1894 Commits (e2ede1a43e7bda87a7ee8e169e0a617c99cc4e50)

Author	SHA1	Message	Date
Sergey G. Brester	eed319e896	gh-3604: filter.d/slapd.conf - switched to single-line processing ... closes gh-3604	2023-10-18 16:06:56 +02:00
Sergey G. Brester	183f805ae3	amend	2023-10-16 11:41:05 +02:00
Sergey G. Brester	7931b67325	mysqld-auth.conf: better RE, optional suffix, non-capturing groups	2023-10-16 11:35:53 +02:00
Aliaksandr Yurchyk	c55e9949dc	Fix issue with Mariadb 10.3 failed message	2023-10-16 01:35:15 +03:00
Sergey G. Brester	f8f8c046a2	Merge pull request #3469 from vitkabele/routeros-auth ... New filter: routeros-auth.conf	2023-09-02 18:56:04 +02:00
nodiscc	77f80e8c3f	action.d/*ipset*: make maxelem ipset option configurable through banaction arguments ... - previously there was no way to override this value and ipsets would stop being updated when full (Hash is full, cannot add more elements) - preserve ipset's default value of 65536 - update tests - Closes #3549	2023-08-23 12:19:07 +02:00
sebres	99ff701678	remove support of python 2.x	2023-06-16 16:29:08 +02:00
sebres	eebef0089c	avoid double counting for "maximum authentication attempts exceeded" ("Disconnecting ..." is no failure anymore, now it's helper only); ... closes gh-3485	2023-06-13 18:49:26 +02:00
Sergey G. Brester	66e195b0f3	jail.conf: comment only (time abbr format), no function changes ... closes gh-3522	2023-06-10 14:15:52 +02:00
Sergey G. Brester	809b904106	filter.d/exim.conf: fixes "dropped: too many ..." regex and also matches unrecognized commands new vector	2023-04-24 15:40:53 +02:00
Sergey G. Brester	e73748c442	Merge branch 'master' into mikrotik	2023-04-13 19:09:00 +02:00
Sergey G. Brester	9cbf59c827	anchored datepattern and added journalmatch (if monitoring systemd journal)	2023-03-23 12:16:13 +01:00
Sergey G. Brester	2c0360d178	Merge branch 'master' into nginx-forbidden	2023-03-23 12:01:50 +01:00
Sergey G. Brester	c7f8b75e7e	action.d/cloudflare-token.conf: fixes #3479, url-encode args by unban	2023-03-15 15:03:48 +01:00
Duncan Bellamy	7dc32971f8	changed missed names	2023-03-08 12:16:35 +00:00
Duncan Bellamy	9b1417a169	apply suggestions	2023-03-08 09:29:03 +00:00
Sergey G. Brester	d46ec3a555	add jail boundary to flush command for more precise targeting of jail (if some name may be equal to prefix of other name)	2023-03-08 09:17:13 +00:00
Duncan Bellamy	5781675a7d	change startcomment and comment so correct rules are flushed	2023-03-08 09:17:13 +00:00
Duncan Bellamy	ac2076ef4f	change unban back to find comment so correct entry always deleted	2023-03-08 09:17:13 +00:00
Duncan Bellamy	0e3e9b1d7f	Add flushaction ... Change unban to find by ip address not comment	2023-03-08 09:17:13 +00:00
Duncan Bellamy	9997807fb3	Add action for mikrotik routerOS	2023-03-08 09:17:13 +00:00
Vít Kabele	a2c77429b9	New filter: routeros-auth.conf (Closes #3469) ... Add filter to detect failed login attempts in the log produced by MikroTik RouterOS. - Add the filter to jail.conf - Add testcase for the filter Signed-off-by: Vít Kabele <vit@kabele.me>	2023-03-02 09:25:24 +01:00
Sergey G. Brester	efbbcb41ea	non capturing group	2022-11-18 12:32:15 +01:00
Sergey G. Brester	996553f330	review, simplify regex and capture user name	2022-11-18 12:31:11 +01:00
Andrey Alekseenko	df91b047d2	Dante SOCKS server: handle "1 byte/second" case ... Thanks to @Loriowar and @sebres for pointing it out	2022-11-17 23:22:56 +01:00
