fail2ban

Commit Graph

Author	SHA1	Message	Date
Serg G. Brester	124e5587c6	Merge pull request #1869 from sebres/fix-gh-1389 action.d/bsd-ipfw.conf: replace not posix-compliant grep option	7 years ago
Serg G. Brester	b0e5efb631	bsd-ipfw.conf: sh-compliant redirect of stderr together with stdout	7 years ago
sebres	3be32adefb	Replace not posix-compliant grep option: fgrep with `-q` option can cause 141 exit code in some cases (see gh-1389).	7 years ago
sebres	8e6b4346dc	avoid using "ANSI_X3.4-1968" as preferred encoding, if missing environment variables 'LANGUAGE', 'LC_ALL', 'LC_CTYPE', and 'LANG' (especially critical if default value `encoding = auto` configured). As PoC and coverage (this case fails without this "fix"): $ env -i PATH="$PATH" bin/fail2ban-testcases --fast --no-network testAddBanInvalidEncoded	7 years ago
Jacques Distler	f84e58e769	Tweaks to action.d/pf.conf Document recent changes. Add an option to customize the pf block rule (surely, what the user really wants, here, is "block quick").	7 years ago
sebres	69a6d0e653	amend to 10c0d954017fac270bf1c568e4b02e94d5949b58: order in cymru-info can variate on each level, sorted using key=str (otherwise `['nxdomain', u'US'] != ['US', 'nxdomain']` may occur on some python versions).	7 years ago
sebres	a3c6bb601d	Fixes version, causes "UserWarning: Normalizing '0.10.1dev1' to '0.10.1.dev1'" during setup-process.	7 years ago
sebres	72bd666797	Fixes representation of IPAddr (likely the string representation, enclosed in single-quotes).	7 years ago
sebres	10c0d95401	prevent sporadic assert errors on nested lists/dict differ at some level (mostly causes on python 3.4 because of different dict hashing); introduces new test assertion routine `asesertSortedEqual` for comparison regardless elements order (regarding level/nestedOnly arguments).	7 years ago
sebres	33874d6e53	action.d/pf.conf: anchored call arguments combined as `<pfctl>` parameter; test cases fixed;	7 years ago
Alexander Köppe	f6ccede2f1	Update pf.conf fixing #1863 Fix #1863 Introduce own PF anchors for fail2ban rules.	7 years ago
sebres	19e59fff3e	ChangeLog: added incompatibility list (compared to v.0.9)	7 years ago
sebres	08646bc339	Always supply jail name as name parameter (if not specified explicit in the action parameters `action[name=...]`). Avoid usage of the same chains (etc.) if someone use `action` instead of `banaction` jail parameter.	7 years ago
sebres	e5169d8f84	pyinotify: be sure possible IOError/OSError by remove monitor (log-rotate? normally not raises) are handled properly.	7 years ago
sebres	7867228146	closes part of gh-1865: fixed "Retrieving own IPs of localhost failed: inet_pton() argument 2 must be string, not int" some python-versions resp. host configurations causes returning of integer (instead of ip-string)	7 years ago
sebres	d1de20dd41	Move some ticket-independent tag replacements from ActionInfo to ADD_REPL_TAGS (will be wrapped in replaceTag into calling map). Thus tags `<fq-hostname>` and `<sh-hostname>` could be used without ticket (a. g. in `actionstart` etc.). Closes gh-1859.	7 years ago
sebres	28076618fd	back to development edition: README.md, ChangeLog, version.py	7 years ago
sebres	c60784540c	version bump: release 0.10.0	7 years ago
sebres	30219b54c4	Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10	7 years ago
Serg G. Brester	c540217844	Update ChangeLog action.d/cloudflare.conf - Cloudflare API v4 implementation (gh-1651)	7 years ago
Serg G. Brester	c0eb7752a8	Merge pull request #1651 from szepeviktor/patch-9 Introduce Cloudflare API v4	7 years ago
Serg G. Brester	2ed8a38eca	Update cloudflare.conf Switch to API v1 to API v4 per default	7 years ago
Serg G. Brester	da7072d40e	Merge pull request #1846 from Chocobozzz/patch-3 Fix empty logfile.log in xarf login attack action	7 years ago
sebres	94b163936a	Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10 Removed init section (not needed in filter for 0.10). # Conflicts: # config/filter.d/sendmail-reject.conf	7 years ago
Serg G. Brester	af25a9d203	Merge pull request #1566 from opoplawski/journalmatch Add sendmail journalmatch options	7 years ago
