github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5,914 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

5914 Commits (c80908837fe2fae5821a53bef82988586dbef2dd)

Author SHA1 Message Date
Sergey G. Brester d46ec3a555 add jail boundary to flush command for more precise targeting of jail (if some name may be equal to prefix of other name) 2023-03-08 09:17:13 +00:00
Duncan Bellamy 5781675a7d change startcomment and comment so correct rules are flushed 2023-03-08 09:17:13 +00:00
Duncan Bellamy ac2076ef4f change unban back to find comment so correct entry always deleted 2023-03-08 09:17:13 +00:00
Duncan Bellamy 0e3e9b1d7f Add flushaction 
Change unban to find by ip address not comment
 2023-03-08 09:17:13 +00:00
Duncan Bellamy 9997807fb3 Add action for mikrotik routerOS 2023-03-08 09:17:13 +00:00
Vít Kabele a2c77429b9 New filter: routeros-auth.conf (Closes #3469) 
Add filter to detect failed login attempts in the log produced by
MikroTik RouterOS.

- Add the filter to jail.conf
- Add testcase for the filter

Signed-off-by: Vít Kabele <vit@kabele.me>
 2023-03-02 09:25:24 +01:00
Sergey G. Brester 234660e94d
CI-workflow: remove 3.5 (seems to have a bug in GHA now) 2023-02-28 11:39:00 +01:00
Sergey G. Brester 17f060526e
readme: amend 2023-02-28 11:36:34 +01:00
Sergey G. Brester 92fae68071
readme: update version 2023-02-28 11:32:28 +01:00
Sergey G. Brester 06e3dea062
Merge pull request #3460 from Trotyl84/patch-1 
.gitignore: ignore `.venv/`
 2023-02-20 08:42:53 +01:00
Łukasz Turon 5dcbc0dd55
Update .gitignore 
Please add this entry for virtual python interpreter. This directory name is needed in the PyCharm environment.
 2023-02-18 23:49:28 +01:00
sebres f93a538693 gh-3447: fix careless mistake arisen in b12a3acb06 by attempt to implement new reload capacity (rewritten latter): causing error "'noduplicates' is not defined" by double jail configuration 2023-01-17 12:53:39 +01:00
sebres a3a3fffa54 Merge branch 'fix-gh-3438': 
* circumvent SEGFAULT in a python's socket module by getaddrinfo with disabled IPv6 (gh-3438)
* improve auto-detection of IPv6 support (`allowipv6 = auto` by default)
* improve `ignoreself` by considering all local addresses from network interfaces additionally to IPs from hostnames (gh-3132)
 2023-01-11 18:41:15 +01:00
sebres ed135b6a93 changelog entries (gh-3438, gh-3132) 2023-01-11 18:30:37 +01:00
sebres 582436aadf don't add subnets to local addresses of `ignoreself` from network interfaces, use only IPs instead (subnets may be too heavy and not wanted, todo: make it configurable later) 2023-01-11 18:27:44 +01:00
sebres cb8674e68a amend with few improvements, IPv6IsAllowed prefers IPs from network interfaces (if available for platform) and uses DNS (socket.getaddrinfo) as a fallback only 2023-01-10 12:20:48 +01:00
sebres 09c23fd5b8 try to obtain local addresses from network interfaces before DNS to IP lookup (closes gh-3132); 
DNSUtils.getSelfIP returns IPAddrSet now (because own IPs may be the subnets now, so the check `ignoreself` must check whether any of subnets contains the IP)
 2023-01-09 21:52:12 +01:00
sebres d8a9812adc improve auto detection of IPv6 - try to check sysctl net.ipv6.conf.all.disable_ipv6 (prefer value read from `/proc/sys/net/ipv6/conf/all/disable_ipv6`) 2023-01-09 16:21:36 +01:00
sebres 58834b6734 better auto-detection for IPv6 support (`allowipv6 = auto` by default); circumvent SF in some python's socket module by getaddrinfo with disabled IPv6 (closes gh-3438) 2023-01-06 14:50:25 +01:00
Sergey G. Brester 432e7e1e93
no warning if no config value but default (debug message now) 
closes #3420
 2022-11-28 13:21:15 +01:00
Sergey G. Brester bd6e7aeff0
Merge pull request #2112 from al42and/dante 
Create filter for Dante SOCKS server
 2022-11-18 12:43:44 +01:00
Sergey G. Brester efbbcb41ea
non capturing group 2022-11-18 12:32:15 +01:00
