Commit Graph

314 Commits (fc00681c48813b2aef121036d6d98cc32f2876a1)

Author SHA1 Message Date
Daniel Black 856407379b ENH: add filter openwebmail. Closes gh-543. 2013-12-31 08:09:00 +11:00
Daniel Black c074773805 ENH: apache modsecurity from 0.9 branch 2013-12-29 07:06:13 +00:00
Daniel Black ea2a13946e TST: more test of filters 2013-12-29 05:29:59 +00:00
Daniel Black c9cfdca396 ENH: add filter for apache-modsecurity 2013-12-28 22:28:11 +00:00
Daniel Black ddac79c15c TST: include blank ignorecommand in jail.conf to indicate default value and to raise test coverage 2013-12-25 11:01:31 +00:00
bes.internal ebd89ec077 New ignorecommand that is added to the ignoreip list from output of an external program
ignorecommand update man and fix protocol help

ENH: run ignore command only after internal list has been examined. Change interface on ignorecommand to take IP as environment variable and return true if it is to be banned

ENH: ignore IP command to take tagged command

DOC: man pages for ingorecommand

TST: add test cases for ignorecommand
2013-12-24 23:55:35 +03:00
Daniel Black ed2f46759c MRG: restore accidently deleted pam comment in jail.conf 2013-12-19 09:21:12 +00:00
Daniel Black 7c0efc8ec8 MRG: merge so far - flushLogs not working yet 2013-12-16 15:08:34 +00:00
Steven Hiscocks f742ed0e4b DOC: when to use blocklist.de reporting
Taken from commit 1846056606
2013-12-05 18:06:53 +00:00
Steven Hiscocks e810ec009d ENH: Added blocklist.de reporting API action 2013-12-05 08:22:20 +00:00
Daniel Black 1846056606 DOC: when to use xarf messages to network owner 2013-12-03 20:40:42 +11:00
Daniel Black bfd435091d ENH: jail examples for xarf-login-attack 2013-12-01 20:29:43 +11:00
Daniel Black 04438cd1a1 BF/ENH: mysql jail - rename to mysql-syslog to be consistent with 0.8.13. Add port to syslog defination. Document mysql configuration required for mysql jails 2013-11-30 10:00:59 +11:00
Daniel Black 3f4d179612 BF: smtps not an IANA port - from #447 2013-11-30 09:52:32 +11:00
Daniel Black fe9e077acf BF: correct spelling of port for solid-pop3 jail in jail.conf 2013-11-30 09:51:30 +11:00
Yaroslav Halchenko 25e967f23b Merge branch 'mysqld-syslog-iptables-name-too-long' of https://github.com/grooverdan/fail2ban
* 'mysqld-syslog-iptables-name-too-long' of https://github.com/grooverdan/fail2ban:
  BF: jail name mysqld-syslog-iptables too long. removed -iptables. Thanks Stefan (#447)

Conflicts:
	ChangeLog
2013-11-29 10:02:31 -05:00
Daniel Black b9b2ddf996 BF: smtps not IANA standard. Closes #447 2013-11-29 21:47:53 +11:00
Daniel Black cade746307 BF: jail name mysqld-syslog-iptables too long. removed -iptables. Thanks Stefan (#447) 2013-11-29 21:45:11 +11:00
Daniel Black 13223c33f5 MRG: recidive-protocol-all 2013-11-25 08:22:09 +11:00
Daniel Black 98eacdf333 MRG/BF: merge from master. Fix bugs in iso8601 2013-11-24 16:36:06 +11:00
Daniel Black dab2ddb9da ENH: recidive jail to block all protocols. Closes #440 2013-11-18 07:57:16 +11:00
Daniel Black b3b9ea4559 ENH: jail for solid-pop3d 2013-11-18 07:42:45 +11:00
Daniel Black 1ac7b53cad MRG: merge from master 2013-11-13 09:16:45 +11:00
Daniel Black ab9d921162 BF: missed action in nginx-http-auth 2013-11-08 10:09:19 +11:00
Daniel Black a148d35d70 ENH: add filter.d/nginx-http-auth. Partially forfills #405 2013-11-08 10:06:40 +11:00
Daniel Black cb982ef921 ENH: multiline filter for sendmail-spam. Closes gh-418 2013-11-08 08:55:45 +11:00
Daniel Black 47d35c9d80 MRG: 0.8.11 to 0.9
Epnoc of selinux is now true UTC

