Commit graph

3363 commits

Author SHA1 Message Date
Tom Hendrikx
6c606cf98f Add support for matching postfix multi-instance daemon names by default 2016-02-23 20:23:04 +01:00
Yaroslav Halchenko
bd822d02a4 DOC: removed Nick from listed as FreeBSD maintainer 2016-02-22 09:13:30 -05:00
Yaroslav Halchenko
8b00ca2744 Merge pull request #1327 from yarikoptic/enh-cov-templates
ENH: use codecov + templates for PRs and issues
2016-02-21 09:56:17 -05:00
Yaroslav Halchenko
705b91e6a7 DOC: adjusted ISSUE_TEMPLATE.md picking on @sebres's version 2016-02-20 11:20:33 -05:00
Yaroslav Halchenko
9667c4cb42 ENH: github templates for issues and PRs 2016-02-17 21:20:51 -05:00
Yaroslav Halchenko
72638975a9 ENH: add codecov support to travis.yml and bandge to README.md 2016-02-17 20:43:50 -05:00
Yaroslav Halchenko
905c87ca4a Merge pull request #1310 from yarikoptic/pr-1288
NF: HAProxy HTTP Auth filter
2016-02-11 08:35:48 -05:00
Yaroslav Halchenko
3dc57af19c Merge branch 'logrotate' of https://github.com/sbraz/fail2ban
* 'logrotate' of https://github.com/sbraz/fail2ban:
  Remove compression and count from logrotate
2016-02-10 18:41:01 -05:00
Yaroslav Halchenko
09bc2e978d Merge pull request #1319 from sebres/asterisk-gh1309
Asterisk regexp fix to catch phone # and relax trailing anchoring

 (replacement for Update asterisk.conf gh-1309)
2016-02-08 10:58:53 -05:00
sebres
d8e81eb417 regexp rewritten (few vulnerable as previous) + test case added 2016-02-08 12:01:25 +01:00
3eBoP
257b7049d8 Update asterisk filter: changed regex for "Call from ...". Sometimes extension can have a plus symbol (+) because they can be phone number.
Closes #1309
2016-02-08 11:51:37 +01:00
Pierre GINDRAUD
b5a07741c8 Add new regex into postfix filter. The new regexp is able to detect bad formatted SMTP EHLO command 2016-02-08 11:11:59 +01:00
Yaroslav Halchenko
b435e1e4c8 Merge pull request #1311 from sbraz/gentoo-init
gentoo-initd: do not hide useful output
2016-01-29 09:54:35 -05:00
Louis Sautier
869d99dd37
Remove compression and count from logrotate
Initially reported at https://bugs.gentoo.org/show_bug.cgi?id=549856
2016-01-29 00:15:48 +01:00
Louis Sautier
294a7790a9
gentoo-initd: do not hide useful output
Gentoo applies a patch for this: https://bugs.gentoo.org/show_bug.cgi?id=536320
2016-01-28 23:40:36 +01:00
Yaroslav Halchenko
3f437b32db Merge remote-tracking branch 'pr/1288/head'
* pr/1288/head:
  Update haproxy-http-auth.conf
  Added HAProxy HTTP Auth filter

