CERBERUS/fail2ban
1
0
Fork 0
mirror of https://github.com/fail2ban/fail2ban.git synced 2026-05-13 22:46:48 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
6114 commits 34 branches 230 tags 18 MiB
Commit graph

1158 commits

Author SHA1 Message Date
sebres
0d4a926029 ChangeLog (enhancement and compat entries) 2025-04-16 17:13:58 +02:00
sebres
c76e90fbb1 * Merge pull request #3940 from exim-pr-mode-more 
`filter.d/exim.conf` - fewer REs by default, introduces mode `more`
 2025-04-02 15:11:38 +02:00
Sergey G. Brester
6538d43a8e
Update ChangeLog 2025-04-02 14:57:03 +02:00
Sergey G. Brester
70ce1cef08
Update ChangeLog 2025-04-02 14:40:04 +02:00
sebres
767c89f863 satisfy spellcheck 2025-03-31 01:27:52 +02:00
sebres
d5718503ad update changelog and documentation (new features and handling) 2025-03-31 01:13:02 +02:00
sebres
ee421dfbd6 filter.d/apache-noscript.conf - consider new log-format with "AH02811: stderr from /..."; 
closes gh-3900
 2025-03-28 22:52:51 +01:00
sebres
8ae6eaf39a filter.d/postfix.conf - default _daemon in prefix-line is loosened - can match everything starting with word postfix, like postfix-example.com/smtpd; 
closes gh-3297
 2025-03-10 22:35:26 +01:00
Sergey G. Brester
c035428535
Merge pull request #3954 from luckylittle/feature/systemd-journal-vsftpd 
`filter.d/vsftpd.conf` - fixed regex (if failures generated by systemd-journal)
 2025-03-04 14:20:01 +01:00
sebres
79346e4f2c updated ChangeLog 2025-03-04 14:15:14 +01:00
Sergey G. Brester
3e9a4b4a48
Update ChangeLog 2025-03-04 13:20:54 +01:00
sebres
7233edd0bf amend ChangeLog updated: ignoreip extended with file:... syntax to ignore IPs from file-ip-set; 
+ silence codespell
 2025-03-03 20:07:05 +01:00
sebres
882e6d5e00 filter.d/exim.conf - mode aggressive extended to catch dropped by ACL failures, e.g. "ACL: Country is banned" 2025-02-10 17:30:07 +01:00
sebres
a1268f37c3 amend (move ChangeLog entry) 2025-01-30 14:04:00 +01:00
sebres
b55c20594e paths-common.conf: changed default mysql_log path (default logpath of mysqld-auth jail without maintainer overrides); adjusted comments (log_error_verbosity = 3 instead of log-warnings = 2) 
closes gh-3932
 2025-01-30 14:00:43 +01:00
Philipp Burndorfer
95710e9dac Adapted changelog. 2025-01-30 01:13:47 +01:00
sebres
a796cc9b91 filter.d/dropbear.conf: failregex extended to match different format of "Exit before auth" message; 
closes gh-3791
 2024-12-27 16:43:33 +01:00
Sergey G. Brester
b7b1fff53c
Update ChangeLog 2024-12-27 14:00:35 +07:00
sebres
89b5f3bb1e filter.d/sshd.conf: ddos and aggressive modes, regex extended for timeout before authentication (optional connection from part); 
closes gh-3907
 2024-12-26 14:24:15 +01:00
Sergey G. Brester
51358e1587
Merge pull request #3636 from szepeviktor/typos 
Fix more typos
 2024-12-21 19:31:54 +01:00
sebres
91c27d0600 filter.d/freeswitch.conf: bypass some new info in prefix before [WARNING] (changed default _pref_line); 
closes gh-3143
 2024-12-04 16:56:23 +01:00
sebres
78af48862f new jail option skip_if_nologs to ignore jail if no logpath matches found, fail2ban continue to start with warnings/errors, thus other jails become running; 
closes gh-2756
 2024-08-23 12:16:08 +02:00
sebres
2749109f10 ChangeLog 2024-08-10 13:23:28 +02:00
sebres
d4663e8941 action.d/firewallcmd-rich-*.conf: fixed incorrect quoting, disabling port variable expansion by substitution of rich rule; closes gh-3815 2024-08-07 22:43:42 +02:00
sebres
4a87802c59 ChangeLog 2024-07-30 19:19:24 +02:00
sebres
93810fff75 consider CONNECT and other rejected commands as a valid _pref; 
closes gh-3800
 2024-07-26 19:25:36 +02:00
Sergey G. Brester
216622adb2
Update ChangeLog 2024-07-03 19:42:19 +02:00
sebres
59c5e78ce9 filter.d/apache-overflows.conf - consider AH10244: invalid URI path; 
closes gh-3778
