Commit Graph

826 Commits (dd75d35420170048a9bbea6bb607a2edf1a7d801)

Author SHA1 Message Date
Daniel Black 5eddd5d12d DOC: document required firewalld version as > 0.3.7.1
11 years ago
Daniel Black 27d257d5a6 Merge pull request #408 from grooverdan/dropbear
11 years ago
Daniel Black 8ac6081555 ENH: fix to use upstream --remove-rules
11 years ago
Daniel Black 93de46ac72 BF: maxretry=5 for ssh as per DEVELOP. align = in jail.conf
11 years ago
Daniel Black c3f9c9aa60 BF: filter.d/dropbear
11 years ago
Daniel Black 89fd792dfb DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page
11 years ago
Daniel Black de9977441a DOC: move named and mysql instructions into the filters from jail.conf
11 years ago
Daniel Black 7ab909d056 DOC: space out jail.conf consistantly
11 years ago
Daniel Black 95f3f38682 MRG: merge ChangeLog and jail.conf
11 years ago
Daniel Black e3150044fd BF: fix selinux
11 years ago
Daniel Black 0f85aef609 Merge pull request #407 from grooverdan/dovecot-jail
11 years ago
Daniel Black a991adb83f ENH: add submission, smtps and sieve to blocked ports since this also typically rely on dovecot auth
11 years ago
Daniel Black 8412303131 ENH: dovecot jail examples
11 years ago
Daniel Black cde389cadc ENH: additional tweek to dovecot regex based on http://chrisgilligan.com/portfolio/fail2ban-regex/
11 years ago
Daniel Black 0c14707201 ENH: add dovecot jail
11 years ago
Daniel Black d451c2a231 FIX: vsftp improvements from Rich Mellor on mailing list
11 years ago
Daniel Black b61fe0f12d Merge pull request #378 from grooverdan/sasl
11 years ago
Daniel Black 4ecc063bd0 ENH: rename filter.d/sasl -> filter.d/postfix-sasl
11 years ago
Daniel Black c2b76d1fd0 Merge pull request #397 from yarikoptic/_enh/unify_default_strings
11 years ago
Daniel Black b4cbf82912 DOC: remove Default: on action firewall-cmd-direct-new
11 years ago
Yaroslav Halchenko 4149c7495d Options in actions to be specified in jails have no "Default"s besides those specified in the files -- thus removing from comments
11 years ago
Yaroslav Halchenko d12eb2526a Fixing up default values in fail2ban.conf + unifying formatting
11 years ago
Daniel Black f1bb08aa6a ENH: base blocktype off iptables-blocktype.conf for firewall-cmd-direct-new.conf like other iptables based actions
11 years ago
Daniel Black 12f7ea7ec4 DOC: remove excessive comments from firewall-cmd-direct-new
11 years ago
Daniel Black 0d8d1ae26c ENH: new action.d/firewall-cmd-direct-new.conf from Redhat Bugzilla #979622
11 years ago
Daniel Black 123ad1cc9c MRG: Merge branch 'asterisk-common-jail'
11 years ago
Daniel Black 8421007f32 MRG: merge man/jail.conf.5 entries
11 years ago
Daniel Black ef62d0d4c1 Merge pull request #391 from grooverdan/jail-mysql-doc
11 years ago
Daniel Black e417a2112c Merge pull request #386 from grooverdan/qmail
11 years ago
Daniel Black e227568c3b Merge pull request #384 from grooverdan/dovecot-325
11 years ago
Daniel Black 0022cca786 Merge pull request #385 from grooverdan/ipset
11 years ago
Daniel Black 8fe542ca9f DOC: reintroduce comment on comments
11 years ago
Daniel Black 6b6169178f ENH: mysql syslog jail.conf base
11 years ago
Daniel Black ee58696531 DOC: try to encourage jail.local jail.d/*.local a lot more
11 years ago
Daniel Black 6ef33981e3 ENH: new asterisk jail to replace asterisk-(tcp|udp) (now that gh-37 is fixed)
11 years ago
Daniel Black 6b519d54db ENH: filter.d/recidive - replace ignore regex with a negative lookahead assertion
11 years ago
Daniel Black 351eb5ec8f ENH: filter.d/qmail - anchor at start. Add another regex for http://www.tjsi.com/rblsmtpd/faq/ patch to rblsmtpd
11 years ago
Daniel Black eb59a57b7f ENH: tighten pam_unix expression for dovecot
11 years ago
Daniel Black 864d2f41b9 ENH: auth-worker as per of _daemon definition for dovecot
11 years ago
Daniel Black 2d1bd54439 Merge pull request #379 from grooverdan/webmin
11 years ago
Yaroslav Halchenko 500968874e Merge pull request #381 from grooverdan/suhosin
11 years ago
Yaroslav Halchenko a7b1b802e0 Merge pull request #382 from grooverdan/vsftpd
11 years ago
Yaroslav Halchenko f0b91fcede Merge pull request #380 from grooverdan/sogo
11 years ago
Daniel Black df313649a4 ENH: escape . in recidive filter
11 years ago
Daniel Black 1a5e17f2a3 BF: use blocktype for iptables-ipset-proto6*
11 years ago