Merge multiline support and date detection in filter
2013-11-02 15:59:05 +11:00
Daniel Black 93de46ac72 BF: maxretry=5 for ssh as per DEVELOP. align = in jail.conf 2013-10-31 00:52:47 +11:00
Daniel Black de9977441a DOC: move named and mysql instructions into the filters from jail.conf 2013-10-30 21:12:16 +11:00
Daniel Black 7ab909d056 DOC: space out jail.conf consistantly 2013-10-30 20:34:06 +11:00
Daniel Black 95f3f38682 MRG: merge ChangeLog and jail.conf 2013-10-30 20:19:41 +11:00
Daniel Black e3150044fd BF: fix selinux
TST: ignore *common.conf files in test cases as these are included
BF: Remove USER_LOGIN from selinux-ssh as its a duplicate message
ENH: add sample jail.conf
2013-10-30 20:05:49 +11:00
Daniel Black a991adb83f ENH: add submission, smtps and sieve to blocked ports since this also typically rely on dovecot auth 2013-10-29 14:33:45 +11:00
Daniel Black 8412303131 ENH: dovecot jail examples 2013-10-29 10:17:45 +11:00
Daniel Black 0c14707201 ENH: add dovecot jail 2013-10-26 10:01:04 +11:00
Daniel Black b61fe0f12d Merge pull request #378 from grooverdan/sasl
ENH: filter.d/postfix-sasl - anchor regex at start and rename from filter.d/sasl
2013-10-22 04:51:24 -07:00
Daniel Black 4ecc063bd0 ENH: rename filter.d/sasl -> filter.d/postfix-sasl 2013-10-22 22:40:29 +11:00
Daniel Black 123ad1cc9c MRG: Merge branch 'asterisk-common-jail' 2013-10-14 22:29:56 +11:00
Daniel Black 8421007f32 MRG: merge man/jail.conf.5 entries 2013-10-14 22:28:34 +11:00
Daniel Black 8fe542ca9f DOC: reintroduce comment on comments 2013-10-11 06:48:31 +11:00
Daniel Black 6b6169178f ENH: mysql syslog jail.conf base 2013-10-10 10:00:20 +11:00
Daniel Black ee58696531 DOC: try to encourage jail.local jail.d/*.local a lot more 2013-10-10 09:56:52 +11:00
Daniel Black 6ef33981e3 ENH: new asterisk jail to replace asterisk-(tcp|udp) (now that gh-37 is fixed) 2013-10-10 09:41:05 +11:00
Daniel Black 2d1bd54439 Merge pull request #379 from grooverdan/webmin
ENH: filter.d/webmin anchor at start and use syslog
2013-10-08 20:13:14 -07:00
Daniel Black 2a1d629d88 BF: webmin -> webmin-auth 2013-10-09 11:08:44 +11:00
Daniel Black ab457acc4d BF: fix name in action for uwimap-auth 2013-10-09 11:06:38 +11:00
Daniel Black 0beea03914 ENH: jail.conf example for webmin 2013-10-09 11:05:50 +11:00
Daniel Black 5a2623f0df ENH: reorder osx-ipfw jail defination to near the other ssh examples 2013-10-09 09:26:36 +11:00
Daniel Black 359210f224 ENH: filter.d/squirrelmail added 2013-10-08 20:37:33 +11:00
Daniel Black b3b62d65bf ENH: filter.d/uwimap-auth added. Closes #18 2013-09-29 18:06:27 +10:00
Daniel Black e12d389c65 MRG/DOC: jail.conf resolution, ChangeLog fixes 2013-09-29 08:21:13 +10:00
Daniel Black 74434694dc BF: more duplicate jail.conf entries - 3proxy exim{,-spam}, perdition 2013-09-28 21:38:15 +10:00
Daniel Black 5cf25a63df BF: remove duplicate ssh-pf in jail.conf 2013-09-28 21:31:45 +10:00
Mark McKinstry 4187e87b69 don't enabel ssh-apf jail by default 2013-09-25 18:35:09 -04:00
Mark McKinstry f9f4d2728f add an example jail for apf action and ssh filter 2013-09-25 17:59:37 -04:00
Daniel Black 9805d39b60 MRG: merge date changes to support timezones 2013-09-20 18:22:32 +10:00
Daniel Black 1f1a56174f MRG: merge from master 2013-09-08 21:02:35 +10:00
Daniel Black b31799a322 ENH: add action.d/osx-afctl anonymously contributed on f2b wiki 2013-08-31 10:51:04 +10:00
Daniel Black 808aa1a792 ENH: added jail.conf example. closes gh-340 2013-08-31 09:39:21 +10:00
Daniel Black b589533d69 Merge branch 'master' into kwirk-merge
Conflicts:
	ChangeLog
	testcases/files/logs/dropbear
2013-08-25 21:21:14 +10:00
Daniel Black d5291517a7 MISC: merge from master 2013-07-28 19:43:54 +10:00
Daniel Black 56faf7f5ad DOC: fix ChangeLog merge 2013-07-28 18:02:38 +10:00
Daniel Black 8f532f9148 NIT: space remove 2013-07-24 11:29:58 +10:00
Steven Hiscocks 8b9bafda79 ENH: Change lighttpd-fastcgi to suhosin, and improve regex and samples
suhosin is hardened php implmentation, which will log the alerts (as
seen in samples) to stderr, which is picked up by fastcgi webserver
(e.g. lighttpd, apache, nginx)
2013-07-21 16:35:37 +01:00
Daniel Black 6fdfd8d356 BF: fix port 2013-07-20 15:09:25 +10:00
Daniel Black eea5b071e6 ENH: jail for perdition 2013-07-19 20:27:15 +10:00
Steven Hiscocks 1eea0dcec8 Merge branch 'master' into 0.9
Conflicts:
	ChangeLog
	bin/fail2ban-regex
	bin/fail2ban-testcases
	config/jail.conf
	fail2ban/server/failregex.py
	fail2ban/server/filter.py
	fail2ban/tests/files/logs/lighttpd
	fail2ban/tests/files/logs/mysqld.log
	fail2ban/tests/files/logs/wu-ftpd
	fail2ban/tests/filtertestcase.py
	fail2ban/tests/utils.py
	testcases/files/logs/lighttpd
	testcases/files/logs/lighttpd-auth
	testcases/files/logs/mysqld-auth
	testcases/files/logs/mysqld.log
	testcases/files/logs/wu-ftpd
	testcases/files/logs/wuftpd
2013-07-16 23:16:22 +01:00
Daniel Black ab10664b57 ENH: action.d/hostsdeny to take daemon_list arguement as suggested in README.Solaris 2013-07-14 16:20:21 +10:00
Steven Hiscocks 606e97683b BF: jail.conf multiport actions previously using single port iptables 2013-07-12 23:34:04 +01:00
Daniel Black 5412d7336f DOC: ChangeLog confict 2013-07-09 08:23:44 +10:00
Yaroslav Halchenko 04b8069cee ENH: adjust sendmail-whois 'active' example to have also sendername in it 2013-07-05 10:12:29 -04:00
Alexander Dietrich 2155f6bfa5 Update ChangeLog and jail.conf example 2013-07-04 08:57:52 +02:00
Daniel Black d6dece4900 ENH: Split log and provide jail examples 2013-07-03 07:42:47 +10:00
Yaroslav Halchenko 70ae1ed68b ENH: ban also submission port (587) for all smtp-related jails
see http://www.rfc-editor.org/rfc/rfc4409.txt
and http://en.wikipedia.org/wiki/Mail_submission_agent

