Yaroslav Halchenko
878fa0dedd
* Synchronized action.d/iptables-* rules from upstream SVN (closes:
...
#407561 )
* Minor: options renames in the comments to be in sync with upstream
2007-01-19 15:51:11 +00:00
Yaroslav Halchenko
7a1dd9e98c
* iptables-multiport is default action to take since Debian kernel arrives
...
with multiport module. That is to address the fact that most services
listen on multiple port (for encrypted and non-encrypted connections)
* Added [courierauth] jail (First 2 items are to partially address #407404
2007-01-18 15:41:49 +00:00
Yaroslav Halchenko
85d8604209
removed empty lines
2007-01-04 20:34:41 +00:00
Yaroslav Halchenko
36b1833e31
* Adjusted default log file for postfix to be /var/log/mail.log
...
(Closes : #404921 )
2007-01-04 20:25:45 +00:00
Yaroslav Halchenko
e570f14a5d
releasing
2007-01-04 19:48:58 +00:00
Yaroslav Halchenko
f01c74581d
fixed action_ shortcuts
...
adjusted initd script to be verbose on start if socketfile exists
2007-01-04 19:47:00 +00:00
Yaroslav Halchenko
7fa686a7f2
* New upstream release, which incorporates fixes introduced in 3~pre
...
non-released versions (which were suggested to the users to overcome
problems reported in bug reports). In particular attention should be paid
to upstream changelog entries
- Several "failregex" and "ignoreregex" are now accepted.
Creation of rules should be easier now.
This is an alternative solution to 'multiple <HOST>' entries fix,
which is not applied to this shipped version - pay cautios if upgrading
from 0.7.5-3~pre?
- Allow comma in action options. The value of the option must
be escaped with " or '.
That allowed to implement requested ability to ban multiple ports
at once (See 373592). README.Debian and jail.conf adjusted to reflect
possible use of iptables-mport
- Now Fail2ban goes in /usr/share/fail2ban instead of
/usr/lib/fail2ban. This is more compliant with FHS.
Patch 00_share_insteadof_lib no longer applied
* Refactored installed by debian package jail.conf:
- Added option banaction which is to incorporate banning agent
(usually some flavor of iptables rule), which can then be easily
overriden globally or per section
- Multiple actions are defined as action_* to serve as shortcuts
2007-01-04 18:08:09 +00:00
Yaroslav Halchenko
e8ce484c05
reworked init script a bit: waiting on stop and ping instead of status
2007-01-04 17:03:35 +00:00
Yaroslav Halchenko
a81dd8b103
boosted version
2007-01-03 16:09:43 +00:00
Yaroslav Halchenko
97ab74de5f
* Not applying patch any more for rigid python2.4 - it is default now in
...
sid/etch
2007-01-03 16:09:01 +00:00
Yaroslav Halchenko
4d5ec804f5
* Added filter ssh-ddos to fight DDOS attacks. Must be used with caution if
...
there is a possibility of clients accessing through unreliable connection
(Closes : #404487 )
2006-12-28 07:28:53 +00:00
Yaroslav Halchenko
832a8a4346
* Moved call to dh_pycentral before dh_installinit
...
* Removed unnecessary call of dh_shlibdeps
2006-12-22 18:56:51 +00:00
Yaroslav Halchenko
ebc5c6106f
HOSTisized vsftpd regex
2006-12-22 18:39:57 +00:00
Yaroslav Halchenko
caf85bf265
* Made fail2ban-server tollerate multiple <HOST> entries in failregex
2006-12-22 18:36:01 +00:00
Yaroslav Halchenko
ae96eaa40c
made failregex universal for both PAM and native vsftpd logging
2006-12-22 04:54:14 +00:00
Yaroslav Halchenko
2e992c2353
* Fail2ban now bans vsftpd logins (corrected logfile path and failregex)
...