Daniel Black dcb845f17c ENH: add iptables-ipset-proto6-allports for blocking all ports
11 years ago
Daniel Black 2a1d629d88 BF: webmin -> webmin-auth
11 years ago
Daniel Black ab457acc4d BF: fix name in action for uwimap-auth
11 years ago
Daniel Black 0beea03914 ENH: jail.conf example for webmin
11 years ago
Daniel Black d60f470096 ENH: added to dovecot filter. closes gh-325
11 years ago
Daniel Black 5a2623f0df ENH: reorder osx-ipfw jail defination to near the other ssh examples
11 years ago
Daniel Black 359210f224 ENH: filter.d/squirrelmail added
11 years ago
Daniel Black 46386412a4 ENH: filter.d/vsftpd - pam regex as syslog and anchored at start
11 years ago
Daniel Black 1519712972 ENH: filter.d/vsftpd anchor internal regex at start
11 years ago
Daniel Black 9637c27873 ENH: filter.d/suhosin - anchor regex at start
11 years ago
Daniel Black 13bcc9aa84 ENH: filter.d/sogo-auth - anchor regex at start
11 years ago
Daniel Black b64bf3fa7b ENH: filter.d/webmin anchor at start and use syslog
11 years ago
Daniel Black f4c7c8f4b3 ENH: sasl - anchor regex at start
11 years ago
Daniel Black 23dd734aa9 Merge pull request #366 from grooverdan/dovecot
11 years ago
Daniel Black f998e01590 Merge pull request #359 from grooverdan/pureftpd
11 years ago
Daniel Black ba8183b116 Merge pull request #372 from grooverdan/uw-imap
11 years ago
Daniel Black 262616f7a7 ENH: filter.d/uwimap-auth - failure of an admin override to regex
11 years ago
Daniel Black 9211179d30 ENH: filter.d/uwimap-auth - add "disabled" to regex
11 years ago
Daniel Black 4649cf9608 ENH: separate selinux and selinux-ssh
11 years ago
Daniel Black 791183b639 ENH: filter.d/uwimap-auth - add SYSTEM BREAK-IN ATTEMPT
11 years ago
Daniel Black a1eaa5f755 ENH: filter.d/selinxu added. Closes #296
11 years ago
Daniel Black 778f09debe DOC/ENH: __md5hex regex defination to common.conf. Document debian bug #
11 years ago
Daniel Black b3b62d65bf ENH: filter.d/uwimap-auth added. Closes #18
11 years ago
Daniel Black f2ae20a3b8 BF: filter.d/sshd group on md5hex and () for serial needed to be escaped
11 years ago
Daniel Black 1eeb6e94bd BF: fix regex for openssh-6.3
11 years ago
Daniel Black e12d389c65 MRG/DOC: jail.conf resolution, ChangeLog fixes
11 years ago
Daniel Black 74434694dc BF: more duplicate jail.conf entries - 3proxy exim{,-spam}, perdition
11 years ago
Daniel Black 5cf25a63df BF: remove duplicate ssh-pf in jail.conf
11 years ago
Mark McKinstry b6bf26c9f2 dont' need to set a default name
11 years ago
Mark McKinstry 4187e87b69 don't enabel ssh-apf jail by default
11 years ago
Mark McKinstry f9f4d2728f add an example jail for apf action and ssh filter
11 years ago
Mark McKinstry 2668adc896 Merge branch 'master' of github.com:fail2ban/fail2ban
11 years ago
Mark McKinstry 1af4543aca ability to name the jail that banned the IP with apf
11 years ago
Mark McKinstry dd9ee4c39a quotes around the comment put in apf's deny_hosts.rules file
11 years ago
Mark McKinstry e64493c328 use human readable/longer options when banning and un-banning IPs with apf
11 years ago
Mark McKinstry c692912a82 don't hardcode absolute path for apf firewall
11 years ago
Mark McKinstry 66aff43d68 remove un-needed '$' line
11 years ago
Daniel Black 9805d39b60 MRG: merge date changes to support timezones
11 years ago
Daniel Black 8c2a5612ed DOC: resolve ChangeLog conflicts
11 years ago
Daniel Black 2a805452c6 DOC: resolve ChangeLog conflicts
11 years ago
Daniel Black 8e9fab9b3c Merge branch 'master' of https://github.com/fail2ban/fail2ban
11 years ago
Daniel Black 3be7dcd701 DOC: resolve ChangeLog conflicts
11 years ago
Daniel Black 89e0520675 ENH: dovecot regex to match failure reported by Bob Cohen on mailing list
11 years ago
Daniel Black c3ee03b9ba BF: fix daemon name typo for filter proftpd
11 years ago
Daniel Black 39ca8837eb TST: pureftpd - syslog therefore use syslog prefixes in filter
11 years ago
Daniel Black 30bb1a77a3 ENH: added syslog prefix to pam-generic filter. Disable regex match for pre 2006 (< 0.99.2.0) versions on linux-pam
11 years ago
Daniel Black ee497ff1cb ENH: filter mysqld-auth can be a is a syslog based service so anchor it using syslog prefix
11 years ago
Daniel Black 13ec9d58c0 ENH: filter gssftpd is a syslog based service so anchor it using syslog prefix
11 years ago
Daniel Black 673cc4d77f ENH: anchor at end of recidive filter
11 years ago
