github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
3,898 Commits
33 Branches
229 Tags
18 MiB
Commit Graph

707 Commits (ce2b4fe634bea9e4d629ba27bf4f7de47472c52c)

Author SHA1 Message Date
Serg G. Brester b9b7ecbf6b Merge pull request #1357 from sebres/monit-new-fltr 
monit filter fixup for the new version (gh-1355)
 2016-03-26 11:39:26 +01:00
TorontoMedia 3d239215cd Two new firewalld actions with rich rules for firewalld-0.3.1+ (gh-1367) 
closes #1367
 2016-03-25 17:28:30 +01:00
sebres ac27c9cb96 Merge branch 'patch-2' (gh-1371) 2016-03-25 17:05:23 +01:00
theDogOfPavlov 28e246b5d7 added note to cover additional exim filters 2016-03-23 11:52:09 +00:00
theDogOfPavlov 42f43d0f8a added note to cover dovecot ldap regex 2016-03-23 11:51:12 +00:00
Yaroslav Halchenko bfac42eb2e changelog for journalmatch pure-ftpd 2016-03-14 11:10:28 -04:00
sebres 9d13bb0c3a ChangeLog and THANKS entries 2016-03-09 20:11:14 +01:00
Yaroslav Halchenko 634e68036e Get ready for further developments 2016-03-08 08:36:29 -05:00
Yaroslav Halchenko 5ffc15ac68 Changes for the 0.9.4 release 2016-03-07 21:45:44 -05:00
Yaroslav Halchenko 19850d71e9 changelog about gentoo initd 2016-03-07 10:52:47 -05:00
sebres bf0adc1fdf Merge remote-tracking branch 'f2b-perfom-prepare-716-cs' into ban-time-incr (+ conflicts resolved) 2016-03-06 15:12:48 +01:00
Yaroslav Halchenko 2adf5855ac Changelog for the recent PR and added Tom to THANKS 2016-02-28 12:03:13 -05:00
sebres 667785b608 mysqld: failregex fixed (accepts different log level, more secure expression now); 
closes #1332
 2016-02-24 17:17:51 +01:00
Yaroslav Halchenko 905c87ca4a Merge pull request #1310 from yarikoptic/pr-1288 
NF: HAProxy HTTP Auth filter
 2016-02-11 08:35:48 -05:00
Yaroslav Halchenko 3dc57af19c Merge branch 'logrotate' of https://github.com/sbraz/fail2ban 
* 'logrotate' of https://github.com/sbraz/fail2ban:
  Remove compression and count from logrotate
 2016-02-10 18:41:01 -05:00
3eBoP 257b7049d8 Update asterisk filter: changed regex for "Call from ...". Sometimes extension can have a plus symbol (+) because they can be phone number. 
Closes #1309
 2016-02-08 11:51:37 +01:00
Pierre GINDRAUD b5a07741c8 Add new regex into postfix filter. The new regexp is able to detect bad formatted SMTP EHLO command 2016-02-08 11:11:59 +01:00
Louis Sautier 869d99dd37
Remove compression and count from logrotate 
Initially reported at https://bugs.gentoo.org/show_bug.cgi?id=549856
 2016-01-29 00:15:48 +01:00
Yaroslav Halchenko 3f437b32db Merge remote-tracking branch 'pr/1288/head' 
* pr/1288/head:
  Update haproxy-http-auth.conf
  Added HAProxy HTTP Auth filter

 Conflicts:
	config/jail.conf - resolved + removed unnecessary filter/enabled (defaults should be as good)
 2016-01-28 08:51:45 -05:00
Yaroslav Halchenko 377ea32441 Merge pull request #1295 from obounaim/master 
The sender option is ignored by some actions
 2016-01-28 08:48:22 -05:00
Serg G. Brester fe14c8fa05 Merge pull request #1292 from albel727/master 
Add nftables actions
 2016-01-24 23:55:50 +01:00
local 58a8736e0f Updating changelog. 2016-01-10 00:10:05 +01:00
Alexander Belykh cb2d70d7a8 Add ChangeLog entry for new nftables actions 2016-01-05 19:04:44 +06:00
sebres 25a09352e4 + ChangeLog entry 2016-01-04 14:46:43 +01:00
Jordan Moeser e133762a28 Added HAProxy HTTP Auth filter 2015-12-31 11:16:23 +10:00
Yaroslav Halchenko 69aa1feac0 Merge "Mac OS Screen Sharing filter" PR 1232 
* pr/1232/head:
  removed system.log
  Removed old svn revision comment
  removed false matches
  Removed includes comment for screensharing jail
  Now using a literal logpath for screensharing jail
  Fixed blatant typo in regex
  clarified comments on sample log format
  Fixed name (again?)
  Made screensharing jail off by default
  Changed regex prequel
  added entry for new screensharingd filter
  name change & new sample data
  Added json metadata
  Sample log for test case
  Replaced .* with literal
  Update jail.conf
  Added new path variable for system.log
  Added in settings for screensharingd filter
  Created file