Users of advanced setups might like to split those into multiple jails anyways
to have separate control over submission agents and incoming mail servers.
2013-07-01 14:50:02 -04:00
Steven Hiscocks 5ca6a9aeb6 Merge branch 'systemd-journal' into 0.9
Conflicts:
	bin/fail2ban-regex
	config/filter.d/sshd.conf

Closes github #224
2013-06-29 13:00:40 +01:00
Yaroslav Halchenko 8487cb2e90 Merge commit '0.8.10-31-g1ab0f0f' into 0.9
* commit '0.8.10-31-g1ab0f0f': (24 commits)
  BF/ENH: Incorrect authentication data doesn't need tailier so that's optional. Also gained log entry for Unrouteable address
  ENH: readibility thanks to Yaroslav
  DOC: Changelog for fail2ban-regex RF
  DOC: Changelog for asterisk hardening
  ENH: fail2ban-regex -- add specification of loglevels to enable
  RF: reworked -regex cmdline tool to use optparse, some unification and enhancement of outputs
  ENH: 'heavydebug' level == 5 for even more debugging in tricky cases
  ENH: asterisk -- use \S instead of [^:] + prefix failregex with ^\[
  BF: missed a space
  BF: [SSL-out] is optional in assp
  ENH: regex hardening on assp
  ENH: anchor a bit mor. Use \d and \w where possible. Escape a literal .
  TST: attempts at injection with username=rhost=1.2.3.4 have no user= logged in dovecot-1.2.15
  ENH: proftpd chan accept usernames with spaces
  ENH: injection of fail data into USER field
  ENH: dovecot regexs rewritten and extra failures
  ENH: proftp regex hardening and log messages
  ENH/BF: exim improvements with sample
  BF: fix to proxy port in 3proxy example
  ENH: sample log + more specific regex
  ...

Conflicts: -- it was a messy merge/resolution.
	ChangeLog
	bin/fail2ban-regex
	fail2ban-testcases
	fail2ban/server/filter.py
2013-06-18 20:21:23 -04:00
Daniel Black 88b4598ed8 BF: fix to proxy port in 3proxy example 2013-06-13 14:43:15 +10:00
Daniel Black 16d63434ef DOC: credits 2013-06-11 23:56:09 +10:00
Yaroslav Halchenko d2b1c73b92 CFG: assure actions for all the jails 2013-05-24 14:33:08 -04:00
Yaroslav Halchenko f5a8a8ac7c Release 0.8.9
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iEYEABECAAYFAlGRBZ8ACgkQjRFFY3XAJMhqzwCgvUsrv6cSjo1d8YCQUA8Na0Kk
 44QAoKk7X2sqFM+wvj2vK3stsHa/80qm
 =iBfR
 -----END PGP SIGNATURE-----

Merge tag '0.8.9' into 0.9 (quite a bit of conflicts "resolved")

