fail2ban

Commit Graph

Author	SHA1	Message	Date
Daniel Black	1ea68b2d0c	DOC: filter.d/solid-pop3d - document lack of PAM support. Thanks to Jacques for the log messages	2013-11-18 09:44:26 +11:00
Yaroslav Halchenko	d583637c50	changeset_ac061155f093464fb6cd2329d3d513b15c68e256.diff absorbed upstream	2013-11-17 17:32:25 -05:00
Yaroslav Halchenko	30fe2ce7ba	changelog entry for previous cherry picked patch	2013-11-17 17:29:56 -05:00
Yaroslav Halchenko	0c24daeb10	added patch changeset_d4f6ca4f8531f332bcb7ce3a89102f60afaaa08e.diff to "cherry-pick" `d4f6ca4f85` (ENH: adding custom date format for proftpd when logging in its own log file (default on Debian) -- includes milliseconds)	2013-11-17 17:27:50 -05:00
Daniel Black	0eea0a35db	ENH: filter.d/solid-pop3d - added log messages and regexes	2013-11-18 08:58:23 +11:00
Daniel Black	8aa20a7b0e	ENH: credits for #440 recidive jail protocol=all	2013-11-18 07:59:56 +11:00
Daniel Black	dab2ddb9da	ENH: recidive jail to block all protocols. Closes #440	2013-11-18 07:57:16 +11:00
Daniel Black	2c63b1fe93	Merge pull request #439 from yarikoptic/bf/proftpd-millisec ENH: proftpd in Debian (now or forever) has ",milliseconds" in its date format	2013-11-17 12:44:44 -08:00
Daniel Black	b3b9ea4559	ENH: jail for solid-pop3d	2013-11-18 07:42:45 +11:00
Yaroslav Halchenko	19a472928d	More of changelog entries to close bugs addressed in this release	2013-11-16 22:58:15 -05:00
Yaroslav Halchenko	4dba65f685	debian/NEWS - information for change of default iptables action to REJECT now (Closes: #711463 )	2013-11-16 22:30:31 -05:00
Yaroslav Halchenko	82174ea4c4	Changelog for preceding proftpd date format change	2013-11-16 22:18:51 -05:00
Yaroslav Halchenko	d4f6ca4f85	ENH: adding custom date format for proftpd when logging in its own log file (default on Debian) -- includes milliseconds Should resolve Debian #648276	2013-11-16 22:15:58 -05:00
Yaroslav Halchenko	2d068572bc	debian/jail.conf - dropbear jail: use dropbear filter (instead of ssh) and monitor auth.log instead of non-existing /var/log/dropbear (Closes: #620760 )	2013-11-16 21:35:04 -05:00
Yaroslav Halchenko	7d8dc0f322	fresh changelog	2013-11-16 21:30:15 -05:00
Yaroslav Halchenko	b2f5a79eeb	Merge tag '0.8.11' into debian * tag '0.8.11': DOC: finalise 0.8.11 release BF/ENH: DoS resistant roundcube-auth with test cases and more variation in IMAP error given BF: exim filter to be DoS resistant ENH: DoS resistant dropbear filter BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from <HOST>" regex thanks to Jonathan Lanning ENH: apache-2.4 message IDs for filter apache-noscript TST: change source URL ENH: apache-overflow filter to have HTTP-2.4 message IDs and test samples ENH: apache-overflows - more detail on "request failed: URI too long (longer than %d)" with test case TST: end of json in sshd sample log TST: fix space in sshd sample log TST: test case that shows injection DOC: more on filter regexes - DEVELOP DOC: filter regex debugging BF: anchor introduced nginx-http-auth at the end	2013-11-16 21:19:48 -05:00
Daniel Black	88eff70774	ENH: filter.d/solid-pop3d added	2013-11-16 09:43:15 +11:00
Daniel Black	ed212fcdcc	DOC: new ChangeLog header	2013-11-16 09:40:05 +11:00
Daniel Black	84f915c1f7	fix nginx-http-auth lof file location and MANIFEST	2013-11-13 09:57:13 +11:00
Daniel Black	a7604c899f	DOC: list Wiki pages to update after a release	2013-11-13 09:43:36 +11:00
Daniel Black	1ac7b53cad	MRG: merge from master	2013-11-13 09:16:45 +11:00
Daniel Black	752ea054db	DOC: post release version change	2013-11-13 09:01:52 +11:00
Daniel Black	fc213a103e	Merge pull request #437 from grooverdan/0.8.11_release DOC: finalise 0.8.11 release	2013-11-12 13:06:54 -08:00
Daniel Black	d0498bec69	DOC: finalise 0.8.11 release	2013-11-13 08:05:08 +11:00
Daniel Black	286d78e13c	Merge pull request #430 from grooverdan/apache-overflows ENH: Apache overflows - httpd-2.4 message IDs + samples	2013-11-12 12:46:52 -08:00
Daniel Black	50ca16e50e	Merge pull request #431 from grooverdan/apache-noscript ENH: apache-2.4 message IDs for filter apache-noscript	2013-11-12 12:46:09 -08:00
Daniel Black	947c6ff9cc	Merge pull request #433 from grooverdan/asterisk BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from " regex thanks to Jonathan Lanning	2013-11-12 12:45:52 -08:00
