Daniel Black
868a4ea470
ENH: full abusix disclaimer in action xarf-login-attack
2013-12-14 21:18:20 +00:00
Daniel Black
9fe0a69852
ENH: add firewallcmd-ipset
2013-12-14 09:06:01 +00:00
Daniel Black
4ffc57e14f
ENH: simplify firewallcmd-new actioncheck and provide output samples
2013-12-14 07:11:29 +00:00
Daniel Black
ed816afbcd
ENH: add badips action
2013-12-14 01:41:28 +00:00
Daniel Black
1ff52dfe4d
DOC: document ufw a bit more. Change insertpos default to 1 to allow it to work if the user run ufw enable
2013-12-14 00:40:47 +00:00
Daniel Black
f35345ecaa
ENH: add ufw action based off Guilhem Lettron's work in lp-#701522. Closes gh-455
2013-12-14 00:34:12 +00:00
Daniel Black
13ccebe78f
BF: fix actioncheck in firewallcmd
2013-12-13 23:40:51 +00:00
Steven Hiscocks
0bcff771b8
ENH: Add <ipmatches> and <ipjailmatches> tags
...
Example use filter also added for sendmail-whois with ipmatches rather
than grepped lines
2013-12-13 22:40:11 +00:00
Daniel Black
f385439a41
MRG: ChangeLog merge
2013-12-09 09:28:42 +11:00
Daniel Black
36917d7517
BF: action.d/complain - match IP at beginning and end of lines
2013-12-09 09:21:55 +11:00
Daniel Black
135c759dbb
Merge pull request #477 from kwirk/blocklist.de
...
ENH: Added blocklist.de reporting API action
2013-12-06 16:16:39 -08:00
Steven Hiscocks
630dd91dcd
BF: Add [Init] section to blocklist.de action
2013-12-07 00:09:31 +00:00
Steven Hiscocks
b3c173795e
ENH: blocklist.de action error on HTTP response code 4xx
2013-12-06 08:22:21 +00:00
Daniel Black
51f2619878
Merge pull request #473 from grooverdan/whois-missing
...
ENH: Whois missing in actions? Include output to say so
2013-12-05 12:44:35 -08:00
Steven Hiscocks
a19b33cc72
ENH: blocklist.de action added fail2ban version as user agent
2013-12-05 18:12:15 +00:00
Steven Hiscocks
f742ed0e4b
DOC: when to use blocklist.de reporting
...
Taken from commit 1846056606
2013-12-05 18:06:53 +00:00
Steven Hiscocks
e810ec009d
ENH: Added blocklist.de reporting API action
2013-12-05 08:22:20 +00:00
Daniel Black
4dc51e5def
BF: put notice in email if whois program could not provide more information. Closes gh-471
2013-12-04 22:43:06 +11:00
Daniel Black
97d7f46bb7
DOC: correct grammar - s/Here are more information/Here is more information/
2013-12-04 22:40:48 +11:00
Daniel Black
8aead9ab79
BF: escape quotes when splitting addresses for xarf
2013-12-04 08:19:05 +11:00
Daniel Black
1846056606
DOC: when to use xarf messages to network owner
2013-12-03 20:40:42 +11:00
Daniel Black
8c37d2e4de
ENH: remove dependency on querycontacts
2013-12-03 20:34:21 +11:00
Daniel Black
dd356c3cef
BF: fixed for sendmail and tested the MTA aspects of this action
2013-12-01 19:08:28 +11:00
Daniel Black
9df5f4eec8
BF: remove debugging tee command on xarf-login-attack
2013-12-01 17:53:34 +11:00
Daniel Black
d015f7f4fc
BF/ENH: fixed so xarf-login-attack works
2013-12-01 17:49:35 +11:00
Daniel Black
0495aa098e
BF: grep matches on <ip> shouldn't include other IPs
2013-11-30 18:01:45 +11:00
Daniel Black
95845b7b65
BF: complain action could match too many IP addresses
2013-11-30 17:47:10 +11:00
Daniel Black
5cc7173fd4
ENH: add xarf email sender for login-attack type
2013-11-30 14:16:26 +11:00
Daniel Black
56b6bf7d25
ENH: reduce firewalld-cmd-new -> firewallcmd-new
2013-11-30 10:30:29 +11:00
Daniel Black
86a0a5962a
BF: revert to fail2ban- prefix as f2b- was intended for 0.9
2013-11-30 08:05:20 +11:00
Daniel Black
9e53892708
BF: did remove instead of move
2013-11-29 19:26:24 +11:00
Daniel Black
af4feb0c92
Actions to have f2b- as prefix instead of fail2ban- as per #462
2013-11-29 19:08:38 +11:00
Daniel Black
fb666b69ff
BF: firewall-cmd-direct-new was too long. Thanks Joel.