(Closes : #404060 )
2006-12-21 16:54:39 +00:00
Yaroslav Halchenko
14a2a45dbc
releasing
2006-12-10 23:56:17 +00:00
Yaroslav Halchenko
762d1a188a
* NEWS.Debian confusions - the latest NEWS entry and postinst message were
...
rephrased (Closes : #402350 )
* Added mail-whois-lines action, which emails log lines containing abuser
IP. Those lines are often required for proper abuse reports sent to the
Internet providers. Forwarding of such received emails to the email
addresses of abuse departments present in the output of whois is a
tentative solution for semi-automatic abuse reporting (Closes : #358810 )
2006-12-10 23:40:04 +00:00
Yaroslav Halchenko
bbb9e6f094
* NEWS.Debian confusions - the latest NEWS entry and postinst message
...
were rephrased (Closes : #402350 )
2006-12-09 23:27:39 +00:00
Yaroslav Halchenko
ae58ed091a
* Removed obsolete patches left from 0.6
...
* Adjusted wsftpd patch to use <HOST> tag to be in line with the other
filter definitions
2006-12-08 02:28:07 +00:00
Yaroslav Halchenko
7eac83b12d
fresh upstream release
2006-12-08 01:21:42 +00:00
Yaroslav Halchenko
6d3c52a965
slightly corrected description for interpolations/parameters
2006-12-07 23:10:30 +00:00
Yaroslav Halchenko
c46b9e0dca
* README.Debian describes a bit issue of interpolations vs parameters passed
...
from jail.{conf,local} into an action or a filter definition (closes:
#398739 )
* Removed Uploaded field from control since I am a DD now. Big thanks to
Barak Pearlmutter for being the sponsor of my packages for few
years.
2006-12-07 13:20:51 +00:00
Yaroslav Halchenko
3a738497f8
* Added Suggests on mailx and relevant comments in README.Debian about
...
invoking mail actions (closes : #396668 )
* Removed obsolete entries in TODO and README
* README.Debian describes a bit issue of interpolations vs parameters
passed from jail.{conf,local} into an action or a filter definition
(closes : #398739 )
* Initial version of postfix filter (closes : #377711 )
2006-12-07 04:07:59 +00:00
Yaroslav Halchenko
ff491e48fa
* Added debian/backports to contain patches necessary for backporting. It
...
gets used by pbuilder-ssh to create package for backports.org
2006-12-04 13:56:56 +00:00
Yaroslav Halchenko
e46346d371
fixed name spoiled by on vaio
2006-11-12 02:20:32 +00:00
Yaroslav Halchenko
953f6c75b9
ready to buzz Barak
2006-11-12 02:18:47 +00:00
Yaroslav Halchenko
b9b30341d4
* Cleaned up debian/rules a bit
2006-11-12 02:11:34 +00:00
Yaroslav Halchenko
f8a3605c97
* "Clean" target removes generated .pyc files now ( Closes : #398146 )
2006-11-12 02:02:23 +00:00
Yaroslav Halchenko
97abba906f
forgot to boost version
2006-11-11 00:11:59 +00:00
Yaroslav Halchenko
24ada3c63e
* Only block new connects by using a new action iptables-new instead of
...
iptables (Closes : #350746 )
* Updated README.Debian to reflect transition over to 0.7 branch and to
comment on 350746
2006-11-11 00:10:10 +00:00
Yaroslav Halchenko
5cc9bc9ce6
made ~ version to accumulate more fixes before duploading
2006-11-10 15:56:58 +00:00
Yaroslav Halchenko
6a9ed3501a
* Reincarnated logrotate configuration ( Closes : #397878 )
...
* no logrotation anymore? (Closes : #397878 )
2006-11-10 15:54:34 +00:00
Yaroslav Halchenko
28dad3752c
* Warning NEWS entry for 0.7.1 was not shown during installation on test
...
boxes, thus postinst was adjusted accordingly to inform the user about the
changes in the configuration files since 0.6.
2006-11-06 14:47:59 +00:00
Yaroslav Halchenko
6e1ec60318
put release to unstable
2006-11-06 14:29:56 +00:00
Yaroslav Halchenko
b457f61e74
* Added reload/force-reload actions to init script
...
