Commit Graph

278 Commits (d8469b39732ccf970f2819211e13c3bab414330b)

Author SHA1 Message Date
Yaroslav Halchenko b41a249161 recommend python-pyinotify and only suggest python-gamin 2012-07-31 18:02:24 -04:00
Yaroslav Halchenko 197edfc271 debian/control,rules: switch to use dh_python2, boost policy compliance to 3.9.3 2012-07-31 17:33:13 -04:00
Yaroslav Halchenko 235267b7ac debian/source: switch to 3.0 (quilt) format 2012-07-31 16:54:09 -04:00
Yaroslav Halchenko 475558056e Merged changelog with unreleased 0.8.6-4 to avoid possible confusions 2012-07-31 16:52:00 -04:00
Yaroslav Halchenko 29f108dbb1 Close also #653074 since fixed in 5cac32e038 2012-07-31 16:50:35 -04:00
Yaroslav Halchenko 86ae7d2f5e debian/fail2ban.init: Should-(start|stop): iptables-persistent (Closes: #598109), ferm (Closes: #604843) 2012-07-31 16:21:03 -04:00
Yaroslav Halchenko 59e95b053e debian/jail.conf: adopted few jails from "upstreams" jail.conf: asterisk, recidive, lighttpd, php-url-open 2012-07-31 16:16:55 -04:00
Yaroslav Halchenko 14d609941b monitor syslog not auth.log for wuftpd 2012-07-31 15:59:44 -04:00
Yaroslav Halchenko 23e979a20e Adjusted changelog to reflect changes pulled with the merge 2012-07-31 15:58:15 -04:00
Yaroslav Halchenko d0c5da97a4 Initiated debian changelog entry for 0.8.7-1 2012-07-31 14:04:25 -04:00
Yaroslav Halchenko 25077092e9 adjusted revision 2012-07-20 09:56:36 -04:00
Yaroslav Halchenko b8a8720a49 updated changelog 2012-07-19 17:30:25 -04:00
Yaroslav Halchenko 7dbbc61319 adjusted revision 2012-07-19 14:06:44 -04:00
Yaroslav Halchenko ffd12554e4 changelog entry for 0.8.6~+git69-gb4099da-1 2012-06-06 23:41:10 -04:00
Yaroslav Halchenko 6ad4276a4e DOC: note about way to add comments + pruned not needed authorship line and obsolete $Revision$ 2012-06-04 22:46:59 -04:00
Yaroslav Halchenko 826f53f92d adjusted changelog 2012-02-10 08:20:10 -05:00
Yaroslav Halchenko b25dddff31 Added dovecot section to Debian's jail.conf. Thanks to Laurent Léonard (Closes: #655182) 2012-01-08 21:47:18 -05:00
Yaroslav Halchenko 088aa67381 DOC: finalizing changelog 2012-01-07 19:46:42 -05:00
Yaroslav Halchenko 055c3e9323 changelog for xt changes 2012-01-07 15:33:20 -05:00
Yaroslav Halchenko 5c2abe60a1 Added pure-ftpd section to Debian's jail.conf. Thanks to Laurent Léonard (Closes: #654412) 2012-01-05 23:01:11 -05:00
Yaroslav Halchenko e5ea44b999 Adjusted debian/watch to fetch tarballs from github 2011-11-28 23:01:32 -05:00
Yaroslav Halchenko a27bff08e5 [1efe1bc] Fresh upstream release (Closes: #648324) + boost policy to 3.9.2 2011-11-28 22:54:36 -05:00
Yaroslav Halchenko 2b27d83625 changelog for 0.8.5-2 2011-09-23 22:12:27 -04:00
Yaroslav Halchenko a41a8e3dc7 adjusted changelog 2011-07-28 23:22:33 -04:00
Yaroslav Halchenko 584539a2c4 changelog for 0.8.5-1 2011-07-28 23:08:16 -04:00
Yaroslav Halchenko 846029d154 untabify the most recent changelog 2011-03-23 17:34:32 -04:00
Yaroslav Halchenko 66934d4ed6 changelog entry for 0.8.4+svn20110323-1 2011-03-23 17:19:14 -04:00
Yaroslav Halchenko f7bb5e2df4 changelog entry for 0.8.4-3 2010-06-28 21:50:37 -04:00
Yaroslav Halchenko eb08f17cb2 changelog entry for -2 2010-02-25 00:20:08 -05:00
Yaroslav Halchenko d0f32768d6 releasing 0.8.4-1 into Debian 2009-09-11 01:49:04 -04:00
Yaroslav Halchenko 187d6c96a9 changelog entry 2009-09-11 00:53:53 -04:00
Yaroslav Halchenko f6861cd5ee Changelog entries 2009-07-09 01:42:48 -04:00
