Daniel Black
b6d0e8ad9c
ENH: add ipfw rule for bsd using the tables.
12 years ago
Yaroslav Halchenko
89adcd7ff7
Merge branch PR #193 ASSP SMTP Proxy support (with some manual squashing)
...
Origin: https://github.com/lenrico/fail2ban
Squashing was done via rebase -i 1524b076d6
to eliminate massive assp sample log file originally added
fixed test date thx to steven
tight control of the filter for ASSP
as yaroslav wishes
as daniel desires
changed from DateASSPlike class to DateStrptime
fixed little things
added new date format support for ASSP SMTP Proxy
12 years ago
Enrico Labedzki
36b0d78ff8
tight control of the filter for ASSP
12 years ago
Enrico Labedzki
07aee8cd33
as daniel desires
12 years ago
Enrico Labedzki
24a8d07c20
added new date format support for ASSP SMTP Proxy
12 years ago
Daniel Black
945ad3d9e6
BF: ensure dates in email are in the C locale. Thanks iGeorgeX
12 years ago
Daniel Black
0ac8746d05
ENH: Account for views in named filter. By Romain Riviere in gentoo bug #259458
12 years ago
Yaroslav Halchenko
22f04677b6
BF: usedns deals with forward (not reverse) DNS lookups (thanks Steven Hiscocks)
12 years ago
Daniel Black
41b9f7b6ac
BF: filter.d/sshd "Did not receive identification string" relates to an exploit so document this in sshd-ddos.conf but leave it out of authentication based blocks in sshd.conf
12 years ago
Daniel Black
32d10e904a
ENH: more openssh fail messages from openssh source code (CVS 20121205)
12 years ago
Yaroslav Halchenko
59192a5585
Merge remote-tracking branch 'github_kwirk_fail2ban/pidfile'
...
* github_kwirk_fail2ban/pidfile:
Typo in default pidfile in fail2ban.conf
12 years ago
Yaroslav Halchenko
99a5d78e37
ENH: for consistency (and future expansion ;)) -- rename to mysqld-auth
12 years ago
Yaroslav Halchenko
ffaa9697ee
Adjusting previous PR (MySQL logs) according to my comments
12 years ago
Yaroslav Halchenko
3e6be243bf
Merge branch 'Support_for_mysql_log_example' of https://github.com/arto-p/fail2ban
...
* 'Support_for_mysql_log_example' of https://github.com/arto-p/fail2ban :
Added testcase for MySQL date format to testcases/datedetectortestcase.py and example of MySQL log file.
Added support for MySQL logfiles
Conflicts:
testcases/datedetectortestcase.py -- conflictde with other added test cases
12 years ago
Yaroslav Halchenko
72b06479a5
ENH: Slight tune ups for fresh SOGo filter + comment into the sample log file
12 years ago
Yaroslav Halchenko
105306e1a8
Merge remote-tracking branch 'pr/117/head' -- SOGo filters
...
* pr/117/head:
An example of failed logins against sogo
Update sogo-auth.conf
Update config/filter.d/sogo-auth.conf
Create sogo-auth.conf
Update config/jail.conf
12 years ago
Yaroslav Halchenko
91d5736c12
ENH: postfix filter -- react also on (450 4.7.1) with empty from/to. fixes #126
12 years ago
ArndRa
bba3fd8568
Update sogo-auth.conf
...
included hint by user yarikoptic
12 years ago
Artur Penttinen
29d0df58be
Added support for MySQL logfiles
12 years ago
Daniel Black
67544d1dd6
DOC: tags are documented in the jail.conf(5) man page
12 years ago
Yaroslav Halchenko
5e5eaaf838
Merge pull request #134 from grooverdan/misc-fixes
...
BF: fail2ban client can't handle multi word setcinfo or action[*] values
12 years ago
Pascal Borreli
a2b29b4875
Fixed typos
12 years ago
Daniel Black
a0f088be25
ENH: typo + head -1 has been deprecated for 10+ years.
12 years ago
Yaroslav Halchenko
a8bd9c20a0
Merge branch 'master' of git://github.com/fail2ban/fail2ban
...
