mirrors/fail2ban
1
0
Fork 0
mirror of https://github.com/fail2ban/fail2ban.git synced 2025-11-26 14:20:19 +08:00
Code Issues Packages Projects Releases Wiki Activity
5,794 Commits 34 Branches 230 Tags
1.0
Commit Graph

5794 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
sebres
e2c4982417 Merge branch 'fix-gh-3485', filter.d/sshd.conf: 
- avoid double counting for "maximum authentication attempts exceeded" (gh-3502)
  - message "Disconnecting ... Too many authentication failures" is not a failure anymore
 2023-06-13 18:58:47 +02:00
sebres
101d6923e3 ChangeLog (gh-3485) 2023-06-13 18:57:05 +02:00
sebres
eebef0089c avoid double counting for "maximum authentication attempts exceeded" ("Disconnecting ..." is no failure anymore, now it's helper only); 
closes gh-3485
 2023-06-13 18:49:26 +02:00
Sergey G. Brester
66e195b0f3 jail.conf: comment only (time abbr format), no function changes 
closes gh-3522
 2023-06-10 14:15:52 +02:00
Sergey G. Brester
8e97474586 Merge pull request #3517 from seaniedan/patch-1 
Update README.md: added reference to wiki/How-to-install-fail2ban-packages
 2023-06-01 16:58:58 +02:00
Sean Danischevsky
5cd4c5a29f Update README.md 
added link to wiki page install instructions
 2023-06-01 09:47:53 +01:00
Sean Danischevsky
217f404b22 Update README.md 
add install instructions for popular linux distributions
 2023-05-31 23:13:48 +01:00
Sergey G. Brester
fb8a93b40f Merge pull request #3514 from ulm/gentoo-url 
Update URLs for Gentoo
 2023-05-27 13:15:00 +02:00
Ulrich Müller
50cbc7e8dd Update URLs for Gentoo 
Gentoo moved from CVS to Git in 2015.

Drop the Gentoo URL from fail2ban-logrotate, because the distro
specific config file has been dropped in 2013.
 2023-05-21 10:47:52 +02:00
Sergey G. Brester
5d9603c104 failregex.py: resolve deprecation warning for sre_constants 
closes gh-3508
 2023-05-03 12:00:24 +02:00
Sergey G. Brester
baf8330214 GHA: update python-versions, 3.11 is released 2023-05-03 11:55:00 +02:00
sebres
ca4af85cd7 avoid confusion of path as failure ID with IP/CIDR notation, improve IP/CIDR parsing; 
wrong CIDR notation or invalid plen always causes a fallback to raw string now;
fixes recognition of `::` and `::/32`
 2023-04-26 17:10:39 +02:00
Sergey G. Brester
de0ed85fb8 README.md: code status - switch from travis-ci to GHA 2023-04-24 23:10:47 +02:00
Sergey G. Brester
871101c3c1 Merge pull request #3502 from fail2ban/gh-3497 
filter.d/exim.conf: fixes "dropped: too many ..." regex (also matches unrecognized commands)
 2023-04-24 22:59:00 +02:00
Sergey G. Brester
3c8d5fd4ef Update ChangeLog 2023-04-24 17:11:04 +02:00
Sergey G. Brester
809b904106 filter.d/exim.conf: fixes "dropped: too many ..." regex and also matches unrecognized commands new vector 2023-04-24 15:40:53 +02:00
Sergey G. Brester
7544e969d5 new test messages for exim (gh-3497) 2023-04-24 15:36:21 +02:00
Sergey G. Brester
2b98f461bb Merge pull request #2860 from a16bitsysop/mikrotik 
Add action for mikrotik routerOS
 2023-04-13 19:10:30 +02:00
Sergey G. Brester
e73748c442 Merge branch 'master' into mikrotik 2023-04-13 19:09:00 +02:00
Sergey G. Brester
27294c4b9e fail2banregextestcase: compatibility fix for testWrongRE 2023-04-04 13:30:12 +02:00
sebres
56485c8548 filtertestcase.py: byte related copy of lines in tests (locale independent); closes gh-2936 2023-04-04 12:48:12 +02:00
Sergey G. Brester
a9b30eb86e Merge pull request #2226 from mbologna/nginx-forbidden 
Feat: ban nginx forbidden accesses
 2023-03-23 12:33:32 +01:00
Sergey G. Brester
9cbf59c827 anchored datepattern and added journalmatch (if monitoring systemd journal) 2023-03-23 12:16:13 +01:00
Sergey G. Brester
212a4c236a update changeLog, nginx-forbidden, gh-2226 2023-03-23 12:12:55 +01:00
Sergey G. Brester