Daniel Black 504111b0b1 ENH: filter.d/recidive - anchor regex at start and support f2b SYSLOG target
11 years ago
Beau Raines 060bd45295 ENH - Added server name to subject line in email notifications
11 years ago
Daniel Black 8c1b828423 BF: capture of microseconds no longer needed. Closes gh-341
11 years ago
Daniel Black d0098b0213 ENH: add timezone offest and subsecond support to Datedetector
11 years ago
Daniel Black 1f1a56174f MRG: merge from master
11 years ago
Daniel Black ad291d7e38 Merge pull request #346 from grooverdan/bsd-ipfw-default-unreach-port
11 years ago
Daniel Black e5f1a7f050 Merge pull request #344 from grooverdan/osx
11 years ago
Daniel Black 4face1f3e7 MRG: resolve conficts in action.d/osx-ipfw design
11 years ago
Andy Fragen d258a51a23 after some research it looks like setting to unreachable better than deny
11 years ago
Andy Fragen fe557e5900 more specific actionunban
11 years ago
Andy Fragen a4884f82cd add mods from grooverdan and fix actionunban
11 years ago
Daniel Black 6b0e2289d4 Merge pull request #335 from grooverdan/gh-333-bind
11 years ago
Daniel Black f2bcf84893 BF: action.d/bsd-ipfw - use blocktype instead of unused action for icmp rejecting blocked packets
11 years ago
Daniel Black 749f215089 ENH: port optional
11 years ago
Daniel Black 8b22fa15b5 BF: reverted to simplier random rulenum. If your machine is handling 1000s of block the addition complexity isnt what you want
11 years ago
Daniel Black b31799a322 ENH: add action.d/osx-afctl anonymously contributed on f2b wiki
11 years ago
Daniel Black 808aa1a792 ENH: added jail.conf example. closes gh-340
11 years ago
Daniel Black 5741348f45 ENH: more options and ruggedness to prevent unintensional consequences
11 years ago
Daniel Black 52bd0f86a8 Merge branch 'osx-ipfw' of https://github.com/afragen/fail2ban into osx
11 years ago
Daniel Black 7cc3e8a8c0 BF: Invert expression on actionstop in bsd-ipfw.conf to ensure exit status 0 on success. Closes gh-343
11 years ago
Daniel Black 15f2f38972 ENH: anchor regex at start
11 years ago
Daniel Black d5684a0834 BF: filter.d/routecube-auth - time offset can be positive or negative
11 years ago
Daniel Black a401d11644 ENH: add regex for bad zone transfer request/ TST: add test for bind-9.9 zone transfer denied
11 years ago
Andy Fragen ef504c869f added osx specific ipfw action with random rulenum
11 years ago
Yaroslav Halchenko 265a85ec1f RF: do not catch for now "invalid nonce \S* received - hash is not \S*" -- imho needs more analysis
11 years ago
Daniel Black b8e7d0b867 ENH: further tighten lighttpd basic auth regex
11 years ago
Daniel Black a7ebb84a7d ENH: tighted up lighttpd regex
11 years ago
François Boulogne e133b9f1d1 MAINT: add support for lightty1.4.31
11 years ago
Daniel Black ca4729e943 ENH: filter.d/exim.conf - add authentication failures for "plain" authentication
11 years ago
Daniel Black ef903db3c9 ENH: filter.d/named-refused.conf - BIND 9.9.3 regex changes. Closes gh-333
11 years ago
Daniel Black cfb7dba268 DOC: merge ChangeLog
11 years ago
Daniel Black b589533d69 Merge branch 'master' into kwirk-merge
11 years ago
Daniel Black fd7cc5bda7 BF: duplicate regex match fixed
11 years ago
Daniel Black 6a56727669 BF: apache-common regex - datetime could be entirely consumed
11 years ago
Daniel Black a9eb8a76c6 merge of change log and apache-auth differences
11 years ago
Steven Hiscocks 4e5feed7fc Merge pull request #8 from grooverdan/gh-303-merge-2
11 years ago
Daniel Black aad7d08451 BF: disable filter expressions without tests
11 years ago
Yaroslav Halchenko 42f3aa9f62 Merge pull request #329 from grooverdan/bind-unauth-zonetransfer
11 years ago
Daniel Black 6a36ff1a4a BF: order mailx arguments with dest email address last - redhat bugzilla 998020. Closes gh-328
11 years ago
Daniel Black c44328b1a3 ENH: new "realm mismatch" message from https://issues.apache.org/bugzilla/show_bug.cgi?id=55284#c8
11 years ago
Daniel Black ea7cba4205 ENH: trailing space as per discussion on gh-303
11 years ago
Daniel Black 61d43608ae ENH: filter.d/postfix - add filter for VRFY. Closes gh-322
11 years ago
Daniel Black 5d451bc4d6 ENH: add refused zone tranfer to named-refused filter. closes #323
11 years ago
Steven Hiscocks 53e16e07ad ENH: Minor tweak on previous commit proftpd regex changes
11 years ago
Steven Hiscocks 9002de069e ENH: Improve proftpd regex.