* Adjusted jail.conf a bit
2006-11-06 14:23:58 +00:00
Yaroslav Halchenko
2e568c08d6
new upstream
2006-11-02 02:04:57 +00:00
Yaroslav Halchenko
4bbea5b41b
* Corrected init.d script to properly perform restart due to server delay to
...
react to client command to stop. Handling of status was adjusted as well
* Added apache-noscript to jail.conf
* Default action does not send emails to be inline with previous (0.6.x)
behavior
2006-10-30 03:32:29 +00:00
Yaroslav Halchenko
668ef068cf
* Fresh upstream: fixed a bug with not handling error producing
...
actioncheck call
2006-10-23 21:05:32 +00:00
Yaroslav Halchenko
1e4d6dd059
* debian/{rules,control} adjusted to conform all points in recent python
...
policy changes
* install under /usr/share instead of /usr/lib
2006-10-23 05:07:52 +00:00
Yaroslav Halchenko
6a2aaa4db7
* Adjusted rule to install man pages -- only .1 files since there are also
...
h2m sources
2006-10-23 04:49:52 +00:00
Yaroslav Halchenko
37d2abc8ea
* Currrent snapshot of trunk
...
* Removed outdated (applied in 0.7.4 or specific for 0.6.?) patches
from debian/patches
2006-10-23 04:45:34 +00:00
Yaroslav Halchenko
923d2214d9
added wuftpd to both 0.6 and 0.7
2006-10-18 05:15:53 +00:00
Yaroslav Halchenko
4ea2d8c370
few changelog entries
2006-10-02 19:28:23 +00:00
Yaroslav Halchenko
a45fadd183
News about the 0.7 release and adjusted init script so it fails to start if not root
2006-10-02 19:03:58 +00:00
Yaroslav Halchenko
641cd14a40
preliminary packaging of 0.7.3 which gets closer to be used widely, i.e.
...
could be uploaded to experimental
2006-09-29 04:05:50 +00:00
Yaroslav Halchenko
0ae3032ac8
properly assigned to experimental
2006-09-06 13:35:13 +00:00
Yaroslav Halchenko
dae225330c
added debian specific patches for the new upstream
2006-09-05 15:16:03 +00:00
Yaroslav Halchenko
a4899fabf8
Initial minimalistic but working packaging of fail2ban 0.7.1
2006-09-05 06:10:29 +00:00
Yaroslav Halchenko
d125070fa4
now changes in this file are managed via dpatch
2006-08-15 22:13:44 +00:00
Yaroslav Halchenko
6e050675a8
adjusted manpage for fail2ban.conf
2006-08-15 21:35:37 +00:00
Yaroslav Halchenko
f85af540cf
updated timestamp
2006-07-07 00:20:22 +00:00
Yaroslav Halchenko
7fbc1b16a0
adjusted to comply with recent changed of debian python policy
2006-07-06 21:30:53 +00:00
Yaroslav Halchenko
1f3e33e384
added verbosity patch from one of my branches
2006-07-04 03:36:39 +00:00
Yaroslav Halchenko
f7064d36c5
fixed empty ip and somewhat fixed locale issue
2006-07-04 03:03:45 +00:00
Yaroslav Halchenko
4309a11968
rm options adjusted, README.Debian to fix 373592
2006-06-14 16:22:43 +00:00
Yaroslav Halchenko
7b93d4ded5
section for saslauthd
2006-05-30 14:19:08 +00:00
Yaroslav Halchenko
2f930dfa76
now apache2 bug gets closed
2006-05-28 03:32:24 +00:00
Yaroslav Halchenko
fc9b8a887f
added proftpd section, adjusted vsftpd patch to dont interfer. boosted debian revision
2006-05-28 03:13:56 +00:00
Yaroslav Halchenko
1fbcf9a9a5
removed bashism from init.d script
2006-05-22 19:38:51 +00:00
Yaroslav Halchenko
537399dbc9
placed binary-arch target back to comply with the policy
2006-05-16 20:46:27 +00:00
Yaroslav Halchenko
ac9362ae5b
fixed binary-indep binary-arch separation
2006-05-16 20:28:31 +00:00
Yaroslav Halchenko
e801352c78
removed compilation of *.pyc
2006-05-16 20:11:05 +00:00
Yaroslav Halchenko
302c1b1c4b
debhelper and dpatch belong to Build-Depends now