 2024-06-28 12:50:14 +02:00
sebres
a7f3a04b0e filter.d/recidive.conf - restore possibility to set jail name in the filter, _jailname is positive now (but by default it uses now negative lookahead to exclude recidive jail); 
closes gh-3769
 2024-06-21 13:24:46 +02:00
sebres
2533526827 extend ipset actions with new parameter ipsettype for the type of set (gh-3760), affected actions: 
`action.d/firewallcmd-ipset.conf`, `action.d/iptables-ipset.conf`, `action.d/shorewall-ipset-proto6.conf`
 2024-06-09 23:38:58 +02:00
sebres
17daf0ec78 action.d/firewallcmd-ipset.conf: rename ipsettype to ipsetbackend (ipsettype will be used now to the real set type); 
amend to #2620
 2024-06-09 23:32:03 +02:00
sebres
d0d0728523 cherry-pick from debian: debian default banactions are nftables, systemd backend for sshd 
closes gh-3292
 2024-04-26 02:26:55 +02:00
sebres
c14327565d version bump 2024-04-26 02:06:09 +02:00
sebres
61799e15e1 release 1.1.0 -- object-found--norad-59479-cospar-2024-069a--altitude-36267km 2024-04-25 23:08:13 +02:00
sebres
22ffe12abb preparing release 2024-04-25 22:43:51 +02:00
sebres
44f32d6132 changelog 2024-03-25 16:36:21 +01:00
sebres
4550e3ad27 ChangeLog: reorder (filters after actions) 2024-03-25 16:34:12 +01:00
sebres
a4ca2e83bd Merge branch 'gh-3060': adjusted filter.d/exim.conf and filter.d/exim-spam.conf: 
- messages are prefiltered by `prefregex` now
- filter can bypass additional timestamp or pid that may be logged via systemd-journal or syslog-ng (gh-3060)
closes #3060
 2024-03-25 15:56:10 +01:00
sebres
1ec9237e53 bypass additional pid in prefix (may be logged by syslog-ng, gh-3060); matches protocol error with authentication mechanism not supported 2024-03-25 15:52:06 +01:00
sebres
c80908837f filter.d/exim.conf: 
- messages are prefiltered by `prefregex` now
  - filter can bypass additional timestamp that may be logged via systemd-journal (gh-3060)
 2024-03-25 15:31:23 +01:00
Vladimir Varlamov
df94ec4c52 filter.d/exim.conf: rewrite host line regex for all varied exim's log_selector states 
Depending on Exim's log_selector settings, log lines may contain additional information about the connection. And also the line itself with the address of the remote host can vary greatly. But fortunately, all states can be found in the Exim code itself and taken into account. Makes it easier to add new regexps.
Closes #3263
 2024-03-22 00:16:41 +03:00
sebres
4f679a56e0 filter.d/sshd.conf: ddos/aggressive mode extended to match new messages caused by port scanner, wrong payload on ssh port: 
- message authentication code incorrect [preauth]
  - connection corrupted [preauth]
  - timeout before authentication
closes gh-3486
 2024-02-13 16:53:21 +01:00
sebres
302252b25c ChangeLog, gh-2655 2024-01-03 13:38:14 +01:00
Logic-32
419e380870 Add support for TLS SMTP connections. 2023-12-30 16:42:18 +01:00
Viktor Szépe
1427625528 Fix more typos 2023-11-22 16:32:05 +00:00
Yaroslav Halchenko
8ef0d3c7a9 [DATALAD RUNCMD] run codespell throughout fixing typo automagically 
=== Do not change lines below ===
{
 "chain": [],
 "cmd": "codespell -w",
 "exit": 0,
 "extra_inputs": [],
 "inputs": [],
 "outputs": [],
 "pwd": "."
}
^^^ Do not change lines above ^^^
 2023-11-18 10:04:04 -05:00
Sergey G. Brester
f7ee023661
ChangeLog: gh-3564 2023-08-23 12:38:12 +02:00
nodiscc
77f80e8c3f
action.d/*ipset*: make maxelem ipset option configurable through banaction arguments 
- previously there was no way to override this value and ipsets would stop being updated when full (Hash is full, cannot add more elements)
- preserve ipset's default value of 65536
- update tests
- Closes #3549
 2023-08-23 12:19:07 +02:00
sebres
101d6923e3 ChangeLog (gh-3485) 2023-06-13 18:57:05 +02:00
Sergey G. Brester
3c8d5fd4ef
Update ChangeLog 2023-04-24 17:11:04 +02:00