github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
1,881 Commits
32 Branches
229 Tags
17 MiB
Commit Graph

1881 Commits (f566cab766eded9fd1038a16340224d445f8de56)

Author SHA1 Message Date
Daniel Black f566cab766 Merge branch 'master' into badips 2014-01-15 09:37:11 +11:00
Daniel Black 01e5ae1234 Merge pull request #584 from grooverdan/exim-auth 
ENH: Exim auth
 2014-01-13 02:20:47 -08:00
Daniel Black 812463003d Merge pull request #582 from grooverdan/postfix 
ENH: add improper command pipelining postfix filter
 2014-01-13 02:18:57 -08:00
Daniel Black 08b4f3e5f2 Merge branch 'patch-5' of https://github.com/truxoft/fail2ban into exim-auth 2014-01-13 19:26:12 +11:00
Daniel Black 353b84a648 Merge branch 'patch-4' of https://github.com/truxoft/fail2ban into exim-auth 2014-01-13 19:25:46 +11:00
Ivo Truxa 2d8c0b26e4 Matching any Exim authentication name 
As explained in https://github.com/grooverdan/fail2ban/pull/4, in Exim there can be used plenty of other standard authentication names, and in fact the names can be custom. The failregex in Exim filter should catch authentication errors regardless of the name of the authentication. Hence replacing the plain|login with the general \w+
 2014-01-13 01:38:49 +01:00
Ivo Truxa 9f107403e8 Update exim 
When using Dovecot authentication for Exim, which is relatively common, the current regex for catching authentication failures needs a small tweak. The current plain|login options are too limiting and will only work in the cases when only the Exim's rudimentary built-in authentication is used. There can be not only the dovecot_login shown in this log example, but also dovecot_plain, ntlm, cram, cyrus, md5, and plenty of others. In fact many admins may opt for their own authentication labels, when setting up Exim. For this reason the regex should catch any label. I suggest modifying the regex in the following way:

<pre>^%(pid)s \w+ authenticator failed for (\S+ )?\(\S+\) \[<HOST>\]: 535 Incorrect authentication data( \(set_id=.*\)|: \d+ Time\(s\))?\s*$</pre>
 2014-01-13 01:18:09 +01:00
Daniel Black 6b0e6b9bca ENH: add improper command pipelining postfix filter 2014-01-13 06:59:59 +11:00
Daniel Black 5deb1f8ddc Merge pull request #578 from dozepih/asterisk-acl 
ENH: Support ACL-events without AccountID. Typically happens when a registration from unknown domain
 2014-01-11 18:32:53 -08:00
Tomas Pihl b52a4441fd Support ACL-events without AccountID. Typically happens when a registration 
from an unknown domain is performed.