Release 0.8.9

* tag '0.8.9':
  BF: add missing files to MANIFEST (I think we shoult not rely on sdist anyways -- 'git tag' tarballs are more thorough ;) )
  All the (version) updates for the release of 0.8.9
  BF: (travis) relax the test for needed to be presented installed directories -- allow new
  BF: (travis) if tests ran under coverage -- there is a traceback parts to report (thus > would be present)
  ENH: also print the failing traceback line in case of failure
  ENH: include explicit list of new files which should not be there upon "install --root"
  ENH: now we know that logging handlers closing was still buggy in 2.6.2
  ENH: issue a warning if jail name is longer than 19 symbols (Close #222)
  DOC: inline commends with ';' are in effect only if ';' follows as space
  BF: Fix for filterpoll incorrectly checking for jailless state
  ENH: strengthen detection of working pyinotify
  ENH: use the same python executable for setup.py test
  ENH: actually tune up TraceBack to determine "unittest" portions of the stack across all python  releases
  TST: Some primarily smoke tests for tests utils
  TST: cover few more lines in fail2banreader.py
  ENH: basic test for setup.py itself (when applicable, should greatly improve coverage ;) )
  ENH: consistent operation of formatExceptionInfo + unittest for it
  ENH: point to the status of master branch on travis

Conflicts:
	ChangeLog
	MANIFEST
	README.md
	fail2ban/version.py -- all of the above obvious version changes

   below files primarily  needed just a bit of help in resolution
	config/jail.conf
	fail2ban/server/filterpoll.py
	fail2ban/server/server.py
	fail2ban/tests/servertestcase.py

   and following were more difficult -- git wasn't able to track renames/moves of the code
    fail2ban-testcases -- needed to introduce those changes to tests/utils.py
	testcases/clientreadertestcase.py -- manually applied patch from master
	testcases/utils.py -- manually applied patch from master
2013-05-13 12:29:41 -04:00
Yaroslav Halchenko 90b8433ac5 DOC: inline commends with ';' are in effect only if ';' follows as space 2013-05-12 21:42:59 -04:00
Steven Hiscocks f7d328195f NF: Add systemd journal backend 2013-05-10 00:15:07 +01:00
Yaroslav Halchenko f1b6806eb4 Merge branch 'master' into 0.9
* master: (51 commits)
  ENH: Use real (resolving) example.com instead of test.example.com
  DOC: Slight tune ups to ChangeLog -- we must release!
  Changelog entries for the latest merges
  BF: add bash-completion to MANIFEST
  DOC: ChangeLog for default action type change
  ENH: consolidate where blocktype is defined for iptables rules
  BF: default type to unreachable
  ENH: separate out regex and escape a .
  ENH: logs/sshd -- have ":" after [daemon] (other uses are uncommon)
  ENH: logs/sshd -- use example.com as the resolved hostname in sample log lines
  ENH: filter.d/sshd.conf -- allow for trailing "via IP" in logs
  DOC: Drop sudo from bash-completion
  DOC: Added bash-completion script
  ENH: add blocktype to all relevant actions. Also default the rejection to a ICMP reject rather than a drop
  ENH: Removed unused log line
  ENH: logrotate file
  BF: missed MANIFEST include
  BF: missed MANIFEST include
  BF: missed MANIFEST include
  ENH: some form of logrotate based on what distros are doing
  ...

Conflicts:
	ChangeLog
	MANIFEST
	client/actionreader.py
	config/jail.conf
	fail2ban/server/datedetector.py
	fail2ban/tests/datedetectortestcase.py
2013-05-08 13:53:38 -04:00
Yaroslav Halchenko 5accc10a47 Merge pull request #206 from grooverdan/bsd_ipfw
NF: BSD ipfw
2013-05-08 07:24:56 -07:00
Daniel Black aa52743f52 DOC: add jail.conf entry for pf 2013-05-03 16:42:10 +10:00
Daniel Black b6d0e8ad9c ENH: add ipfw rule for bsd using the tables. 2013-05-03 16:31:45 +10:00
Enrico Labedzki 07aee8cd33 as daniel desires 2013-05-03 00:56:53 -04:00
Enrico Labedzki 24a8d07c20 added new date format support for ASSP SMTP Proxy 2013-05-03 00:56:46 -04:00
Steven Hiscocks f196709be1 ENH: Update asterisk example jail.conf entry for multiaction 2013-04-29 23:40:18 +01:00
Yaroslav Halchenko 62602a9ed0 Revert "ENH: by default enable a single jail -- sshd"
This reverts commit 47a62b6072.

