github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
1,286 Commits
33 Branches
229 Tags
19 MiB
Commit Graph

1286 Commits (e59a4960a3bea0e90fcb01ffcc03092ebf1c10f3)

Author SHA1 Message Date
Steven Hiscocks e59a4960a3 TST: Add additional sample log line for apache-noscript 2013-07-21 16:48:12 +01:00
Steven Hiscocks 8b9bafda79 ENH: Change lighttpd-fastcgi to suhosin, and improve regex and samples 
suhosin is hardened php implmentation, which will log the alerts (as
seen in samples) to stderr, which is picked up by fastcgi webserver
(e.g. lighttpd, apache, nginx)
 2013-07-21 16:35:37 +01:00
Steven Hiscocks 4033857f63 ENH: Improve xinetd-fail regex and add sample logs 2013-07-21 15:44:09 +01:00
Steven Hiscocks b5ffbced37 TST: Sample test cases now handle ignoreregex and add recidive samples 2013-07-21 15:31:32 +01:00
Steven Hiscocks e7b7815de3 TST: Add additional sshd sample logs 2013-07-21 15:22:44 +01:00
Steven Hiscocks a11f91b835 ENH: Improve cyrus-imap regex and add extra sample line 2013-07-20 17:28:28 +01:00
Steven Hiscocks 534be189dc ENH: Improve sieve regex and add sample line 2013-07-20 17:26:09 +01:00
Steven Hiscocks d791ba12ba TST: Add sample log for dropbear filter 2013-07-20 16:54:28 +01:00
Steven Hiscocks ab671b0b1a ENH: Improve wuftpd failregex, drop duplicate pam regex and add sample 
For wu-ftpd configured to use pam, the pam filter used be used, as regex
is more robust.
 2013-07-20 16:34:24 +01:00
Steven Hiscocks 57a6c11260 ENH: Improve courierlogin regex and add sample logs 2013-07-20 15:53:18 +01:00
Steven Hiscocks bd175f0267 ENH: Improve cyrus-imap regex and add sample log file 2013-07-20 15:38:29 +01:00
Steven Hiscocks 83a80a29ea ENH: Improve couriersmtp and add sample logs 2013-07-20 15:34:00 +01:00
Steven Hiscocks eb2f0c9272 ENH: Improve postfix regex and add more samples 2013-07-20 15:31:21 +01:00
Steven Hiscocks a012b54117 TST: Add additional postfix filter sample 2013-07-18 22:17:31 +01:00
Steven Hiscocks 2a3a627322 TST: Add sample for sieve regex 2013-07-18 22:17:14 +01:00
Yaroslav Halchenko 60aa44f42d DOC: added a note on commit comments for merges with Conflicts 2013-07-18 14:43:41 -04:00
Steven Hiscocks bf05f2ac95 Merge branch 'filter-failregex-return' 
Conflicts:
	server/filter.py
 2013-07-16 21:17:18 +01:00
Steven Hiscocks ba29f6bef3 DOC: Update doc in reference to changes for sample testcases 2013-07-16 21:11:10 +01:00
Steven Hiscocks c2bdfefb62 DOC: Comment to fail2ban-regex - flagging lines matched multiple regexs 2013-07-16 20:58:44 +01:00
Yaroslav Halchenko e4d759ac94 Merge pull request #283 from yarikoptic/master 
Roundcube failregex -- anchor at the beginning as well + mandate <HOST> to end with alphanumeric
 2013-07-16 12:49:25 -07:00
Yaroslav Halchenko 90ec82669c DOC: changelog entries for preceeding changes 2013-07-16 15:10:41 -04:00
Yaroslav Halchenko f6a8a04cf3 ENH: roundcube-auth - adopt for current format with trailing error message. thanks @kwirk for the review/feedback 
I also used non-greedy .*? for the login portion since not sure if space could
be there and trying to minimize possibility of reacting on injected "from
<HOST>" somewhere within the trailing .*
 2013-07-16 15:07:32 -04:00
Yaroslav Halchenko 0a02cfe9e8 ENH: <HOST> must end with alphanumeric \w (not a dot or a dash etc) 
Otherwise <HOST> regexp might swallow period in the sentence right after the address.
