github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
5,485 Commits
32 Branches
229 Tags
18 MiB
Commit Graph

5485 Commits (edc2918176c622e7ff65ab9ed8e4fbf7f3be39b5)

Author SHA1 Message Date
sebres 34b586b51e fix for JSON serialization bug for set object (gh-2103): currently there are only users, so simply serialized as a list. 2018-04-04 23:28:44 +02:00
sebres 187514eda7 bump version (0.10.3 -> 0.10.4.dev1) 2018-04-04 20:17:26 +02:00
sebres 0a50f2e19e next release of 0.10: bump version, update ChangeLog, man's and MANIFEST etc. 2018-04-04 19:44:09 +02:00
sebres 5dfba17663 Merge pull request #2064 from mgrant0/0.11 (rebased) 
Sendmail logs IPv6 addresses with the prefix 'IPv6:'.  Changed <HOST> to (?:IPv6:<IP6>|<IP4>)
 2018-04-04 18:59:13 +02:00
sebres 4a8506fcca update ChangeLog 2018-04-04 18:57:41 +02:00
Michael Grant 57bc502d5c Update sendmail-reject.conf 2018-04-04 18:52:36 +02:00
Michael Grant 2ab6a5ae62 Update sendmail-auth.conf 2018-04-04 18:52:35 +02:00
Michael Grant 87520e8008 Sendmail logs IPv6 addresses with the prefix 'IPv6:'. Added (IPv6:)? before all <HOST> regexes to match the IPv6 address (but not the prefix). 2018-04-04 18:52:33 +02:00
sebres 2ff65f5d3c test_badips.py: increase timeout in normal mode (avoid sporadic CI errors if badips gets slowly). 2018-04-04 18:01:51 +02:00
Sergey G. Brester 521de5edfd
Merge pull request #2101 from mercurytoxic/mercurytoxic-patch-1 
Fixes abuseipdb curl cypher error and comment $f2bV_matches
 2018-04-04 16:48:56 +02:00
Sergey G. Brester d9525ad3aa
Update ChangeLog 2018-04-04 16:47:18 +02:00
Luis Aranguren fc76ccf192 Fixes abuseipdb curl cypher error and comment $f2bV_matches 
Fixed https://github.com/fail2ban/fail2ban/issues/2044 #2044
and used https://github.com/fail2ban/fail2ban/issues/2039 to fix comment in abuseipdb.com only showing $f2bV_matches
 2018-04-04 16:39:16 +02:00
Sergey G. Brester 7bbc26d67e
Merge pull request #2097 from benrubson/sni 
Detect Apache SNI error / misredirect attempts
 2018-04-04 16:31:38 +02:00
Sergey G. Brester 28ae32f0ca
Update ChangeLog 2018-04-04 16:31:14 +02:00
sebres 02bae2962d fixed test cases: www.epfl.ch seems to change again the static IP address, tests rewritten using dynamic mechanism (via resolver). 2018-04-04 15:24:59 +02:00
Yaroslav Halchenko f530348562 minor typo fix, thanks lintian 2018-04-04 01:12:18 -04:00
Yaroslav Halchenko 2c4e777216 BF: B-Depend on python3-setuptools and dh-python, Fixed up hardcoded path to the .build-ed package for testing 
Will require tune ups for backports later on
 2018-04-04 01:06:14 -04:00
Yaroslav Halchenko 450b890fb1 BF: remove all non-existing services from PartOf of fail2ban.service. 
Should resolve inability to restart firewalld (its .service is
left in PartOf) upon upgrades.
 2018-04-04 00:51:03 -04:00
benrubson bd74f7ba8b Detect Apache SNI error / misredirect attempts, typos 2018-04-04 00:20:58 +02:00
sebres e786dbf132 New logging parameter `padding`, default enabled, excepting the SYSLOG (for backwards compatibility purposes); 
Closes gh-2099.
 2018-04-03 17:58:17 +02:00
sebres 8423f017e7 Merge branch 'sshd-ddos-mode-closed-preauth' into 0.10 2018-04-03 14:12:35 +02:00
Sergey G. Brester 4ee7af742a
Merge pull request #2090 from sebres/fix-sshd-filter-suff 
sshd, multi-line failures, alternate groups capture, etc.