Orion Poplawski	84f552881c	Add sendmail journalmatch options	7 years ago
Serg G. Brester	5b7375c614	Merge pull request #1638 from roedie/shorewall-ipv6 Add shorewall IPv6 support	7 years ago
Serg G. Brester	9a3716465b	Merge pull request #1750 from sebres/0.10-fix-default-backend fixes default backend handling (as default used value of `%(default/backend)s`...	7 years ago
sebres	7549f44ded	code review: removed unused (unneeded) code, coverage increase...	7 years ago
sebres	6f4fde2c29	Update changelog and man/jail.conf.5	7 years ago
sebres	9a768c19d0	Fixes raw to interpolated value by recursive substitution. Avoid too deeply recursive extended interpolation cross sections (test covered now);	7 years ago
sebres	0782b28460	allow usage of "-" character in the name of sections by extended interpolation (like `%(my-section/some-value)s`).	7 years ago
sebres	e52f483557	Config reader's: introduced new syntax `%(section/option)s`, in opposite to extended interpolation of python 3 `${section:option}` work with all supported python version in fail2ban and this syntax is like our another features like `%(known/option)s`, etc.; Variable `default_backend` switched to `%(default/backend)s`, so totally backwards compatible now, but now the setting of parameter `backend` in default section of `jail.local` can overwrite default backend also. Test cases extended: test targeted section options "section/option" (default and cross sections options);	7 years ago
sebres	5ce8d4f741	fixes default backend handling (as default used value of `known/backend`, which can now be overridden in default section of jail.local); introduces fallback for `known/option`: interpolate missing `known/option` as `option` from default section	7 years ago
sebres	51c54b3253	ChangeLog entry for `9a42ce12f4`	7 years ago
sebres	8f76a052ec	rebuild man's and MANIFEST	7 years ago
sebres	9a42ce12f4	amend to gh-1792: introduced new fail2ban-regex option "--timezone" ("--TZ"), to set time-zone used by convert of time format.	7 years ago
sebres	2fe1479484	Merge branch '_0.9/gh-1849' into 0.10	7 years ago
sebres	5c538fb658	Recognize "unknown user" for additional auth-methods (pam, passwd-file, ldap, sql, etc); simplifying regular expressions (put "unknown user" and "invalid credentials" together as one regex).	7 years ago
sebres	cb0f7ba4b9	Merge amend to PR #1850 : removed greedy catch-all	7 years ago
sebres	0ef5b7c4d4	small amend to gh-1850: removed greedy catch-all at end.	7 years ago
Serg G. Brester	047d516661	Merge pull request #1850 from MarcelWaldvogel/ejabberd-17-06 Support ejabberd 17.06 log format	7 years ago
Marcel Waldvogel	ebd1e2c969	Add testcase	7 years ago
Marcel Waldvogel	daf57547c6	Parse ejabberd 17.06 output E.g.: 2017-07-29 08:24:04.773 [info] <0.6668.0>@ejabberd_c2s:handle_auth_failure:433 (http_bind\|ejabberd_bosh) Failed c2s PLAIN authentication for test@example.ch from ::FFFF:192.0.2.3: Invalid username or password	7 years ago
Bigard Florian	f4551d02c9	Fix empty logfile.log in xarf login attack action Fix empty 3rd MIME part which contains the attack evidence (logfile.log).	7 years ago
sebres	1a562bed0f	Merge remote-tracking branch 'master' into 0.10 # Conflicts: # config/filter.d/asterisk.conf	7 years ago
Serg G. Brester	babb76cb3c	Merge pull request #1839 from sebres/asterisk-patch Asterisk improvements	7 years ago
sebres	a5b62a7f36	failregex extended and simplified (partially ported from gh-1409).	7 years ago
sebres	098abae4e6	Remove greedy catch-all before `<HOST>`, make regex more universal, fewer prone to errors (should avoid future changes, if some optional parameters coming again before/after `RemoteAddress`) + non-captured groups now. Test for possible injection (5.6.7.8 in session-id) already available, line 59 (thus already covered).	7 years ago
sebres	2ea22b9d30	test coverage for gh-1427	7 years ago

1 2 3 4 5 ...

4330 Commits (f917b4346bb7df2a9588393de4a5018cba4ddbef) All Branches Search

4330 Commits (f917b4346bb7df2a9588393de4a5018cba4ddbef)

All Branches