github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
6,123 Commits
34 Branches
230 Tags
20 MiB
Commit Graph

6123 Commits (c83db26d91b6e6fcc06a3236d6d165bb2b849187)

Author SHA1 Message Date
Sergey G. Brester 7fd097d73f
Merge pull request #3805 from nabbi/postfix-3.9 
tests for Postfix 3.9 SASL reason unavailable
 2024-07-28 20:39:29 +02:00
sebres 93810fff75 consider CONNECT and other rejected commands as a valid `_pref`; 
closes gh-3800
 2024-07-26 19:25:36 +02:00
Nic Boet a4f1b0ce9f tests for Postfix 3.9 SASL reason unavailable 
SASL auth failure message changed with Postfix 3.9
Include addtional test log

17dbfb9b8b

Signed-off-by: Nic Boet <nic@boet.cc>
 2024-07-25 13:57:46 -05:00
Sergey G. Brester 766d2b8d74
Update FUNDING.yml: added my liberapay 2024-07-16 13:47:28 +02:00
sebres 8170e9fe75 suppress SetuptoolsDeprecationWarning in test suite 2024-07-04 19:06:36 +02:00
Sergey G. Brester 599ec5e01e
main.yml: bump version 3.13.0-beta.3 2024-07-04 18:53:01 +02:00
Sergey G. Brester 7004d175b7
Merge pull request #3782 from fdellwing/patch-1 
Adjust sshd.conf filter for OpenSSH 9.8
 2024-07-03 19:43:04 +02:00
Sergey G. Brester 216622adb2
Update ChangeLog 2024-07-03 19:42:19 +02:00
Sergey G. Brester 50ff131a0f
filter.d/sshd.conf: ungroup (unneeded for _daemon) 2024-07-03 19:35:28 +02:00
Sergey G. Brester 8360776ce1
zzz-sshd-obsolete-multiline.conf: adjusted to new sshd-session log format 2024-07-03 19:33:39 +02:00
Sergey G. Brester 7b335f47ea
sshd: add test coverage for new format, gh-3782 2024-07-03 19:09:28 +02:00
Fabian Dellwing 2fed408c05 Adjust sshd filter for OpenSSH 9.8 new daemon name 2024-07-02 08:51:51 +02:00
sebres 59c5e78ce9 `filter.d/apache-overflows.conf` - consider AH10244: invalid URI path; 
closes gh-3778
 2024-06-28 12:50:14 +02:00
grafwol 2f9e5fe1da Enhancing the searching regex for 3 common situations: 
1. Clients or bots trying to access resources not being hosted to explore critical files.
-> Error 404 is returned

2. Clients or bots trying to exploit services by pinging URIs with methods not allowed (i.e. POST instead of GET)
-> Error 405 is returned