Daniel Black	38503a5848	Merge pull request #434 from grooverdan/dos-resistant-dropbear ENH: DoS resistant dropbear filter	2013-11-12 12:45:12 -08:00
Daniel Black	62b1f98dff	Merge pull request #435 from grooverdan/dos-resistant-exim BF: exim filter to be DoS resistant	2013-11-12 12:44:53 -08:00
Daniel Black	0d47ea3348	Merge pull request #436 from grooverdan/dos-resistant-roundcube-auth BF/ENH: DoS resistant roundcube-auth with test cases and more variation from IMAP responses	2013-11-12 12:44:36 -08:00
Daniel Black	be60518218	BF/ENH: DoS resistant roundcube-auth with test cases and more variation in IMAP error given	2013-11-12 18:57:01 +11:00
Daniel Black	52972164a2	BF: exim filter to be DoS resistant	2013-11-12 18:13:35 +11:00
Daniel Black	c272573fe3	ENH: DoS resistant dropbear filter	2013-11-12 18:06:16 +11:00
Daniel Black	eb9663eb4f	BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from <HOST>" regex thanks to Jonathan Lanning	2013-11-12 09:22:41 +11:00
Daniel Black	648d48c355	ENH: apache-2.4 message IDs for filter apache-noscript	2013-11-11 10:49:11 +11:00
Daniel Black	c81ed53805	TST: change source URL	2013-11-11 10:40:12 +11:00
Daniel Black	a4718eb644	ENH: apache-overflow filter to have HTTP-2.4 message IDs and test samples	2013-11-11 10:38:02 +11:00
Daniel Black	87516eb92b	ENH: apache-overflows - more detail on "request failed: URI too long (longer than %d)" with test case	2013-11-11 09:46:40 +11:00
Daniel Black	e8aa676cf5	Merge pull request #429 from grooverdan/filter-develop-doco DOC: Filter development doco	2013-11-10 14:10:10 -08:00
Daniel Black	191c4fda1b	Merge pull request #428 from grooverdan/ssh-dos TST: test case that shows injection into username	2013-11-10 13:39:03 -08:00
Daniel Black	f1c98a799f	Merge pull request #421 from grooverdan/sendmail-spam ENH: multiline filter for sendmail-spam. Closes gh-418	2013-11-10 13:37:33 -08:00
Daniel Black	d90130234d	TST: end of json in sshd sample log	2013-11-11 08:29:54 +11:00
Daniel Black	061a26c408	TST: fix space in sshd sample log	2013-11-11 08:28:09 +11:00
Daniel Black	d955714d26	TST: test case that shows injection	2013-11-11 08:11:32 +11:00
Daniel Black	b8f40fef1b	DOC: more on filter regexes - DEVELOP	2013-11-11 08:08:10 +11:00
Yaroslav Halchenko	8f54c1990a	provide Closes statements for Debian bugs	2013-11-10 12:17:13 -08:00
Yaroslav Halchenko	a4ab39ea82	minor jail.conf tune ups. More needed to adopt the jails/filter added upstrean	2013-11-10 00:24:24 -08:00
Yaroslav Halchenko	93f30fe4f6	added patch changeset_ac061155f093464fb6cd2329d3d513b15c68e256.diff to "cherry-pick" `ac061155f0` (BF: anchor introduced nginx-http-auth at the end)	2013-11-08 17:30:35 -08:00
Yaroslav Halchenko	521f8062bc	Changelog entry/new version	2013-11-08 17:29:55 -08:00
Yaroslav Halchenko	128c4c978d	Merge commit '0.8.11.pre1-29-gccd2657' into debian * commit '0.8.11.pre1-29-gccd2657': (363 commits) DOC: minor typos in ChangeLog DOC: adding DEV Notes for for non-greedy matchin within sshd.conf BF: disallow exploiting of non-greedy .* in previous fix by providing too long rhost -- do not impose length limits for user-provided input BF: fixing injection for OpenSSH 6.3 -- making .* before <HOST> non-greedy Changelog for prior changes (gen_buildbots) ENH: condense asterisk regexs for speed BF: missed action in nginx-http-auth ENH: add filter.d/nginx-http-auth. Partially forfills #405 ENH: regenerated config/filter.d/apache-badbots.conf NF: gen_badbots script to (re)generate/update config/filter.d/apache-badbots.conf DOC: keeping Changelog release-phrases uniform, simplified intro, unified DOC: Untabifying and reindenting a bit ChangeLog DOC: few more links for DEVELOP BF: fix dovecot filter for newer failure message. Closes Debian bug #709324 BF: fix to filter.d/wuftp to support pam authentication - Debian bug #665925 Add Fedora git repo of fail2ban package to DEVELOP firewalld-0.3.8 release that support --remove-rules out so documenting this. BF: remove duplication definition secion in webmin-auth DOC: alter release notes a bit more and versions in README.md BF/DOC: fix hopefully final MANIFEST and release instructions ...	2013-11-08 17:25:40 -08:00

... 12 13 14 15 16 ...

3230 Commits (c516e8a0106b98751e211184e25e65ffc830715f) All Branches Search

3230 Commits (c516e8a0106b98751e211184e25e65ffc830715f)

All Branches