Enabling any jail by default should be a prerogative of particular
distributions (thanks Fabian Wenk for the discussion)

Conflicts:
	config/jail.conf
2013-04-23 13:58:58 -04:00
Yaroslav Halchenko 1d72a8265d Merge branch '0.9' into _tent/jail.conf
* 0.9:
  BF: usedns deals with forward (not reverse) DNS lookups (thanks Steven Hiscocks)

Conflicts:
	config/jail.conf
2013-04-23 13:57:52 -04:00
Yaroslav Halchenko 2a48b0ab54 Merge branch 'master' into 0.9
* master:
  BF: usedns deals with forward (not reverse) DNS lookups (thanks Steven Hiscocks)
2013-04-23 13:57:07 -04:00
Yaroslav Halchenko 22f04677b6 BF: usedns deals with forward (not reverse) DNS lookups (thanks Steven Hiscocks) 2013-04-23 13:56:51 -04:00
Yaroslav Halchenko 87bac37139 ENH: default port to all ports (0:65535) + remove where thus not needed + typos 2013-04-23 13:55:26 -04:00
Yaroslav Halchenko f4a74d8d8b RF: rename/unify naming of courier filters/jails 2013-04-22 22:42:09 -04:00
Yaroslav Halchenko 47a62b6072 ENH: by default enable a single jail -- sshd 2013-04-22 22:35:01 -04:00
Yaroslav Halchenko 3ba540eca3 ENH+BF: use %(__name__) by default for filter, defined enabled = false by DEFAULT
Now jail.conf is really neat.

BF: tests
2013-04-22 22:23:23 -04:00
Yaroslav Halchenko 24e4cfe1b7 Merge branch '0.9' into _tent/jail.conf
* 0.9: (45 commits)
  Beef up changelog for 0.9
  ENH: make fail2ban-regex aware of possible maxlines in the filter config file
  BF+TST: Correctly reset time in tearDownMyTime
  ENH: Reimplement warning suppression of setup.py test --quiet
  ENH: Renamed OptionConfigReader to DefinitionInitConfigReader
  ENH: Rename splitAction to extractOptions in jailreader
  ENH: Use os.path.join for filter/action config readers
  BF: Remove warnings handler which breaks setup.py python2<2.7 and python3<3.2
  ENH: For python3.2+ use ConfigPaser which replaces SafeConfigParser
  TST: Change depreciated unittest assertEquals method to assertEqual
  TST: Ensure files are closed in tests to remove ResourceWarnings
  BF: Change logging instance logSys `warn` method to `warning`
  ENH: use os.path.join for consistency -- add "Contributors" to authors
  RF: setup.py now imports version number again
  DOC: tune up formatting (spaces) and prelude for the changelog entry
  TST+RF: Add ability to execute test from setup.py with setuptools
  TST: Move test gathering to function is test utils
  TST: Move test TZ changes to setUp and tearDown methods
  ENH: Remove redundant `maxlines` option from jail reader
  TST: Add test for FilterReader [Init] `maxlines` override
  ...

Conflicts:
	config/jail.conf
2013-04-22 10:21:13 -04:00
Steven Hiscocks 9672e44d39 ENH: Move jail `maxlines` to filter config 2013-04-18 22:11:41 +01:00
Yaroslav Halchenko 4665ac6b27 RF: jail.conf with entries from Debian's copy and changing existing ones to conform the "template"
our unittests fail now -- will BF later
2013-04-17 01:05:04 -04:00
Yaroslav Halchenko 4869186c8f Merge branch 'py3' of https://github.com/kwirk/fail2ban into 0.9
* 'py3' of https://github.com/kwirk/fail2ban: (38 commits)
  DOC: Add python3 to requirements
  ENH: Clarify use of bytes in csocket and asyncserver for python3
  DOC: Revert dnsToIp error change, seperate log message for socket.error
  TST: Tweak python3 open statement to resolve python2.5 SyntaxError
  TST: Revert changes for filter testcase open statement
  DOC: Revert setup.py messages to use print statement
  Add *.bak files generated by 2to3 to gitignore
  TST: Fix up fail2ban python3 scripts
  TST: Fix issues in tests which assumed dictionary's order
  ENH: setup.py now automatically runs 2to3 for python3.x
  TST: Remove Travis CI unsupported versions of python from Travis config
  add fail2ban-2to3 to MANIFEST file
  ENH: Add python3 versions to Travis CI config
  BF: Handle expected errors for python3.{0,1} when changing log target
  Minor tweaks to fail2ban-regex for encoding
  Added ability to set log file encoding with fail2ban-regex
  Add ability to set log encoding for jail
  Move handling of unicode decoding to FileContainer readline
  Fix incorrect exit code from fail2ban-2to3
  Remove redundant reassignment of variable
  ...

Conflicts:
	fail2ban/tests/servertestcase.py -- both branches added a new unittest at the same point
2013-04-16 23:24:49 -04:00
Yaroslav Halchenko f5572c8ade Merge pull request #173 from kwirk/maxlines
Maxlines jail setting tweaks
2013-04-16 19:50:00 -07:00
Steven Hiscocks 4d80fad874 ENH+DOC: Add Guacamole filter, example log and jail 2013-04-16 21:13:31 +01:00
Steven Hiscocks 183cfa6e00 ENH: Default maxlines value in jail.conf, and verify value is int >0 2013-04-15 21:21:19 +01:00
Steven Hiscocks fa0f8f9e6d Merge branch '0.9' into py3
Conflicts:
	.travis.yml
	MANIFEST
	bin/fail2ban-regex
	fail2ban/server/filter.py
	fail2ban/tests/servertestcase.py
	setup.py
2013-04-13 16:54:22 +01:00
Yaroslav Halchenko 99a5d78e37 ENH: for consistency (and future expansion ;)) -- rename to mysqld-auth 2013-04-09 18:03:34 -04:00
Yaroslav Halchenko 3e6be243bf Merge branch 'Support_for_mysql_log_example' of https://github.com/arto-p/fail2ban
* 'Support_for_mysql_log_example' of https://github.com/arto-p/fail2ban:
  Added testcase for MySQL date format to testcases/datedetectortestcase.py and example of MySQL log file.
  Added support for MySQL logfiles

