4282 Commits (ceff489a46396b561d4a890ae75213e266837a04)

 

All Branches   

Search

Author	SHA1	Message	Date
sebres	098abae4e6	Remove greedy catch-all before `<HOST>`, make regex more universal, fewer prone to errors (should avoid future changes, if some optional parameters coming again before/after `RemoteAddress`) + non-captured groups now. ... Test for possible injection (5.6.7.8 in session-id) already available, line 59 (thus already covered).	7 years ago
sebres	2ea22b9d30	test coverage for gh-1427	7 years ago
Kirill	4c0c7b97c0	Update asterisk.conf to new log message ... I got an issue like this: [2016-05-15 22:53:00] SECURITY[26428] res_security_log.c: SecurityEvent="FailedACL",EventTV="2016-05-15T22:53:00.203+0300",Severity="Error",Service="AMI",EventVersion="1",AccountID="admin",SessionID="0x7fb580001518",LocalAddress="IPV4/TCP/0.0.0.0/5038",RemoteAddress="IPV4/TCP/78.129.227.4/62389",SessionTV="1970-01-01T03:00:00.000+0300" # [sebres] rebased to current master and resolving conflicts.	7 years ago
Serg G. Brester	34cb55fd91	Merge pull request #1695 from benrubson/issue1693 ... Apache, detect syslog prefix	7 years ago
sebres	a12ac4242b	ChangeLog updated	7 years ago
sebres	0e33125129	be more precise using common `__prefix_line` expression (set `_daemon` to recognize apache and httpd only)	7 years ago
sebres	b561af45ef	apache-common.conf: introduced parameter `logging` for possibility to match lines, if apache logs into syslog/systemd journal; ... added test cases to cover `apache-auth[logging=syslog]`.	7 years ago
benrubson	10cc7e6e59	Apache, detect syslog prefix, add test	7 years ago
benrubson	b662cf03ac	Apache, detect syslog prefix, simple example	7 years ago
Serg G. Brester	6c030c5e10	Merge pull request #1717 from szepeviktor/patch-11 ... Updated xarf-specification repo URL in xarf action	7 years ago
Serg G. Brester	99b668a3cc	Merge pull request #1390 from khumarahn/xxx ... ensure /var/run/fail2ban is created in systemd service file	7 years ago
Serg G. Brester	4126b16e7c	Merge pull request #1828 from sebres/filter-ejabberd-auth-gh-993 ... Accept new format for filter ejabberd-auth	7 years ago
Serg G. Brester	5dcbcb99b9	Merge pull request #1648 from hlein/master ... gentoo-initd: wait up to 30 seconds on "stop" to avoid errors.	7 years ago
sebres	c9385a2e04	ChangeLog updated	7 years ago
sebres	7217ef5c9e	filter.d/ejabberd-auth.conf: fixed ejabberd filter - accept new log-format with `wait_for_sasl_response` instead of `wait_for_feature_request` + optional part "IP " (gh-993)	7 years ago
Serg G. Brester	ad9f364800	Merge pull request #1827 from sebres/filter-roundcube-fix-gh-1303 ... Filter roundcube: fixed gh-1303 - X-Real-IP or/and X-Forwarded-For after host	7 years ago
sebres	ea3a6aa971	ChangeLog updated	7 years ago
sebres	dae4988aea	filter.d/roundcube-auth.conf: fixes failregex not working with `X-Real-IP` or/and `X-Forwarded-For` (gh-1303)	7 years ago
sebres	00456b8270	review: documentation, small enhancement of `fail2ban-client` to test time abbreviation format: ... fail2ban-client --str2sec 1d12h30m	7 years ago
sebres	89f2dbb97b	small bug fix (missing `-` by option `--timeout`, wrong module reference)	7 years ago
Serg G. Brester	d334a36a60	Merge pull request #1825 from sebres/_0.10/postfix-filter-opti ... 0.10 - postfix filter optimizations	7 years ago
sebres	cf3b8f63f6	coverage fix	7 years ago
sebres	e26cc5de45	restore backwards compatibility (jail postfix-sasl); changelog update	7 years ago
sebres	aa92b68d4a	filter.d/postfix.conf: normalized several postfix-filters using parameter `mode` (as discussed in gh-1813); ... introduced parameter `mode`: more (default, combines normal and rbl), auth, normal, rbl, ddos, extra or aggressive (combines all) replacement for gh-1239, gh-1697, gh-1764; closes gh-1245, gh-1297.	7 years ago