2c0360d178 Merge branch 'master' into nginx-forbidden 2023-03-23 12:01:50 +01:00
sebres
d1d1730de0 Merge fix #3479: 
action.d/cloudflare-token.conf: url-encode args by unban
closes 'gh-3479'
 2023-03-15 15:14:43 +01:00
Sergey G. Brester
3d4bed50c2 changelog entry (gh-3479) 2023-03-15 15:08:45 +01:00
Sergey G. Brester
c7f8b75e7e action.d/cloudflare-token.conf: fixes #3479, url-encode args by unban 2023-03-15 15:03:48 +01:00
Duncan Bellamy
7dc32971f8 changed missed names 2023-03-08 12:16:35 +00:00
Duncan Bellamy
9b1417a169 apply suggestions 2023-03-08 09:29:03 +00:00
Duncan Bellamy
b892133d51 move new comment in changelog 2023-03-08 09:20:51 +00:00
Sergey G. Brester
d46ec3a555 add jail boundary to flush command for more precise targeting of jail (if some name may be equal to prefix of other name) 2023-03-08 09:17:13 +00:00
Duncan Bellamy
5781675a7d change startcomment and comment so correct rules are flushed 2023-03-08 09:17:13 +00:00
Duncan Bellamy
ac2076ef4f change unban back to find comment so correct entry always deleted 2023-03-08 09:17:13 +00:00
Duncan Bellamy
0e3e9b1d7f Add flushaction 
Change unban to find by ip address not comment
 2023-03-08 09:17:13 +00:00
Duncan Bellamy
9997807fb3 Add action for mikrotik routerOS 2023-03-08 09:17:13 +00:00
Sergey G. Brester
234660e94d CI-workflow: remove 3.5 (seems to have a bug in GHA now) 2023-02-28 11:39:00 +01:00
Sergey G. Brester
17f060526e readme: amend 2023-02-28 11:36:34 +01:00
Sergey G. Brester
92fae68071 readme: update version 2023-02-28 11:32:28 +01:00
Sergey G. Brester
06e3dea062 Merge pull request #3460 from Trotyl84/patch-1 
.gitignore: ignore `.venv/`
 2023-02-20 08:42:53 +01:00
Łukasz Turon
5dcbc0dd55 Update .gitignore 
Please add this entry for virtual python interpreter. This directory name is needed in the PyCharm environment.
 2023-02-18 23:49:28 +01:00
sebres
f93a538693 gh-3447: fix careless mistake arisen in b12a3acb06 by attempt to implement new reload capacity (rewritten latter): causing error "'noduplicates' is not defined" by double jail configuration 2023-01-17 12:53:39 +01:00
sebres
a3a3fffa54 Merge branch 'fix-gh-3438': 
* circumvent SEGFAULT in a python's socket module by getaddrinfo with disabled IPv6 (gh-3438)
* improve auto-detection of IPv6 support (`allowipv6 = auto` by default)
* improve `ignoreself` by considering all local addresses from network interfaces additionally to IPs from hostnames (gh-3132)
 2023-01-11 18:41:15 +01:00
sebres
ed135b6a93 changelog entries (gh-3438, gh-3132) 2023-01-11 18:30:37 +01:00
sebres
582436aadf don't add subnets to local addresses of ignoreself from network interfaces, use only IPs instead (subnets may be too heavy and not wanted, todo: make it configurable later) 2023-01-11 18:27:44 +01:00
sebres
cb8674e68a amend with few improvements, IPv6IsAllowed prefers IPs from network interfaces (if available for platform) and uses DNS (socket.getaddrinfo) as a fallback only 2023-01-10 12:20:48 +01:00
sebres
09c23fd5b8 try to obtain local addresses from network interfaces before DNS to IP lookup (closes gh-3132); 
DNSUtils.getSelfIP returns IPAddrSet now (because own IPs may be the subnets now, so the check `ignoreself` must check whether any of subnets contains the IP)
 2023-01-09 21:52:12 +01:00
sebres
d8a9812adc improve auto detection of IPv6 - try to check sysctl net.ipv6.conf.all.disable_ipv6 (prefer value read from /proc/sys/net/ipv6/conf/all/disable_ipv6) 2023-01-09 16:21:36 +01:00
sebres
58834b6734 better auto-detection for IPv6 support (allowipv6 = auto by default); circumvent SF in some python's socket module by getaddrinfo with disabled IPv6 (closes gh-3438) 2023-01-06 14:50:25 +01:00
Sergey G. Brester
432e7e1e93 no warning if no config value but default (debug message now) 
closes #3420
 2022-11-28 13:21:15 +01:00