github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
1,512 Commits
32 Branches
229 Tags
17 MiB
Commit Graph

1512 Commits (d5291517a70f3048abed757ec81c70f8fac2c1d6)

Author SHA1 Message Date
Daniel Black ca996ace5e ENH: remove temporary failures from local_scan in line with comments in gh-258 2013-07-01 21:56:02 +10:00
Daniel Black 9757e1df2b ENH: make groupings non-capturing 2013-07-01 21:53:05 +10:00
Daniel Black 72f9e6a51e ENH/TST: more samples and rejection types for sender verify fail and rejected RCPT 2013-07-01 21:50:35 +10:00
Daniel Black 3b76fc79f9 BF: fix dovecot filter for when no TLS is enabled on pop/imap 2013-07-01 21:12:51 +10:00
Daniel Black c2696fe641 DOC: enhance development doc to show how CVE-2013-2178 was done 2013-06-30 15:03:13 +10:00
Steven Hiscocks 8513fde92a BF: Skip error in jail reader when no log files and with systemd backend 
Updated to avoid logpath elements entirely
 2013-06-30 00:50:15 +01:00
Steven Hiscocks 1aee817be2 BF: Skip error in jail reader when no log files and with systemd backend 2013-06-29 23:26:40 +01:00
Steven Hiscocks 379b4860a1 TST: Fix test for MultipleSameAction with no logs files 2013-06-29 20:36:09 +01:00
Steven Hiscocks 1dbba35cd9 Merge branch 'master' into 0.9 
Conflicts:
	fail2ban/client/jailreader.py
	fail2ban/tests/clientreadertestcase.py
	fail2ban/tests/files/logs/sshd
 2013-06-29 20:31:26 +01:00
Steven Hiscocks b670b5c792 TST: Change depreciated assertEquals to assertEqual in some tests 2013-06-29 20:17:42 +01:00
Steven Hiscocks ec0680d73a BF: fail2ban-regex when using ignoreregex file with empty regex 2013-06-29 19:17:22 +01:00
Steven Hiscocks 88bee24edb DOC: Neaten format for fail2ban-regex maxlines print 2013-06-29 19:14:42 +01:00
Steven Hiscocks d081a71759 BF: fail2ban-regex on python3+ 2013-06-29 13:57:12 +01:00
Steven Hiscocks 5ca6a9aeb6 Merge branch 'systemd-journal' into 0.9 
Conflicts:
	bin/fail2ban-regex
	config/filter.d/sshd.conf

