..
ignorecommands
amend for 3036ed18893b6aae6619e53201aa53deb701b94f: eliminate "invalid sequence" warnings
2019-05-14 21:40:33 +02:00
3proxy.conf
added possibility to specify more precise default date pattern:
2016-10-17 11:18:30 +02:00
apache-auth.conf
filter.d/apache-auth.conf:
2019-10-18 11:26:19 +02:00
apache-badbots.conf
Merge remote-tracking branch 'upstream/master' into 0.10
2017-09-08 11:11:05 +02:00
apache-botsearch.conf
Merge branch 'master' into 0.10
2017-10-18 19:00:23 +02:00
apache-common.conf
filter.d/apache-auth.conf:
2019-10-18 11:26:19 +02:00
apache-fakegooglebot.conf
more precise date template handling (WARNING: this commit creates possible incompatibilities):
2016-10-17 11:20:27 +02:00
apache-modsecurity.conf
updated
2019-04-24 21:35:19 +02:00
apache-nohome.conf
DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page
2013-10-31 00:02:59 +11:00
apache-noscript.conf
filter.d/apache-noscript.conf: closes #2466 - matches "Primary script unknown" without "\n" (optional now)
2019-07-10 12:45:53 +02:00
apache-overflows.conf
filter.d/apache-overflows.conf: rewritten without end-anchor ($), because apache-log could contain very long URLs (and/or referrer), the parsing of it anchored way may be very vulnerable (at least as regards the system resources, see gh-1790).
2017-06-15 11:16:19 +02:00
apache-pass.conf
more precise date template handling (WARNING: this commit creates possible incompatibilities):
2016-10-17 11:20:27 +02:00
apache-shellshock.conf
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2017-12-01 15:53:11 +01:00
assp.conf
Merge branch '0.9-fix-regex-using-journal' into 0.10-fix-regex-using-journal (merge point against 0.9 after back-porting gh-1660 from 0.10)
2017-01-10 11:25:41 +01:00
asterisk.conf
filter.d/asterisk.conf: relaxing protocol RE-part before IP in RemoteAddress (gh-2531)
2019-09-26 21:46:26 +02:00
bitwarden.conf
Let's get back to WRN
2019-11-27 00:32:10 +01:00
botsearch-common.conf
Update botsearch-common.conf ( #1759 )
2017-04-26 20:14:39 +02:00
centreon.conf
Add Centreon jail
2019-10-24 14:37:18 +02:00
common.conf
filter.d/common.conf: closes gh-2650, avoid substitute of default values in related `lt_*` section, `__prefix_line` should be interpolated in definition section (after the config considers all sections that can overwrite it);
2020-03-05 13:47:11 +01:00
counter-strike.conf
added possibility to specify more precise default date pattern:
2016-10-17 11:18:30 +02:00
courier-auth.conf
Make courier-auth regexp a non-captured group
2017-04-28 16:58:24 +02:00
courier-smtp.conf
Several filters optimized with pre-filtering using new option `prefregex`
2017-02-21 15:54:59 +01:00
cyrus-imap.conf
filter.d/cyrus-imap.conf: fixed `failregex` - accept entries without login-info resp. hostname before IP address
2017-03-09 16:13:45 +01:00
directadmin.conf
added possibility to specify more precise default date pattern:
2016-10-17 11:18:30 +02:00
domino-smtp.conf
filter.d/domino-smtp.conf:
2018-09-21 14:14:00 +02:00
dovecot.conf
filter.d/dovecot.conf: failregex enhancement to catch disconnected with "proxy dest auth failed";
2018-07-17 15:06:42 +02:00
dropbear.conf
Several filters optimized with pre-filtering using new option `prefregex`
2017-02-21 15:54:59 +01:00
drupal-auth.conf
Add drupal-auth filter and jail
2015-04-27 13:10:27 -04:00
ejabberd-auth.conf
small amend to gh-1850: removed greedy catch-all at end.
