github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
3,486 Commits
33 Branches
229 Tags
19 MiB
Commit Graph

1108 Commits (e8203dabbac5f937fc5bfd9b3f5e33cd256eeaf8)

Author SHA1 Message Date
sebres 504e5ba6f2 actions support IPv6 now: 
- introduced "conditional" sections, see for example `[Init?family=inet6]`;
  - iptables-common and other iptables config(s) made IPv6 capable;
  - several small code optimizations;
* all test cases passed (py3.x compatible);
 2016-05-11 16:54:28 +02:00
sebres 75028585c0 test cases extended for verifying ipv4/ipv6, normalized pf-action with test case 2016-05-11 16:54:25 +02:00
Alexander Koeppe ed2f3ef77d improve PF action and make IPv6 aware 2016-05-11 16:54:22 +02:00
sebres 25d6cf8dd2 fix suhosin_log in common paths - log files should be separated using "\n": 
prevents to throw an error "File option must be 'head' or 'tail'", if jail suhosin will be enabled.
 2016-05-11 16:54:11 +02:00
sebres 8cb4a3f59e move DNTUtils, IPAddr related code to dedicated source file ipdns.py (also resolves some cyclic import references) 2016-05-09 17:06:25 +02:00
Alexander Koeppe db9f3f738f add ip6-loopback to default ignoreip statement 2016-05-09 15:32:42 +02:00
sebres 05f38285f1 Merge remote-tracking branch 'remotes/gh-upstream/master' into f2b-perfom-prepare-716 2016-05-02 15:40:05 +02:00
jungle-boogie d889918f19 update doc url 
direct to confluence page. no code changes.
 2016-04-24 21:35:18 -07:00
Yaroslav Halchenko aa303acfd6 Merge pull request #1381 from theDogOfPavlov/patch-3 
Tightened up exim regexes to catch rDNS entries
 2016-04-23 18:27:38 -04:00
Alexandre Perrin 7712310d2d Be more backward compatible on matching postfix/smtps/smtpd 
Support trailing smtps also and not only smtpd.

suggested by @sebres
 2016-04-14 13:54:58 +02:00
Alexandre Perrin 1a299409e5 Fix postfix/smtps/smtpd matching. 2016-04-14 12:10:58 +02:00
theDogOfPavlov 1eb51b1bc2 Tightened up regexes to catch rDNS entries 2016-04-01 18:07:01 +01:00
Yaroslav Halchenko db2dd070ad Merge pull request #1356 from opoplawski/bug-1354 
Fedora use mariadb by default, fix log path
 2016-03-31 22:11:10 -04:00
Serg G. Brester b9b7ecbf6b Merge pull request #1357 from sebres/monit-new-fltr 
monit filter fixup for the new version (gh-1355)
 2016-03-26 11:39:26 +01:00
TorontoMedia 3d239215cd Two new firewalld actions with rich rules for firewalld-0.3.1+ (gh-1367) 
closes #1367
 2016-03-25 17:28:30 +01:00
sebres ac27c9cb96 Merge branch 'patch-2' (gh-1371) 2016-03-25 17:05:23 +01:00
Serg G. Brester 0effe76971 Merge pull request #1370 from theDogOfPavlov/patch-1 
Added regex for LDAP authentication failures
 2016-03-25 15:30:39 +01:00
jblachly e9202fa0b2 Placed failure (illumos) at end of regex 2016-03-24 00:43:15 -04:00
theDogOfPavlov fe1475be95 Additional exim regexes to cover common attacks... 2016-03-21 05:59:59 +00:00
theDogOfPavlov cf2aa9c1c0 Added regex for LDAP authentication failures 2016-03-21 05:53:23 +00:00
jblachly 25c2334bc8 SmartOS PAM Authentication failed (not failURE) 
SmartOS (and likely other Illumos platforms) enter log entries for failed sshd logins of the form:
`Authentication failed for USER from HOST`
The current sshd.conf regex matches `failure` -- add to this a match for `failed` to support Illumos
 2016-03-16 13:52:01 -04:00
Johannes Weberhofer bd25a43417 define journalmatch setting for pure-ftps 2016-03-11 18:19:53 +01:00
Orion Poplawski f3f813a925 - mysqld does not log login attempts to the journal. 
- Add /var/log/mysqld.log to mysql_log
 2016-03-09 13:52:50 -07:00
sebres 37c9075fad fixed monit filter: failregex find now both previous and new versions: 
- failregex of previous monit version merged as single expression;
- extended failregex with new monit "access denied" version;
 2016-03-09 20:06:14 +01:00
Orion Poplawski dfc65018da Fedora use mariadb by default, fix log path 2016-03-09 11:36:06 -07:00
sebres d7e7b52013 Merge remote-tracking branch 'remotes/gh-upstream/master' into f2b-perfom-prepare-716 2016-03-07 19:11:36 +01:00
Yaroslav Halchenko 385b50e4a9 Merge pull request #1343 from denics/master 
adding wp-admin to bot search
 2016-03-07 10:23:37 -05:00
Denix ed0e572bfc added wp-admin 
bot are very annoying and I am getting a lot of checks on wp-admin. This should calm them.
 2016-03-02 16:52:03 +01:00
Yaroslav Halchenko 6ffbc1ffad ENH: revert back to having detailed suffix anchored at the end for mysqld-auto.conf 
As discussed in https://github.com/fail2ban/fail2ban/pull/1333#discussion_r54100127
 2016-02-28 12:07:46 -05:00
Yaroslav Halchenko 3e31145c33 Merge pull request #1331 from whyscream/postfix-multi-instance-support 
Add support for matching postfix multi-instance daemon names by default
 2016-02-28 12:00:24 -05:00
sebres 667785b608 mysqld: failregex fixed (accepts different log level, more secure expression now); 
closes #1332
 2016-02-24 17:17:51 +01:00
Tom Hendrikx 6c606cf98f Add support for matching postfix multi-instance daemon names by default 2016-02-23 20:23:04 +01:00
Yaroslav Halchenko 905c87ca4a Merge pull request #1310 from yarikoptic/pr-1288 
NF: HAProxy HTTP Auth filter
 2016-02-11 08:35:48 -05:00
sebres d8e81eb417 regexp rewritten (few vulnerable as previous) + test case added 2016-02-08 12:01:25 +01:00
3eBoP 257b7049d8 Update asterisk filter: changed regex for "Call from ...". Sometimes extension can have a plus symbol (+) because they can be phone number. 
Closes #1309
 2016-02-08 11:51:37 +01:00
Pierre GINDRAUD b5a07741c8 Add new regex into postfix filter. The new regexp is able to detect bad formatted SMTP EHLO command 2016-02-08 11:11:59 +01:00
Yaroslav Halchenko 3f437b32db Merge remote-tracking branch 'pr/1288/head' 
* pr/1288/head:
  Update haproxy-http-auth.conf
  Added HAProxy HTTP Auth filter