11 years ago
Orion Poplawski 31a78b2711 Use /var/run/fail2ban in config/action.d/dummy.conf
11 years ago
Yaroslav Halchenko e7d5e466b9 Merge branch 'enh/asterisk_and_dropbear_filters'
11 years ago
Yaroslav Halchenko 4e0ddc5f67 ENH: hardened added dropbear failregex to avoid trailing .* and enclose username in ''
11 years ago
Yaroslav Halchenko 9487ee5562 minor: consistent indentation in dropbear.conf
11 years ago
Daniel Black d8883f4346 DOC: Notes about 401 responses and how apache logs this
12 years ago
Daniel Black 7b2773889d TST: apache-auth filter - nonce timetravel tests + other expression fixes
12 years ago
Daniel Black 0fb04cb2f0 ENH: filter enhancements on mod-digest (with test cases) for apache-auth (httpd-2.4.4)
12 years ago
Daniel Black d5291517a7 MISC: merge from master
12 years ago
Daniel Black 56faf7f5ad DOC: fix ChangeLog merge
12 years ago
Jamyn Shanley a355fab91b https://github.com/fail2ban/fail2ban/issues/306
12 years ago
Jamyn Shanley 8936f2cd02 fail2ban-users: Sebastian Arcus - Detect device auth failures on Asterisk 11
12 years ago
Steven Hiscocks 2f4aaa9fb9 ENH: Simplify sieve filter failregex
12 years ago
Steven Hiscocks b5639a8672 ENH: Simplify cyrus-imap filter fail regex
12 years ago
Steven Hiscocks 27feb57e80 Merge pull request #299 from kwirk/datepatterns-dateregex
12 years ago
Daniel Black 8f532f9148 NIT: space remove
12 years ago
Daniel Black 7d7ef08145 ENH: authentication_id can be an imap4 quoted string, whatever that is, so using .+ as its id
12 years ago
Daniel Black abc4146079 ENH: perdition proxies other types hence daemon can include (perdidtion.(imap|pop)s?|managesieve). Also support local authentication resulting in the log message: local authentication failure
12 years ago
Steven Hiscocks cf1e5bdbc2 ENH: Tweak proftpd regex and add sample logs
12 years ago
Steven Hiscocks 8b9bafda79 ENH: Change lighttpd-fastcgi to suhosin, and improve regex and samples
12 years ago
Steven Hiscocks 4033857f63 ENH: Improve xinetd-fail regex and add sample logs
12 years ago
Steven Hiscocks a11f91b835 ENH: Improve cyrus-imap regex and add extra sample line
12 years ago
Steven Hiscocks 534be189dc ENH: Improve sieve regex and add sample line
12 years ago
Steven Hiscocks ab671b0b1a ENH: Improve wuftpd failregex, drop duplicate pam regex and add sample
12 years ago
Steven Hiscocks 57a6c11260 ENH: Improve courierlogin regex and add sample logs
12 years ago
Steven Hiscocks bd175f0267 ENH: Improve cyrus-imap regex and add sample log file
12 years ago
Steven Hiscocks 83a80a29ea ENH: Improve couriersmtp and add sample logs
12 years ago
Steven Hiscocks eb2f0c9272 ENH: Improve postfix regex and add more samples
12 years ago
Daniel Black 5cfe108186 ENH: filter enhancements (with test cases) for apache-auth (httpd-2.4.4)
12 years ago
Daniel Black 6fdfd8d356 BF: fix port
12 years ago
Daniel Black eea5b071e6 ENH: jail for perdition
12 years ago
Daniel Black fcf79b475f ENH: new filter perdition.conf
12 years ago
Steven Hiscocks 26b472f70f ENH: Add ejabberd-auth filter and sample log lines
12 years ago
Steven Hiscocks d661b8c046 BF: Apache regex and sample fail data update due to date pattern changes
12 years ago
Daniel Black 03ec7c211b ENH: could not find a way to trigger filter ^%(_apache_error_client)s authorization failure \(no authenticated user\): \S*\s*$
12 years ago
Daniel Black 8ce9c78474 TST: apache-auth digest logs
12 years ago
Daniel Black f8b5b3a1ef ENH: apache-auth - quite a lot of authorization failure messages depending on module. Make a wildcard
12 years ago
Daniel Black 4eca2c0bd5 TST: apache-auth client denied by server configuration
12 years ago
Daniel Black e0292913eb ENH/TST: filter, testcase and log entry for apache-auth authorization scheme mod_authz_owner
12 years ago
Steven Hiscocks 1eea0dcec8 Merge branch 'master' into 0.9
12 years ago
Yaroslav Halchenko f6a8a04cf3 ENH: roundcube-auth - adopt for current format with trailing error message. thanks @kwirk for the review/feedback
12 years ago
Yaroslav Halchenko 8add63c733 ENH: anchor roundcube-auth at the beginning as well
12 years ago
Steven Hiscocks 728399c39e Merge pull request #281 from kwirk/dovecot-filter
12 years ago
Daniel Black ab10664b57 ENH: action.d/hostsdeny to take daemon_list arguement as suggested in README.Solaris
12 years ago
