.. |
ignorecommands
|
amend for 3036ed18893b6aae6619e53201aa53deb701b94f: eliminate "invalid sequence" warnings
|
2019-05-14 21:40:33 +02:00 |
3proxy.conf
|
added possibility to specify more precise default date pattern:
|
2016-10-17 11:18:30 +02:00 |
apache-auth.conf
|
filter.d/apache-auth.conf:
|
2019-10-18 11:26:19 +02:00 |
apache-badbots.conf
|
Merge remote-tracking branch 'upstream/master' into 0.10
|
2017-09-08 11:11:05 +02:00 |
apache-botsearch.conf
|
Merge branch 'master' into 0.10
|
2017-10-18 19:00:23 +02:00 |
apache-common.conf
|
filter.d/apache-auth.conf:
|
2019-10-18 11:26:19 +02:00 |
apache-fakegooglebot.conf
|
more precise date template handling (WARNING: this commit creates possible incompatibilities):
|
2016-10-17 11:20:27 +02:00 |
apache-modsecurity.conf
|
updated
|
2019-04-24 21:35:19 +02:00 |
apache-nohome.conf
|
DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page
|
2013-10-31 00:02:59 +11:00 |
apache-noscript.conf
|
filter.d/apache-noscript.conf: closes #2466 - matches "Primary script unknown" without "\n" (optional now)
|
2019-07-10 12:45:53 +02:00 |
apache-overflows.conf
|
filter.d/apache-overflows.conf: rewritten without end-anchor ($), because apache-log could contain very long URLs (and/or referrer), the parsing of it anchored way may be very vulnerable (at least as regards the system resources, see gh-1790).
|
2017-06-15 11:16:19 +02:00 |
apache-pass.conf
|
more precise date template handling (WARNING: this commit creates possible incompatibilities):
|
2016-10-17 11:20:27 +02:00 |
apache-shellshock.conf
|
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
|
2017-12-01 15:53:11 +01:00 |
assp.conf
|
Merge branch '0.9-fix-regex-using-journal' into 0.10-fix-regex-using-journal (merge point against 0.9 after back-porting gh-1660 from 0.10)
|
2017-01-10 11:25:41 +01:00 |
asterisk.conf
|
filter.d/asterisk.conf: relaxing protocol RE-part before IP in RemoteAddress (gh-2531)
|
2019-09-26 21:46:26 +02:00 |
bitwarden.conf
|
Let's get back to WRN
|
2019-11-27 00:32:10 +01:00 |
botsearch-common.conf
|
Update botsearch-common.conf (#1759)
|
2017-04-26 20:14:39 +02:00 |
centreon.conf
|
Add Centreon jail
|
2019-10-24 14:37:18 +02:00 |
common.conf
|
amend to #2387:
|
2019-07-09 21:48:43 +02:00 |
counter-strike.conf
|
added possibility to specify more precise default date pattern:
|
2016-10-17 11:18:30 +02:00 |
courier-auth.conf
|
Make courier-auth regexp a non-captured group
|
2017-04-28 16:58:24 +02:00 |
courier-smtp.conf
|
Several filters optimized with pre-filtering using new option `prefregex`
|
2017-02-21 15:54:59 +01:00 |
cyrus-imap.conf
|
filter.d/cyrus-imap.conf: fixed `failregex` - accept entries without login-info resp. hostname before IP address
|
2017-03-09 16:13:45 +01:00 |
directadmin.conf
|
added possibility to specify more precise default date pattern:
|
2016-10-17 11:18:30 +02:00 |
domino-smtp.conf
|
filter.d/domino-smtp.conf:
|
2018-09-21 14:14:00 +02:00 |
dovecot.conf
|
filter.d/dovecot.conf: failregex enhancement to catch disconnected with "proxy dest auth failed";
|
2018-07-17 15:06:42 +02:00 |
dropbear.conf
|
Several filters optimized with pre-filtering using new option `prefregex`
|
2017-02-21 15:54:59 +01:00 |
drupal-auth.conf
|
Add drupal-auth filter and jail
|
2015-04-27 13:10:27 -04:00 |
ejabberd-auth.conf
|
small amend to gh-1850: removed greedy catch-all at end.
