sogo-auth - anchor regex at start	11 years ago
Daniel Black	b64bf3fa7b	ENH: filter.d/webmin anchor at start and use syslog	11 years ago
Daniel Black	f4c7c8f4b3	ENH: sasl - anchor regex at start	11 years ago
Daniel Black	23dd734aa9	Merge pull request #366 from grooverdan/dovecot ENH: dovecot regex to match failure reported by Bob Cohen on mailing lis...	11 years ago
Daniel Black	f998e01590	Merge pull request #359 from grooverdan/pureftpd ENH: Pureftpd syslog prefixing and filter achoring	11 years ago
Daniel Black	ba8183b116	Merge pull request #372 from grooverdan/uw-imap ENH: filter.d/uwimap-auth added. Closes #18	11 years ago
Daniel Black	262616f7a7	ENH: filter.d/uwimap-auth - failure of an admin override to regex	11 years ago
Daniel Black	9211179d30	ENH: filter.d/uwimap-auth - add "disabled" to regex	11 years ago
Daniel Black	4649cf9608	ENH: separate selinux and selinux-ssh	11 years ago
Daniel Black	791183b639	ENH: filter.d/uwimap-auth - add SYSTEM BREAK-IN ATTEMPT	11 years ago
Daniel Black	a1eaa5f755	ENH: filter.d/selinxu added. Closes #296	11 years ago
Daniel Black	778f09debe	DOC/ENH: __md5hex regex defination to common.conf. Document debian bug #	11 years ago
Daniel Black	b3b62d65bf	ENH: filter.d/uwimap-auth added. Closes #18	11 years ago
Daniel Black	f2ae20a3b8	BF: filter.d/sshd group on md5hex and () for serial needed to be escaped	11 years ago
Daniel Black	1eeb6e94bd	BF: fix regex for openssh-6.3	11 years ago
Daniel Black	e12d389c65	MRG/DOC: jail.conf resolution, ChangeLog fixes	11 years ago
Mark McKinstry	b6bf26c9f2	dont' need to set a default name	11 years ago
Mark McKinstry	4187e87b69	don't enabel ssh-apf jail by default	11 years ago
Mark McKinstry	f9f4d2728f	add an example jail for apf action and ssh filter	11 years ago
Mark McKinstry	2668adc896	Merge branch 'master' of github.com:fail2ban/fail2ban	11 years ago
Mark McKinstry	1af4543aca	ability to name the jail that banned the IP with apf	11 years ago
Mark McKinstry	dd9ee4c39a	quotes around the comment put in apf's deny_hosts.rules file	11 years ago
Mark McKinstry	e64493c328	use human readable/longer options when banning and un-banning IPs with apf	11 years ago
Mark McKinstry	c692912a82	don't hardcode absolute path for apf firewall	11 years ago
Mark McKinstry	66aff43d68	remove un-needed '$' line	11 years ago
Daniel Black	8c2a5612ed	DOC: resolve ChangeLog conflicts	11 years ago
Daniel Black	2a805452c6	DOC: resolve ChangeLog conflicts	11 years ago
Daniel Black	8e9fab9b3c	Merge branch 'master' of https://github.com/fail2ban/fail2ban	11 years ago
Daniel Black	3be7dcd701	DOC: resolve ChangeLog conflicts	11 years ago
Daniel Black	89e0520675	ENH: dovecot regex to match failure reported by Bob Cohen on mailing list	11 years ago
Daniel Black	c3ee03b9ba	BF: fix daemon name typo for filter proftpd	11 years ago
Daniel Black	39ca8837eb	TST: pureftpd - syslog therefore use syslog prefixes in filter	11 years ago
Daniel Black	30bb1a77a3	ENH: added syslog prefix to pam-generic filter. Disable regex match for pre 2006 (< 0.99.2.0) versions on linux-pam	11 years ago
Daniel Black	ee497ff1cb	ENH: filter mysqld-auth can be a is a syslog based service so anchor it using syslog prefix	11 years ago
Daniel Black	13ec9d58c0	ENH: filter gssftpd is a syslog based service so anchor it using syslog prefix	11 years ago
Daniel Black	673cc4d77f	ENH: anchor at end of recidive filter	11 years ago
Daniel Black	504111b0b1	ENH: filter.d/recidive - anchor regex at start and support f2b SYSLOG target	11 years ago
Beau Raines	060bd45295	ENH - Added server name to subject line in email notifications This is useful when fail2ban is running on multiple servers and keeping the notifictions separate and knowing which machine is "under attack".	11 years ago
Daniel Black	ad291d7e38	Merge pull request #346 from grooverdan/bsd-ipfw-default-unreach-port BF: action.d/bsd-ipfw - use blocktype instead of unused action for icmp ...	11 years ago
Daniel Black	e5f1a7f050	Merge pull request #344 from grooverdan/osx ENH: OSX ipfw based on Andy Fragen's work	11 years ago
Daniel Black	4face1f3e7	MRG: resolve conficts in action.d/osx-ipfw design	11 years ago
Andy Fragen	d258a51a23	after some research it looks like setting to unreachable better than deny	11 years ago
Andy Fragen	fe557e5900	more specific actionunban	11 years ago
Andy Fragen	a4884f82cd	add mods from grooverdan and fix actionunban actionunban still not working in grooverdan's mod. I made this one grep both <ip> and <port>. It should be more specific if the same <ip> is banned on multiple ports.	11 years ago
Daniel Black	6b0e2289d4	Merge pull request #335 from grooverdan/gh-333-bind ENH: filter.d/named-refused.conf - BIND 9.9.3 regex changes. Closes gh-333	11 years ago
Daniel Black	f2bcf84893	BF: action.d/bsd-ipfw - use blocktype instead of unused action for icmp rejecting blocked packets	11 years ago
Daniel Black	749f215089	ENH: port optional	11 years ago
Daniel Black	8b22fa15b5	BF: reverted to simplier random rulenum. If your machine is handling 1000s of block the addition complexity isnt what you want	11 years ago
Daniel Black	b31799a322	ENH: add action.d/osx-afctl anonymously contributed on f2b wiki	11 years ago
Daniel Black	808aa1a792	ENH: added jail.conf example. closes gh-340	11 years ago
Daniel Black	5741348f45	ENH: more options and ruggedness to prevent unintensional consequences	11 years ago
Daniel Black	52bd0f86a8	Merge branch 'osx-ipfw' of https://github.com/afragen/fail2ban into osx	11 years ago

1 2 3 4 5 ...

627 Commits (c3a2e8fbacfc8cde69f34b0ed75e0a75a19930fd)