Conflicts:
	testcases/datedetectortestcase.py -- conflictde with other added test cases
2013-04-09 17:55:14 -04:00
Steven Hiscocks 77aa523f22 Merge branch 'master' into py3
Conflicts:
	.travis.yml
	server/datetemplate.py
	server/server.py
	testcases/filtertestcase.py
2013-03-30 22:51:36 +00:00
Yaroslav Halchenko 105306e1a8 Merge remote-tracking branch 'pr/117/head' -- SOGo filters
* pr/117/head:
  An example of failed logins against sogo
  Update sogo-auth.conf
  Update config/filter.d/sogo-auth.conf
  Create sogo-auth.conf
  Update config/jail.conf
2013-03-27 11:09:35 -04:00
Artur Penttinen 29d0df58be Added support for MySQL logfiles 2013-03-24 16:52:58 +02:00
Pascal Borreli a2b29b4875 Fixed typos 2013-03-10 22:05:33 +00:00
Steven Hiscocks 66367876bb Add ability to set log encoding for jail 2013-02-27 18:09:55 +00:00
Yaroslav Halchenko d5ae28facf Merge pull request #104 from gebi/t/route
add support for blocking through blackhole routes
2013-02-18 08:01:34 -08:00
ArndRa 52f952e645 Update config/jail.conf
Update to use the new sogo-auth filter
2013-02-11 17:14:29 +01:00
Yaroslav Halchenko 5f2d3832f7 NF: roundcube-auth filter (to close Debian #699442, needing debian/jail.conf section) 2013-01-31 14:41:34 -05:00
Michael Gebetsroither 03433f79cd add example jail.conf for blocking through blackhole routes for ssh 2013-01-04 16:09:04 +01:00
Daniel Black da0ba8ab4c ENH: add example jail for ipset 2012-12-31 14:38:51 +11:00
Yaroslav Halchenko a3b242d6dd BF: inline comments must use ; not # -- recidive jail 2012-07-31 14:05:42 -04:00
Yaroslav Halchenko b4099dae57 DOC: Adjusted header for config/*.conf to mention .local and way to comment
thanks to Stefano Forli for reminding about comments
see Debian Bug#676146
2012-06-04 22:41:28 -04:00
Yaroslav Halchenko 7b77beee0e DOC: comment in jail.conf for the need of multiple jails for asterisk 2012-02-28 12:04:24 -05:00
Yaroslav Halchenko 71a3fb17e2 Merge remote-tracking branch 'gh-magicrhesus/master'
* gh-magicrhesus/master:
  Add the INCLUDE section to use __pid_re feature
  Disable asterisk jail by default
  Change jail for asterisk, add support for SIP and SIP-TLS on TCP and UDP ports
  Change NOTICE by NOTICE%(__pid_re)s
  Remove custom bantime
  Add sample log file for asterisk
  Add $ at the end of the failregex
  Add asterisk support

Conflicts:
	config/jail.conf -- placed asterisk jails before recidive and added blank lines after the jail headers
2012-02-28 12:03:16 -05:00
Xavier Devlamynck 180c17bede Disable asterisk jail by default 2012-02-27 16:14:18 +01:00
Xavier Devlamynck df0e0fdc07 Change jail for asterisk, add support for SIP and SIP-TLS on TCP and UDP ports 2012-02-21 18:53:44 +01:00
Yaroslav Halchenko 42dd05210a Added a warning for the recidive jail 2012-02-18 20:15:42 -05:00
Xavier Devlamynck c7613ce311 Remove custom bantime 2012-02-15 18:55:35 +01:00
Yaroslav Halchenko 1807be5a8c ENH: moved jail definition for recidive into jail.conf + swapped/commented durations + non-groupping ?:
thanks @cepheid666 for the useful comments
2012-01-26 23:28:44 -05:00
Lee Clemens d73a71f5cf ENH: Add usedns parameter for the jails
following commits were squashed from feature branch use_dns

commit 068c105eb5
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 22:19:04 2012 -0500

    Prevent warning when IP is read from log

commit 635ed36a8c
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 22:17:08 2012 -0500

    Removed logDebug

commit 24656d2812
Merge: 7957fbe c429f5c
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 21:13:11 2012 -0500