2006-05-16 20:08:32 +00:00
Yaroslav Halchenko
9af3da8b57
small clean up
2006-05-16 19:59:38 +00:00
Yaroslav Halchenko
589fb2a217
migrated to using dpatch. fixed vsftpd regexp
2006-05-10 18:01:06 +00:00
Yaroslav Halchenko
4fa38338d7
merged with proposed init.d script from Aaron
2006-04-28 04:13:23 +00:00
Yaroslav Halchenko
a3badc1fff
small adjustments in copyright and watch
2006-04-25 19:58:36 +00:00
Yaroslav Halchenko
8123a4886a
modified maxreinits
2006-03-27 17:56:38 +00:00
Yaroslav Halchenko
73074157ac
proper version for Barak
2006-03-20 00:41:27 +00:00
Yaroslav Halchenko
49bf5a991b
added fwchain
2006-03-19 23:45:52 +00:00
Yaroslav Halchenko
4fa0eba064
merged with upstream release 0.6.1
2006-03-19 05:20:44 +00:00
Yaroslav Halchenko
49e8d86983
finalized at -8 revision -- now will upgrade to 0.6.1 upstream
2006-03-17 00:38:23 +00:00
Yaroslav Halchenko
193a98c97a
rearranging, cleaning up2
2006-03-11 06:02:46 +00:00
Yaroslav Halchenko
7693ede193
rearranging, cleaning up
2006-03-11 06:02:22 +00:00
Yaroslav Halchenko
899c6d54df
fixed a typo in failregex for SSH
2006-03-09 20:23:46 +00:00
Yaroslav Halchenko
0321fd4689
added postrm script to clean up the log files
2006-03-05 19:51:01 +00:00
Yaroslav Halchenko
b3dd9fd5ab
For capitalized nasty log entries of sshd
2006-03-03 21:37:05 +00:00
Yaroslav Halchenko
f22d4912c2
Fixed Apache section to point at error.log
2006-02-26 01:04:17 +00:00
Yaroslav Halchenko
5ca08578af
ready for Barak"s upload
2006-02-18 01:43:00 +00:00
Yaroslav Halchenko
73f0ed8976
changed ownership of all existing logs
2006-02-16 16:23:05 +00:00
Yaroslav Halchenko
b00161f7ec
fixed #352053
2006-02-16 15:53:38 +00:00
Yaroslav Halchenko
438e4edfd8
moved dh_python into binary-indep, added another regex for attacks
2006-02-16 15:43:35 +00:00
Yaroslav Halchenko
eb4047f85c
fixed timeregex for apache
2006-02-10 18:08:01 +00:00
Yaroslav Halchenko
38fa465cae
less failures required for Attacks
2006-01-25 15:32:50 +00:00
Yaroslav Halchenko
9cf01b2dac
relaxed regex for awstat.pl a bit
2006-01-25 15:12:44 +00:00
Yaroslav Halchenko
27b0bdfd22
added awstats.pl capturer
2006-01-25 14:58:52 +00:00
Yaroslav Halchenko
55d7440fe1
decided to use "interpolations" in the config file to make it more readable
2006-01-15 20:18:39 +00:00
Yaroslav Halchenko
a0dfb0f9e6
minor - removed default private networks from safe list
2006-01-15 20:07:07 +00:00
Yaroslav Halchenko
7d9c08bc22
fix for bug #343821 : path is not appended but inserted first
2005-12-19 15:50:01 +00:00
Yaroslav Halchenko
1d6d67f95f
minor notes
2005-11-21 02:50:08 +00:00
Yaroslav Halchenko
542939e7c7
minor adjustment
2005-11-21 01:48:57 +00:00
Yaroslav Halchenko
bd3d510f96
merged with upstream 0.6.0
2005-11-21 01:43:13 +00:00
Yaroslav Halchenko
3e2a09cdf7
fixes race condition bug #339133
2005-11-20 19:53:37 +00:00
Yaroslav Halchenko
8ce3c2c19e
fixed init.d script so it doesn"t fail on stop action if fail2ban is not running
2005-11-03 22:18:40 +00:00
Yaroslav Halchenko
6efa9597c9
fixed changelog back to normal... damn -svn-tag-only
2005-10-31 22:08:56 +00:00
Yaroslav Halchenko
909f05351e
added localtime config option to MAIL
2005-10-31 22:04:11 +00:00
Yaroslav Halchenko
1e0cb0326e
decided to swith to proper debian versioning
2005-10-21 01:22:59 +00:00
Yaroslav Halchenko
a1509ae1e4
init.d script fixed
2005-10-21 01:20:17 +00:00
Yaroslav Halchenko
f322d7205a
Trying to fix it up a bit
2005-10-20 17:46:13 +00:00