mirrors/fail2ban
1
0
Fork 0
mirror of https://github.com/fail2ban/fail2ban.git synced 2025-11-26 14:20:19 +08:00
Code Issues Packages Projects Releases Wiki Activity
6,154 Commits 34 Branches 230 Tags
c54d505dea7c18608481bf481cda88cbf908b61c
Commit Graph

6154 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
sebres
c54d505dea small amend (info with date pattern before debug message with regex) 2025-09-01 18:10:43 +02:00
sebres
6ac181f559 improve logging of date pattern (count of default templates added, info if it's filtered or used pre-match) 2025-09-01 18:03:09 +02:00
sebres
52399e6ef1 amend to #2351: providing the attempt via fail2bans protocol (Pickle, client command, etc) must follow ignore facilities (shall be ignored if matches ignoreip, ignoreself, ignorecommand etc) 2025-08-26 18:03:46 +02:00
sebres
c9e1a1b087 silence warning "Unknown distribution option: 'test_suite'", seems not work anymore (2.x only?) - test suite shall be invoked using bin/fail2ban-testcases 2025-08-23 22:22:20 +02:00
sebres
a055568500 GHA: update python 3.14.0-rc.2 2025-08-23 22:10:55 +02:00
sebres
0265df854e silence skipping tests output for python versions that basically can not have the modules 2025-08-23 22:00:03 +02:00
sebres
a3d181c973 filter.d/dovecot.conf: new matches in aggressive mode: 
- new variant for `no auth attempts in X secs` with `Login aborted` and `(no_auth_attempts)`;
- covered `disconnected during TLS handshake` with `no application protocol` and `no shared cipher`.
 2025-08-23 20:22:08 +02:00
sebres
002719dca4 ChangeLog update 2025-08-23 20:18:59 +02:00
sebres
c26fda9dbb filter.d/dovecot.conf: new matches in aggressive mode: 
- new variant for `no auth attempts in X secs` with `Login aborted` and `(no_auth_attempts)`;
- covered `disconnected during TLS handshake` with `no application protocol` and `no shared cipher`.
 2025-08-23 20:16:40 +02:00
sebres
bdb5d99906 Log Repeal Ban instead of Unban on stop action, jail or fail2ban, because the tickets are "unbanned" temporary (till restart); 
closes gh-4057
 2025-08-19 11:37:01 +02:00
sebres
4e22c20559 fixes ignoreip prefix file:// - it shall resolve absolute file name (starting with /) unless it starts with ./; 
relative paths are based relative the working dir;
to use it relative current config root (normally `/etc/fail2ban`), one can use interpolation `%(fail2ban_confpath)s`, e.g.:
  file://%(fail2ban_confpath)s/ignore-ipaddr-file
 2025-08-12 23:46:10 +02:00
sebres
3ce6f344e3 fixes beautifier get ignoreip (explicit convert to string) 2025-08-12 23:26:42 +02:00
Sergey G. Brester
bf4903538d update ChangeLog (enhancement from #3291) 2025-08-08 10:29:02 +02:00
Sergey G. Brester
77ba28bae1 Merge pull request #3291 from ttyS4/patch-1 
nftables.conf - add support for cidr notation and address ranges
 2025-08-08 10:23:08 +02:00
Sergey G. Brester
dc3268ce5d servertestcase.py: adjust test coverage 2025-08-08 10:16:01 +02:00
Sergey G. Brester
eb80b895d1 provides flags interval as addr_options now 2025-08-08 10:10:40 +02:00
Bill
6120a731d9 update nginx limit-req filter again (#4048) 
amend to #4047 - removes unused ngx_limit_con_zones parameter.
 2025-08-04 21:16:26 +02:00
Sergey G. Brester
e16e982a45 Merge pull request #4047 from billfor/nginx 
Update nginx-limit-req filter (extended to ban hosts failed by limit connection in ngx_http_limit_conn_module);
closes gh-3674
 2025-08-04 11:34:35 +02:00
Sergey G. Brester
dd58d440bc Update ChangeLog 2025-08-04 11:32:10 +02:00
Sergey G. Brester
e6516fd2b3 combine 2 REs to single regex 
closes gh-3674
 2025-08-04 11:24:51 +02:00
bill
0a91bf69a5 add filter for delayed requests and connection limiting 2025-08-04 00:27:45 -04:00
sebres
d86a7aecca amend to #3979: removed mistaken double pipes in group matches 2025-07-31 17:38:28 +02:00
sebres
ff3eca1d61 * Merge pull request #3527 from vafgoettlich/master 
(partial merge, only postfix-backend)
 2025-07-24 11:17:05 +02:00
sebres
0b255a8723 Merge pull request #3527 from vafgoettlich/master 
(partial merge, only postfix-backend)
 2025-07-24 11:14:03 +02:00
Sergey G. Brester
793d0c6555 Merge pull request #4037 from kusaka-0107/fix/asterisk-conf-regex 
filter.d/asterisk: fix regex to match "No matching endpoint found" with retry info (like `after X tries in Y ms`)
 2025-07-20 15:17:17 +02:00
Sergey G. Brester
7bb86822d0 Update ChangeLog 2025-07-20 15:15:38 +02:00
Sergey G. Brester
6d3bfa8781 revert RE back, but relive the end-anchor a bit (ignore any text without single quote, so also preventing false match by injection on foreign data) 2025-07-20 15:04:15 +02:00
177ac
b309cf6b3c Add test line 2025-07-20 18:06:33 +09:00
177ac
e97df4672a filter.d/asterisk: fix regex to match "No matching endpoint found" with retry info 2025-07-20 18:05:35 +09:00
sebres
1c2ace2958 GHA: update python 3.14.0-beta.4 2025-07-13 01:08:50 +02:00
sebres
b710d5b6c7 filter.d/sendmail-reject.conf - also recognize "Domain of sender address ... does not resolve"; 
closes gh-4035
 2025-07-13 01:03:53 +02:00
sebres
dc899e438f avoid error "Unable to get failures" by stop (if file gets removed from filter, but filter already entered getFailures for the file); 
closes gh-4032
 2025-07-07 01:04:35 +02:00
sebres
86b9adb2f5 workflows/publish.yml: amend (allow manual trigger for publishing) 2025-06-16 22:09:46 +02:00
sebres
85faeab644 workflows/publish.yml: flow to publish package on pypi 2025-06-16 21:55:58 +02:00
Sergey G. Brester
9ef134c17d Merge pull request #4016 from nabbi/dovecot-2.4 
add Dovecot 2.4 support
 2025-06-15 18:09:40 +02:00
Sergey G. Brester
8a4f373617 integrate new RE in already existing (combine new and old format) 2025-06-15 18:07:43 +02:00
Nic Boet
646832d5bd dovecot 2.4 into changelog 
Signed-off-by: Nic Boet <nic@boet.cc>
 2025-06-13 17:00:47 -05:00
Nic Boet
04ff4c060c Dovecot 2.4 filter support 
Dovecot 2.4 release is a major upgrade
Logger event structure has changed, all messages are now
prefixed with:

        "Login aborted: " <reason> "auth failed"

Maintain 2.3 support as many folks have yet to migrate,
community edition is still receiving cretial security patches

Dovecot 2.4.1
Python 3.12.10

Signed-off-by: Nic Boet <nic@boet.cc>
 2025-06-13 16:44:57 -05:00
Sergey G. Brester
cfa3356e0f Merge pull request #4001 from sebres/f2b-regex--inverted-out 
fail2ban-regex: new feature `-i` or `--invert` to output not-matched lines by `-o` or `--out`
 2025-06-03 22:23:19 +02:00
sebres
4254d6bcd3 man and changelog 2025-06-03 22:19:54 +02:00
Sergey G. Brester
afe9bc08ec Merge pull request #4006 from pzl/smtp-py-wrap 
Line-wrap long messages in smtp.py
 2025-06-02 12:40:45 +02:00
pzl
a5d7127109 construct smtp.py email wrap long lines 
RFC 5322 2.1.1 requires <=998 chars per line.
If matches are included, and are very long lines,
the email will be rejected. Constructing the mail
as a message instead of a subpart (mimetext) fixes this
 2025-05-20 14:55:03 -04:00
sebres
cca2de984f fail2ban-regex: implemented new feature -i or --invert - inverting the sense of matching, to output non-matching lines. 2025-05-06 18:15:05 +02:00
Sergey G. Brester
f7aaaf50b8 filter.d/exim.conf: colon must be outside of F-RCPT group 2025-04-27 23:00:09 +02:00
sebres
f0a083449a coverage for non zero journalflags 2025-04-24 00:12:26 +02:00
sebres
9ecf6150c8 increase max wait time a bit - some (systemd) tests may fail occasionally in fast mode 2025-04-24 00:11:45 +02:00
sebres
cbc3cb431c amend to a0093b557e (systemd-review): flags cannot be specified simultaneously with files too; 2025-04-24 00:04:37 +02:00
Sergey G. Brester
d731b385f9 Merge pull request #3909 from avcbvamorec/patch-1 
Enhancement on iptables: allow bans to be effective on multiple chains at the same time
 2025-04-17 12:46:51 +02:00
Sergey G. Brester
52d239483d typo 2025-04-16 17:18:36 +02:00
sebres
0d4a926029 ChangeLog (enhancement and compat entries) 2025-04-16 17:13:58 +02:00