sebres	36d42d7f0b	SampleRegexsFactory: introduce opportunity to supply multiple options combinations (check lines using filters with several options), see for example filter sshd.conf	7 years ago
sebres	d32a3913cf	postfix postscreen (resp. other RBL's compatibility fix) / gh-1764	7 years ago
Serg G. Brester	57ea38c342	Update paths-debian.conf ... Fixed mail.log path since in the default rsyslog configuration of debians the `mail.warn` is commented now (see `/etc/rsyslog.d/50-default.conf`: `#mail.warn -/var/log/mail.warn`). Closes gh-1687	8 years ago
sebres	546cd55342	Merge branch 'master' into 0.10	8 years ago
Serg G. Brester	d05d9f4c28	Merge pull request #1816 from sebres/fix-gh-1302 ... filter.d/asterisk.conf - fixed failregex AMI Asterisk authentification failed	8 years ago
sebres	a1d0633e69	filter.d/asterisk.conf - fixed failregex AMI Asterisk authentification failed (see gh-1302): ... - optional space between NOTICE and pid; - optional part "Host " before IP-address;	8 years ago
sebres	33fcf8d809	Merge branch 'master' into 0.10	8 years ago
sebres	9f55ed86df	fixed testCymruInfoNxdomain (since cymru does not provide ASN mapping info for "10.0.0.0" anymore)	8 years ago
Serg G. Brester	1307e0a5b9	Merge pull request #1760 from szepeviktor/patch-12 ... Courier may complain about the method only	8 years ago
Serg G. Brester	205edff65d	Merge pull request #1690 from chtheis/master ... #1689: Make lowest rule number in action.d/bsd-ipfw.conf configurable	8 years ago
Serg G. Brester	f27e053592	Update bsd-ipfw.conf ... increased starting rule number (lowest_rule_num = 111)	8 years ago
Serg G. Brester	001c0898d6	Merge branch 'master' into master	8 years ago
Serg G. Brester	6110ba9cc3	filter.d/proftpd.conf: added option `journalmatch` for systemd backend (closes gh-1613)	8 years ago
sebres	5974b0fb35	amend to merge PR gh-1783: restores lost entry `journalmatch` for `filter.d/roundcube-auth.conf`	8 years ago
sebres	37ca4f17c2	filter.d/roundcube-auth.conf: added missing entry `journalmatch` from original gh-1783.	8 years ago
Serg G. Brester	986dd3107d	Merge branch '0.10' into patch-12	8 years ago
Serg G. Brester	f3ba66d1c6	Merge pull request #1783 from weberhofer/0.10 ... filter.d/roundcube-auth.conf: Fixed failregex when logging errors to journal instead to a local file. Additionally fixes more complex injections on username.	8 years ago
sebres	9b0f39a17d	ChangeLog updated	8 years ago
sebres	d3ae70beb6	filter.d/roundcube-auth.conf: Use the same filter-file and jail also when logging errors to journal instead to a local file. ... Additionally fixes more complex injections on username.	8 years ago
Johannes Weberhofer	691c080dc7	Added roundcube authentication filter, new jail and log-examples	8 years ago
Serg G. Brester	3294840c2a	Merge pull request #1801 from jeaye/postfix-updates ... filter.d/postfix.conf: update to the latest postfix logging format	8 years ago
Serg G. Brester	efeca8fdeb	postfix.conf: removes unneeded end-anchoring like `.*$`, etc. ... also removes several dynamic content at end, which are of no avail there. Additionally normalizes optional part (mail-ID) after reason number.	8 years ago
Serg G. Brester	bb283776d7	Merge pull request #1807 from sebres/fix-gh-1806 ... bug-fix: restoring of tickets from database for jails with persistent ban	8 years ago
sebres	fd32e908e3	fixes restoring of tickets from database for jails with persistent ban (if `bantime = -1`)	8 years ago
sebres	dcdf677438	Merge remote-tracking branch 'master' into 0.10	8 years ago
Serg G. Brester	d54c40bba5	Merge pull request #1805 from sebres/fix-gh-1790 ... filter.d/apache-overflows.conf: rewritten without end-anchor ($)...	8 years ago