    Merge branch 'enh/use_dns' of github:leeclemens/fail2ban into enh/use_dns

    Conflicts:
    	testcases/filtertestcase.py

commit 7957fbe821
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 21:09:58 2012 -0500

    filtertestcase fixes from yarikoptic

commit 6ce9d04640
Author: Yaroslav Halchenko <debian@onerussian.com>
Date:   Tue Jan 10 19:26:05 2012 -0500

    RF: for consistency use_dns -> usedns

    I guess it was might fault of inconsistency suggesting that name.
    Other options/commands do not have _ in the names, so let it be
    consistent with the rest for now

commit cfb2c75b49
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 19:18:41 2012 -0500

    Updated DNSUtilsTests to test use_dns and added positive test to testTextToIp

commit f6186eff14
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 19:02:04 2012 -0500

    Changed wording of 'DNS Reverse lookup used' message

commit 82c62d29dc
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 18:53:17 2012 -0500

    Removed extraneous "n"

commit dc0ae21932
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 23:07:59 2012 -0500

    ENH: use_dns - removed debugging statements

commit 594e25818c
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 22:53:39 2012 -0500

    Added use_dns protocol to set and get per jail during runtime

commit 48ff80ffac
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 22:41:18 2012 -0500

    Completed use_dns for initial startup - with debugging statements

commit 0bdab4c2d7
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 20:05:35 2012 -0500

    ENH: Added use_dns option

commit 6d6b734ea5
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 20:01:34 2012 -0500

    ENH: Added use_dns option

commit 11ad2b6125
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 19:17:30 2012 -0500

    Added useDns flag to testcase

commit b48fa9b6af
Author: Lee Clemens <java@leeclemens.net>
Date:   Sun Jan 8 15:13:27 2012 -0500

    Added use_dns option in jail.conf

commit c429f5c91a
Merge: 4b18afb 0021906
Author: leeclemens <java@leeclemens.net>
Date:   Tue Jan 10 16:32:22 2012 -0800

    Merge pull request #3 from yarikoptic/enh/use_dns

    let's be consistent ;-)

commit 0021906358
Author: Yaroslav Halchenko <debian@onerussian.com>
Date:   Tue Jan 10 19:26:05 2012 -0500

    RF: for consistency use_dns -> usedns

    I guess it was might fault of inconsistency suggesting that name.
    Other options/commands do not have _ in the names, so let it be
    consistent with the rest for now

commit 4b18afb28a
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 19:18:41 2012 -0500

    Updated DNSUtilsTests to test use_dns and added positive test to testTextToIp

commit 4fae37e46f
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 19:02:04 2012 -0500

    Changed wording of 'DNS Reverse lookup used' message

commit e94806ce48
Author: Lee Clemens <java@leeclemens.net>
Date:   Tue Jan 10 18:53:17 2012 -0500

    Removed extraneous "n"

commit 4d30c52907
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 23:07:59 2012 -0500

    ENH: use_dns - removed debugging statements

commit 76696d452a
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 22:53:39 2012 -0500

    Added use_dns protocol to set and get per jail during runtime

commit 0631618087
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 22:41:18 2012 -0500

    Completed use_dns for initial startup - with debugging statements

commit d23d495547
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 20:05:35 2012 -0500

    ENH: Added use_dns option

commit 9538553bc5
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 20:01:34 2012 -0500

    ENH: Added use_dns option

commit ae1e857e53
Author: Lee Clemens <java@leeclemens.net>
Date:   Mon Jan 9 19:17:30 2012 -0500

    Added useDns flag to testcase

commit ace43eb941
Author: Lee Clemens <java@leeclemens.net>
Date:   Sun Jan 8 15:13:27 2012 -0500

    Added use_dns option in jail.conf
2012-01-12 23:23:41 -05:00
Xavier Devlamynck 7d465f98c1 Add asterisk support 2012-01-11 16:35:40 +01:00
Lee Clemens e442503133 Added pyinotify backend 2011-12-30 00:18:52 -05:00
François Boulogne a7cb20edac add lighttpd-auth jail 2011-12-24 21:56:38 +01:00
Yaroslav Halchenko 02be7d03b2 BF: use standard/reserved example.com instead of mail.com
Adapted from fail2ban-0.8.4-examplemail.patch in Fedora:
http://sophie.zarb.org/sources/fail2ban/fail2ban-0.8.4-examplemail.patch

