github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
3,677 Commits
33 Branches
229 Tags
20 MiB
Commit Graph

3677 Commits (e07a8cda07c8b3c3e9ab6ed304ac547fcbff986c)

Author SHA1 Message Date
Serg G. Brester e07a8cda07 Update jail.conf 
Documentation of parameters for action blocklist_de, closes gh-1940
 2017-10-27 15:26:17 +02:00
Serg G. Brester 0aeb91d1e2 Merge pull request #1929 from miken32/patch-1 
Remove invalid (vulnerable) regex using IP from foreign input (not the originator).
 2017-10-18 18:54:43 +02:00
Serg G. Brester d81405adbc Update ChangeLog 
typo
 2017-10-18 18:52:55 +02:00
Serg G. Brester b6ab0aa83f Update ChangeLog 
more detailed entry
 2017-10-18 18:52:12 +02:00
Michael Newton 894a05b843 Update ChangeLog 2017-10-18 09:26:51 -07:00
Michael Newton 3f715e8577 Remove tests 2017-10-17 14:46:11 -07:00
Michael Newton d5d1fe679f Remove invalid regex 
Resolves #1927
 2017-10-17 14:44:23 -07:00
Serg G. Brester c42dd6941c Merge pull request #1921 from harry-wood/patch-1 
typo
 2017-10-16 10:50:11 +02:00
Harry Wood ea1b663f85 typo 
spell "positive" (...but also somebody should finish this sentence)
 2017-10-16 01:15:58 +01:00
sebres ea36e1b3fc filter.d/dovecot.conf: fixed failregex to recognize pam_authenticate failures with "Permission denied" (gh-1897) 2017-10-04 09:55:37 +02:00
sebres a2120a9de5 filter.d/postfix-*.conf - added optional port regex (closes gh-1902) 2017-10-02 15:31:55 +02:00
Serg G. Brester 983b128c54 Update ChangeLog 
several fixes of 0.9th branch
 2017-09-08 11:07:48 +02:00
Serg G. Brester bb97e66627 Merge pull request #1882 from coderua/patch-1 
Add Jorgee Vulnerability Scanner protect
 2017-09-07 15:52:31 +02:00
Serg G. Brester 99a9a9136e Merge pull request #1887 from fail2ban/exim-gh-1886 
filter.d/exim.conf: fixed failregex for case of flood attempts with `D=0s`
 2017-09-07 15:47:20 +02:00
Serg G. Brester db121a6f85 Update exim 
Test case covers flood attempts with `D=0s`
 2017-09-07 15:32:35 +02:00
Serg G. Brester 2cd02b731b filter.d/exim.conf: fixed failregex for case of `D=0s` 
Closes gh-1886
 2017-09-07 15:28:46 +02:00
sebres 4bc226a692 optimized regex 2017-09-05 10:59:16 +02:00
Vladimir Chumak fafefc0293 Add Jorgee Vulnerability Scanner protect 
Details for Jorgee Vulnerability Scanner: https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=30164
 2017-09-05 10:56:43 +02:00
sebres acd9e8155b Merge pull request #1376 from j-marz/master: 
Added ZoneMinder filter
 2017-09-04 11:52:10 +02:00
sebres 4163f32968 small review, prefix replaced with `%(_apache_error_client)s` from apache-common.conf include 2017-09-04 11:48:01 +02:00
john ac95449bbb changed zoneminder regex as per Sebres and yarikoptic recommendations 2017-09-04 11:37:09 +02:00
john 7013729a1f removed redundant options for zoneminder from jail.conf 2017-09-04 11:37:05 +02:00
john 5c3a666380 fixed incomplete regex after adding anchors 2017-09-04 11:37:03 +02:00
john 3d45fd2713 implemented yarikoptic's suggestions in fail2ban pull request #1376 2017-09-04 11:37:00 +02:00
john 776d463e92 added missing colon to failJSON 2017-09-04 11:36:58 +02:00
john 4d8ba7b668 fixed test log file 2017-09-04 11:36:55 +02:00
john 44c4496e49 added sample log files 2017-09-04 11:36:53 +02:00