3. Clients or bots explore dynamic hosted sites by randomly sending parameters to exploit the API (for all APIs from old CGI to REST service proxied)
-> Error 50x is returned
The latter is the weekest criteria bc. the return code is at best a expected exception and then defined by the API designer or at worst depending on the system behind. CGI for example let nginx throw 519 on harsh errors (which is not covered by the regex at all)
 2024-06-25 09:32:01 +02:00
sebres a7f3a04b0e `filter.d/recidive.conf` - restore possibility to set jail name in the filter, _jailname is positive now (but by default it uses now negative lookahead to exclude recidive jail); 
closes gh-3769
 2024-06-21 13:24:46 +02:00
sebres ab9d41e530 beautifier detect whether it can use unicode chars in stats table; asciified output of beautifier in test suite; 
closes gh-3750
 2024-06-14 15:17:53 +02:00
Sergey G. Brester 6fce23e7ba
`filterd./sshd.conf`: fixed journalmatch (sshd.service seems to be renamed to ssh.service) 
closes gh-3747
 2024-06-10 01:40:59 +02:00
sebres 8ae5e7e3e4 GHA: update python version in CI-flow (3.13 is beta now) 2024-06-10 00:10:25 +02:00
sebres cd95c3a1fc Merge branch 'ipsettype-in-ipset-actions' 2024-06-09 23:41:56 +02:00
sebres 2533526827 extend ipset actions with new parameter `ipsettype` for the type of set (gh-3760), affected actions: 
`action.d/firewallcmd-ipset.conf`, `action.d/iptables-ipset.conf`, `action.d/shorewall-ipset-proto6.conf`
 2024-06-09 23:38:58 +02:00
sebres 17daf0ec78 `action.d/firewallcmd-ipset.conf`: rename `ipsettype` to `ipsetbackend` (`ipsettype` will be used now to the real set type); 
amend to #2620
 2024-06-09 23:32:03 +02:00
sebres 304c3cd566 improve fix with fallback to local async libraries - add path to compat folder (pyinotify module may have dependency to asyncore module, see https://github.com/fail2ban/fail2ban/issues/3487#issuecomment-2133529081); 
amend to 054e1d89ca
 2024-05-27 16:18:26 +02:00
sebres 7d2fffbe19 .codespellrc: silence codespell flow on assertIn 2024-05-27 15:38:32 +02:00
sebres 8bbdb7b5a7 GHA: output current preferred encoding of fail2ban 2024-05-27 15:32:17 +02:00
Sergey G. Brester 246a617cd6
Merge pull request #3749 from by/patch-1 
abuseipdb.conf: update link
 2024-05-21 13:24:32 +02:00
by 21bf636056
Update abuseipdb.conf 
Corrected link for HP helper (see https://shaunc.com/blog/article/reporting-to-abuseipdb.com-with-fail2ban~kDoa-Hml95wW)
 2024-05-20 15:34:24 +02:00
Sergey G. Brester 65e9c411ef
README.md: typos 
closes gh-3746
 2024-05-14 11:46:49 +02:00
sebres ecb9771123 GHA: 3.13.0-alpha.6 2024-05-07 13:26:11 +02:00
Sergey G. Brester 4da56cf4bc
Update README.md 
distutils support removed
 2024-05-07 13:18:08 +02:00
Sergey G. Brester ac62658c10
Merge pull request #3728 from branchvincent/distutils 
distutils removal
 2024-05-07 13:14:57 +02:00
sebres 0185e1c7d5 setup.py: no distutils anymore 2024-05-07 13:06:50 +02:00
sebres ed20a9a5b9 there is no systemd < 204 and pyinotify < 0.8.3 for supported python3 versions anymore 2024-05-07 12:53:54 +02:00
sebres c04e12dd8d Merge remote-tracking branch 'remotes/gh-upstream/0.11' 2024-04-29 11:03:33 +02:00
Sergey G. Brester 1434e3089c
Merge pull request #2455 from Thermi/improved-action-blocklist-de 
Improved blocklist_de action to not resend bans that were already reported
 2024-04-28 21:12:49 +02:00
Branch Vincent a763fbbdfd
replace distutils for python 3.12 2024-04-27 10:24:01 -07:00
sebres d0d0728523 cherry-pick from debian: debian default banactions are nftables, systemd backend for sshd 
closes gh-3292
 2024-04-26 02:26:55 +02:00
sebres c14327565d version bump 2024-04-26 02:06:09 +02:00
sebres 61799e15e1 release 1.1.0 -- object-found--norad-59479-cospar-2024-069a--altitude-36267km 2024-04-25 23:08:13 +02:00
sebres 22ffe12abb preparing release 2024-04-25 22:43:51 +02:00
sebres 7b528a6da6 example.com seemed to switch its IPs, replace them everywhere (and use test IP-range instead where it is possible) 2024-04-24 19:30:48 +02:00
sebres 3ca3646472 implemented `fail2ban-client stats` (or alias `fail2ban-client statistic[s]`) for tabulated output of fail2ban stats 
amend to #2975
 2024-04-24 18:49:59 +02:00
sebres bdba42edd9 implemented `fail2ban-client status --all [flavor]` 
closes #2975
 2024-04-24 16:29:49 +02:00
sebres 921d9a5a40 Merge branch 'gh-2655--f2b-regex-4-jail': implemented loading of jail settings in fail2ban-regex; 
amend to RFE gh-2655
 2024-04-02 18:04:52 +02:00
sebres 3b97182f62 amend to 781321d6092d415e079439389e6e6588b8feaaa7: better regex to detect jail name (it could contain dot etc) 2024-04-02 18:02:07 +02:00
Sergey G. Brester b59fd2e7b5
Merge pull request #3697 from remontti/patch-1 
named-refused.conf: denied allows any reason in parenthesis as suffix
 2024-03-25 16:41:11 +01:00
sebres 44f32d6132 changelog 2024-03-25 16:36:21 +01:00
sebres 2c13cba73d loosening for denied suffix (would match no matter which reason in parenthesis); 
add coverage for denied with "(allow-query-cache did not match)"
 2024-03-25 16:35:20 +01:00
Rudimar Remontti fd7657f9a9 Update named-refused.conf 2024-03-25 16:35:16 +01:00
sebres 4550e3ad27 ChangeLog: reorder (filters after actions) 2024-03-25 16:34:12 +01:00
sebres a4ca2e83bd Merge branch 'gh-3060': adjusted `filter.d/exim.conf` and `filter.d/exim-spam.conf`: 
- messages are prefiltered by `prefregex` now
- filter can bypass additional timestamp or pid that may be logged via systemd-journal or syslog-ng (gh-3060)
closes #3060
 2024-03-25 15:56:10 +01:00