Conflicts:
	ChangeLog - moved to New Features
	config/jail.conf  - kept at the end
 2015-12-29 19:36:59 -05:00
Yaroslav Halchenko 16710237e3 Merge remote-tracking branch 'origin/master' 
* origin/master:
  Add 'Sender address rejected: Domain not found' Postfix failregex
 2015-12-29 19:31:04 -05:00
sebres 9d4f163e88 code review and minor repair after merge with performance branch (changed naming convention, wrong resolved conflicts, etc) 2015-12-29 17:36:00 +01:00
sebres 21f058a9f7 Merge remote-tracking branch 'remotes/gh-origin/f2b-perfom-prepare-716' into ban-time-incr 2015-12-29 14:04:41 +01:00
Yaroslav Halchenko 26dd6d7425 Merge pull request #1258 from aleksandrs-ledovskis/feature/postfix-domain-not-found-failregex 
Add 'Sender address rejected: Domain not found' Postfix failregex
 2015-12-18 09:23:54 -05:00
Yaroslav Halchenko dfaf82d68a Changelog entry for PartOf in .service fix 2015-12-18 09:23:12 -05:00
Ross Brown 8d12dba245 Merge remote-tracking branch 'upstream/master' 2015-12-17 18:01:17 +00:00
Ross Brown 16aa2fa13e Updated ChangeLog to include new murmur jail. 2015-12-17 17:57:45 +00:00
Ross Brown ba535826a8 Updated ChangeLog to include new murmur filter. 2015-12-15 21:46:35 +00:00
Yaroslav Halchenko 5d6cead996 ENH: sshd filter -- match new "maximum auth attempts exceeded" (Closes #1269) 2015-12-13 23:21:04 -05:00
sebres 6d984717b5 ordered dict replaced with dict + change log entry fix 
# Conflicts:
#	fail2ban/server/filter.py
 2015-12-12 15:48:49 +01:00
sebres 3a179ec5d7 small code review: (much pretty) handling of filename as key - FileFilter contains (ordered) dict of files (not list), as discussed in gh-1265 2015-12-02 20:45:01 +01:00
Aleksandrs Ļedovskis fa59a6850f Add 'Sender address rejected: Domain not found' Postfix failregex 
Signed-off-by: Aleksandrs Ļedovskis <aleksandrs@ledovskis.lv>
 2015-11-22 12:01:15 +02:00
Orion Poplawski c656cb0d36 Merge branch 'master' into journaldefault 
Conflicts:
	ChangeLog
 2015-11-13 15:22:59 -07:00
Yaroslav Halchenko 6af6e40b62 Merge pull request #1241 from sebres/known/param-tag 
New interpolation feature for definition config readers - `<known/parameter>`
 2015-11-10 08:35:57 -05:00
sebres 46b116e86a filter test cases improved + log captured inside such tests + python 3.x compatibility; 
changelog entry;
 2015-11-09 22:02:05 +01:00
sebres 94cffece12 New interpolation feature for definition config readers - `<known/parameter>`, as extension to interpolation `%(known/parameter)s`, that does not works for filter and action init parameters; 2015-11-02 21:45:03 +01:00
Serg G. Brester eef7771b4e Merge pull request #1238 from sebres/fix/gh-1216 
Fixed directly defined banaction for allports jails like pam-generic, recidive, etc
 2015-10-31 13:17:04 +01:00
sebres e825e977cc Nginx log paths extended (prefixed with "*" wildcard) 
closes gh-1237
 2015-10-30 17:51:30 +01:00
sebres f359ed8c36 Fixed directly defined banaction for allports jails like pam-generic, recidive, etc with new default variable `banaction_allports` (+ man entries for both variables added); 
closes gh-1216
 2015-10-30 15:36:18 +01:00
sebres 6884593ab8 New filter `nginx-limit-req` ban hosts, that were failed through nginx by limit request processing rate (ngx_http_limit_req_module) 2015-10-29 23:15:20 +01:00
Orion Poplawski 0661aece46 Merge branch 'master' into journaldefault 
Conflicts:
	ChangeLog
 2015-10-29 15:22:37 -06:00
Simon Brown 3dd1c305ce added entry for new screensharingd filter 2015-10-27 21:20:12 -07:00
sebres eb87638ead ChangeLog entry for OpenHAB home automation filter (gh-1223) 2015-10-26 15:56:01 +01:00
Pablo Rodriguez Fernandez 2c576c64f8 Change domain filter regex 
Change domain filter regex since there are other Google crawlers.
See "Google crawlers"
<https://support.google.com/webmasters/answer/1061943?hl=en>
 2015-10-20 10:46:00 +02:00
Orion Poplawski 81a26266a9 Add changlog entry for postfix-rbl logpath change 2015-10-19 19:46:43 -06:00
Orion Poplawski 75d33c0f09 Add *_backend options for services to allow distros to set the default backend 
per service.
Set default to systemd for Fedora as appropriate.
 2015-10-18 20:18:50 -06:00
Pablo Rodriguez Fernandez a28e6b442e Add check in apache-fakegooglebot to protect against PTR fake record 
An attacker may return a PTR record which fakes a Googlebot's domain
name. This modification resolves the PTR records to verify it.