|
2017-08-07 15:24:16 +02:00 |
exim-common.conf
|
filter.d/exim.conf: cherry-picked from 0.10, match complex time like `D=2m42s` (closes gh-1766)
|
2017-05-07 13:02:32 +02:00 |
exim-spam.conf
|
MRG: from 0.9
|
2014-01-07 16:11:40 +11:00 |
exim.conf
|
filter.d/exim.conf: failregex extended with SMTP call dropped: too many syntax or protocol errors.
|
2018-02-19 09:50:46 +01:00 |
freeswitch.conf
|
filter.d/freeswitch.conf: provide mode parameter, allows to avoid matching of messages like `auth challenge (REGISTER)` (see gh-2163) (currently `extra` as default to be backwards-compatible), see comments in filter how to set it to mode `normal`.
|
2018-08-03 11:42:15 +02:00 |
froxlor-auth.conf
|
Several filters optimized with pre-filtering using new option `prefregex`
|
2017-02-21 15:54:59 +01:00 |
groupoffice.conf
|
ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934)
|
2015-01-30 10:38:28 -05:00 |
gssftpd.conf
|
DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page
|
2013-10-31 00:02:59 +11:00 |
guacamole.conf
|
more precise date template handling (WARNING: this commit creates possible incompatibilities):
|
2016-10-17 11:20:27 +02:00 |
haproxy-http-auth.conf
|
Update haproxy-http-auth.conf
|
2017-04-11 09:11:08 +02:00 |
horde.conf
|
MRG: horde filter from master
|
2014-01-03 10:34:59 +11:00 |
kerio.conf
|
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
|
2017-06-12 13:11:45 +02:00 |
lighttpd-auth.conf
|
regex updated using non-capturing groups
|
2018-01-16 14:23:47 +01:00 |
mongodb-auth.conf
|
code review, makes the test cases workable, added dev-notes
|
2016-11-28 18:39:07 +01:00 |
monit.conf
|
added possibility to specify more precise default date pattern:
|
2016-10-17 11:18:30 +02:00 |
murmur.conf
|
filter.d/murmur.conf: fixed detection of failures reading from journal (systemd-backend only):
|
2018-02-09 11:43:55 +01:00 |
mysqld-auth.conf
|
filter.d/mysqld-auth.conf: capture user name in filter (can be more strict if user switched, used in action or fail2ban-regex output);
|
2020-01-22 17:24:40 +01:00 |
nagios.conf
|
removing the second failregex
|
2014-02-06 00:22:05 +01:00 |
named-refused.conf
|
don't need to match identifier exactly (@ is precise enough as prefix), not capturing group;
|
2019-07-29 13:21:00 +02:00 |
nginx-botsearch.conf
|
more precise date template handling (WARNING: this commit creates possible incompatibilities):
|
2016-10-17 11:20:27 +02:00 |
nginx-http-auth.conf
|
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
|
2018-01-17 16:42:56 +01:00 |
nginx-limit-req.conf
|
Merge remote-tracking branch 'master' into 0.10
|
2017-12-06 00:09:52 +01:00 |
nsd.conf
|
more precise date template handling (WARNING: this commit creates possible incompatibilities):
|
2016-10-17 11:20:27 +02:00 |
openhab.conf
|
added possibility to specify more precise default date pattern:
|
2016-10-17 11:18:30 +02:00 |
openwebmail.conf
|
ENH: stronger regex for failregex
|
2013-12-31 08:22:52 +11:00 |
oracleims.conf
|
added possibility to specify more precise default date pattern:
|
2016-10-17 11:18:30 +02:00 |
pam-generic.conf
|
quick optimization: normalizes pam-generic prefregex (more similar to the same regex within sshd-filter) + datepattern anchored now;
|
2018-03-20 16:00:21 +01:00 |
perdition.conf
|
DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page
|
2013-10-31 00:02:59 +11:00 |
php-url-fopen.conf
|
more precise date template handling (WARNING: this commit creates possible incompatibilities):
|
2016-10-17 11:20:27 +02:00 |
phpmyadmin-syslog.conf
|
phpmyadmin-syslog: removed excess file, fixed test, updated failregex
|
2017-08-23 16:56:18 +03:00 |
portsentry.conf
|
