github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5,431 Commits
34 Branches
230 Tags
19 MiB
Commit Graph

5431 Commits (ea26509594a3220b012071604d73bb42d0ecae2c)

Author SHA1 Message Date
sebres ec3000798d ensure that set of alternate tags or combine tuple tags take place ordered (sort the lists by its name or index) 2020-06-12 21:25:42 +02:00
sebres dd8081ade5 extends capturing alternate tags in filter, implementing new tag prefix `<F-TUPLE_` (that would combine value of `<F-V>` with all value of <F-TUPLE_V?_n?> tags), for examples see new tests in fail2banregextestcase; 
closes gh-2755 (extends #1454 and #1698).
 2020-06-12 20:00:42 +02:00
Jan Przybylak d7ef5d166d Removed vulnerable catchall & anchor 2020-06-11 16:44:48 +02:00
sebres 78fc99ec7e Merge branch '0.11' 2020-06-11 12:52:34 +02:00
sebres 1da9ab78be Merge branch '0.10' into 0.11 2020-06-11 12:52:13 +02:00
sebres 5a0edf61c9 filter.d/sshd.conf: normalizing of user pattern in all RE's, allowing empty user (gh-2749) 2020-06-08 14:38:26 +02:00
Jan Przybylak 3c83c19070 Added filter nginx-bad-request 2020-06-06 19:51:46 +02:00
sebres 9b6da03c90 amend to e786dbf132689133c29671871718a97f93b8912a: removes space between name and [pid] by normal non-verbose logging, padding without truncate now; test coverage for getVerbosityFormat; 
closes #2734
 2020-05-26 13:14:37 +02:00
sebres 6cff2bb007 Merge branch '0.11' 2020-05-25 19:09:29 +02:00
sebres 1588200274 Merge branch '0.10' into 0.11 2020-05-25 18:58:05 +02:00
sebres b8e2b77265 Merge branch '0.10-extend-proto-banned' into 0.10 2020-05-25 15:04:12 +02:00
sebres fa1ff4c5d8 assertSortedEqual: fixed sort of nested lists, switch default of nestedOnly to False (comparison of unsorted lists is rarely needed) 2020-05-25 14:45:24 +02:00
sebres 54b2208690 extends protocol/client with banned status (retrieve information whether an IP is banned and/or in which jails), implements FR gh-2725 2020-05-20 16:31:54 +02:00
sebres 0ae2ef68be ensure iterator is safe (traverse over the list in snapshot created within a lock), avoids getting modified state as well as "dictionary changed size during iteration" errors 2020-05-20 15:36:06 +02:00
sebres afb7a93163 amend to 368aa9e77570519b37fb57c9dbc5112d4c4b7382: fix time in gitlab test (GMT in log due to TZ-suffix `Z`, CEST in test-suite) 2020-05-20 15:27:48 +02:00
Sergey G. Brester 43f699b872
grammar / typos 2020-05-06 17:32:13 +02:00
Sergey G. Brester 368aa9e775
Merge pull request #2689 from benrubson/gitlab 
New Gitlab jail
 2020-05-04 19:19:13 +02:00
Sergey G. Brester f2aec43d8a
Merge pull request #2140 from szepeviktor/patch-9 
CloudFlare started to indent their API responses
 2020-04-27 19:39:27 +02:00
Sergey G. Brester 42aef09d69
Update ChangeLog 2020-04-27 19:38:48 +02:00
Sergey G. Brester 01e92ce4a6 added fallback using tr and sed (jq is optional now) 2020-04-27 19:26:46 +02:00
Sergey G. Brester 1c1b671c74 Update cloudflare.conf 2020-04-27 19:26:44 +02:00
Sergey G. Brester 5b8fc3b51a cloudflare: fixes ip to id conversion by unban using jq 
normalized URIs and parameters, notes gets a jail-name (should be possible to differentiate the same IP across several jails)
 2020-04-27 19:26:43 +02:00
Viktor Szépe 852670bc99 CloudFlare started to indent their API responses 
We need to use https://github.com/stedolan/jq to parse it.
 2020-04-27 19:26:39 +02:00
Ilya 8b3b9addd1 Change tool from 'cut' to 'sed' 
Sed regex was tested - it works.
 2020-04-27 19:12:36 +02:00
Ilya 5da2422f61 Fix actionunban 
Add command to remove new line character. Needed for working removing rule from cloudflare firewall.