john 08878d22dd added zoneminder.conf filter 2017-09-04 11:36:50 +02:00
john a90f6c4ae8 added zoneminder jail and filter 
# Conflicts:
#	config/jail.conf
 2017-09-04 11:36:47 +02:00
sebres c312962029 filter.d/dovecot.conf: partially cherry-pick to 0.9 PR #1880 from sebres/0.10-fix-dovecot-regex (d926e11a5c) 
fixed failregex (without new mode aggressive)
 2017-09-01 10:57:41 +02:00
Serg G. Brester a287d0a05c Merge pull request #1872 from kmzby/master 
Added filter for phpMyAdmin+syslog
 2017-08-25 12:22:58 +02:00
Pavel Mihadyuk 4c1abe1cbf phpmyadmin-syslog: removed excess file, fixed test, updated failregex 2017-08-23 16:56:18 +03:00
Pavel Mihadyuk d09304b897 phpmyadmin-syslog: added default jail config 2017-08-22 19:00:48 +03:00
Pavel Mihadyuk 41994fcb56 Added filter for phpMyAdmin+syslog (>=4.7.0) 2017-08-22 18:46:40 +03:00
Pavel Mihadyuk 5b4bc2aafd Added filter for phpMyAdmin+syslog (>=4.7.0). Closes #1713 2017-08-22 18:20:01 +03:00
Serg G. Brester 124e5587c6 Merge pull request #1869 from sebres/fix-gh-1389 
action.d/bsd-ipfw.conf: replace not posix-compliant grep option
 2017-08-18 15:43:05 +02:00
Serg G. Brester b0e5efb631 bsd-ipfw.conf: sh-compliant redirect of stderr together with stdout 2017-08-18 15:26:09 +02:00
sebres 3be32adefb Replace not posix-compliant grep option: fgrep with `-q` option can cause 141 exit code in some cases (see gh-1389). 2017-08-18 14:37:29 +02:00
Serg G. Brester c540217844 Update ChangeLog 
action.d/cloudflare.conf - Cloudflare API v4 implementation (gh-1651)
 2017-08-09 16:34:37 +02:00
Serg G. Brester c0eb7752a8 Merge pull request #1651 from szepeviktor/patch-9 
Introduce Cloudflare API v4
 2017-08-09 16:28:52 +02:00
Serg G. Brester 2ed8a38eca Update cloudflare.conf 
Switch to API v1 to API v4 per default
 2017-08-09 16:27:53 +02:00
Serg G. Brester da7072d40e Merge pull request #1846 from Chocobozzz/patch-3 
Fix empty logfile.log in xarf login attack action
 2017-08-09 16:21:47 +02:00
Serg G. Brester af25a9d203 Merge pull request #1566 from opoplawski/journalmatch 
Add sendmail journalmatch options
 2017-08-09 16:14:10 +02:00
Orion Poplawski 84f552881c Add sendmail journalmatch options 2017-08-09 16:03:34 +02:00
sebres 5c538fb658 Recognize "unknown user" for additional auth-methods (pam, passwd-file, ldap, sql, etc); simplifying regular expressions (put "unknown user" and "invalid credentials" together as one regex). 2017-08-07 18:04:09 +02:00
Bigard Florian f4551d02c9 Fix empty logfile.log in xarf login attack action 
Fix empty 3rd MIME part which contains the attack evidence (logfile.log).
 2017-07-25 13:44:29 +02:00
Serg G. Brester babb76cb3c Merge pull request #1839 from sebres/asterisk-patch 
Asterisk improvements
 2017-07-19 08:50:05 +02:00
sebres a5b62a7f36 failregex extended and simplified (partially ported from gh-1409). 2017-07-18 16:34:22 +02:00
sebres 098abae4e6 Remove greedy catch-all before `<HOST>`, make regex more universal, fewer prone to errors (should avoid future changes, if some optional parameters coming again before/after `RemoteAddress`) + non-captured groups now. 
Test for possible injection (5.6.7.8 in session-id) already available, line 59 (thus already covered).
 2017-07-18 16:09:53 +02:00
sebres 2ea22b9d30 test coverage for gh-1427 2017-07-18 15:46:53 +02:00