Commit graph

3494 commits

Author SHA1 Message Date
Daniel Black
a044517cb7 MRG: from master to 0.9 2014-02-20 2014-02-20 08:35:24 +11:00
Daniel Black
79e6543eca Merge branch '0.9' into distro-paths-gh-315 2014-02-20 08:20:47 +11:00
Daniel Black
83266eb668 ENH: framework for distro paths 2014-02-20 08:20:02 +11:00
Daniel Black
a90be951e9 Merge pull request #624 from kwirk/ignoreip-netmask
ENH: Allow 255.255.255.0 style mask for ignoreip
2014-02-20 07:23:46 +11:00
Steven Hiscocks
9928f1df96 ENH: Allow 255.255.255.0 style mask for ignoreip 2014-02-19 17:51:08 +00:00
Steven Hiscocks
8c5525163b BF: Fix misplaced ";", and duplicate {ip,}matches 2014-02-18 15:13:02 +00:00
Steven Hiscocks
997729e274 BF: Fix complain action for multiple recipients and misplaced ";" 2014-02-18 15:05:06 +00:00
Daniel Black
350d2dfd8e Merge pull request #618 from kwirk/xt_recent-tweaks
ENH: Add root user check in xt_recent, and add missing actionstop
2014-02-18 08:15:22 +11:00
Daniel Black
1276e4d170 Merge pull request #616 from kwirk/maxlines-warning
ENH: Warn when multiline regex used when maxlines not greater than 1
2014-02-17 14:03:14 +11:00
Steven Hiscocks
4102f4f8c7 TST: Fix TravisCI build, install of coveralls from pip 2014-02-16 23:08:49 +00:00
Steven Hiscocks
7c76f7f204 BF: $EUID not avilable in all shells, replaced with id -u in xt_recent 2014-02-16 17:56:06 +00:00
Steven Hiscocks
2a37ee2fb7 ENH: Add root user check in xt_recent, and add missing actionstop
Thanks to Helmut Grohne on IRC for suggestion
2014-02-16 16:52:30 +00:00
Steven Hiscocks
c6fc57d594 TST: Fix TravisCI build for python2.7 2014-02-15 15:20:59 +00:00
Steven Hiscocks
df3e4a2742 ENH: Warn when multiline regex used when maxlines not greater than 1 2014-02-15 14:42:44 +00:00
Steven Hiscocks
5c7630c4be ENH: Allow separate blacklist category for badips.py action 2014-02-14 17:45:08 +00:00
Steven Hiscocks
cf81ddd8e2 BF: Add error handling in badips.py action 2014-02-14 17:10:34 +00:00
Steven Hiscocks
31f4ea59cb BF: Use abusix Abuse Contact DB to get more accurate abuse addresses
Taken from xarf-login-attack action from 0.9 branch by Daniel Black
2014-02-13 22:00:33 +00:00
Steven Hiscocks
fceac53776 TST: Move nagios log sample to correct folder 2014-02-13 21:02:26 +00:00
Steven Hiscocks
f68d85a6ac Merge branch 'master' into 0.9
Conflicts:
	ChangeLog
                Spelling correction of 0.8.13 fixed in master
	config/jail.conf
                Added nagios and duplicate php-url removal in master
                Just nagios added, duplicate not issue in 0.9
2014-02-13 20:14:40 +00:00
Steven Hiscocks
9bbf4ea258 BF: Keep sure database errors are captured during Fail2Ban startup 2014-02-13 20:07:12 +00:00
Steven Hiscocks
9bfc77c320 BF: fail2ban-client processCmd ret was being overwritten each loop 2014-02-13 20:03:45 +00:00
Daniel Black
c701ac9276 DOC: document LogLevel requirement for "Connection from" regex" 2014-02-13 16:20:36 +11:00
Steven Hiscocks
0822275295 Merge pull request #613 from grooverdan/more-ssh
ENH: ssh filter - "Disconnecting: Too many authentication failures.." ma...
2014-02-12 22:55:04 +00:00
Daniel Black
45157ddc86 TST: fix failJSON for ssh filter change 2014-02-13 09:26:59 +11:00
Steven Hiscocks
1e9910fcb0 ENH: Added traceback for error log on pyinotify callback when in debug
Thanks to Helmut Grohne for idea on #fail2ban IRC
2014-02-12 22:18:09 +00:00
Daniel Black
5f4d0ed576 ENH: ssh filter - "Disconnecting: Too many authentication failures.." matching Connection log message 2014-02-13 09:13:46 +11:00
Steven Hiscocks
bda9b7d725 BF: Add handling of exception in pyinotify callback
If error isn't handled, no error messages are printed and the jail
ceases to function.