Yaroslav Halchenko 59223c3513 Very lengthy debian/changelog entry 2009-07-09 01:15:47 -04:00
Yaroslav Halchenko d47bfd73d6 added changelog entry about BF 2009-02-05 09:54:22 -05:00
Yaroslav Halchenko e5ca2a97b1 BF: added missing semicolon in a logging template for bind within jail.conf (thanks to anonymous on www.debian-administration.org) 2009-02-02 23:03:48 -05:00
Yaroslav Halchenko 65159d1498 updated changelog 2009-01-18 11:58:31 -05:00
Yaroslav Halchenko 463564d590 New changelog entry to describe the merge of upstream
* added example for BREAK-IN in ssh
* Syncing current debian revision to FAIL2BAN-0_8@717 of upstream,
  since it includes fixes to some forwarded bugs. Total list of
  functional changes
  - Added actions to report abuse to ISP, DShield and myNetWatchman.
    Thanks to Russell Odom.
  - Added apache-nohome.conf. Thanks to Yaroslav Halchenko.
  - Added new time format. No idea from where it comes...
  - Added new regex. Thanks to Tobias Offermann.
  - Try to match the regex even if the line does not contain a valid
  date/time. Described in Debian #491253. Thanks to Yaroslav
  Halchenko.
  - Removed "timeregex" and "timepattern" stuff that is not needed
  anymore.
  - Added date template for Day-Month-Year Hour:Minute:Second
    (closes: #491253)
  - Added date pattern for Hour:Minute:Second. Thanks to Andreas
    Itzchak Rehberg.
  - Use current day and month instead of Jan 1st if both are not
    available in the log. Thanks to Andreas Itzchak Rehberg.
  - Improved pattern. Thanks to Yaroslav Halchenko.
  - Merged patches from Debian package. Thanks to Yaroslav Halchenko.
2009-01-18 11:42:13 -05:00
Yaroslav Halchenko 196d4c31d8 BF: addressing added bang to ssh log (closes: #512193). Thanks Silvestre Zabala. 2009-01-18 10:41:13 -05:00
Yaroslav Halchenko f868269362 releasing 0.8.3-2 2008-08-06 15:49:34 -04:00
Yaroslav Halchenko 3f577f7fbf BF in apache-noscript.conf - regexp matched in referer (Closes: #492319). Thanks Bernd Zeimetz. 2008-07-25 13:35:19 -04:00
Yaroslav Halchenko 79442fcc7b adjusted changelog due to merges 2008-07-21 10:40:22 -04:00
Yaroslav Halchenko 8cd185ebbb adjusted changelog for 0.8.3-1 2008-07-21 10:29:24 -04:00
Yaroslav Halchenko bf9e991b4a Merge branch 'debian' into build
* debian: (23 commits)
  Imported Upstream version 0.8.3
  - Prepared for 0.8.3.
  Adjusted vcs paths
  - Prepared for 0.8.3
  - Send file if the number of lines is greater or equal and not only equal to the limit.
  - Use poll instead of select in asyncore.loop. This should solve the "Unknown error 514". Thanks to Michael Geiger and Klaus Lehmann.
  - Added missing ignoreregex to filters. Thanks to Klaus Lehmann.
  - Added and changed some logging level and messages.
  - Added svn:keywords.
  - Added ISO 8601 date/time format.
  - Better (correct) fix for ignoreregex in jail.[conf|local].
  - Fixed ignoreregex processing in fail2ban-client. Thanks to René Berber.
  - Added "Day/Month/Year Hour:Minute:Second" date template. Thanks to Dennis Winter.
  - Added svn:keywords.
  - Added gssftpd filter. Thanks to Kevin Zembower.
  - Changed some log level.
  - Fixed "fail2ban-client get <jail> logpath". Bug #1916986.
  - Fixed PID file while started in daemon mode. Thanks to Christian Jobic who submitted a similar patch.
  - Fixed socket path in redhat and suse init script. Thanks to Jim Wight.
  - Create /var/run/fail2ban during install.
  ...