Closes github #224
 2013-06-29 13:00:40 +01:00
Daniel Black 0086a7edab ENH: missed a $ 2013-06-29 11:30:37 +10:00
Yaroslav Halchenko 1b170b2aef BF: support apache 2.4 more detailed error log format. Close #268 2013-06-28 09:49:36 -04:00
Yaroslav Halchenko 0fe93cf992 Merge branch 'master' of git://github.com/fail2ban/fail2ban 
* 'master' of git://github.com/fail2ban/fail2ban:
 2013-06-27 11:44:55 -04:00
Yaroslav Halchenko 6d331bcbea BF: make colon after [daemon] optional. Close #267 2013-06-27 11:44:47 -04:00
Daniel Black fa7a105483 ENH: filter.d/asterisk - consolidate log prefix regex and add a few fail messages 2013-06-27 09:16:14 +10:00
Yaroslav Halchenko b20159a715 Merge pull request #265 from yarikoptic/master 
Improve fail2ban-client errors logging/handling -- fail if no log file could be read, dump logs to stderr
 2013-06-24 07:09:10 -07:00
Yaroslav Halchenko b9e971c25d Merge branch 'exim' of https://github.com/grooverdan/fail2ban 
* 'exim' of https://github.com/grooverdan/fail2ban:
  DOC: credits/blame to me for changes to exim
  ENH: new exim filter regexs. Also note a begining PID in this format. Thanks to ftoppi for the log entries
  TST/ENH: Improve regex around exim
 2013-06-23 00:21:28 -04:00
Yaroslav Halchenko 057f0ad135 ENH: allow_no_files option for jail's convert to allow testing of stock jail.conf 2013-06-21 12:44:37 -04:00
Yaroslav Halchenko 61f81c6b2f Changelog entries with close statements for recent changes 2013-06-21 11:12:44 -04:00
Yaroslav Halchenko 27947407bc ENH: raise an exception if not a single file was found for the jail. Close #63 2013-06-21 11:12:44 -04:00
Yaroslav Halchenko b6be8b8243 ENH/RF: remove __readJailConfig in favor of __readConfig + catch/error exceptions while reading the configuration 2013-06-21 11:12:44 -04:00
Yaroslav Halchenko 2974cac40c RF: log all logging output from fail2ban-client to stderr. Close #264 
otherwise it
1. 'interferes' with meaninful output of the client
2. if ERROR is logged it better go to stderr and separating ERROR from other levels is not that transparent with python's logging
 2013-06-21 11:12:36 -04:00
Steven Hiscocks f87c53fa52 BF: fail2ban-regex adding duplicate lines with each regex 
This is another fix on top of e73b3dd to correctly resolve this issue
 2013-06-19 20:03:19 +01:00
Steven Hiscocks 123ec3da13 BF: Incorrect import for 0.9 branch in fail2ban-regex 2013-06-19 20:02:49 +01:00
Yaroslav Halchenko 8487cb2e90 Merge commit '0.8.10-31-g1ab0f0f' into 0.9 
* commit '0.8.10-31-g1ab0f0f': (24 commits)
  BF/ENH: Incorrect authentication data doesn't need tailier so that's optional. Also gained log entry for Unrouteable address
  ENH: readibility thanks to Yaroslav
  DOC: Changelog for fail2ban-regex RF
  DOC: Changelog for asterisk hardening
  ENH: fail2ban-regex -- add specification of loglevels to enable
  RF: reworked -regex cmdline tool to use optparse, some unification and enhancement of outputs
  ENH: 'heavydebug' level == 5 for even more debugging in tricky cases
  ENH: asterisk -- use \S instead of [^:] + prefix failregex with ^\[
  BF: missed a space
  BF: [SSL-out] is optional in assp
  ENH: regex hardening on assp
  ENH: anchor a bit mor. Use \d and \w where possible. Escape a literal .
  TST: attempts at injection with username=rhost=1.2.3.4 have no user= logged in dovecot-1.2.15
  ENH: proftpd chan accept usernames with spaces
  ENH: injection of fail data into USER field
  ENH: dovecot regexs rewritten and extra failures
  ENH: proftp regex hardening and log messages
  ENH/BF: exim improvements with sample
  BF: fix to proxy port in 3proxy example
  ENH: sample log + more specific regex
  ...

Conflicts: -- it was a messy merge/resolution.
	ChangeLog
	bin/fail2ban-regex
	fail2ban-testcases
	fail2ban/server/filter.py
 2013-06-18 20:21:23 -04:00
Steven Hiscocks 9b8eaa90ef ENH: Reorder date regex and remove duplicate ISO8601 format 2013-06-18 22:19:53 +01:00
Yaroslav Halchenko 1ab0f0f9e3 Merge branch 'master' of https://github.com/yarikoptic/fail2ban 
* 'master' of https://github.com/yarikoptic/fail2ban:
  DOC: Changelog for fail2ban-regex RF
  ENH: fail2ban-regex -- add specification of loglevels to enable
  RF: reworked -regex cmdline tool to use optparse, some unification and enhancement of outputs
  ENH: 'heavydebug' level == 5 for even more debugging in tricky cases

Conflicts:
	ChangeLog
 2013-06-15 10:52:05 -04:00
Daniel Black 25c3bbfc2f DOC: credits/blame to me for changes to exim 2013-06-16 00:25:24 +10:00
Daniel Black b8cfda68b8 ENH: new exim filter regexs. Also note a begining PID in this format. Thanks to ftoppi for the log entries 2013-06-16 00:19:37 +10:00
Daniel Black ee786671aa DOC: developing filters without DoS 2013-06-15 13:17:09 +10:00
Daniel Black d441d61a1e TST/ENH: Improve regex around exim 
rejected by local_scan now has test cases.