 2018-04-03 14:08:46 +02:00
sebres 4ee07adde6 Merge branch '0.10' into fix-sshd-filter-suff 
# Conflicts resolved:
#	fail2ban/server/filter.py
 2018-04-03 13:30:57 +02:00
sebres 50d7c649ba Skip several test-cases of systemd backend, if journal seems to be not available (e. g. no rights to read journal); 
Closes gh-2100
 2018-04-03 12:39:37 +02:00
sebres fd0471927d badips: increase age for /list/cat in the test-cases (default 24h is too short, so the tests can sporadic fail) 2018-04-03 11:53:03 +02:00
sebres 4963295729 Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10 2018-04-03 11:43:58 +02:00
benrubson 30dc22fb2e Detect Apache SNI error / misredirect attempts 2018-03-29 11:36:49 +02:00
Sergey G. Brester 088192ea9f
Merge pull request #1960 from comradekingu/patch-1 
https, "Fail2Ban", other language improvements
 2018-03-22 11:44:50 +01:00
Sergey G. Brester 9710c8c996
minor fix with reindent 2018-03-22 11:43:15 +01:00
sebres 218905c924 performance optimization: findFailure, search regex etc, handling with buffer/tuple-lines optimized (especially multi-regex resp. multi-lines filters) 2018-03-22 10:16:40 +01:00
Sergey G. Brester 67df796f93
Merge pull request #2088 from sebres/fix-gh-2073 
filter.d/apache-noscript.conf: extended to match "Primary script unknown", got from php-fpm module
 2018-03-21 09:56:38 +01:00
sebres 79019967a7 datepattern: fix epoch/long-epoch name, if custom pattern specified 2018-03-20 23:34:18 +01:00
Sergey G. Brester 6dc9c23a25
fixed typo in pragma-comment 2018-03-20 23:14:43 +01:00
Sergey G. Brester 80725ae870
Update sshd 
comment/minimalistic: no functional change
 2018-03-20 19:02:44 +01:00
sebres e5735b9951 ChangeLog updated 2018-03-20 18:54:25 +01:00
sebres 4f6532f810 filter.d/sshd.conf: mode `ddos` (and `aggressive`) extended to catch `Connection closed by ... [preauth]`, so in DDOS mode it causes failure now on closed within preauth stage; 
at least using both modes can ban port-scanners and prevent for other annoying "intruders", closing connection within preauth-stage (see gh-2085 for example).
 2018-03-20 18:54:22 +01:00
sebres cd7f1354c6 remove end-anchors for expressions that are precise enough (with clear flow, simple branches, without catch-all's, etc.) 2018-03-20 18:47:42 +01:00
sebres ed7d5d8ea1 ChangeLog updated 2018-03-20 16:04:42 +01:00
sebres c31eb1c562 quick optimization: normalizes pam-generic prefregex (more similar to the same regex within sshd-filter) + datepattern anchored now; 2018-03-20 16:00:21 +01:00
sebres 4129f940bb revert non-empty incremental multi-line failure merge (just simply overwrite method used ATM); 
revert sshd test case (better to use last given failure-id, so ipv6 instead ipv4, e. g. because of some wrong multi-line-id recognition);
improved output on AssertionError in samples-testcase factory.
 2018-03-20 15:27:59 +01:00
sebres 25cc42129a hold all user names affected by interim attempts in order to avoid forget a failures after success login: 
intruder (as legitimate user) firstly tries to login with another user-name (brute-force), so hopes to reset failure counter by succeeded login;
this is fixed and covered in tests now;
sshd-filter extended to cover multiple-login attempts (also fully implements gh-2070);
 2018-03-20 13:09:05 +01:00
sebres a9c94686b6 fixed multiple regexs matched 2018-03-20 09:09:42 +01:00
sebres 5603055a58 failregex: introduced capturing alternate groups, for example non-empty values of `alt_user_1`, `alt_user_2` will overwrite `user` if it is empty (or `alt_host` -> `host`, etc.) 2018-03-20 09:05:02 +01:00
sebres 8028d3940d amend with better match of optional suffix-groups; 
remove end-anchors for expressions are precise enough (with clear flow, simple branches, without catch-all's, etc.);
 2018-03-19 17:29:26 +01:00
sebres 66d2436f21 filter.d/sshd.conf: extend suffix with optional port, move it to `prefregex` at end outside of the content 2018-03-19 16:50:49 +01:00
sebres 7b3442c4e2 amend to 185cb998e7c7f2509830bed4a9f2fe6179f77e7b: capture error prefix outside of the failure content; 2018-03-19 14:53:56 +01:00
sebres 185cb998e7 make `prefregex` more precise in order to avoid catch the content for non failure lines 2018-03-19 14:38:47 +01:00
sebres 8763cf0a36 ChangeLog updated 2018-03-19 14:26:51 +01:00
sebres e8ffab28fb filter.d/apache-noscript.conf: extended to match "Primary script unknown", got from php-fpm module. 2018-03-19 14:23:24 +01:00
Sergey G. Brester 20fffc44c1
Merge pull request #2087 from sebres/fix-recidive-by-syslog 
filter.d/recidive.conf: fixed if logging into systemd-journal (SYSLOG)
 2018-03-19 14:08:46 +01:00