* 'master' of git://github.com/fail2ban/fail2ban:
add blocking type
add example jail.conf for blocking through blackhole routes for ssh
add support for blocking through blackhole routes
12 years ago
Yaroslav Halchenko
d5ae28facf
Merge pull request #104 from gebi/t/route
...
add support for blocking through blackhole routes
12 years ago
Steven Hiscocks
294f073741
Typo in default pidfile in fail2ban.conf
12 years ago
Steven Hiscocks
ce3ab34dd8
Added ability to specify PID file
12 years ago
Daniel Black
47b1ee39d8
add blocking type
12 years ago
Yaroslav Halchenko
8cf006827e
BF: remove path from grep call in sendmail-whois-lines.conf Closes: gh-118
12 years ago
ArndRa
6cd358ee95
Update config/filter.d/sogo-auth.conf
...
Comment line in the top altered to fit file name. My local file was named differently...
12 years ago
ArndRa
35bf84abad
Create sogo-auth.conf
...
Regexp works with SOGo 2.0.5 or newer, following new feature implemented here: http://www.sogo.nu/bugs/view.php?id=2229
12 years ago
ArndRa
52f952e645
Update config/jail.conf
...
Update to use the new sogo-auth filter
12 years ago
Yaroslav Halchenko
5f2d3832f7
NF: roundcube-auth filter (to close Debian #699442 , needing debian/jail.conf section)
12 years ago
Orion Poplawski
bb7628591c
Update config/filter.d/sshd.conf
...
Do not trigger sshd bans on pam_unix authentication failures, this will trigger on successful logins on systems that use non-pam_unix authentication (sssd, ldap, etc.).
12 years ago
Yaroslav Halchenko
9a39292813
ENH: Added login authenticator failed regexp for exim filter
12 years ago
Yaroslav Halchenko
b3d8ba146b
DOC: Mention that logrotate configuration needs to be adjusted if logtarget is changed ( Closes : #697333 )
12 years ago
Michael Gebetsroither
03433f79cd
add example jail.conf for blocking through blackhole routes for ssh
12 years ago
Michael Gebetsroither
f9b78ba927
add support for blocking through blackhole routes
12 years ago
Daniel Black
da0ba8ab4c
ENH: add example jail for ipset
12 years ago
Daniel Black
9221886df6
more documentation and optimisations/fixes based on testing
12 years ago
Daniel Black
abd5984234
base ipset support
12 years ago
pigsyn
f336d9f876
Update config/filter.d/webmin-auth.conf
...
Added '\s*$' to the regular expression to match the space written by webmin logs at line-endings
12 years ago
pigsyn
dc67b24270
Update config/filter.d/webmin-auth.conf
...
Added a trailing '.*$' to each regex so they can find expressions in targeted log files.
12 years ago
Yaroslav Halchenko
3969e3f77b
ENH: dovecot.conf - require space(s) before rip/rhost log entry
12 years ago
hamilton5
266cdc29a6
Update config/filter.d/dovecot.conf
...
even tho not on the fail2ban site..
suggested to not be greedy by yarikoptic
12 years ago
hamilton5
e040c6d8a3
Update config/filter.d/dovecot.conf
...
site actually needs updated because of <HOST> alias
per Notes above.
12 years ago
hamilton5
7ede1e8518
Update config/filter.d/dovecot.conf
...
added failregex line for debian and centos per
http://www.fail2ban.org/wiki/index.php/Talk:Dovecot
12 years ago
Yaroslav Halchenko
fc27e00290
ENH: tune up sshd-ddos to use common.conf and allow training spaces
12 years ago
Yaroslav Halchenko
6ecf4fd80a
Merge pull request #64 from sourcejedi/remove_sshd_rdns
...
Misconfigured DNS should not ban *successful* ssh logins
Per our discussion indeed better (and still as "safe") to not punish users behind bad DNS
12 years ago
Yaroslav Halchenko
282724a7f9
ENH: join both failregex for lighttpd-auth into a single one
...
they are close in meaning
should provide a slight run-time performance benefit
12 years ago