Steven Hiscocks 606e97683b BF: jail.conf multiport actions previously using single port iptables
12 years ago
Daniel Black 975999591f ENH/DOC: more realm mismatch errors. Documented filter design criteria
12 years ago
Daniel Black 10e3be857a ENH: apache-auth filter added mod_auth_digest message
12 years ago
Daniel Black 384b72a535 ENH: apache-auth filter - client wrong auth
12 years ago
Daniel Black fce431add8 ENH: add mod_authz_core failures to apache-auth
12 years ago
Daniel Black 6ce41a611d BF: fix filter on apache-auth. Closes #286
12 years ago
Daniel Black 1d6d5a7aae DOC: ChangeLog merge confict
12 years ago
Daniel Black 5412d7336f DOC: ChangeLog confict
12 years ago
Daniel Black 619603fe05 BF: match asterisk InvalidPassword correctly
12 years ago
Steven Hiscocks bfa2b9dec3 ENH: dovecot filter additions for session, time value and blank user
12 years ago
Yaroslav Halchenko 04b8069cee ENH: adjust sendmail-whois 'active' example to have also sendername in it
12 years ago
Alexander Dietrich 2155f6bfa5 Update ChangeLog and jail.conf example
12 years ago
Daniel Black d6dece4900 ENH: Split log and provide jail examples
12 years ago
Alexander Dietrich da594075f3 Move sendmail settings to common file, make sender name configurable
12 years ago
Yaroslav Halchenko e6ebcf6687 Merge branch 'dovecot' of https://github.com/grooverdan/fail2ban
12 years ago
Yaroslav Halchenko f0f237fa05 Merge pull request #269 from grooverdan/asterisk
12 years ago
Daniel Black e6823149a1 ENH: remove non-capturing groups for readibility
12 years ago
Daniel Black aebd24ec54 BF: replace with ed so its cross platform, fixes permission problem gh-266, and Yaroslav doesn't revert to perl
12 years ago
Daniel Black 4777cfd4e7 ENH: split out exim-spam into speparate filter
12 years ago
Yaroslav Halchenko 70ae1ed68b ENH: ban also submission port (587) for all smtp-related jails
12 years ago
Daniel Black ca996ace5e ENH: remove temporary failures from local_scan in line with comments in gh-258
12 years ago
Daniel Black 9757e1df2b ENH: make groupings non-capturing
12 years ago
Daniel Black 72f9e6a51e ENH/TST: more samples and rejection types for sender verify fail and rejected RCPT
12 years ago
Daniel Black 3b76fc79f9 BF: fix dovecot filter for when no TLS is enabled on pop/imap
12 years ago
Steven Hiscocks 1dbba35cd9 Merge branch 'master' into 0.9
12 years ago
Steven Hiscocks 5ca6a9aeb6 Merge branch 'systemd-journal' into 0.9
12 years ago
Daniel Black 0086a7edab ENH: missed a $
12 years ago
Yaroslav Halchenko 1b170b2aef BF: support apache 2.4 more detailed error log format. Close #268
12 years ago
Yaroslav Halchenko 6d331bcbea BF: make colon after [daemon] optional. Close #267
12 years ago
Daniel Black fa7a105483 ENH: filter.d/asterisk - consolidate log prefix regex and add a few fail messages
12 years ago
Yaroslav Halchenko 8487cb2e90 Merge commit '0.8.10-31-g1ab0f0f' into 0.9
12 years ago
Daniel Black 25c3bbfc2f DOC: credits/blame to me for changes to exim
12 years ago
Daniel Black b8cfda68b8 ENH: new exim filter regexs. Also note a begining PID in this format. Thanks to ftoppi for the log entries
12 years ago
Daniel Black d441d61a1e TST/ENH: Improve regex around exim
12 years ago
Yaroslav Halchenko 9d4b613ee4 Merge branch '3proxy' of https://github.com/grooverdan/fail2ban
12 years ago
Yaroslav Halchenko 173fe48e77 Merge branch 'exim' of https://github.com/grooverdan/fail2ban
12 years ago
Yaroslav Halchenko ec629ab4e8 Merge branch 'proftpd' of https://github.com/grooverdan/fail2ban
12 years ago
Yaroslav Halchenko ab2c738b43 Merge branch 'dovecot' of https://github.com/grooverdan/fail2ban
12 years ago
Daniel Black 8cc13b5b40 BF/ENH: Incorrect authentication data doesn't need tailier so that's optional. Also gained log entry for Unrouteable address
12 years ago
Daniel Black a433a8ea5f ENH: readibility thanks to Yaroslav
12 years ago
Yaroslav Halchenko 948be73115 Merge branch 'assp' of https://github.com/grooverdan/fail2ban
12 years ago
Yaroslav Halchenko 09302c5c25 ENH: asterisk -- use \S instead of [^:] + prefix failregex with ^\[
12 years ago
Daniel Black 7018d81244 BF: missed a space
12 years ago
Daniel Black a447aa615d BF: [SSL-out] is optional in assp
12 years ago
Daniel Black d4940563d3 ENH: regex hardening on assp
12 years ago
Daniel Black 6a09ecff5c ENH: anchor a bit mor. Use \d and \w where possible. Escape a literal .