more precise date template handling (WARNING: this commit creates possible incompatibilities):
|
2016-10-17 11:20:27 +02:00 |
postfix.conf
|
filter.d/postfix.conf: extended mode ddos and aggressive covering multiple disconnects without auth
|
2020-02-10 13:29:16 +01:00 |
proftpd.conf
|
Merge branch 'master' into 0.10
|
2017-07-03 12:43:48 +02:00 |
pure-ftpd.conf
|
define journalmatch setting for pure-ftps
|
2016-03-11 18:19:53 +01:00 |
qmail.conf
|
DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page
|
2013-10-31 00:02:59 +11:00 |
recidive.conf
|
filter.d/recidive.conf: fixed if logging into systemd-journal (SYSLOG) with daemon name in prefix, gh-2069
|
2018-03-09 13:56:38 +01:00 |
roundcube-auth.conf
|
filter.d/roundcube-auth.conf: fixes failregex not working with `X-Real-IP` or/and `X-Forwarded-For` (gh-1303)
|
2017-07-11 14:59:24 +02:00 |
screensharingd.conf
|
Removed old svn revision comment
|
2015-11-02 09:08:47 -08:00 |
selinux-common.conf
|
added possibility to specify more precise default date pattern:
|
2016-10-17 11:18:30 +02:00 |
selinux-ssh.conf
|
DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page
|
2013-10-31 00:02:59 +11:00 |
sendmail-auth.conf
|
filter.d/sendmail-*.conf: both filters have same `__prefix_line` now (and same RE for ID, 14-20 chars long, optional) + adjusted test cases (gh-2563)
|
2019-11-08 13:15:40 +01:00 |
sendmail-reject.conf
|
filter.d/sendmail-*.conf: both filters have same `__prefix_line` now (and same RE for ID, 14-20 chars long, optional) + adjusted test cases (gh-2563)
|
2019-11-08 13:15:40 +01:00 |
sieve.conf
|
Fix sieve filter to use correct option
|
2014-07-28 23:42:02 +09:00 |
slapd.conf
|
another variant of regex
|
2016-07-14 10:19:21 +03:00 |
sogo-auth.conf
|
Merge branch 'master-0.9' into 0.10
|
2019-03-12 16:58:08 +01:00 |
solid-pop3d.conf
|
Fix a few typos
|
2014-03-24 13:16:52 +00:00 |
squid.conf
|
more precise date template handling (WARNING: this commit creates possible incompatibilities):
|
2016-10-17 11:20:27 +02:00 |
squirrelmail.conf
|
added possibility to specify more precise default date pattern:
|
2016-10-17 11:18:30 +02:00 |
sshd.conf
|
filter.d/sshd.conf: mode `ddos` (and aggressive) extended to detect port scanner sending unexpected ident string after connect
|
2020-02-17 16:24:42 +01:00 |
stunnel.conf
|
ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934)
|
2015-01-30 10:38:28 -05:00 |
suhosin.conf
|
suhosin.conf: removed greedy match
|
2017-01-21 16:26:07 +01:00 |
tine20.conf
|
more precise date template handling (WARNING: this commit creates possible incompatibilities):
|
2016-10-17 11:20:27 +02:00 |
traefik-auth.conf
|
regex rewritten (more secure now, resolves catch-all vulni)
|
2019-02-21 22:19:04 +01:00 |
uwimap-auth.conf
|
DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page
|
2013-10-31 00:02:59 +11:00 |
vsftpd.conf
|
filter.d/vsftpd.conf: optional reason message after FAIL LOGIN, closes #1543
|
2016-09-09 09:20:15 +02:00 |
webmin-auth.conf
|
BF: remove duplication definition secion in webmin-auth
|
2013-11-04 17:54:36 +11:00 |
wuftpd.conf
|
Add filter variable __pam_auth to allow easier changing of pam auth backend
|
2015-01-27 14:34:27 -07:00 |
xinetd-fail.conf
|
Several filters optimized with pre-filtering using new option `prefregex`
|
2017-02-21 15:54:59 +01:00 |
znc-adminlog.conf
|
filter.d/znc-adminlog.conf: support logging format of systemd-journal, bypass port after address (optional, removed end-anchor, see gh-2520)
|
2019-09-10 21:02:26 +02:00 |
zoneminder.conf
|
small review, prefix replaced with `%(_apache_error_client)s` from apache-common.conf include
|
2017-09-04 11:48:01 +02:00 |