Add credits
 2014-01-12 01:28:55 +01:00
Steven Hiscocks 0dd6533680 BF: Add ejabberd-auth to jail.conf 2014-01-09 23:22:12 +00:00
Daniel Black 928f566d19 Merge pull request #576 from kwirk/ejabberd-filter 
ENH: ejabberd filter
 2014-01-09 14:52:18 -08:00
Steven Hiscocks 6a6139f1e1 Merge pull request #574 from grooverdan/master-tag-subst 
TST: for tag substition, multiple on same line
 2014-01-09 14:49:08 -08:00
Steven Hiscocks 128112d51c ENH: ejabberd filter 2014-01-09 22:47:17 +00:00
Daniel Black cd5aab5ff1 TST: for tag substition, multiple on same line 2014-01-10 09:20:56 +11:00
Daniel Black 4d4060930b DOC: spelling + GPL2+ for license 2014-01-08 21:46:32 +11:00
Daniel Black 932a952096 Merge branch 'enh/jail-manpage' of https://github.com/yarikoptic/fail2ban into y-man-fix 2014-01-08 18:08:13 +11:00
Yaroslav Halchenko e6627185b0 DOC: fixing formatting in the section names of the manpage - \fB to return into bold 2014-01-07 13:41:16 -05:00
Yaroslav Halchenko 9a8b449086 DOC: some typos, fixes from Vincent Lefevre 2014-01-06 23:38:52 -05:00
Yaroslav Halchenko 16f55d2d56 DOC: pass through jail.conf.5 -- unification and some restructuring/shortening 2014-01-06 23:30:13 -05:00
Daniel Black 5bd8ba0c6f Merge pull request #561 from grooverdan/more-jail-man-page-content 
DOC: add more content to jail.conf man page
 2014-01-06 15:01:25 -08:00
Daniel Black 0b6c9b52d2 DOC: man page description shorting and clarification 2014-01-07 08:29:06 +11:00
Daniel Black 755af0a51e Merge pull request #562 from grooverdan/jail.conf-complete_and_correct 
ENH: Jail.conf now has all filters and TST: a mechanism to test this is truee
 2014-01-06 12:08:45 -08:00
Daniel Black 614f43effb Merge branch 'master' of https://github.com/fail2ban/fail2ban 2014-01-07 06:56:49 +11:00
Daniel Black 90fdf5fc21 ENH: jail.conf entry for groupoffice 2014-01-07 06:55:38 +11:00
Steven Hiscocks bb11c29667 Merge pull request #567 from grooverdan/groupoffice-filter 
ENH: add filter groupoffice. Closes gh-566
 2014-01-06 10:31:32 -08:00
Daniel Black b9cd492e9f Merge pull request #555 from grooverdan/nagios_fix 
BF: nagios fix
 2014-01-06 03:12:26 -08:00
Daniel Black 3ee6e993c6 MRG: merge ChangeLog for nagios fix 2014-01-06 22:09:10 +11:00
Daniel Black db7b7bfefa Credits for groupoffice 2014-01-06 22:00:12 +11:00
Daniel Black 50eab4df81 ENH: add filter groupoffice. Closes gh-566 2014-01-06 21:56:22 +11:00
alasdairdc 67c44a5001 Update ChangeLog 2014-01-06 10:44:21 +00:00
alasdairdc 5428f5bbc3 Update check_fail2ban 
Removed unnecessary reference to as yet undeclared $jail_name when checking a specific jail.
 2014-01-06 10:43:32 +00:00
Steven Hiscocks 6c301ae210 Merge pull request #563 from grooverdan/gh-289-ssh 
BF: add expression for ssh filter for code 3: SSH2_DISCONNECT_KEY_EXCHAN...
 2014-01-05 09:55:05 -08:00
Steven Hiscocks 78a966f833 Merge pull request #560 from grooverdan/vsftpd-doco 
Vsftpd doco
 2014-01-05 09:42:51 -08:00
Steven Hiscocks 86e7d1f9b9 Merge pull request #559 from grooverdan/pure-ftpd-doco 
DOC: filter.d/pure-ftpd doco from wiki
 2014-01-05 09:42:28 -08:00
Daniel Black a8e0498389 BF: add expression for ssh filter for code 3: SSH2_DISCONNECT_KEY_EXCHANGE_FAILED. closes gh-289 2014-01-05 21:26:26 +11:00
Daniel Black c700910155 TST: ensure stock jail has all filters 2014-01-05 21:06:30 +11:00
Daniel Black a9f804e443 ENH: complete stock jail.conf to contain all filters 2014-01-05 21:03:16 +11:00
Daniel Black 3d21c4edf9 DOC: consistent filename separator in SYNOPIS 2014-01-05 18:53:31 +11:00
Daniel Black 51f014fede DOC: add more content to jail.conf man page 2014-01-05 18:24:13 +11:00
Daniel Black c37ee4cc52 DOC: filter.d/vsftpd doco from wiki 2014-01-05 11:30:56 +11:00
Daniel Black 6602937ee1 DOC: filter.d./pure-ftpd doco from wiki 2014-01-05 11:24:20 +11:00
Daniel Black d7666c8942 DOC: bit more on how to use freeswitch 2014-01-04 12:39:48 +11:00
Daniel Black 23f0b854da MRG: merge in freeswitch 2014-01-04 12:24:40 +11:00
Daniel Black 69b3a1cf64 BF: catchin DEBUG messages will result in duplicates 2014-01-04 12:10:51 +11:00
Daniel Black 973cef3f52 Merge pull request #553 from grooverdan/apf-doco 
DOC: document incompatiblity between APF and iptables-* actions.
 2014-01-03 14:20:52 -08:00
Daniel Black 5fe75436cc DOC: DEV NOTES before author names 2014-01-04 08:53:45 +11:00
Daniel Black 477f30665a DOC: ignoreip for internal ips on freeswitch 2014-01-04 08:31:42 +11:00
Daniel Black 36533de6bc ENH: more filter expressions for freeswitch. Anchored existing one at end too 2014-01-04 08:21:22 +11:00
Daniel Black d1faae3b3b BF: port not used in jail definition for freeswitch 2014-01-04 08:01:42 +11:00