2014-02-12 18:07:31 +00:00
Daniel Black
5177fded7b Merge pull request #602 from grooverdan/doco-risks-and-limitations
DOC: Doco risks and limitations
2014-02-11 07:56:46 +11:00
Daniel Black
fb557761e4 Merge pull request #610 from tecnocat/patch-1
BF: Duplicate jail "php-url-fopen"
2014-02-11 07:56:00 +11:00
Aarón Nieves Fernández
993b7d3dfb Duplicate jail "php-url-fopen" 2014-02-10 21:41:50 +01:00
Steven Hiscocks
a9f0545d8f BF: Add threading lock to database 2014-02-09 23:16:36 +00:00
Steven Hiscocks
dff8909473 ENH: Add badips.com reporting and blacklisting action (python based) 2014-02-09 12:23:14 +00:00
Steven Hiscocks
3cbfe9b057 BF: ret now changed after beautifier called 2014-02-08 22:15:19 +00:00
Steven Hiscocks
530cd53add BF: Due to python3 bug, importlib.machinery may need explicit import 2014-02-08 20:52:32 +00:00
Yaroslav Halchenko
c424e4032d DOC: minor - replace tabs with spaces for consistent formatting 2014-02-07 00:41:22 -05:00
Daniel Black
1c740636e3 Merge pull request #603 from truxoft/master
ENH: Nagios filter
2014-02-06 11:09:49 +11:00
Ivo Truxa
c207ad6058 removing ignoreip at [nagios]
I removed the ignoreip setting from the nagios section. As pointed out, it is redundant here. Nagios server, under normal circumstances should not trigger any access errors, and would be included in the global ignoreips anyway.
2014-02-06 00:27:38 +01:00
Ivo Truxa
f5f434f846 removing the second failregex
The second failregex was supposed to catch an error concerning an ACL denial over IPv6, but this message is no more generated by the nrpe version (v2.15) that introduced the IPv6 support, so the first failregex seems to be sufficient.
2014-02-06 00:22:05 +01:00
Daniel Black
338d40f717 Merge pull request #606 from cmarkle/patch-1
Correct spelling error in changelog
2014-02-06 07:50:04 +11:00
Chris Markle
20886288e5 Correct spelling error in changelog
I know it's a nit but still... ;)
2014-02-05 10:44:46 -08:00
Ivo Truxa
f6ccd8878d date fix
sorry, need to get some glasses
2014-02-03 23:27:19 +01:00
Ivo Truxa
a71bb89ccd removing a dot (typo)
The dot at the ignoregex did not belong there. Somehow it was added during the copying and pasting. Thanks for reporting it, I did not see it. Otherwise, empty ignoregexes are in all filters, and if they are missing, fail2ban client shows warnings when starting the filter, which I prefer avoiding.
2014-02-03 23:12:56 +01:00
Ivo Truxa
a8a43e8f38 ENH: Nagios filter
new filter Nagios added
2014-02-03 22:01:22 +01:00
Ivo Truxa
dac4dd465e ENH: Nagios filter
added typical configuration settings for the nagios filter
2014-02-03 21:51:49 +01:00
Ivo Truxa
c91fda8619 ENH: Nagios filter
Sample log for the first failregex is available in the testcases. No example available for the IPv6 denial yet.
2014-02-03 21:46:07 +01:00
Ivo Truxa
110b8e6905 ENH: Nagios filter
Sample log entry from /var/log/messages for a denied access to the nrpe2 (Nagios Remote Plugin Executor) daemon
2014-02-03 21:39:52 +01:00
Daniel Black
7b56daee8f DOC: set realistic expectations of what fail2ban protects against 2014-02-02 15:17:10 +11:00
Daniel Black
ef82eac790 DOC: openssh real protection is pubkey 2014-02-02 15:16:40 +11:00
Daniel Black
59b9045e88 MRG: from master 2014-02-02 2014-02-02 13:21:16 +11:00
Daniel Black
1366ea382d Merge pull request #601 from grooverdan/dovecot-no-lip-tls
ENH: dovecot filter enhancements / BF: remove "no auth attempts"
2014-01-31 01:57:02 -08:00