CERBERUS/fail2ban
1
0
Fork 0
mirror of https://github.com/fail2ban/fail2ban.git synced 2026-05-13 06:31:29 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
5158 commits 34 branches 230 tags 18 MiB
Commit graph

5158 commits

This branch
This branch
All branches
Author SHA1 Message Date
sebres
d004a2c79b release 0.11.1 -- This is the Way 2020-01-11 11:01:00 +01:00
sebres
27fb4790fb Merge branch '0.10' into 0.11 2020-01-10 15:17:54 +01:00
sebres
b25d8565fc release 0.10.5 -- Deserve more respect a jedi's weapon must. Hrrrm, Yes 2020-01-10 13:34:46 +01:00
sebres
4e4bd43e5e small amend for d1b7e2b5fb: double usage string removed, spacing fixed 
generate-man: small fixing (avoid ../bin in usage, version fix
 2020-01-10 13:28:20 +01:00
sebres
4860d69909 Merge branch '0.10' into 0.11 2020-01-09 20:55:00 +01:00
sebres
f77398c49d filter.d/sshd.conf: captures Disconnected from ... [preauth], preauth phase only, different handling by extra (with supplied user only) and ddos/aggressive mode (normal mode is not affected, used there just as a helper with <F-NOFAIL> to capture IP for multiline failures without IP); 
closes gh-2115, gh-2362.
 2020-01-09 20:53:53 +01:00
sebres
d1b7e2b5fb fail2ban-regex - several enhancements and fixes: 
- improved usage output (don't put a long help if an error occurs);
- new option `--no-check-all` to avoid check of all regex's (first matched only);
- new option `-o`, `--out` to set token provided in output (disables check-all and outputs only expected data);
- test cases optimized and extended
 2020-01-09 16:59:13 +01:00
sebres
dbc6590589 usage of failure-ID tag <F-ID>...</F-ID> causes raw handling automatically (avoid DNS-resolve for found ID) 2020-01-08 22:07:33 +01:00
sebres
ac41b8f3be some logging level got changed between 0.10/0.11 (9 is lowest log level to capture messages in LogCaptureTestCase now) 2020-01-08 21:43:27 +01:00
sebres
587e4ff573 Merge branch '0.10' into 0.11 
(conflicts resolved)
 2020-01-08 21:27:23 +01:00
Sergey G. Brester
a15832e773
Merge pull request #2588 from sebres/0.10-invariant-improve 
0.10 auto-reban, improved invariant check and conditional operations
 2020-01-08 21:04:42 +01:00
sebres
f30b7ae244 update ChangeLog + spelling 2020-01-08 21:03:00 +01:00
sebres
17a34b1528 amend with missing parameter of actionreban in actionreader and coverage 2020-01-07 22:01:11 +01:00
sebres
f001f8de2a automatic reban (repeat banning action) after repair/restore sane environment, if already logged ticket causes new failures (part of #980, closes #1680); 
introduces banning epoch for actions and tickets (to distinguish or recognize removed set of tickets)
 2020-01-07 21:28:32 +01:00
sebres
1a9bc1905d auto-detection of IPv6 subsystem availability (important for not on-demand actions or jails, like pass2allow) 2020-01-07 17:01:47 +01:00
sebres
125da61bda more cases covered, start in repair distinguish operations, on demand flag etc 2020-01-07 15:50:54 +01:00
sebres
b7fe33483a coverage 2020-01-07 11:54:21 +01:00
sebres
a527fbcae5 small amend: if not on-demand, the families should be specified (or default), also avoids error "dictionary changed size during iteration" 2020-01-06 21:44:19 +01:00
sebres
67fd75c88e pass2allow-ftp: inverted handling - action should prohibit access per default for any IP, so reset start on demand parameter for this action (will be started immediately). 2020-01-06 21:13:40 +01:00
sebres
165b7d6643 tests fixed, prepared for other conditional operations (for subnet usage), operations like repair/flush/stop considering started families (executed for started only) 2020-01-06 21:02:57 +01:00
sebres
