github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
4,975 Commits
34 Branches
229 Tags
21 MiB
Commit Graph

4975 Commits (ed20d457b21d298cf8a8569ab2eb09546e8065c4)

Author SHA1 Message Date
sebres e751be2c13 normalize, simplify and fix several mail actions (mail and sendmail actions are more similar now, sendmail is configurable via parameter `mailcmd`, etc); 
added test covering sendmail-whois-lines
 2019-06-15 23:14:41 +02:00
sebres 3d04a99d25 fail2ban-regex: (verbose only) avoid errors by dump of real options (if filter doesn't have some optional parameter, like `datepattern`) 2019-06-15 22:08:31 +02:00
sebres 809e7c4e82 Merge pull request #2264 from girst/0.11 (rebased to 0.10) 2019-06-12 16:28:32 +02:00
girst a7dc3614c4 znc-adminlog: use `<ADDR>` instead of `<HOST>` 2019-06-12 16:26:34 +02:00
girst b288ccd6b6 new filter: znc-adminlog 2019-06-12 16:25:50 +02:00
sebres 326f5d4e3f Merge fix of gh-2390 2019-06-12 11:43:07 +02:00
sebres 4c81338944 update ChangeLog (gh-2390) 2019-06-12 11:28:19 +02:00
sebres 22b9304562 action.d/badips.py: fix start of banaction on demand (which may be IP-family related), supplied action info with ticket instead of simulating it with dict; 
(closes gh-2390)
 2019-06-12 11:23:52 +02:00
sebres 9e44c30659 systemd-backend: switched default flags to SYSTEM_ONLY(4), that avoid to open the user session files, so can prevent "Too many open files" errors (like gh-2208) on a lot of user sessions; 
(following Orion's proposal in gh-2392)
 2019-06-12 00:42:01 +02:00
sebres 2725acb64b amend to 809acb69e5928c0e678ad25b43e53b567cb23a3b: extended to avoid the vice versa race (too many outdated tickets to unban) - max count of outdated tickets is restricted also. 2019-06-12 00:11:26 +02:00
sebres 3326ec95ce small amend (preparing to merge in 0.11): more precise test and avoid "expired bantime" (in 0.11) 2019-06-11 15:50:29 +02:00
sebres 93727abeb8 cherry-pick with_alt_time helper decorator from 0.11 2019-06-11 15:50:27 +02:00
sebres 809acb69e5 stability: avoid race condition - no unban if the bans occur continuously (e. g. banning action too slow, so new bans found each time during the default sleeptime); 
now unban will happen not later than 10 tickets get banned regardless there are still active bans available (precedence of ban is 10 now);
closes gh-2410
 2019-06-11 14:37:10 +02:00
sebres e5ae113215 filter.d/postfix.conf: extended with new postfix filter mode `errors` to match "too many errors" (gh-2439), 
also included within modes `normal`, `more` (`extra` and `aggressive`), since postfix
  parameter `smtpd_hard_error_limit` is default 20 (additionally consider `maxretry`)
 2019-06-07 16:14:02 +02:00
sebres 3b2f75414c filter.d/postfix.conf: extended regexp's to accept variable suffix code in status of postfix for precise messages (gh-2442) 2019-06-07 15:40:55 +02:00
sebres 8da9bfb83a Update ChangeLog (gh-2302, rebased to 0.10) 2019-06-07 14:47:43 +02:00
Sergey G. Brester 7dbd3a07eb cut comment to limit documented on abuseipdb, additionally use curl in quiet mode 2019-06-07 14:39:55 +02:00
Carlos Ferreira 7b73cb7639 Switch to AbuseIPDB API v2 2019-06-07 14:39:52 +02:00
sebres 2e51897d7a small amend to feba50e3c2 (typo fixed) 2019-06-04 20:40:48 +02:00
sebres feba50e3c2 fixed resolve of FQDN: resolve of an external IPs and name will be preferred before the local domain (or a loopback), see gh-2438 2019-06-04 19:46:42 +02:00
sebres 3b51c005f8 update ChangeLog (multi-line parsing fix, gh-2431) 2019-05-24 16:17:06 +02:00
sebres ffd366e17b Merge branch '0.9' into 0.10 2019-05-24 16:01:27 +02:00