Conflicts:

	ChangeLog
	config/filter.d/gssftpd.conf
	config/filter.d/pam-generic.conf
	debian/changelog
2008-07-21 10:22:06 -04:00
Yaroslav Halchenko a779bfc655 Adjusted vcs paths 2008-07-17 11:21:51 -04:00
Yaroslav Halchenko a355adcbb2 Changelog entries for 0.8.2-3 2008-05-06 11:10:39 -04:00
Yaroslav Halchenko 9db84ab727 releasing 0.8.2-2 2008-04-07 10:27:03 -04:00
Yaroslav Halchenko 9122f3aab0 Releasing 0.8.2-1 2008-03-05 23:31:20 -05:00
Yaroslav Halchenko eede41f62b Changelog entries for 0.8.2-1 2008-03-05 23:30:31 -05:00
Yaroslav Halchenko e43ea8e1b3 releasing -5 2008-02-28 19:52:37 -05:00
Yaroslav Halchenko 0392274daf added 0.8.1-4 changelog entry. 2008-02-09 22:09:50 -05:00
Yaroslav Halchenko 24d8b44c2a * Moved iptables into recommends since fail2ban can work without iptables
using some other action (e.g hosts.deny)
2007-11-23 12:50:39 -05:00
Yaroslav Halchenko fa21222c63 * Moved iptables into recommends since fail2ban can work without iptables
using some other action (e.g hosts.deny)
2007-11-23 12:49:15 -05:00
Yaroslav Halchenko ee25282f34 releasing 0.8.1-3 2007-11-23 11:43:41 -05:00
Yaroslav Halchenko 6b913aafa2 Merge branch 'debian' into build: Vcs fields
Conflicts:

	debian/changelog
2007-11-23 11:10:35 -05:00
Yaroslav Halchenko f8b17f3859 * Added Vcs- fields, moved Homepage into source header's field 2007-11-23 11:09:34 -05:00
Yaroslav Halchenko 4b95233acb Merge branches 'debian' and 'up/sshd_refused_connect' into build: NF: refused connect sshd failregex 2007-11-23 09:02:58 -05:00
Yaroslav Halchenko d82257b2f2 Merge branch 'debian' into build: BF: no sftp in ssh jails 2007-11-22 14:34:59 -05:00
Yaroslav Halchenko 4aa9bca7ca Merge branch 'up/0.9-0.8' into build and provided debian/changelog 2007-11-11 01:21:44 -05:00
Yaroslav Halchenko 2553e2717a * Added force-start action to init script, so it could be forced
to start if previous run crashed and left a socket file. Must to be
  used with caution.
2007-10-18 22:03:37 -04:00
Yaroslav Halchenko 8d9aca4e20 * Fixed named-refused filter. 2007-10-16 17:02:35 -04:00
Yaroslav Halchenko 99dbe90ad2 releasing 2007-10-16 17:02:35 -04:00
Yaroslav Halchenko 413ec5317e first pre-release version of 0.8.1 2007-10-16 17:02:35 -04:00
Yaroslav Halchenko 0012f9ff92 * (NOT RELEASED YET) New upstream release.
Patches absorbed upstream:
    00_daemon_pids.dpatch
    00_iptables_allports.dpatch
    00_vsftp_filter_spaces.dpatch
    00_resolve_all_names.dpatch
    00_HOST_ignoreregex.dpatch
   Patches which needed some tune-up:
    00_ssh_strong_re.dpatch
    00_mail-whois-lines.dpatch
    00_named_refused.dpatch
2007-10-16 17:02:35 -04:00
Yaroslav Halchenko e10a8616b4 fetched fresh upstream 0.8.1 2007-10-16 17:02:35 -04:00
Yaroslav Halchenko 922b5035ea actually we never released pre-release 2007-10-16 17:02:35 -04:00
Yaroslav Halchenko 85b75c77fb * Resolve all "names" which became a part of <HOST>. Previousely only fqdn's
were resolved
2007-08-13 21:13:59 +00:00
Yaroslav Halchenko c5202ce696 * Added optional spaces at the end of failregex for vsftpd. 2007-08-06 01:39:30 +00:00
Yaroslav Halchenko 58ae2a5a75 * Added new time template matching named log entries 2007-07-30 02:31:35 +00:00
Yaroslav Halchenko 95d17ee318 * Adjusted failregex for sshd filter:
- anchored properly at the end of line, and source code has .examples
    files to perform testing of the rules.
  - added new explicit rule for users not in the AllowUsers lists
2007-07-29 17:20:23 +00:00
Yaroslav Halchenko 3aef16b773 * jail.conf has specification of protocol (default to tcp) to be provided to
banaction
2007-07-25 03:47:32 +00:00
Yaroslav Halchenko 14d3ffc6de * Added a filter for named to catch refused/denied queries 2007-07-24 18:10:05 +00:00
Yaroslav Halchenko f58421eabf * Use /var/run to keep socket file (closes: #425746) 2007-07-05 17:12:17 +00:00
Yaroslav Halchenko a9ecd98ffe Added port param in jail since otherwise -- crashes 2007-06-25 17:08:49 +00:00
Yaroslav Halchenko 2e55bc57c7 * Added a filter pam_generic to catch any login errors.
* Added iptables-allports.
2007-06-25 16:51:05 +00:00
Yaroslav Halchenko bc0806d459 * Moved <HOST> expansion into regex.py (closes: #429263). Thanks James
Andrewartha.
* Added optional regexp entry for process PID in some entries (closes:
  #426050). Thanks Roderick Schertler.
2007-06-21 01:47:02 +00:00
Yaroslav Halchenko cc5ec4dcde releasing 2007-05-16 18:14:13 +00:00
Yaroslav Halchenko e55dfeaf3a untabified last entry 2007-05-15 14:37:09 +00:00
Yaroslav Halchenko cc1ed23b40 * Applied changes submitted by Bernd Zeimetz (thanks Bernd):
- Removed obsolete Build-Depends-Indep on help2man, python-dev
	- Explicit removal of *.pyc files compiled during build
	- Invoke 'python setup.py clean' in clean target, which required also
	  to move python into Build-Depends
* Minor clean up of debian/rules
2007-05-15 14:26:28 +00:00
Yaroslav Halchenko be824f4e00 adjusted to be prerelease of the package 2007-05-10 15:35:43 +00:00
Yaroslav Halchenko c58a100259 * Manually changing the order of debhelper inserted scripts in prerm
(Closes: #422655)
* Removed obsolete hack to have /bin/env invocation of python for
  fail2ban-* scripts
2007-05-10 15:34:09 +00:00
Yaroslav Halchenko e9397ea375 * New stable upstream release 2007-05-05 16:35:58 +00:00
Yaroslav Halchenko 10718c1036 initial upgrade to 0.8.0 2007-05-05 16:17:50 +00:00
Yaroslav Halchenko d15f9d0206 * New upstream release
* Updated copyright to include current year
* Removed patches absorbed upstream
2007-04-20 01:44:43 +00:00
Yaroslav Halchenko 5dcec130f6 adjusted changelog -- releasing finally 2007-03-26 21:53:30 +00:00
Yaroslav Halchenko 7c30a3097b * Applied post-release upstream changes to resolve issues with
- Close opened handlers to log file
 - Fixed "reload" bug
2007-03-26 21:47:10 +00:00
Yaroslav Halchenko d345865621 * New upstream release
* Applied post-release changes to resolve issues with gamin and not closed
  on reload log file
2007-03-24 22:27:09 +00:00
Yaroslav Halchenko ee3f91176c * New upstream release (included most of the debian-provided patches -- new
filters and actions)
* Refreshed and made verbatim homepage in description
2007-02-09 03:22:15 +00:00
Yaroslav Halchenko a4c15ea883 * NOT RELEASED YET
* Made homepage in description verbatim
2007-02-07 15:25:11 +00:00
Yaroslav Halchenko 936fee7c40 * Use /usr/bin/python interpreter instead of wrapped call to python by
/usr/bin/env
2007-01-19 16:08:10 +00:00
Yaroslav Halchenko 878fa0dedd * Synchronized action.d/iptables-* rules from upstream SVN (closes:
#407561)
* Minor: options renames in the comments to be in sync with upstream
2007-01-19 15:51:11 +00:00
Yaroslav Halchenko 7a1dd9e98c * iptables-multiport is default action to take since Debian kernel arrives
with multiport module. That is to address the fact that most services
  listen on multiple port (for encrypted and non-encrypted connections)
* Added [courierauth] jail (First 2 items are to partially address #407404
2007-01-18 15:41:49 +00:00
Yaroslav Halchenko 85d8604209 removed empty lines 2007-01-04 20:34:41 +00:00
Yaroslav Halchenko 36b1833e31 * Adjusted default log file for postfix to be /var/log/mail.log
(Closes: #404921)
2007-01-04 20:25:45 +00:00
Yaroslav Halchenko e570f14a5d releasing 2007-01-04 19:48:58 +00:00
Yaroslav Halchenko f01c74581d fixed action_ shortcuts
adjusted initd script to be verbose on start if socketfile exists
2007-01-04 19:47:00 +00:00
Yaroslav Halchenko 7fa686a7f2 * New upstream release, which incorporates fixes introduced in 3~pre
non-released versions (which were suggested to the users to overcome
  problems reported in bug reports). In particular attention should be paid
  to upstream changelog entries