Sergey G. Brester 996553f330
review, simplify regex and capture user name 2022-11-18 12:31:11 +01:00
Andrey Alekseenko df91b047d2 Dante SOCKS server: handle "1 byte/second" case 
Thanks to @Loriowar and @sebres for pointing it out
 2022-11-17 23:22:56 +01:00
Andrey Alekseenko 05c162ef10 Create filter for Dante SOCKS server 2022-11-17 23:22:55 +01:00
Sergey G. Brester ae5fe2e003
amend to #3405, eliminate catch-all 2022-11-15 14:29:59 +01:00
sebres 36af3f2502 Merge branch 'gh-3405' 2022-11-15 14:23:28 +01:00
sebres a58fcb8786 fix cut out of match for pattern with `{EPOCH}` (similar to other datepatterns group capturing whole regex only added if no groups specified at all); 
allows to specify more precise anchored patterns, for example `datepattern = ^type=\S+ msg=audit\(({EPOCH})` for selinux-filters
 2022-11-14 19:28:18 +01:00
sebres cbb097a2b3 small amend (non capturing group) 2022-11-14 18:56:01 +01:00
sebres 82506f0586 filter.d/selinux-ssh.conf, filter.d/selinux-common.conf: fixes #3405 (new format with GS and additional parameters, e. g. grantors) 2022-11-14 18:51:06 +01:00
sebres eba33d6205 version bump 2022-11-14 18:13:01 +01:00
sebres e1d3006b03 update 1.0.2 -- finally-war-game-test-tape-not-a-nuclear-alarm 2022-11-09 16:46:15 +01:00
sebres fd3805b40a changelog: backend `systemd`: code review and several fixes 2022-11-08 19:26:23 +01:00
sebres cd17906afe Merge branch '0.11' 2022-11-08 19:03:01 +01:00
sebres d8e2b03a24 `filter.d/named-refused.conf` extended (closes gh-3388): 
- support BIND named log categories
  - allow `info:` as possible error prefix too ("query (cache) denied" may occur as info)
 2022-11-03 11:41:21 +01:00
sebres 6d19d2e800 Merge branch '0.10' into 0.11 2022-11-02 21:06:46 +01:00
sebres 04c252c34b filtersystemd: code review, wait only if it is necessary - in operational mode and if no more entries retrieved (end of journal); 
attempt to fix gh-3396 - ensure we give enough time after journal.wait returns with INVALIDATE (due to rotation, vacuuming or journal files added/removed etc) and move cursor back and forth to avoid entering dead space
 2022-11-02 21:05:18 +01:00
sebres ca2b94c522 fixes gh-3370: resolve extremely long search by repeated apply of non-greedy RE `(?:: (?:[^\(]+|\w+\([^\)]*\))+)?` with following branches (it may be extremely slow up to infinite search depending on message); added new regression tests 
amend to gh-3210: fixes regression and matches new format in aggressive mode too
 2022-10-04 14:10:45 +02:00
sebres fc7dbcc6a7 test-suite: avoid mistaken match that confuses output with working on line message by deep debugging of test (e. g. with `-l 4`) 2022-09-28 15:37:52 +02:00
sebres f8fcaf943b version bump 2022-09-27 22:57:50 +02:00
sebres 677da51562 release 1.0.1 -- energy-equals-mass-times-the-speed-of-light-squared 2022-09-27 18:27:51 +02:00
sebres bd94b7a47d make up leeway of ChangeLog (prepare release of 1.0) 2022-09-23 21:52:14 +02:00
sebres 2df58c5281 close fork 2022-09-16 19:20:44 +02:00
sebres 7bd4f41171 Merge branch '0.11' 2022-09-16 19:17:55 +02:00
sebres 94dac78afe Merge branch '0.10' into 0.11 
(conflicts resolved)
 2022-09-16 19:14:50 +02:00
sebres 485c50228a explicitly close cursor if not needed anymore (GC can grab it late) 2022-09-16 18:34:47 +02:00
sebres 45ef36276f fixes gh-3352: failed update of database didn't signal with an error 
* client and server exit with error code by failure during start process (in foreground mode)
  * added fallback to repair if database cannot be upgraded
code review and unify (more homogeneous by client and server now)
 2022-09-16 17:58:24 +02:00
Jeff Johnson f9f78ed9d2
IPThreat integration (#3349) 
new IPThreat action
 2022-09-13 11:01:46 +02:00
sebres 934e1b606d Merge branch '0.11' 2022-09-08 21:22:23 +02:00
sebres 8dccf099e4 Merge branch '0.10' into 0.11 
(conflicts resolved)
 2022-09-08 16:32:34 +02:00