Unrouteable address error messages now normalised after looking into
exim code.
 2013-06-15 12:34:16 +10:00
Yaroslav Halchenko 9d4b613ee4 Merge branch '3proxy' of https://github.com/grooverdan/fail2ban 
* '3proxy' of https://github.com/grooverdan/fail2ban:
  BF: fix to proxy port in 3proxy example
  ENH: sample log + more specific regex
  BF: authentication errors end in 01-09 but the beginning part indicates the service as per https://github.com/fail2ban/fail2ban/issues/246#issuecomment-19327955 thanks to ykimon
  BF: need to anchor the start to avoid another repeat of DoS injection like Apache
  ENH: stricter regex thanks to Steven Hiscocks (kwirk)
  DOC: credits

Conflicts:
	ChangeLog
 2013-06-14 12:32:51 -04:00
Yaroslav Halchenko 173fe48e77 Merge branch 'exim' of https://github.com/grooverdan/fail2ban 
* 'exim' of https://github.com/grooverdan/fail2ban:
  BF/ENH: Incorrect authentication data doesn't need tailier so that's optional. Also gained log entry for Unrouteable address
  ENH: readibility thanks to Yaroslav
  ENH/BF: exim improvements with sample

Conflicts:
	ChangeLog
 2013-06-14 12:28:07 -04:00
Yaroslav Halchenko ec629ab4e8 Merge branch 'proftpd' of https://github.com/grooverdan/fail2ban 
* 'proftpd' of https://github.com/grooverdan/fail2ban:
  ENH: proftpd chan accept usernames with spaces
  ENH: injection of fail data into USER field
  ENH: proftp regex hardening and log messages

Conflicts:
	ChangeLog
 2013-06-14 12:16:59 -04:00
Yaroslav Halchenko ab2c738b43 Merge branch 'dovecot' of https://github.com/grooverdan/fail2ban 
* 'dovecot' of https://github.com/grooverdan/fail2ban:
  TST: attempts at injection with username=rhost=1.2.3.4 have no user= logged in dovecot-1.2.15
  ENH: dovecot regexs rewritten and extra failures

Conflicts:
	ChangeLog -- merged entries
 2013-06-14 12:14:40 -04:00
Daniel Black 8cc13b5b40 BF/ENH: Incorrect authentication data doesn't need tailier so that's optional. Also gained log entry for Unrouteable address 2013-06-14 18:12:53 +10:00
Daniel Black a433a8ea5f ENH: readibility thanks to Yaroslav 2013-06-14 15:21:50 +10:00
Yaroslav Halchenko 948be73115 Merge branch 'assp' of https://github.com/grooverdan/fail2ban 
* 'assp' of https://github.com/grooverdan/fail2ban:
  BF: missed a space
  BF: [SSL-out] is optional in assp
  ENH: regex hardening on assp

Conflicts:
	ChangeLog -- merged the two entries into 1
 2013-06-13 23:32:45 -04:00
Yaroslav Halchenko 77044fce35 DOC: Changelog for fail2ban-regex RF 2013-06-13 23:21:48 -04:00
Yaroslav Halchenko 9b351350dd DOC: Changelog for asterisk hardening 2013-06-13 23:19:28 -04:00
Yaroslav Halchenko e91419d361 ENH: fail2ban-regex -- add specification of loglevels to enable 2013-06-13 23:19:28 -04:00
Yaroslav Halchenko ffe381d91c RF: reworked -regex cmdline tool to use optparse, some unification and enhancement of outputs 2013-06-13 23:19:28 -04:00
Yaroslav Halchenko 97f9cfc0b0 ENH: 'heavydebug' level == 5 for even more debugging in tricky cases 
I mocked logging library directly -- seems to be Ok.
 2013-06-13 23:19:28 -04:00
Yaroslav Halchenko 09302c5c25 ENH: asterisk -- use \S instead of [^:] + prefix failregex with ^\[ 
detected date portion is stripped from the string to be matched, so it is not only
the right ] is left, but also the left one ;-)
 2013-06-13 23:15:48 -04:00
Daniel Black 7018d81244 BF: missed a space 2013-06-14 12:35:44 +10:00
Daniel Black a447aa615d BF: [SSL-out] is optional in assp 2013-06-14 12:27:35 +10:00