mirrors/fail2ban
1
0
Fork 0
mirror of https://github.com/fail2ban/fail2ban.git synced 2025-11-26 14:20:19 +08:00
Code Issues Packages Projects Releases Wiki Activity
6,149 Commits 34 Branches 230 Tags
0265df854e0db07d79da735e2a9bf4aee86f7975
Commit Graph

6149 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
sebres
0265df854e silence skipping tests output for python versions that basically can not have the modules 2025-08-23 22:00:03 +02:00
sebres
a3d181c973 filter.d/dovecot.conf: new matches in aggressive mode: 
- new variant for `no auth attempts in X secs` with `Login aborted` and `(no_auth_attempts)`;
- covered `disconnected during TLS handshake` with `no application protocol` and `no shared cipher`.
 2025-08-23 20:22:08 +02:00
sebres
002719dca4 ChangeLog update 2025-08-23 20:18:59 +02:00
sebres
c26fda9dbb filter.d/dovecot.conf: new matches in aggressive mode: 
- new variant for `no auth attempts in X secs` with `Login aborted` and `(no_auth_attempts)`;
- covered `disconnected during TLS handshake` with `no application protocol` and `no shared cipher`.
 2025-08-23 20:16:40 +02:00
sebres
bdb5d99906 Log Repeal Ban instead of Unban on stop action, jail or fail2ban, because the tickets are "unbanned" temporary (till restart); 
closes gh-4057
 2025-08-19 11:37:01 +02:00
sebres
4e22c20559 fixes ignoreip prefix file:// - it shall resolve absolute file name (starting with /) unless it starts with ./; 
relative paths are based relative the working dir;
to use it relative current config root (normally `/etc/fail2ban`), one can use interpolation `%(fail2ban_confpath)s`, e.g.:
  file://%(fail2ban_confpath)s/ignore-ipaddr-file
 2025-08-12 23:46:10 +02:00
sebres
3ce6f344e3 fixes beautifier get ignoreip (explicit convert to string) 2025-08-12 23:26:42 +02:00
Sergey G. Brester
bf4903538d update ChangeLog (enhancement from #3291) 2025-08-08 10:29:02 +02:00
Sergey G. Brester
77ba28bae1 Merge pull request #3291 from ttyS4/patch-1 
nftables.conf - add support for cidr notation and address ranges
 2025-08-08 10:23:08 +02:00
Sergey G. Brester
dc3268ce5d servertestcase.py: adjust test coverage 2025-08-08 10:16:01 +02:00
Sergey G. Brester
eb80b895d1 provides flags interval as addr_options now 2025-08-08 10:10:40 +02:00
Bill
6120a731d9 update nginx limit-req filter again (#4048) 
amend to #4047 - removes unused ngx_limit_con_zones parameter.
 2025-08-04 21:16:26 +02:00
Sergey G. Brester
e16e982a45 Merge pull request #4047 from billfor/nginx 
Update nginx-limit-req filter (extended to ban hosts failed by limit connection in ngx_http_limit_conn_module);
closes gh-3674
 2025-08-04 11:34:35 +02:00
Sergey G. Brester
dd58d440bc Update ChangeLog 2025-08-04 11:32:10 +02:00
Sergey G. Brester
e6516fd2b3 combine 2 REs to single regex 
closes gh-3674
 2025-08-04 11:24:51 +02:00
bill
0a91bf69a5 add filter for delayed requests and connection limiting 2025-08-04 00:27:45 -04:00
sebres
d86a7aecca amend to #3979: removed mistaken double pipes in group matches 2025-07-31 17:38:28 +02:00
sebres
ff3eca1d61 * Merge pull request #3527 from vafgoettlich/master 
(partial merge, only postfix-backend)
 2025-07-24 11:17:05 +02:00
sebres
0b255a8723 Merge pull request #3527 from vafgoettlich/master 
(partial merge, only postfix-backend)
 2025-07-24 11:14:03 +02:00
Sergey G. Brester
793d0c6555 Merge pull request #4037 from kusaka-0107/fix/asterisk-conf-regex 
filter.d/asterisk: fix regex to match "No matching endpoint found" with retry info (like `after X tries in Y ms`)
 2025-07-20 15:17:17 +02:00
Sergey G. Brester
7bb86822d0 Update ChangeLog 2025-07-20 15:15:38 +02:00
Sergey G. Brester
6d3bfa8781 revert RE back, but relive the end-anchor a bit (ignore any text without single quote, so also preventing false match by injection on foreign data) 2025-07-20 15:04:15 +02:00
177ac
b309cf6b3c Add test line 2025-07-20 18:06:33 +09:00
177ac
e97df4672a filter.d/asterisk: fix regex to match "No matching endpoint found" with retry info 2025-07-20 18:05:35 +09:00
sebres
1c2ace2958 GHA: update python 3.14.0-beta.4 2025-07-13 01:08:50 +02:00
sebres
b710d5b6c7 filter.d/sendmail-reject.conf - also recognize "Domain of sender address ... does not resolve"; 
closes gh-4035
 2025-07-13 01:03:53 +02:00
sebres
dc899e438f avoid error "Unable to get failures" by stop (if file gets removed from filter, but filter already entered getFailures for the file); 
closes gh-4032
 2025-07-07 01:04:35 +02:00
sebres
86b9adb2f5 workflows/publish.yml: amend (allow manual trigger for publishing) 2025-06-16 22:09:46 +02:00
sebres
85faeab644 workflows/publish.yml: flow to publish package on pypi 2025-06-16 21:55:58 +02:00
Sergey G. Brester
9ef134c17d Merge pull request #4016 from nabbi/dovecot-2.4 
add Dovecot 2.4 support
 2025-06-15 18:09:40 +02:00
Sergey G. Brester
8a4f373617 integrate new RE in already existing (combine new and old format) 2025-06-15 18:07:43 +02:00
Nic Boet
646832d5bd dovecot 2.4 into changelog 
Signed-off-by: Nic Boet <nic@boet.cc>
 2025-06-13 17:00:47 -05:00
Nic Boet
04ff4c060c Dovecot 2.4 filter support 
Dovecot 2.4 release is a major upgrade
Logger event structure has changed, all messages are now
prefixed with:

        "Login aborted: " <reason> "auth failed"

Maintain 2.3 support as many folks have yet to migrate,
community edition is still receiving cretial security patches

Dovecot 2.4.1
Python 3.12.10

Signed-off-by: Nic Boet <nic@boet.cc>
 2025-06-13 16:44:57 -05:00
Sergey G. Brester
cfa3356e0f Merge pull request #4001 from sebres/f2b-regex--inverted-out 
fail2ban-regex: new feature `-i` or `--invert` to output not-matched lines by `-o` or `--out`
 2025-06-03 22:23:19 +02:00
sebres
4254d6bcd3 man and changelog 2025-06-03 22:19:54 +02:00
Sergey G. Brester
afe9bc08ec Merge pull request #4006 from pzl/smtp-py-wrap 
Line-wrap long messages in smtp.py
 2025-06-02 12:40:45 +02:00
pzl
a5d7127109 construct smtp.py email wrap long lines 
RFC 5322 2.1.1 requires <=998 chars per line.
If matches are included, and are very long lines,
the email will be rejected. Constructing the mail
as a message instead of a subpart (mimetext) fixes this
 2025-05-20 14:55:03 -04:00
sebres
cca2de984f fail2ban-regex: implemented new feature -i or --invert - inverting the sense of matching, to output non-matching lines. 2025-05-06 18:15:05 +02:00
Sergey G. Brester
f7aaaf50b8 filter.d/exim.conf: colon must be outside of F-RCPT group 2025-04-27 23:00:09 +02:00
sebres
f0a083449a coverage for non zero journalflags 2025-04-24 00:12:26 +02:00
sebres
9ecf6150c8 increase max wait time a bit - some (systemd) tests may fail occasionally in fast mode 2025-04-24 00:11:45 +02:00
sebres
cbc3cb431c amend to a0093b557e (systemd-review): flags cannot be specified simultaneously with files too; 2025-04-24 00:04:37 +02:00
Sergey G. Brester
d731b385f9 Merge pull request #3909 from avcbvamorec/patch-1 
Enhancement on iptables: allow bans to be effective on multiple chains at the same time
 2025-04-17 12:46:51 +02:00
Sergey G. Brester
52d239483d typo 2025-04-16 17:18:36 +02:00
sebres
0d4a926029 ChangeLog (enhancement and compat entries) 2025-04-16 17:13:58 +02:00
sebres
cbe14c70c5 iptables.conf rewritten to affect all derivative actions (multiple chains are also supported by iptables-ipset etc); 
iptables-xt_recent-echo.conf adjusted to be compatible to new syntax of inherited iptables.conf;
test coverage fixed to new handling
 2025-04-16 16:56:46 +02:00
Arnaud
37f72f88ef Reverting chains to chain in order to preserve backward compatibilityu 
backing to the option named "chain", using "iteredchain" a new variable to iterate over.
 2025-04-16 16:06:29 +02:00
Arnaud
139151ec81 Update iptables.conf - allow bans to be efective on multiple chains at the same time 
This patch allows the ban to be applied on the INPUT and the FORWARD chain at the time. May be useful at least on routing devices and on docker hosting machines.
 2025-04-16 16:06:28 +02:00
sebres
c76e90fbb1 * Merge pull request #3940 from exim-pr-mode-more 
`filter.d/exim.conf` - fewer REs by default, introduces mode `more`
 2025-04-02 15:11:38 +02:00
Sergey G. Brester
6538d43a8e Update ChangeLog 2025-04-02 14:57:03 +02:00