See "Verifying Googlebot":
<https://support.google.com/webmasters/answer/80553?vid=1-635800030504666679-1963774919>
 2015-10-13 17:11:49 +02:00
sebres 2696ede251 mysqld-auth: Updated "Access denied ..." regex for MySQL 5.6 and later 
closes gh-1211
 2015-10-07 14:34:13 +02:00
Kevin Locke 2a5c93cfb5 Update ChangeLog and THANKS for "Auth fail" changes 
Document the changes from 36919d9f in the ChangeLog and add myself to
the THANKS file (at @sebres suggestion).

Signed-off-by: Kevin Locke <kevin@kevinlocke.name>
 2015-10-05 00:31:13 -07:00
Yaroslav Halchenko ff06176e9e Merge remote-tracking branch 'origin/master' into enh-split-comma 
* origin/master:
  DOC: changelog for the timeout change
  Set Timeout at urlopen to 3 seconds
  README :: init/service example mentions debian based systems as the example
  README :: fitted paragraph style
  BF: disable testing on python 3.2 until coverage gets a fix
  README :: Some style/grammar tweaks, and init/service script mention. Re: #1193
  Set Timeout at urlopen to 3 seconds
 2015-09-27 00:52:14 -04:00
Yaroslav Halchenko 6c0f898ec7 DOC: changelog for the timeout change 2015-09-27 00:49:57 -04:00
Yaroslav Halchenko 8cf614e221 ENH: allow to split ignoreip by space and/or comma (Closes #1197) 
Way too many people ran into this gotcha, so lets just do it
 2015-09-23 12:13:52 -04:00
Yaroslav Halchenko 55e542b273 Merge remote-tracking branch 'pr/1170/head' -- opensuse paths 
* pr/1170/head:
  Updated ChangeLog regarding openSUSE's path config
  Added configuration for opensuse path
 2015-09-17 21:59:45 -04:00
Yaroslav Halchenko db1a3f17e1 ENH: new date pattern with year after day (not after entire entry) 2015-09-16 08:56:46 -04:00
Yaroslav Halchenko fbdd0b74a1 DOC: Changelog entry for this fix 2015-09-13 10:45:39 -04:00
Ville Skyttä 67a94733a9 logrotate: Do not rotate empty logs 
As a useful side effect, prevents "Unable to contact server. Is it
running?" mails from cron when fail2ban hasn't been (intentionally)
running nor thus logging anything either.
 2015-09-13 11:05:33 +03:00
Edward Beckett f5b88bd377 Updated Changelog 2015-09-11 10:12:57 -04:00
sebres 4cf3b576b9 Bugfix for dnsToIp resolver for fqdn with large list of IPs; 
closes #1164
 2015-09-08 18:20:48 +02:00
Edward Beckett 4bd7991573 Added apache-badbots.conf 2015-09-06 01:12:19 -04:00
weberho 2d69fd20ae Updated ChangeLog regarding openSUSE's path config 2015-08-26 15:37:14 +02:00
Yaroslav Halchenko 60fbf7d750 changelog for freshly merged PR (roundcube-auth definition of logpath) 2015-08-26 09:03:23 -04:00
Yaroslav Halchenko 9ebf01293b Post release tune ups 2015-08-01 09:17:31 -04:00
Yaroslav Halchenko 70ba5cb005 Release changes (too much of manual "labor"! ;)) 2015-07-31 21:32:13 -04:00
Yaroslav Halchenko 776322cea3 BF: realpath for /var/run/fail2ban Closes #1142 2015-07-31 10:12:14 -04:00
Yaroslav Halchenko c37009aec7 Merge branch 'grep-m1k' of github.com:szepeviktor/fail2ban 
* 'grep-m1k' of github.com:szepeviktor/fail2ban:
  Limit the number of log lines in *-lines.conf actions

