github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
fail2ban/config/filter.d
History
jblachly 25c2334bc8 SmartOS PAM Authentication failed (not failURE) 
SmartOS (and likely other Illumos platforms) enter log entries for failed sshd logins of the form:
`Authentication failed for USER from HOST`
The current sshd.conf regex matches `failure` -- add to this a match for `failed` to support Illumos
 		2016-03-16 13:52:01 -04:00
..
ignorecommands Change domain filter regex 2015-10-20 10:46:00 +02:00
3proxy.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
apache-auth.conf Add apache filter for AH01630 client denied by server configuration 2014-09-14 21:54:05 +01:00
apache-badbots.conf Update apache-badbots.conf 2015-09-05 00:12:28 -04:00
apache-botsearch.conf Include consistency 2015-02-03 15:54:05 +01:00
apache-common.conf MRG: from master again 2014-01-01 2014-01-01 19:28:38 +11:00
apache-fakegooglebot.conf New jail: apache-fakegooglebot 2015-02-02 00:42:01 -05:00
apache-modsecurity.conf ENH: apache modsecurity from 0.9 branch 2013-12-29 07:06:13 +00:00
apache-nohome.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
apache-noscript.conf DOC: fix comment regarding apache version in apache-noscript 2014-01-10 08:35:37 +11:00
apache-overflows.conf BF: apache filters using error log weren't matched when referer existed in HTTP header 2013-11-19 10:27:55 +11:00
apache-pass.conf Added pass2allow (knocking with fail2ban) 2015-07-10 16:22:43 +02:00
apache-shellshock.conf adding filter to detect Shellshock attack attempts against bash scripts through apache. See http://seclists.org/oss-sec/2014/q3/650 2014-09-26 16:25:07 +01:00
assp.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
asterisk.conf regexp rewritten (few vulnerable as previous) + test case added 2016-02-08 12:01:25 +01:00
botsearch-common.conf added wp-admin 2016-03-02 16:52:03 +01:00
common.conf Add filter variable __pam_auth to allow easier changing of pam auth backend 2015-01-27 14:34:27 -07:00
counter-strike.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
courier-auth.conf MRG: 0.8.11 to 0.9 2013-11-02 15:59:05 +11:00
courier-smtp.conf Update courier-smtp.conf 2014-07-28 12:51:38 +02:00
cyrus-imap.conf ENH: cyrus-imap -- catch also 'user not found' attempts 2014-07-25 10:13:04 -04:00
directadmin.conf Added Directadmin filter, jail and log test 2014-07-02 13:52:06 +02:00
dovecot.conf Match unknown user in dovecot's passwd-file auth database 2015-04-30 16:53:10 +08:00
dropbear.conf ENH: DoS resistant dropbear filter 2013-11-12 18:06:16 +11:00
drupal-auth.conf Add drupal-auth filter and jail 2015-04-27 13:10:27 -04:00
ejabberd-auth.conf MRG: complete merge 2014-01-12 21:16:55 +11:00
exim-common.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
exim-spam.conf MRG: from 0.9 2014-01-07 16:11:40 +11:00
exim.conf exim filter: correct failregex for exim with extended log options 2014-12-04 13:34:44 +03:00
freeswitch.conf DOC: bit more on how to use freeswitch 2014-01-04 12:39:48 +11:00
froxlor-auth.conf add froxlor-auth filter and jail 2015-05-25 13:44:50 +02:00
groupoffice.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
gssftpd.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
guacamole.conf
haproxy-http-auth.conf Update haproxy-http-auth.conf 2016-01-12 08:37:33 +10:00
horde.conf MRG: horde filter from master 2014-01-03 10:34:59 +11:00
kerio.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
lighttpd-auth.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
monit.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
murmur.conf Updated 'murmur' filter to use new double-anchored regex based on @yarikoptic's suggestions. 2015-12-17 17:45:24 +00:00
mysqld-auth.conf ENH: revert back to having detailed suffix anchored at the end for mysqld-auto.conf 2016-02-28 12:07:46 -05:00
nagios.conf removing the second failregex 2014-02-06 00:22:05 +01:00
named-refused.conf Add ignoreregex to avoid warning on start 2014-11-12 10:30:28 +01:00
nginx-botsearch.conf Add HEAD method verb to apache-badbots, nginx-badbots 2015-07-07 17:45:40 +02:00
nginx-http-auth.conf ENH: adding pruned with previous merge trailing \s* in nginx filter 2014-04-03 21:31:46 -04:00
nginx-limit-req.conf Shortly, much faster and stable version of regexp (possible because expression is start-anchored and does not contains closely to catch-all sub expressions) 2015-10-29 23:55:23 +01:00
nsd.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
openhab.conf filter for openhab domotic software authentication failure with the rest api and web interface + test cases; 2015-10-26 15:48:23 +01:00
openwebmail.conf ENH: stronger regex for failregex 2013-12-31 08:22:52 +11:00
oracleims.conf ENH: make oracleims failregex better anchored (more explicit) 2014-06-10 03:52:16 -04:00
pam-generic.conf Add filter variable __pam_auth to allow easier changing of pam auth backend 2015-01-27 14:34:27 -07:00
perdition.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
php-url-fopen.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
portsentry.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
postfix-rbl.conf Add support for matching postfix multi-instance daemon names by default 2016-02-23 20:23:04 +01:00
postfix-sasl.conf Add support for matching postfix multi-instance daemon names by default 2016-02-23 20:23:04 +01:00
postfix.conf Add support for matching postfix multi-instance daemon names by default 2016-02-23 20:23:04 +01:00
proftpd.conf Update proftpd.conf 2015-04-08 15:57:39 +02:00
pure-ftpd.conf define journalmatch setting for pure-ftps 2016-03-11 18:19:53 +01:00
qmail.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
recidive.conf Add ignoreregex to avoid warning on start 2014-11-12 11:05:56 +01:00
roundcube-auth.conf Add optional session id prefix for roundcube 1.1.1 2015-07-04 11:06:51 -04:00
screensharingd.conf Removed old svn revision comment 2015-11-02 09:08:47 -08:00
selinux-common.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
selinux-ssh.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
sendmail-auth.conf ENH: add filter for sendmail-{auth,spam}. Closes gh-20 2014-02-26 19:16:49 +11:00
sendmail-reject.conf MRG: merge filter sendmail-spam into sendmail-reject 2014-03-02 16:28:23 +11:00
sieve.conf Fix sieve filter to use correct option 2014-07-28 23:42:02 +09:00
sogo-auth.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
solid-pop3d.conf Fix a few typos 2014-03-24 13:16:52 +00:00
squid.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
squirrelmail.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
sshd-ddos.conf MRG: 0.8.11 to 0.9 2013-11-02 15:59:05 +11:00
sshd.conf SmartOS PAM Authentication failed (not failURE) 2016-03-16 13:52:01 -04:00
stunnel.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
suhosin.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
tine20.conf ENH: tighten regex and change failJSON to support timezone. Closes gh-583 2014-01-22 22:16:03 +11:00
uwimap-auth.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
vsftpd.conf Add filter variable __pam_auth to allow easier changing of pam auth backend 2015-01-27 14:34:27 -07:00
webmin-auth.conf BF: remove duplication definition secion in webmin-auth 2013-11-04 17:54:36 +11:00
wuftpd.conf Add filter variable __pam_auth to allow easier changing of pam auth backend 2015-01-27 14:34:27 -07:00
xinetd-fail.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00