12 years ago
Daniel Black 9940cd1b6b ENH: proftpd chan accept usernames with spaces
12 years ago
Daniel Black dbe7ffe050 ENH: dovecot regexs rewritten and extra failures
12 years ago
Daniel Black 4c67a269bf ENH: proftp regex hardening and log messages
12 years ago
Daniel Black 3e3802512a ENH/BF: exim improvements with sample
12 years ago
Daniel Black 88b4598ed8 BF: fix to proxy port in 3proxy example
12 years ago
Yaroslav Halchenko f6cb981fc0 Merge commit '0.8.10-1-g460e09a' into 0.9
12 years ago
Daniel Black 9dbaec0894 ENH: sample log + more specific regex
12 years ago
Daniel Black 8faf84b7f7 BF: authentication errors end in 01-09 but the beginning part indicates the service as per https://github.com/fail2ban/fail2ban/issues/246#issuecomment-19327955 thanks to ykimon
12 years ago
Yaroslav Halchenko 6ccd57813c BF: anchor apache- filters. Close #248
12 years ago
Daniel Black fd9f9f16e0 BF: need to anchor the start to avoid another repeat of DoS injection like Apache
12 years ago
Daniel Black f2fa4d53a8 ENH: stricter regex thanks to Steven Hiscocks (kwirk)
12 years ago
Daniel Black 16d63434ef DOC: credits
12 years ago
Carlos Alberto Lopez Perez 47b063b022 Filter Asterisk: Add AUTH_UNKNOWN_DOMAIN error to list
12 years ago
Daniel Black 05c88bd85d ENH: purge a few more .*
12 years ago
Daniel Black 4cf402d60e ENH/BF: constrain regex. Fix ACL error regex
12 years ago
Daniel Black 0f7b609336 ENH: port optional
12 years ago
Daniel Black 278fd43429 Merge branch 'patch-1' of https://github.com/silviogarbes/fail2ban into asterisk-227
12 years ago
Yaroslav Halchenko a3161f59fa Merge commit '0.8.9-13-g39d32e0' into 0.9
12 years ago
Steven Hiscocks 49261925d7 ENH: Add new regex for locked accounts for sshd
12 years ago
Terence Namusonge 244a96f9b3 fixed failregex line for roundcube 0.9+
12 years ago
Yaroslav Halchenko d2b1c73b92 CFG: assure actions for all the jails
12 years ago
Yaroslav Halchenko 89e06bba15 BF: blocktype must be defined within [Init] -- adding [Init] section. Close #232
12 years ago
silviogarbes 5c8fb68a2c Update asterisk.conf
12 years ago
Yaroslav Halchenko f5a8a8ac7c Release 0.8.9
12 years ago
Yaroslav Halchenko 90b8433ac5 DOC: inline commends with ';' are in effect only if ';' follows as space
12 years ago
Steven Hiscocks f7d328195f NF: Add systemd journal backend
12 years ago
Yaroslav Halchenko f1b6806eb4 Merge branch 'master' into 0.9
12 years ago
Yaroslav Halchenko 2b1e19933f Merge branch 'master' of git://github.com/fail2ban/fail2ban
12 years ago
Yaroslav Halchenko 976a65bb89 Merge branch 'bsd_logs' of https://github.com/grooverdan/fail2ban
12 years ago
Yaroslav Halchenko 5accc10a47 Merge pull request #206 from grooverdan/bsd_ipfw
12 years ago
Yaroslav Halchenko 0ae49ab11e Merge branch 'bsd_pf' of https://github.com/grooverdan/fail2ban
12 years ago
Yaroslav Halchenko e85914cef8 Merge pull request #215 from grooverdan/reject_no_drop_by_default
12 years ago
Daniel Black 9c03ee6d9e ENH: consolidate where blocktype is defined for iptables rules
12 years ago
Daniel Black c7fd777966 BF: default type to unreachable
12 years ago
Daniel Black de56347619 ENH: separate out regex and escape a .