sebres 83f626c4aa (grave) closes gh-2431: replace newlines in message from systemd journal (otherwise multi-line parsing is broken, because removal of matched string from multi-line buffer window is confused by extra new-lines, so they are retained and got matched on every followed message). 2019-05-24 15:53:16 +02:00
sebres 49bf6132cc amend for 3036ed18893b6aae6619e53201aa53deb701b94f: eliminate "invalid sequence" warnings 2019-05-14 21:40:33 +02:00
sebres 607e965e7b Merge branch 'sebres/0.10-travis-xenial' into 0.10: 
- multi-distribution (trusty & xenial);
- python 3.8 (and new python/pypy minor versions on xenial);
 2019-05-14 20:16:59 +02:00
sebres 08d2615020 small amend: review, simplification, etc 2019-05-14 20:04:44 +02:00
sebres 1cca374d04 .travis.yml: several distributions in matrix (trusty & xenial together) 2019-05-14 19:55:01 +02:00
sebres d310c4992f .travis.yml: coverage for python 3.8 (test with newest python/pypy versions) 2019-05-14 18:24:45 +02:00
sebres 3036ed1889 resolve deprecated syntax (eliminate "invalid sequence" warnings) 2019-05-14 18:22:55 +02:00
sebres 0426a24719 filter.d/postfix.conf: (closes gh-2426) filter extended to catch "5.1.1" (Recipient address rejected: User unknown in local recipient table) with RCPT (and some session-id instead of "NOQUEUE") 2019-05-14 15:27:20 +02:00
sebres 2b8e2707bb Merge pull request #2298 from chtheis/0.11 (rebased to 0.10) 2019-05-10 16:22:58 +02:00
sebres 4d08bc4ad5 update ChangeLog 2019-05-10 16:22:25 +02:00
sebres d8d71c5a22 action.d/helpers-common.conf: grep arguments are rewritten - using options `-wF` to match only whole words and fixed string (not as pattern) 2019-05-10 16:17:13 +02:00
chtheis fa727586ff Fix grep pattern to deal with Apache's error log 
Apache's error log appends the port to the IP address, other logs don't.
 2019-05-10 16:04:27 +02:00
sebres 23d2281e57 action.d/nginx-block-map.conf: small fix with better RE-rule for removal of ID (token/session) via sed (anchored now) 2019-05-02 15:22:45 +02:00
benrubson 5b2b680bfe SSHd add Bad protocol version message 2019-05-02 11:42:45 +02:00
Sergey G. Brester b318eb7e33
closes gh-2408: prevent execution of action `abuseipdb` for restored tickets 2019-04-29 10:45:37 +02:00
sebres 3d80e881c5 increase coverage (if python-systemd not available, so some tests may be skipped) 2019-04-26 13:29:19 +02:00
sebres cd32f4a132 amend to ec681a3363 (PR gh-2387): 
- specify default options (`logtype`) in default sections of filter-config (this allows to overwrite such options in Definition/Init sections within filter.local or includes also without setting that in the jail);
- fail2ban-regex: output real filter-options (after combine/interpolate) if verbose (`-vv`) or debug (`-l debug`).
 2019-04-26 12:49:03 +02:00
Sergey G. Brester 7c9c751eb6
Merge pull request #2247 from Holston5/Holston5/mysqld-auth.conf 
Update mysql logging command and fix mod_security filter
 2019-04-24 21:57:19 +02:00
Sergey G. Brester a7c48e7fe7 test case to cover two client entries message 2019-04-24 21:35:21 +02:00
Holston 422a2de7fe updated 2019-04-24 21:35:19 +02:00
Holston a581bf3f08 Fixed filter for Apache mod_security 2019-04-24 21:35:17 +02:00
Holston 5d6a84ba78 Updated to correct logging option 2019-04-24 21:35:15 +02:00
Sergey G. Brester d67e42efa2
Merge pull request #2402 from sebres/maxentries-mem-saving 
maxmatches: memory saving options
 2019-04-19 12:51:04 +02:00
Sergey G. Brester 7d6db7391e
Update ChangeLog 2019-04-19 12:50:35 +02:00
sebres 3e5b8fdc6a fixes coverage of dbmaxmatches = 0 2019-04-18 22:44:14 +02:00
sebres 46fc4c4615 protocol and documentation 2019-04-18 22:14:34 +02:00
sebres 4629e4320f coverage and code review 2019-04-18 21:48:58 +02:00
sebres 852cb0362c fix restoring of tickets from database if `maxmatches` of jail smaller as `dbmaxmatches` (so read fewer matches in memory): 2019-04-18 21:17:38 +02:00