  - Several "failregex" and "ignoreregex" are now accepted.
    Creation of rules should be easier now.
  
    This is an alternative solution to 'multiple <HOST>' entries fix,
    which is not applied to this shipped version - pay cautios if upgrading
    from 0.7.5-3~pre?
 
  - Allow comma in action options. The value of the option must
    be escaped with " or '. 
    That allowed to implement requested ability to ban multiple ports
    at once (See 373592). README.Debian and jail.conf adjusted to reflect
    possible use of iptables-mport
  - Now Fail2ban goes in /usr/share/fail2ban instead of
    /usr/lib/fail2ban. This is more compliant with FHS.
    Patch 00_share_insteadof_lib no longer applied
* Refactored installed by debian package jail.conf:
  - Added option banaction which is to incorporate banning agent
    (usually some flavor of iptables rule), which can then be easily
    overriden globally or per section
  
  - Multiple actions are defined as action_* to serve as shortcuts
2007-01-04 18:08:09 +00:00
Yaroslav Halchenko e8ce484c05 reworked init script a bit: waiting on stop and ping instead of status 2007-01-04 17:03:35 +00:00
Yaroslav Halchenko a81dd8b103 boosted version 2007-01-03 16:09:43 +00:00
Yaroslav Halchenko 97ab74de5f * Not applying patch any more for rigid python2.4 - it is default now in
sid/etch
2007-01-03 16:09:01 +00:00
Yaroslav Halchenko 4d5ec804f5 * Added filter ssh-ddos to fight DDOS attacks. Must be used with caution if
there is a possibility of clients accessing through unreliable connection 
  (Closes: #404487)
2006-12-28 07:28:53 +00:00