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@777 a942ae1a-1317-0410-a47c-b1dcaea8d605
2011-05-07 03:16:40 +00:00
Yaroslav Halchenko 7b54c7b33b spellcheck jail.conf. Thanks Christoph Anton Mitterer
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@766 a942ae1a-1317-0410-a47c-b1dcaea8d605
2010-09-27 13:18:32 +00:00
Yaroslav Halchenko 521631cfcc default ignoreip to ignore entire loopback zone (/8): see http://bugs.debian.org/598200
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@765 a942ae1a-1317-0410-a47c-b1dcaea8d605
2010-09-27 13:10:48 +00:00
Yaroslav Halchenko dabe3aeae1 disabling entirely named-refused-udp jail with a big fat warning
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@761 a942ae1a-1317-0410-a47c-b1dcaea8d605
2010-06-29 01:34:08 +00:00
Arturo 'Buanzo' Busleiman b91595dd11 Disabled jail lighttpd-fastcgi by default.
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@747 a942ae1a-1317-0410-a47c-b1dcaea8d605
2009-08-31 13:57:32 +00:00
Arturo 'Buanzo' Busleiman dde7afe1f3 added two new filter files (PHP url_fopen, lighttpd fastcgi alerts), updated MANIFEST and jail.conf accordingly
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@742 a942ae1a-1317-0410-a47c-b1dcaea8d605
2009-08-30 14:17:29 +00:00
Cyril Jaquier e86e7d002e - Added missing semi-colon in the bind9 example. Thanks to Yaroslav Halchenko.
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@725 a942ae1a-1317-0410-a47c-b1dcaea8d605
2009-02-03 21:51:32 +00:00
Cyril Jaquier d885fc786e - Fixed wrong path for apache-auth in jail.conf. Thanks to Vincent Deffontaines
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@617 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-08-27 21:25:56 +00:00
Cyril Jaquier 938297138b - Fixed named filter. Thanks to Yaroslav Halchenko
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@616 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-08-27 21:03:33 +00:00
Cyril Jaquier 5fd5a8112a - Added named (bind9) example. Thanks to Yaroslav Halchenko
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@611 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-08-08 22:49:58 +00:00
Cyril Jaquier 08c2c55742 - Added sendmail actions. The action started with "mail" are now deprecated. Thanks to Raphaël Marichez
- Fixed a small typo

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@595 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-07-05 16:10:33 +00:00
Cyril Jaquier f02a915de1 - Added a new example for vsftpd. Thanks to Christian Rauch
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@552 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-02-22 21:11:30 +00:00
Cyril Jaquier b4caed8c00 - Added new filter for spam bots
- Added new action for buffered mails

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@549 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-02-12 21:50:50 +00:00
Cyril Jaquier 45277fff4a - Removed section with mail-report script which does not exist anymore
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@524 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-01-21 22:22:29 +00:00
Cyril Jaquier 7719c00d37 - Allow comma in action options. The value of the option must be escaped with " or '. Thanks to Yaroslav Halchenko
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@509 a942ae1a-1317-0410-a47c-b1dcaea8d605
2007-01-04 11:58:58 +00:00
Cyril Jaquier 0c40adda4b - Fixed some comments
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@494 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-12-18 22:33:01 +00:00
Cyril Jaquier 911b2b15fc - Merged "maxtime" with "findtime"
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@470 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-11-18 15:15:58 +00:00
Cyril Jaquier 0fd9865172 - Defined default values in .conf. Should fix Debian bug #398758
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@464 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-11-15 18:44:28 +00:00
Cyril Jaquier 90359ba523 - Added option "ignoreregex" in filter scripts and jail.conf. Feature Request #1283304
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@458 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-11-12 14:52:36 +00:00
Cyril Jaquier 51fd8fac27 - Added ipfw action script and example. Thanks to Nick Munger
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@421 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-10-19 20:15:24 +00:00
Cyril Jaquier 15a4634c38 - Added "shorewall" action
- Use glob in setup.py

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@413 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-10-17 21:13:11 +00:00
Yaroslav Halchenko e39ef65e3a added sections for sasl and proftpd authentications
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@402 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-10-02 13:42:36 +00:00
Cyril Jaquier 2bcc036cf2 - Improved configuration files
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@394 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-10-01 21:19:56 +00:00
Cyril Jaquier 7b7d246a19 - Added DNS support for "ignoreip"
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@389 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-27 20:32:30 +00:00
Cyril Jaquier 0d68fc9ef1 - Added "ignoreip" and a few other options in [DEFAULT]
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@365 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-17 22:38:44 +00:00
Cyril Jaquier 7864bdc953 - Improved jail.conf
- Removed useless parameter in mail-report.conf

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@335 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-06 21:33:18 +00:00
Cyril Jaquier f1f12518c8 - Moved "logpath" and "maxtime" to "jail.conf"
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@320 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-04 19:18:57 +00:00
Cyril Jaquier d7682360bc - Clean up configuration files
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@281 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-08-20 21:34:55 +00:00
Cyril Jaquier 7ed59912f2 - Added *.local as svn:ignore
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@278 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-08-20 21:18:39 +00:00
Cyril Jaquier 894bcbdbbf - Improved mail script
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@257 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-07-31 21:48:13 +00:00
Cyril Jaquier 9aa6a505eb - Added header
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@254 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-07-17 19:26:14 +00:00
Cyril Jaquier 7048e19995 - 0.7.0 soon
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@251 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-07-16 21:35:08 +00:00
Cyril Jaquier 12c222bd1c - One step forward to 0.7.0
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@250 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-07-08 16:51:14 +00:00
Cyril Jaquier ea1948eff4 - Initial commit of the new development release 0.7
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@249 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-06-26 20:05:00 +00:00