12 years ago
Yaroslav Halchenko e7cb0f8b8c ENH: filter.d/sshd.conf -- allow for trailing "via IP" in logs
12 years ago
Yaroslav Halchenko 2143cdff39 Merge: opensolaris docs/fixes, no 'sed -i' in hostsdeny, sshd regex tuneups
12 years ago
Yaroslav Halchenko 822a01018f Merge pull request #205 from grooverdan/bsd_ssh
12 years ago
Daniel Black 3b4a7b7926 ENH: add blocktype to all relevant actions. Also default the rejection to a ICMP reject rather than a drop
12 years ago
Daniel Black aa52743f52 DOC: add jail.conf entry for pf
12 years ago
Daniel Black 0c5a9c53e1 ENH: pf action thanks to Nick Hilliard <nick@foobar.org>.
12 years ago
Daniel Black b6d0e8ad9c ENH: add ipfw rule for bsd using the tables.
12 years ago
Daniel Black 40c56b10a0 EHN: enhance sshd filter for bsd.
12 years ago
Daniel Black b3bd877d23 BF: change common.conf to handle formats of syslog -v and syslog -vv in BSD
12 years ago
Daniel Black 495f2dd877 DOC: purge of svn tags
12 years ago
Yaroslav Halchenko 89adcd7ff7 Merge branch PR #193 ASSP SMTP Proxy support (with some manual squashing)
12 years ago
Enrico Labedzki 36b0d78ff8 tight control of the filter for ASSP
12 years ago
Enrico Labedzki 07aee8cd33 as daniel desires
12 years ago
Enrico Labedzki 24a8d07c20 added new date format support for ASSP SMTP Proxy
12 years ago
Yaroslav Halchenko b65205d4ad Merge branch 'master' into 0.9
12 years ago
Steven Hiscocks f196709be1 ENH: Update asterisk example jail.conf entry for multiaction
12 years ago
jamesstout 3367dbd987 ENH: fail message matching for OpenSolaris and OS X
12 years ago
jamesstout d2a9537568 ENH: extra daemon info regex
12 years ago
jamesstout b7795addd0 ENH: actionunban back to a sed command
12 years ago
Daniel Black 945ad3d9e6 BF: ensure dates in email are in the C locale. Thanks iGeorgeX
12 years ago
Daniel Black 0ac8746d05 ENH: Account for views in named filter. By Romain Riviere in gentoo bug #259458
12 years ago
Yaroslav Halchenko 62602a9ed0 Revert "ENH: by default enable a single jail -- sshd"
12 years ago
Yaroslav Halchenko 1d72a8265d Merge branch '0.9' into _tent/jail.conf
12 years ago
Yaroslav Halchenko 2a48b0ab54 Merge branch 'master' into 0.9
12 years ago
Yaroslav Halchenko 22f04677b6 BF: usedns deals with forward (not reverse) DNS lookups (thanks Steven Hiscocks)
12 years ago
Yaroslav Halchenko 87bac37139 ENH: default port to all ports (0:65535) + remove where thus not needed + typos
12 years ago
Yaroslav Halchenko f4a74d8d8b RF: rename/unify naming of courier filters/jails
12 years ago
Yaroslav Halchenko 47a62b6072 ENH: by default enable a single jail -- sshd
12 years ago
Yaroslav Halchenko 3ba540eca3 ENH+BF: use %(__name__) by default for filter, defined enabled = false by DEFAULT
12 years ago
Yaroslav Halchenko 24e4cfe1b7 Merge branch '0.9' into _tent/jail.conf
12 years ago
Yaroslav Halchenko 698c74d9ed Merge commit '0.8.8-212-gf6f30f1' into 0.9
12 years ago
jamesstout 10fcfb925d Extra patterns for Solaris
12 years ago
jamesstout de98e3dabd change sed to perl for Solaris
12 years ago
Steven Hiscocks 9672e44d39 ENH: Move jail `maxlines` to filter config
12 years ago
Daniel Black 41b9f7b6ac BF: filter.d/sshd "Did not receive identification string" relates to an exploit so document this in sshd-ddos.conf but leave it out of authentication based blocks in sshd.conf
12 years ago
Yaroslav Halchenko 4665ac6b27 RF: jail.conf with entries from Debian's copy and changing existing ones to conform the "template"
12 years ago
Yaroslav Halchenko 9a14cf8b7b Merge branch 'master' into 0.9
12 years ago
Yaroslav Halchenko 4869186c8f Merge branch 'py3' of https://github.com/kwirk/fail2ban into 0.9
12 years ago
Yaroslav Halchenko f5572c8ade Merge pull request #173 from kwirk/maxlines
12 years ago
Steven Hiscocks 4d80fad874 ENH+DOC: Add Guacamole filter, example log and jail
12 years ago
Daniel Black 32d10e904a ENH: more openssh fail messages from openssh source code (CVS 20121205)
12 years ago
Steven Hiscocks 183cfa6e00 ENH: Default maxlines value in jail.conf, and verify value is int >0