2013-11-28 23:35:05 +11:00
Daniel Black
dc154c792e
BF: add init section with name for action.d/apf. Closes #398
2013-11-25 08:08:20 +11:00
Daniel Black
87f68d7564
firewalld-0.3.8 release that support --remove-rules out so documenting this.
2013-11-06 11:37:56 +11:00
Daniel Black
5eddd5d12d
DOC: document required firewalld version as > 0.3.7.1
2013-10-31 09:10:59 +11:00
Daniel Black
8ac6081555
ENH: fix to use upstream --remove-rules
...
https://fedorahosted.org/firewalld/ticket/10
2013-10-31 01:23:00 +11:00
Daniel Black
c2b76d1fd0
Merge pull request #397 from yarikoptic/_enh/unify_default_strings
...
DOC: enh/unify "Default:" strings
2013-10-22 04:36:41 -07:00
Daniel Black
b4cbf82912
DOC: remove Default: on action firewall-cmd-direct-new
2013-10-15 08:34:42 +11:00
Yaroslav Halchenko
4149c7495d
Options in actions to be specified in jails have no "Default"s besides those specified in the files -- thus removing from comments
2013-10-14 16:29:16 -04:00
Daniel Black
f1bb08aa6a
ENH: base blocktype off iptables-blocktype.conf for firewall-cmd-direct-new.conf like other iptables based actions
2013-10-14 23:06:38 +11:00
Daniel Black
12f7ea7ec4
DOC: remove excessive comments from firewall-cmd-direct-new
2013-10-14 22:39:38 +11:00
Daniel Black
0d8d1ae26c
ENH: new action.d/firewall-cmd-direct-new.conf from Redhat Bugzilla #979622
2013-10-14 22:36:01 +11:00
Daniel Black
1a5e17f2a3
BF: use blocktype for iptables-ipset-proto6*
2013-10-09 11:59:16 +11:00
Daniel Black
dcb845f17c
ENH: add iptables-ipset-proto6-allports for blocking all ports
2013-10-09 11:57:35 +11:00
Daniel Black
e12d389c65
MRG/DOC: jail.conf resolution, ChangeLog fixes
2013-09-29 08:21:13 +10:00
Mark McKinstry
b6bf26c9f2
dont' need to set a default name
2013-09-25 18:37:22 -04:00
Mark McKinstry
2668adc896
Merge branch 'master' of github.com:fail2ban/fail2ban
2013-09-25 17:54:38 -04:00
Mark McKinstry
1af4543aca
ability to name the jail that banned the IP with apf
2013-09-25 17:52:34 -04:00
Mark McKinstry
dd9ee4c39a
quotes around the comment put in apf's deny_hosts.rules file
2013-09-25 17:51:25 -04:00
Mark McKinstry
e64493c328
use human readable/longer options when banning and un-banning IPs with apf
2013-09-25 16:44:10 -04:00
Mark McKinstry
c692912a82
don't hardcode absolute path for apf firewall
2013-09-25 16:38:45 -04:00
Mark McKinstry
66aff43d68
remove un-needed '$' line
2013-09-25 16:37:58 -04:00
Beau Raines
060bd45295
ENH - Added server name to subject line in email notifications
...
This is useful when fail2ban is running on multiple servers and
keeping the notifictions separate and knowing which machine is "under
attack".
2013-09-08 15:21:58 -07:00
Daniel Black
ad291d7e38
Merge pull request #346 from grooverdan/bsd-ipfw-default-unreach-port
...