2017-08-07 15:24:16 +02:00
exim-common.conf
filter.d/exim.conf: cherry-picked from 0.10, match complex time like `D=2m42s` (closes gh-1766)
2017-05-07 13:02:32 +02:00
exim-spam.conf
MRG: from 0.9
2014-01-07 16:11:40 +11:00
exim.conf
filter.d/exim.conf: failregex extended with SMTP call dropped: too many syntax or protocol errors.
2018-02-19 09:50:46 +01:00
freeswitch.conf
filter.d/freeswitch.conf: provide mode parameter, allows to avoid matching of messages like `auth challenge (REGISTER)` (see gh-2163) (currently `extra` as default to be backwards-compatible), see comments in filter how to set it to mode `normal`.
2018-08-03 11:42:15 +02:00
froxlor-auth.conf
Several filters optimized with pre-filtering using new option `prefregex`
2017-02-21 15:54:59 +01:00
groupoffice.conf
ENH: define ignoreregex for all filters explicitly, to avoid warnings ( Closes #934 )
2015-01-30 10:38:28 -05:00
gssftpd.conf
DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page
2013-10-31 00:02:59 +11:00
guacamole.conf
more precise date template handling (WARNING: this commit creates possible incompatibilities):
2016-10-17 11:20:27 +02:00
haproxy-http-auth.conf
Update haproxy-http-auth.conf
2017-04-11 09:11:08 +02:00
horde.conf
MRG: horde filter from master
2014-01-03 10:34:59 +11:00
kerio.conf
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2017-06-12 13:11:45 +02:00
lighttpd-auth.conf
regex updated using non-capturing groups
2018-01-16 14:23:47 +01:00
mongodb-auth.conf
code review, makes the test cases workable, added dev-notes
2016-11-28 18:39:07 +01:00
monit.conf
filter.d/common.conf: closes gh-2650, avoid substitute of default values in related `lt_*` section, `__prefix_line` should be interpolated in definition section (after the config considers all sections that can overwrite it);
2020-03-05 13:47:11 +01:00
murmur.conf
filter.d/murmur.conf: fixed detection of failures reading from journal (systemd-backend only):
2018-02-09 11:43:55 +01:00
mysqld-auth.conf
filter.d/mysqld-auth.conf: capture user name in filter (can be more strict if user switched, used in action or fail2ban-regex output);
2020-01-22 17:24:40 +01:00
nagios.conf
removing the second failregex
2014-02-06 00:22:05 +01:00
named-refused.conf
don't need to match identifier exactly (@ is precise enough as prefix), not capturing group;
2019-07-29 13:21:00 +02:00
nginx-botsearch.conf
more precise date template handling (WARNING: this commit creates possible incompatibilities):
2016-10-17 11:20:27 +02:00
nginx-http-auth.conf
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2018-01-17 16:42:56 +01:00
nginx-limit-req.conf
Merge remote-tracking branch 'master' into 0.10
2017-12-06 00:09:52 +01:00
nsd.conf
more precise date template handling (WARNING: this commit creates possible incompatibilities):
2016-10-17 11:20:27 +02:00
openhab.conf
added possibility to specify more precise default date pattern:
2016-10-17 11:18:30 +02:00
openwebmail.conf
ENH: stronger regex for failregex
2013-12-31 08:22:52 +11:00
oracleims.conf
added possibility to specify more precise default date pattern:
2016-10-17 11:18:30 +02:00
pam-generic.conf
quick optimization: normalizes pam-generic prefregex (more similar to the same regex within sshd-filter) + datepattern anchored now;
2018-03-20 16:00:21 +01:00
perdition.conf
DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page
2013-10-31 00:02:59 +11:00
php-url-fopen.conf
more precise date template handling (WARNING: this commit creates possible incompatibilities):
2016-10-17 11:20:27 +02:00
phpmyadmin-syslog.conf