3c42c7b9ef **not ready** testActionsConsistencyCheck fixed, but several **broken** tests (todo: fix public interface like action.start()/stop()). 2020-01-06 21:02:56 +01:00
sebres
31b8d91ba2 **not ready** amend with more tests (some issue on stop?) 2019-12-27 21:58:06 +01:00
sebres
8f6ba15325 avoid unhandled exception during flush, better invariant check (and repair), avoid repair by unban/stop etc... 2019-12-27 21:30:41 +01:00
Sergey G. Brester
690a0050f0
Merge pull request #2567 from Mart124/bitwarden 
New jail, Bitwarden
 2019-12-13 18:31:21 +01:00
sebres
5dd85bf4f8 Merge branch '0.10' into 0.11 2019-12-12 21:45:50 +01:00
sebres
7e98073014 amend to f3dbc9dda1: don't need truncate (if the name with \0 exceeds 16 bytes, the string is silently truncated by prctl). 2019-12-12 21:45:09 +01:00
sebres
b2e8d610a0 small amend: adjust name of observer thread (more similar to other threads) 2019-12-12 21:31:26 +01:00
sebres
1bcb39c699 Merge branch '0.10' into 0.11 2019-12-12 21:29:13 +01:00
sebres
f3dbc9dda1 set real thread names (used for identification and diagnostic purposes, e. g. top -H, ps -e -T, pstree, etc) 2019-12-12 21:28:16 +01:00
Mart124
e763c657c4
Let's get back to WRN 2019-11-27 00:32:10 +01:00
Mart124
566cbcdde0
Update bitwarden 2019-11-27 00:14:18 +01:00
Mart124
d7b707b09d
Update bitwarden.conf 2019-11-27 00:09:22 +01:00
Mart124
869327e9b1
Update bitwarden.conf 2019-11-25 22:17:58 +01:00
Mart124
79caeaa520
Create bitwarden.conf 2019-11-25 22:05:29 +01:00
Mart124
30e742a849
Update jail.conf 2019-11-25 21:57:41 +01:00
Mart124
ef394b3cf0
Update jail.conf 2019-11-25 21:55:45 +01:00
Mart124
a3df1ab3f0
Create bitwarden 2019-11-25 21:50:16 +01:00
sebres
24d1ea9aa2 Merge branch '0.10' into 0.11 2019-11-25 01:58:55 +01:00
sebres
d5144e380e filter: testing proper handling after time-drift or time-jump (DST-hole, NTP time correction backwards, etc), gh-2566 2019-11-25 01:46:07 +01:00
Sergey G. Brester
e4c2f303bd
Merge pull request #2550 from CPbN/centreonjail 
Add Centreon jail
 2019-11-15 01:53:20 +01:00
Sergey G. Brester
596c5cee7e
Merge pull request #2560 from sebres/gh-927-subnet 
subnet implementation (filter, parsing tags)
 2019-11-15 01:48:30 +01:00
Sergey G. Brester
e86e9b2ee9
Merge branch '0.10' into gh-927-subnet 2019-11-15 01:47:50 +01:00
Sergey G. Brester
9d263edfbb
Merge pull request #2563 from hvanmegen/patch-1 
Updated sendmail-auth.conf for longer mail IDs
 2019-11-15 01:41:13 +01:00
sebres
27e6b0021c ChangeLog update gh-2563 2019-11-08 13:18:57 +01:00
sebres
0e8a8edb5e filter.d/sendmail-*.conf: both filters have same __prefix_line now (and same RE for ID, 14-20 chars long, optional) + adjusted test cases (gh-2563) 2019-11-08 13:15:40 +01:00
Henry van Megen
a9200c5456 Added logline that fails at IDs with 15 chars (see gh-2563) 2019-11-08 12:43:02 +01:00
Henry van Megen
548e2e0054 sendmail-auth.conf: filter updated for longer mail IDs (up to 20, see gh-2562) 2019-11-08 12:42:09 +01:00
sebres
5cf064a112 monit: accepting both logpath's: monit and monit.log, closes gh-2495 2019-11-04 12:18:12 +01:00
sebres
e5d02bc2e9 grouped tags (<ADDR>, <HOST>, <SUBNET>) recognize IP addresses enclosed in square brackets, closes gh-2494 2019-11-04 12:11:00 +01:00
sebres
d44607a161 part of #927 - filter enhancement to parse IP sub-nets (IP/CIDR with correct recognition of IP-family), 
provides new replacement tags for failregex to match subnets in form of IP-addresses with CIDR mask (gh-2559):
  - `<CIDR>` - helper regex to match CIDR (simple integer form of net-mask);
  - `<SUBNET>` - regex to match sub-net adresses (in form of IP/CIDR, also single IP is matched, so part /CIDR is optional);
 2019-11-01 16:29:17 +01:00