12 years ago
Steven Hiscocks fa0f8f9e6d Merge branch '0.9' into py3
12 years ago
Yaroslav Halchenko 59192a5585 Merge remote-tracking branch 'github_kwirk_fail2ban/pidfile'
12 years ago
Yaroslav Halchenko 99a5d78e37 ENH: for consistency (and future expansion ;)) -- rename to mysqld-auth
12 years ago
Yaroslav Halchenko ffaa9697ee Adjusting previous PR (MySQL logs) according to my comments
12 years ago
Yaroslav Halchenko 3e6be243bf Merge branch 'Support_for_mysql_log_example' of https://github.com/arto-p/fail2ban
12 years ago
Steven Hiscocks 77aa523f22 Merge branch 'master' into py3
12 years ago
Yaroslav Halchenko 72b06479a5 ENH: Slight tune ups for fresh SOGo filter + comment into the sample log file
12 years ago
Yaroslav Halchenko 105306e1a8 Merge remote-tracking branch 'pr/117/head' -- SOGo filters
12 years ago
Yaroslav Halchenko 91d5736c12 ENH: postfix filter -- react also on (450 4.7.1) with empty from/to. fixes #126
12 years ago
ArndRa bba3fd8568 Update sogo-auth.conf
12 years ago
Artur Penttinen 29d0df58be Added support for MySQL logfiles
12 years ago
Daniel Black 67544d1dd6 DOC: tags are documented in the jail.conf(5) man page
12 years ago
Yaroslav Halchenko 5e5eaaf838 Merge pull request #134 from grooverdan/misc-fixes
12 years ago
Pascal Borreli a2b29b4875 Fixed typos
12 years ago
Daniel Black a0f088be25 ENH: typo + head -1 has been deprecated for 10+ years.
12 years ago
Steven Hiscocks 66367876bb Add ability to set log encoding for jail
12 years ago
Yaroslav Halchenko a8bd9c20a0 Merge branch 'master' of git://github.com/fail2ban/fail2ban
12 years ago
Yaroslav Halchenko d5ae28facf Merge pull request #104 from gebi/t/route
12 years ago
Steven Hiscocks 294f073741 Typo in default pidfile in fail2ban.conf
12 years ago
Steven Hiscocks ce3ab34dd8 Added ability to specify PID file
12 years ago
Daniel Black 47b1ee39d8 add blocking type
12 years ago
Yaroslav Halchenko 8cf006827e BF: remove path from grep call in sendmail-whois-lines.conf Closes: gh-118
12 years ago
ArndRa 6cd358ee95 Update config/filter.d/sogo-auth.conf
12 years ago
ArndRa 35bf84abad Create sogo-auth.conf
12 years ago
ArndRa 52f952e645 Update config/jail.conf
12 years ago
Yaroslav Halchenko 5f2d3832f7 NF: roundcube-auth filter (to close Debian #699442, needing debian/jail.conf section)
12 years ago
Orion Poplawski bb7628591c Update config/filter.d/sshd.conf
12 years ago
Yaroslav Halchenko 9a39292813 ENH: Added login authenticator failed regexp for exim filter
12 years ago
Yaroslav Halchenko b3d8ba146b DOC: Mention that logrotate configuration needs to be adjusted if logtarget is changed (Closes: #697333)
12 years ago
Michael Gebetsroither 03433f79cd add example jail.conf for blocking through blackhole routes for ssh
12 years ago
Michael Gebetsroither f9b78ba927 add support for blocking through blackhole routes
12 years ago
Daniel Black da0ba8ab4c ENH: add example jail for ipset
12 years ago
Daniel Black 9221886df6 more documentation and optimisations/fixes based on testing
12 years ago
Daniel Black abd5984234 base ipset support
12 years ago
pigsyn f336d9f876 Update config/filter.d/webmin-auth.conf
12 years ago
pigsyn dc67b24270 Update config/filter.d/webmin-auth.conf
12 years ago
Yaroslav Halchenko 3969e3f77b ENH: dovecot.conf - require space(s) before rip/rhost log entry
12 years ago
hamilton5 266cdc29a6 Update config/filter.d/dovecot.conf
12 years ago
hamilton5 e040c6d8a3 Update config/filter.d/dovecot.conf
12 years ago
hamilton5 7ede1e8518 Update config/filter.d/dovecot.conf
12 years ago
Yaroslav Halchenko fc27e00290 ENH: tune up sshd-ddos to use common.conf and allow training spaces
12 years ago
Yaroslav Halchenko 6ecf4fd80a Merge pull request #64 from sourcejedi/remove_sshd_rdns
12 years ago
Mark McKinstry 95de9c1a97 add support for the APF firewall
12 years ago
Yaroslav Halchenko 282724a7f9 ENH: join both failregex for lighttpd-auth into a single one
12 years ago
François Boulogne 958a1b0a40 Lighttpd: support auth.backend = "htdigest"
12 years ago