 Conflicts:
	config/jail.conf - resolved + removed unnecessary filter/enabled (defaults should be as good)
 2016-01-28 08:51:45 -05:00
Yaroslav Halchenko 377ea32441 Merge pull request #1295 from obounaim/master 
The sender option is ignored by some actions
 2016-01-28 08:48:22 -05:00
Serg G. Brester fe14c8fa05 Merge pull request #1292 from albel727/master 
Add nftables actions
 2016-01-24 23:55:50 +01:00
Jordan Moeser d7b46509d8 Update haproxy-http-auth.conf 
Updated failregex to be more strict
 2016-01-12 08:37:33 +10:00
local 40c0bed82c action_mw, action_mwl, action_cf_mwl ignore the "sender" option when sending a notification email. 
This commit adds "sender="%(sender)s"" to the three actions to correct this issue.
 2016-01-10 00:05:03 +01:00
Yaroslav Halchenko 5d0d96a5cb Merge pull request #1286 from yarikoptic/enh-jail 
ENH: harmonize jail.conf + 1 more test that passed bantime is non-degenerate and int
 2016-01-08 08:51:08 -05:00
Alexander Belykh 985e8938a4 Refactor nftables actionstop into smaller parts 2016-01-06 17:39:54 +06:00
Alexander Belykh 9779eeb986 Add nftables_type/family/table parameters 2016-01-06 17:33:14 +06:00
Alexander Belykh 260c30535d Escape curly braces in nftables actions 2016-01-06 17:13:30 +06:00
Alexander Belykh 1983e15580 Add empty line between parameters in nftables-common.conf 2016-01-06 16:55:29 +06:00
Alexander Belykh f7f91a8bd4 Refactor common code out of nftables-multiport/allports.conf 2016-01-05 19:03:47 +06:00
sebres 69f5623f83 code simplifying (remove duplication): agent will be always supplied as parameter from jail.conf 2016-01-04 09:30:32 +01:00
Alexander Belykh 618e97bce8 Add nftables actions 2016-01-04 01:36:28 +06:00
sebres ac31121432 amend to fix fail2ban-version: correct user-agent for badips.py "Fail2Ban/ver", changeable within jail/config now; 2015-12-31 02:32:17 +01:00