I have decided to enforce alphanumeric instead of switching to non-greedy +? ... because
I think it is closer to what we actually want here
 2013-07-16 15:03:06 -04:00
Yaroslav Halchenko 8add63c733 ENH: anchor roundcube-auth at the beginning as well 2013-07-16 14:16:23 -04:00
Yaroslav Halchenko 148cbd8d2a ENH: heavier debugging -- log split date/log line even for no match. Log matching regex upon match 2013-07-16 14:16:23 -04:00
Steven Hiscocks 1a2b6442a0 ENH+BF+TST: Filter now returns reference to failregex and ignoreregex 
This avoids duplication of code across fail2ban-regex and samples test
cases. This also now more neatly resolves the issue of double counting
date templates matches in fail2ban-regex.
In addition, the samples test cases now also print a warning message
that not all regexs have samples for them, with future plan to change
this to an assertion.
 2013-07-15 22:22:13 +01:00
Yaroslav Halchenko 5bd186b854 ENH(minor): fail2ban-regex comment line doesn't have to have a space after leading # 2013-07-15 13:52:42 -04:00
Steven Hiscocks 2c8747cc76 BF: fail2ban-regex date detector template hits count now correct 
closes #295
 2013-07-15 18:40:32 +01:00
Steven Hiscocks 4855cae487 Merge branch 'sample-log-meta-data' 
Conflicts:
    testcases/files/logs/dovecot
 2013-07-14 18:29:36 +01:00
Steven Hiscocks 1116f23151 TST: Sample log regex test now warns if no log for a filter 
Also checks that at least some tests are present
 2013-07-14 18:19:16 +01:00
Yaroslav Halchenko e562515df7 Merge pull request #292 from grooverdan/solaris-doc 
DOC: shorten example and provide clarification and spelling fix
 2013-07-14 07:13:20 -07:00
Steven Hiscocks 728399c39e Merge pull request #281 from kwirk/dovecot-filter 
ENH: dovecot filter additions for session, time value and blank user
 2013-07-14 05:18:04 -07:00
Steven Hiscocks 94376bfbe1 TST: Handle lack of `json` library in python2.5 for samples test case 2013-07-14 11:15:45 +01:00
Daniel Black 09850d6ba5 DOC: shorten example and provide clarifcation and spelling fixes 2013-07-14 10:25:06 +10:00
Steven Hiscocks 40f67c64b8 TST: Test sample logs' entries are matched by filter regexs 2013-07-13 23:03:01 +01:00
Steven Hiscocks 606e97683b BF: jail.conf multiport actions previously using single port iptables 2013-07-12 23:34:04 +01:00
Daniel Black e433a5c633 Merge pull request #260 from grooverdan/develop 
DOC: developing filters without DoS + close/fix/resolves messages in commits
 2013-07-08 15:52:26 -07:00
Daniel Black 424da92601 DOC: close message for commits. 2013-07-09 08:51:11 +10:00
Daniel Black 1d6d5a7aae DOC: ChangeLog merge confict 2013-07-09 08:41:28 +10:00
Daniel Black 174e3dba6d DOC: Note on new dependency - ed for hosts_deny 2013-07-09 08:36:53 +10:00
Daniel Black 5412d7336f DOC: ChangeLog confict 2013-07-09 08:23:44 +10:00
Daniel Black 1f5097649c DOC: ChangeLog for exim-spam.conf filter and tabs->spaces in changelog 2013-07-09 08:20:13 +10:00
Yaroslav Halchenko 5f04b4954f Merge pull request #280 from yarikoptic/master 
BF+ENHs: polling backend tracks ino and size now in addition to mtime, filters do not read file unless it has content + few other minor issues
 2013-07-07 08:33:55 -07:00
Daniel Black 619603fe05 BF: match asterisk InvalidPassword correctly 2013-07-07 17:48:20 +10:00
Steven Hiscocks bfa2b9dec3 ENH: dovecot filter additions for session, time value and blank user 2013-07-05 18:36:02 +01:00
Yaroslav Halchenko 04b8069cee ENH: adjust sendmail-whois 'active' example to have also sendername in it 2013-07-05 10:12:29 -04:00
Yaroslav Halchenko e332efb7cd Merge pull request #279 from 7adietri/feature/configurable-sender-name 
Move sendmail settings to common file, make sender name configurable
 2013-07-05 07:09:20 -07:00
Alexander Dietrich 2155f6bfa5 Update ChangeLog and jail.conf example 2013-07-04 08:57:52 +02:00
Yaroslav Halchenko e282d6b1c7 ENH: Remove unused any longer _ctime helper 2013-07-03 00:09:39 -04:00
Yaroslav Halchenko 404574499d BF: fail2ban-testcases -- use full "warning" instead of warn for the verbosity dictionary 2013-07-02 23:52:37 -04:00