phpmyadmin-syslog: removed excess file, fixed test, updated failregex
2017-08-23 16:56:18 +03:00
portsentry.conf
more precise date template handling (WARNING: this commit creates possible incompatibilities):
2016-10-17 11:20:27 +02:00
postfix.conf
filter.d/postfix.conf: extended mode ddos and aggressive covering multiple disconnects without auth
2020-02-10 13:29:16 +01:00
proftpd.conf
Merge branch 'master' into 0.10
2017-07-03 12:43:48 +02:00
pure-ftpd.conf
define journalmatch setting for pure-ftps
2016-03-11 18:19:53 +01:00
qmail.conf
DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page
2013-10-31 00:02:59 +11:00
recidive.conf
filter.d/recidive.conf: fixed if logging into systemd-journal (SYSLOG) with daemon name in prefix, gh-2069
2018-03-09 13:56:38 +01:00
roundcube-auth.conf
filter.d/roundcube-auth.conf: fixes failregex not working with `X-Real-IP` or/and `X-Forwarded-For` (gh-1303)
2017-07-11 14:59:24 +02:00
screensharingd.conf
Removed old svn revision comment
2015-11-02 09:08:47 -08:00
selinux-common.conf
added possibility to specify more precise default date pattern:
2016-10-17 11:18:30 +02:00
selinux-ssh.conf
DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page
2013-10-31 00:02:59 +11:00
sendmail-auth.conf
filter.d/sendmail-*.conf: both filters have same `__prefix_line` now (and same RE for ID, 14-20 chars long, optional) + adjusted test cases (gh-2563)
2019-11-08 13:15:40 +01:00
sendmail-reject.conf
filter.d/sendmail-*.conf: both filters have same `__prefix_line` now (and same RE for ID, 14-20 chars long, optional) + adjusted test cases (gh-2563)
2019-11-08 13:15:40 +01:00
sieve.conf
Fix sieve filter to use correct option
2014-07-28 23:42:02 +09:00
slapd.conf
another variant of regex
2016-07-14 10:19:21 +03:00
sogo-auth.conf
Merge branch 'master-0.9' into 0.10
2019-03-12 16:58:08 +01:00
solid-pop3d.conf
Fix a few typos
2014-03-24 13:16:52 +00:00
squid.conf
more precise date template handling (WARNING: this commit creates possible incompatibilities):
2016-10-17 11:20:27 +02:00
squirrelmail.conf
added possibility to specify more precise default date pattern:
2016-10-17 11:18:30 +02:00
sshd.conf
filter.d/sshd.conf: mode `ddos` (and aggressive) extended to detect port scanner sending unexpected ident string after connect
2020-02-17 16:24:42 +01:00
stunnel.conf
ENH: define ignoreregex for all filters explicitly, to avoid warnings ( Closes #934 )
2015-01-30 10:38:28 -05:00
suhosin.conf
suhosin.conf: removed greedy match
2017-01-21 16:26:07 +01:00
tine20.conf
more precise date template handling (WARNING: this commit creates possible incompatibilities):
2016-10-17 11:20:27 +02:00
traefik-auth.conf
regex rewritten (more secure now, resolves catch-all vulni)
2019-02-21 22:19:04 +01:00
uwimap-auth.conf
DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page
2013-10-31 00:02:59 +11:00
vsftpd.conf
filter.d/vsftpd.conf: optional reason message after FAIL LOGIN, closes #1543
2016-09-09 09:20:15 +02:00
webmin-auth.conf
BF: remove duplication definition secion in webmin-auth
2013-11-04 17:54:36 +11:00
wuftpd.conf
Add filter variable __pam_auth to allow easier changing of pam auth backend
2015-01-27 14:34:27 -07:00
xinetd-fail.conf
Several filters optimized with pre-filtering using new option `prefregex`
2017-02-21 15:54:59 +01:00
znc-adminlog.conf
filter.d/znc-adminlog.conf: support logging format of systemd-journal, bypass port after address (optional, removed end-anchor, see gh-2520)
2019-09-10 21:02:26 +02:00
zoneminder.conf
small review, prefix replaced with `%(_apache_error_client)s` from apache-common.conf include
2017-09-04 11:48:01 +02:00