BF: action.d/bsd-ipfw - use blocktype instead of unused action for icmp ...
2013-09-04 16:18:19 -07:00
Daniel Black
4face1f3e7
MRG: resolve conficts in action.d/osx-ipfw design
2013-09-05 09:07:10 +10:00
Andy Fragen
d258a51a23
after some research it looks like setting to unreachable better than deny
2013-09-04 11:28:03 -07:00
Andy Fragen
fe557e5900
more specific actionunban
2013-09-01 13:09:51 -07:00
Andy Fragen
a4884f82cd
add mods from grooverdan and fix actionunban
...
actionunban still not working in grooverdan's mod. I made this one grep both <ip> and <port>. It should be more specific if the same <ip> is banned on multiple ports.
2013-08-31 08:39:19 -07:00
Daniel Black
f2bcf84893
BF: action.d/bsd-ipfw - use blocktype instead of unused action for icmp rejecting blocked packets
2013-08-31 11:40:04 +10:00
Daniel Black
749f215089
ENH: port optional
2013-08-31 11:07:15 +10:00
Daniel Black
8b22fa15b5
BF: reverted to simplier random rulenum. If your machine is handling 1000s of block the addition complexity isnt what you want
2013-08-31 11:03:01 +10:00
Daniel Black
b31799a322
ENH: add action.d/osx-afctl anonymously contributed on f2b wiki
2013-08-31 10:51:04 +10:00
Daniel Black
5741348f45
ENH: more options and ruggedness to prevent unintensional consequences
2013-08-31 09:38:18 +10:00
Daniel Black
52bd0f86a8
Merge branch 'osx-ipfw' of https://github.com/afragen/fail2ban into osx
2013-08-31 09:09:04 +10:00
Daniel Black
7cc3e8a8c0
BF: Invert expression on actionstop in bsd-ipfw.conf to ensure exit status 0 on success. Closes gh-343
2013-08-31 08:59:02 +10:00
Andy Fragen
ef504c869f
added osx specific ipfw action with random rulenum
2013-08-26 16:06:23 -07:00
Daniel Black
6a36ff1a4a
BF: order mailx arguments with dest email address last - redhat bugzilla 998020. Closes gh-328
2013-08-19 22:36:58 +10:00
Orion Poplawski
31a78b2711
Use /var/run/fail2ban in config/action.d/dummy.conf
2013-08-08 20:41:44 -06:00
Daniel Black
ab10664b57
ENH: action.d/hostsdeny to take daemon_list arguement as suggested in README.Solaris
2013-07-14 16:20:21 +10:00
Daniel Black
1d6d5a7aae
DOC: ChangeLog merge confict
2013-07-09 08:41:28 +10:00
Alexander Dietrich
da594075f3
Move sendmail settings to common file, make sender name configurable
2013-07-02 20:30:41 +02:00
Daniel Black
aebd24ec54
BF: replace with ed so its cross platform, fixes permission problem gh-266, and Yaroslav doesn't revert to perl
2013-07-02 20:09:27 +10:00
Yaroslav Halchenko
89e06bba15
BF: blocktype must be defined within [Init] -- adding [Init] section. Close #232
2013-05-24 11:15:46 -04:00
Yaroslav Halchenko
5accc10a47
Merge pull request #206 from grooverdan/bsd_ipfw
...
NF: BSD ipfw
2013-05-08 07:24:56 -07:00
Yaroslav Halchenko
0ae49ab11e
Merge branch 'bsd_pf' of https://github.com/grooverdan/fail2ban
...
* 'bsd_pf' of https://github.com/grooverdan/fail2ban :
BF: missed MANIFEST include
DOC: add jail.conf entry for pf
DOC: credit for pf action. Origin: http://svnweb.freebsd.org/ports/head/security/py-fail2ban/files/patch-pf.conf?view=log
ENH: pf action thanks to Nick Hilliard <nick@foobar.org>.
Conflicts:
ChangeLog
2013-05-08 10:24:01 -04:00
Yaroslav Halchenko
e85914cef8
Merge pull request #215 from grooverdan/reject_no_drop_by_default
...