 2020-04-27 19:12:35 +02:00
Sergey G. Brester fe84b158a5
Merge pull request #2703 from sebres/0.10-ipset-tout 
0.10 / ipset timeout removal
 2020-04-26 12:39:37 +02:00
Sergey G. Brester da1652d0d7
Update ChangeLog 2020-04-26 12:26:55 +02:00
sebres 12be3ed77d test cases fixed 2020-04-25 15:17:42 +02:00
sebres 87a1a2f1a1 action.d/*-ipset*.conf: several ipset actions fixed (no timeout per default anymore), so no discrepancy between ipset and fail2ban (removal from ipset will be managed by fail2ban only) 2020-04-25 14:52:38 +02:00
sebres 6b90ca820f filter.d/traefik-auth.conf: filter extended with parameter mode (`normal`, `ddos`, `aggressive`) to handle the match of username differently: 
- `normal`: matches 401 with supplied username only
  - `ddos`: matches 401 without supplied username only
  - `aggressive`: matches 401 and any variant (with and without username)
closes gh-2693
 2020-04-23 13:08:24 +02:00
sebres affd9cef5f filter.d/courier-smtp.conf: prefregex extended to consider port in log-message (closes gh-2697) 2020-04-21 13:32:17 +02:00
sebres 06b46e92eb jail.conf: don't specify `action` directly in jails (use `action_` or `banaction` instead); 
no mails-action added per default anymore (e. g. to allow that `action = %(action_mw)s` should be specified per jail or in default section in jail.local), closes gh-2357;
ensure we've unique action name per jail (also if parameter `actname` is not set but name deviates from standard name, gh-2686);
don't use %(banaction)s interpolation because it can be complex value (containing `[...]`), so would bother the action interpolation.
 2020-04-15 19:00:49 +02:00
sebres 7e3061e7ac fail2ban.service systemd unit template: don't add user site directory to python system path (avoids accessing of `/root/.local` directory, prevents SE linux audit warning at daemon startup, gh-2688) 2020-04-15 17:35:04 +02:00
Sergey G. Brester 78651de7e5
Update ChangeLog 2020-04-14 12:25:18 +02:00
benrubson 2912bc640b New Gitlab jail 2020-04-09 16:42:08 +02:00
sebres 136781d627 filter.d/sshd.conf: fixed regex for mode `extra` - "No authentication methods available" (supported seems to be optional now, gh-2682) 2020-04-08 12:17:59 +02:00
sebres d21a24de8e more test cases for IP/DNS (and use dummies if no-network set by testing) 2020-04-06 12:39:36 +02:00
sebres fc175fa78a performance: optimize simplest case whether the ignoreip is a single IP (not subnet/dns) - uses a set instead of list (holds single IPs and subnets/dns in different lists); 
decrease log level for ignored duplicates (warning is too heavy here)
 2020-04-06 12:12:23 +02:00
sebres 343ec1cdd2 test-causes: avoid host-depending issue (mistakenly ignoring IP 127.0.0.2 as own address) - replace loop-back addr with test sub-net addr (and disable ignoreself) 2020-03-18 20:40:31 +01:00
sebres 38b32a9a72 Merge branch '0.10' into 0.11 2020-03-18 19:53:55 +01:00
sebres 22a04dae05 Merge branch '0.9' into 0.10 (gh-2246) 2020-03-18 16:11:53 +01:00
Sergey G. Brester b1e1cab4b7
Merge pull request #2246 from shaneforsythe/shaneforsythe-patch-2 
Improve regex in proftpd.conf
 2020-03-18 15:49:18 +01:00
sebres 606bf110c9 filter.d/sshd.conf (mode `ddos`): fixed "connection reset" regex (seems to have same syntax now as closed), so both regex's combined now to single RE 
(closes gh-2662)
 2020-03-16 17:31:39 +01:00
sebres 6e570b8644 Merge branch '0.11' 2020-03-13 23:23:32 +01:00
sebres 5b16973f08 Merge branch '0.10' into 0.11 2020-03-13 23:23:03 +01:00
sebres 8547ea7ea0 resolve sporadic minor issue - check pending can refresh watcher (monitor) that gets deleting, and there may be no wdInt to delete 2020-03-13 23:16:04 +01:00
sebres 9905904bba Merge branch '0.11' 2020-03-13 22:43:22 +01:00
sebres 00c5d33e45 Merge branch '0.10' into 0.11 2020-03-13 22:39:19 +01:00
sebres b64a435b0e ignore only not banned old (repeated and ignored) tickets 2020-03-13 22:34:15 +01:00
sebres b43dc147b5 amend to RC-fix 9f1c6f1617 (gh-2660): 
resolves bottleneck by initial scanning of a lot of messages (or evildoers generating many messages) causes repeated ban, that will be ignored but could cause entering of "long" sleep in actions thread previously;
speedup recognition banning queue has entries to begin check-ban process in actions thread
 2020-03-13 22:22:42 +01:00