Andrey Alekseenko	05c162ef10	Create filter for Dante SOCKS server	2022-11-17 23:22:55 +01:00
Sergey G. Brester	ae5fe2e003	amend to #3405, eliminate catch-all	2022-11-15 14:29:59 +01:00
sebres	cbb097a2b3	small amend (non capturing group)	2022-11-14 18:56:01 +01:00
sebres	82506f0586	filter.d/selinux-ssh.conf, filter.d/selinux-common.conf: fixes #3405 (new format with GS and additional parameters, e. g. grantors)	2022-11-14 18:51:06 +01:00
sebres	d8e2b03a24	`filter.d/named-refused.conf` extended (closes gh-3388): ... - support BIND named log categories - allow `info:` as possible error prefix too ("query (cache) denied" may occur as info)	2022-11-03 11:41:21 +01:00
sebres	ca2b94c522	fixes gh-3370: resolve extremely long search by repeated apply of non-greedy RE `(?:: (?:[^\(]+|\w+\([^\)]*\))+)?` with following branches (it may be extremely slow up to infinite search depending on message); added new regression tests ... amend to gh-3210: fixes regression and matches new format in aggressive mode too	2022-10-04 14:10:45 +02:00
Jeff Johnson	f9f78ed9d2	IPThreat integration (#3349) ... new IPThreat action	2022-09-13 11:01:46 +02:00
sebres	d6896eb26d	New logtarget: systemd-journal; ... rebased #1403 from da2x:feature-systemd-journal	2022-08-29 12:30:05 +02:00
sebres	a08b925468	Merge branch '0.11'	2022-08-17 16:59:02 +02:00
sebres	467024797f	Merge branch '0.10' into 0.11	2022-08-17 16:56:10 +02:00
Sergey G. Brester	e289a1155e	Merge pull request #3269 from Logic-32/feature/cloudflare-token ... Adding support for Cloudflare Token API.	2022-08-09 16:56:17 +02:00
Sergey G. Brester	514cca9ade	filter.d/sendmail-auth.conf: detect failures without user part	2022-08-01 09:20:28 +02:00
Sergey G. Brester	a2264dcef0	Merge pull request #2636 from brianjmurrell/patch-2 ... FreeIPA renames named to named-pkcs11	2022-06-21 14:19:16 +02:00
Sergey G. Brester	3e9321e71b	non-capturing group and any variant of suffix	2022-06-21 14:15:38 +02:00
sebres	9272cce13d	Merge branch '0.11'	2022-06-02 21:06:12 +02:00
sebres	a69d42cea5	Merge branch '0.10' into 0.11	2022-06-02 21:04:43 +02:00
Sergey G. Brester	fbfc85d8c0	common.conf: fixed typo in comment (rfc5424 for logtype) ... no functional changes; closes #3274	2022-05-12 18:09:09 +02:00
Logic-32	d11ad3b90f	Adding jail name to notes to disambiguate between jails.	2022-05-07 20:52:39 -06:00
Logic-32	e89b2c0ff7	Moving inet6 family block to the end so other config doesn't get added to it.	2022-05-07 20:41:33 -06:00
Logic-32	7e7b9f4a35	Adding support for Cloudflare Token API. ... Closes #3080	2022-04-27 14:19:18 -06:00
sebres	a2431158f6	implements new interpolation variable `%(fail2ban_confpath)s` (automatically substituted from config-reader path, default `/etc/fail2ban` or `/usr/local/etc/fail2ban` depending on distribution); `ignorecommands_dir` is unneeded anymore, thus removed from `paths-common.conf`; ... fixes gh-3005	2022-02-09 17:10:19 +01:00
sebres	13520a0494	Merge branch '0.11'	2022-02-09 15:45:17 +01:00
sebres	8ac49b5858	Merge branch '0.10' into 0.11	2022-02-09 15:44:35 +01:00
László Károlyi	f380d6202d	cherry pick #3210 from master	2022-02-09 15:43:21 +01:00
sebres	498e473a10	filter.d/courier-auth.conf: consider optional port after IP, regex is rewritten without catch-all's and right anchor, so it is more stable against further modifications now; ... closes #3211	2022-02-09 12:18:23 +01:00