Conflicts:
  ChangeLog -- took both versions and adjusted the new one
  for -n 1000 change
 2015-07-27 22:37:46 -04:00
Yaroslav Halchenko a80820e356 Changelog entry for killpg fix 2015-07-27 22:34:40 -04:00
Yaroslav Halchenko 38c320798d Merge pull request #1127 from yarikoptic/enh-iptables-w-close-1122 
WIP ENH Add <lockingopt> (Close: #1122) and <iptables> to define the iptables call
 2015-07-27 22:30:54 -04:00
Yaroslav Halchenko de69855157 Changelog entries for Serge's fixes 2015-07-27 10:35:14 -04:00
Yaroslav Halchenko 0041bc3770 DOC: Changelog for shorewall-ipset-proto6.conf + adjusted its description 2015-07-26 23:10:08 -04:00
Yaroslav Halchenko 65cd218e10 Merge remote-tracking branch 'origin/master' 
* origin/master:
  ipjailmatches is on one line with its description in man jail.conf
  Added a space between IP address and the following colon
 2015-07-26 22:47:43 -04:00
Yaroslav Halchenko 333dd842f9 DOC: moved and adjusted changelog entry from 0.9.2 within 0.9.3 to come 2015-07-26 22:44:52 -04:00
Viktor Szépe c8b3ee10a0 Limit the number of log lines in *-lines.conf actions 2015-07-27 02:35:21 +02:00
Yaroslav Halchenko 33b204a2ee DOC: Changelog for iptables -w change 2015-07-26 18:25:42 -04:00
Thomas Mayer a19cb1b2b9 Merge 923d807ef8 into cf2feea987 2015-07-25 01:23:39 +00:00
Viktor Szépe ebdfbae559 Added a space between IP address and the following colon 2015-07-24 09:33:47 +02:00
Viktor Szépe 586703dcc2 Test, changelog and fixes to pass2allow 2015-07-13 16:46:04 +02:00
sebres 386da502ba Merge remote-tracking branch 'master' into 'ban-time-incr' 2015-07-13 16:19:33 +02:00
Viktor Szépe 5d60700c0c Added pass2allow (knocking with fail2ban) 2015-07-10 16:22:43 +02:00
sebres 95c2a2976f unbanip always deletes ip from database (independent of bantime, also if currently not banned or persistent); 
merged from #716 where it works;
closes gh-972, closes gh-768
 2015-07-10 13:56:26 +02:00
Lee Clemens fc2b7f8012 Multiple Travis and coverage related changes 
Reorganize .travis.yml
Separate coverage tests for Python 2 and Python 3
Execute setup.py install using the environment's Python exe
Sanitize Travis execution order
 2015-07-09 10:12:40 -04:00
Yaroslav Halchenko c213d97d25 Moved recently added Changelog (on HEAD addition) to Enhancements 2015-07-07 14:01:24 -04:00
Viktor Szépe a3b8257b73 Add HEAD method verb to apache-badbots, nginx-badbots 2015-07-07 17:45:40 +02:00
Yaroslav Halchenko 052418a110 Merge pull request #1098 from yarikoptic/enh/man-testcases 
DOC: rudimentary manpage for fail2ban-testcases (+updated other mans for consistency)
 2015-07-06 23:43:30 -04:00
sebres 4a4fe7d76a extending test cases (increase coverage) + changelog entry for #1099 2015-07-06 22:09:13 +02:00
Yaroslav Halchenko 46510948a7 DOC: rudimentary manpage for fail2ban-testcases (+updated other mans for consistency) 2015-07-05 21:48:14 -04:00
Yaroslav Halchenko 38f8e1a82a DOC: added changelog for LC_ALL fix, tuned up other ChangeLog entries 2015-07-05 21:39:17 -04:00
Yaroslav Halchenko e38b4b8cb3 Merge pull request #1051 from leeclemens/bf/roundcube 
Update regex to work with roundcube 1.0.5 and 1.1.1
 2015-07-05 21:35:49 -04:00
Lee Clemens 423d5b761e Add changelog reference for socket error logging message 2015-07-04 12:37:52 -04:00
Lee Clemens f7444f16b8 Add optional session id prefix for roundcube 1.1.1 2015-07-04 11:06:51 -04:00
Lee Clemens 2796534a5d Update regex to work with roundcube 1.0.5 on CentOS 6 2015-07-04 11:02:04 -04:00
Yaroslav Halchenko e9e00d7599 DOC: ChangeLog -- a better description for cloudflare changes 2015-07-04 10:04:45 -04:00
Viktor Szépe a00ee15c06 Added Changelog entry 2015-07-04 14:12:38 +02:00
sebres f2d0230a67 reload in interactive mode appends all the jails twice (#825) 2015-06-22 17:57:01 +02:00
sebres 2f283079f8 reload server/jail failed if database used (but was not changed) and some jail active (#1072) 2015-06-22 17:56:39 +02:00