 Conflicts:
	config/jail.conf - resolved + removed unnecessary filter/enabled (defaults should be as good)
2016-01-28 08:51:45 -05:00
Yaroslav Halchenko
377ea32441 Merge pull request #1295 from obounaim/master
The sender option is ignored by some actions
2016-01-28 08:48:22 -05:00
Serg G. Brester
fe14c8fa05 Merge pull request #1292 from albel727/master
Add nftables actions
2016-01-24 23:55:50 +01:00
Jordan Moeser
d7b46509d8 Update haproxy-http-auth.conf
Updated failregex to be more strict
2016-01-12 08:37:33 +10:00
local
58a8736e0f Updating changelog. 2016-01-10 00:10:05 +01:00
local
40c0bed82c action_mw, action_mwl, action_cf_mwl ignore the "sender" option when sending a notification email.
This commit adds "sender="%(sender)s"" to the three actions to correct this issue.
2016-01-10 00:05:03 +01:00
Yaroslav Halchenko
5d0d96a5cb Merge pull request #1286 from yarikoptic/enh-jail
ENH: harmonize jail.conf + 1 more test that passed bantime is non-degenerate and int
2016-01-08 08:51:08 -05:00
Alexander Belykh
985e8938a4 Refactor nftables actionstop into smaller parts 2016-01-06 17:39:54 +06:00
Alexander Belykh
9779eeb986 Add nftables_type/family/table parameters 2016-01-06 17:33:14 +06:00
Alexander Belykh
260c30535d Escape curly braces in nftables actions 2016-01-06 17:13:30 +06:00
Alexander Belykh
1983e15580 Add empty line between parameters in nftables-common.conf 2016-01-06 16:55:29 +06:00
Alexander Belykh
cb2d70d7a8 Add ChangeLog entry for new nftables actions 2016-01-05 19:04:44 +06:00
Alexander Belykh
f7f91a8bd4 Refactor common code out of nftables-multiport/allports.conf 2016-01-05 19:03:47 +06:00
sebres
25a09352e4 + ChangeLog entry 2016-01-04 14:46:43 +01:00
sebres
69f5623f83 code simplifying (remove duplication): agent will be always supplied as parameter from jail.conf 2016-01-04 09:30:32 +01:00
Alexander Belykh
618e97bce8 Add nftables actions 2016-01-04 01:36:28 +06:00
sebres
ac31121432 amend to fix fail2ban-version: correct user-agent for badips.py "Fail2Ban/ver", changeable within jail/config now; 2015-12-31 02:32:17 +01:00
Jordan Moeser
e133762a28 Added HAProxy HTTP Auth filter 2015-12-31 11:16:23 +10:00
sebres
cf334421bd Provides fail2ban version to jail (as interpolation variable during parse of jail.conf);
BF: use `fail2ban_agent` as user-agent in actions badips, blocklist_de, etc. (closes #1271, closes #1272)
2015-12-31 01:38:25 +01:00
Yaroslav Halchenko
b76aede40d ENH(TST): verify that passed bantime is non-0 and int 2015-12-29 20:22:06 -05:00
Yaroslav Halchenko
28c9832293 RF: harmonize jail.conf (no explicit enabled=false in jails, match filter name for screesharingd, etc) 2015-12-29 19:43:52 -05:00
Yaroslav Halchenko
69aa1feac0 Merge "Mac OS Screen Sharing filter" PR 1232
* pr/1232/head:
  removed system.log
  Removed old svn revision comment
  removed false matches
  Removed includes comment for screensharing jail
  Now using a literal logpath for screensharing jail
  Fixed blatant typo in regex
  clarified comments on sample log format
  Fixed name (again?)
  Made screensharing jail off by default
  Changed regex prequel
  added entry for new screensharingd filter
  name change & new sample data
  Added json metadata
  Sample log for test case
  Replaced .* with literal
  Update jail.conf
  Added new path variable for system.log
  Added in settings for screensharingd filter
  Created file

Conflicts:
	ChangeLog - moved to New Features
	config/jail.conf  - kept at the end
2015-12-29 19:36:59 -05:00
Yaroslav Halchenko
16710237e3 Merge remote-tracking branch 'origin/master'
* origin/master:
  Add 'Sender address rejected: Domain not found' Postfix failregex
2015-12-29 19:31:04 -05:00
Yaroslav Halchenko
26dd6d7425 Merge pull request #1258 from aleksandrs-ledovskis/feature/postfix-domain-not-found-failregex
Add 'Sender address rejected: Domain not found' Postfix failregex
2015-12-18 09:23:54 -05:00
Yaroslav Halchenko
dfaf82d68a Changelog entry for PartOf in .service fix 2015-12-18 09:23:12 -05:00
Yaroslav Halchenko
9f15d02910 Merge pull request #1251 from fastest963/master
Added PartOf to service file so f2b restarts when deps do
2015-12-18 09:21:43 -05:00
Yaroslav Halchenko
edcbdf6eab Merge pull request #1264 from rbrownwsws/master
Added filter and jail for murmur/mumble-server.
2015-12-18 09:20:45 -05:00
Yaroslav Halchenko
39d202b623 Merge pull request #1273 from yarikoptic/enh-log-matchtuple
ENH: log at heavydebug level what actually we are matching for failregex
2015-12-18 09:20:02 -05:00
Ross Brown
8d12dba245 Merge remote-tracking branch 'upstream/master' 2015-12-17 18:01:17 +00:00
Ross Brown
16aa2fa13e Updated ChangeLog to include new murmur jail. 2015-12-17 17:57:45 +00:00
Ross Brown
ead2d509dc Updated 'murmur' filter to use new double-anchored regex based on @yarikoptic's suggestions. 2015-12-17 17:45:24 +00:00
Yaroslav Halchenko
61b2653f9e Merge pull request #1274 from yarikoptic/enh-new-sshd-too-many
ENH: sshd filter -- match new "maximum auth attempts exceeded"
2015-12-16 06:58:47 -05:00
Ross Brown
fd36b058ce Changed usernames in sample log file for 'murmur' filter. 2015-12-15 21:55:07 +00:00
Ross Brown
ba535826a8 Updated ChangeLog to include new murmur filter. 2015-12-15 21:46:35 +00:00
Yaroslav Halchenko
5d6cead996 ENH: sshd filter -- match new "maximum auth attempts exceeded" (Closes #1269) 2015-12-13 23:21:04 -05:00