ENH: add blocktype to all relevant actions and change default action to reject
2013-05-08 07:20:14 -07:00
Daniel Black
9c03ee6d9e
ENH: consolidate where blocktype is defined for iptables rules
2013-05-08 07:52:08 +10:00
Daniel Black
c7fd777966
BF: default type to unreachable
2013-05-08 07:31:31 +10:00
Yaroslav Halchenko
2143cdff39
Merge: opensolaris docs/fixes, no 'sed -i' in hostsdeny, sshd regex tuneups
...
Origin: from https://github.com/jamesstout/fail2ban
* 'OpenSolaris' of https://github.com/jamesstout/fail2ban :
ENH: Removed unused log line
BF: fail2ban.local needs section headers
ENH: Use .local config files for logtarget and jail
ENH+TST: ssh failure messages for OpenSolaris and OS X
ENH: fail message matching for OpenSolaris and OS X
ENH: extra daemon info regex
ENH: actionunban back to a sed command
Readme for config on Solaris
create socket/pid dir if needed
Extra patterns for Solaris
change sed to perl for Solaris
Conflicts:
config/filter.d/sshd.conf
2013-05-06 11:11:12 -04:00
Daniel Black
3b4a7b7926
ENH: add blocktype to all relevant actions. Also default the rejection to a ICMP reject rather than a drop
2013-05-05 15:43:18 +10:00
Daniel Black
0c5a9c53e1
ENH: pf action thanks to Nick Hilliard <nick@foobar.org>.
2013-05-03 16:34:54 +10:00
Daniel Black
b6d0e8ad9c
ENH: add ipfw rule for bsd using the tables.
2013-05-03 16:31:45 +10:00
Daniel Black
495f2dd877
DOC: purge of svn tags
2013-05-03 16:03:38 +10:00
jamesstout
b7795addd0
ENH: actionunban back to a sed command
...
per https://github.com/fail2ban/fail2ban/pull/182#discussion_r3999128
2013-04-30 04:10:32 +08:00
Daniel Black
945ad3d9e6
BF: ensure dates in email are in the C locale. Thanks iGeorgeX
2013-04-29 14:10:23 +10:00
jamesstout
de98e3dabd
change sed to perl for Solaris
2013-04-21 07:29:48 +08:00
Daniel Black
67544d1dd6
DOC: tags are documented in the jail.conf(5) man page
2013-03-17 10:52:49 +11:00
Yaroslav Halchenko
5e5eaaf838
Merge pull request #134 from grooverdan/misc-fixes
...
BF: fail2ban client can't handle multi word setcinfo or action[*] values
2013-03-10 18:01:17 -07:00
Pascal Borreli
a2b29b4875
Fixed typos
2013-03-10 22:05:33 +00:00
Daniel Black
a0f088be25
ENH: typo + head -1 has been deprecated for 10+ years.
2013-03-10 16:28:45 +11:00
Yaroslav Halchenko
d5ae28facf
Merge pull request #104 from gebi/t/route
...
add support for blocking through blackhole routes
2013-02-18 08:01:34 -08:00
Daniel Black
47b1ee39d8
add blocking type
2013-02-17 12:44:15 +11:00
Yaroslav Halchenko
8cf006827e
BF: remove path from grep call in sendmail-whois-lines.conf Closes: gh-118
2013-02-12 08:48:05 -05:00
Michael Gebetsroither
f9b78ba927
add support for blocking through blackhole routes
2013-01-03 18:46:31 +01:00
Daniel Black
9221886df6
more documentation and optimisations/fixes based on testing
2012-12-31 14:31:37 +11:00
Daniel Black
abd5984234
base ipset support
2012-12-31 14:31:37 +11:00
Mark McKinstry
95de9c1a97
add support for the APF firewall
2012-10-18 11:17:04 -04:00
Yaroslav Halchenko
2a225aa6ee
Added a warning within "complaint.conf" action about care with enabling it
2012-08-13 23:03:52 -04:00
Yaroslav Halchenko
80b191c7fd
BF: anchor chain name in actioncheck's for iptables actions ( Closes : #672228 )
2012-07-31 15:27:05 -04:00