Commit graph

3494 commits

Author SHA1 Message Date
Daniel Black
2333b2d5d9 MRG: from 0.9 2014-01-13 22:17:14 +11:00
Daniel Black
703d337a39 Merge pull request #580 from grooverdan/master_to_0.9
MRG: Master to 0.9
2014-01-13 02:37:07 -08:00
Daniel Black
c7f887642d Merge branch '0.9' into master_to_0.9 2014-01-13 21:23:42 +11:00
Daniel Black
3de80545e0 MRG: from master 2014/01/13 2014-01-13 21:23:39 +11:00
Daniel Black
01e5ae1234 Merge pull request #584 from grooverdan/exim-auth
ENH: Exim auth
2014-01-13 02:20:47 -08:00
Daniel Black
b60449e5c7 Merge pull request #579 from grooverdan/squirrelmail
ENH: Squirrelmail filter
2014-01-13 02:19:34 -08:00
Daniel Black
812463003d Merge pull request #582 from grooverdan/postfix
ENH: add improper command pipelining postfix filter
2014-01-13 02:18:57 -08:00
Daniel Black
08b4f3e5f2 Merge branch 'patch-5' of https://github.com/truxoft/fail2ban into exim-auth 2014-01-13 19:26:12 +11:00
Daniel Black
353b84a648 Merge branch 'patch-4' of https://github.com/truxoft/fail2ban into exim-auth 2014-01-13 19:25:46 +11:00
Lars Kneschke
47dd8fb897 ENH: filter for Tine 2.0 2014-01-13 06:04:59 +01:00
Ivo Truxa
2d8c0b26e4 Matching any Exim authentication name
As explained in https://github.com/grooverdan/fail2ban/pull/4, in Exim there can be used plenty of other standard authentication names, and in fact the names can be custom. The failregex in Exim filter should catch authentication errors regardless of the name of the authentication. Hence replacing the plain|login with the general \w+
2014-01-13 01:38:49 +01:00
Ivo Truxa
9f107403e8 Update exim
When using Dovecot authentication for Exim, which is relatively common, the current regex for catching authentication failures needs a small tweak. The current plain|login options are too limiting and will only work in the cases when only the Exim's rudimentary built-in authentication is used. There can be not only the dovecot_login shown in this log example, but also dovecot_plain, ntlm, cram, cyrus, md5, and plenty of others. In fact many admins may opt for their own authentication labels, when setting up Exim. For this reason the regex should catch any label. I suggest modifying the regex in the following way:

<pre>^%(pid)s \w+ authenticator failed for (\S+ )?\(\S+\) \[<HOST>\]: 535 Incorrect authentication data( \(set_id=.*\)|: \d+ Time\(s\))?\s*$</pre>
2014-01-13 01:18:09 +01:00
Daniel Black
6b0e6b9bca ENH: add improper command pipelining postfix filter 2014-01-13 06:59:59 +11:00
Steven Hiscocks
d41f372c6c BF: Typo in "z" regex addition for TimeRE 2014-01-12 19:09:11 +00:00
Steven Hiscocks
5c16ac3a89 ENH: Full regex for datepattern, utilising modified Python _strptime 2014-01-12 18:59:31 +00:00
Daniel Black
a443b8b4d3 BF: remove second jail definition 2014-01-12 21:45:39 +11:00
Daniel Black
7b6ee64b9e DOC: add over pruned bits of jail.conf.5 2014-01-12 21:43:11 +11:00
Daniel Black
cd3e94140c MRG: complete merge 2014-01-12 21:16:55 +11:00
Daniel Black
f2e55e8499 ENH: add filter for squirrelmail. Closes gh-261 2014-01-12 20:27:36 +11:00
Daniel Black
1e8ed55a36 MRG: from 0.9 2014-01-12 20:15:34 +11:00
Daniel Black
5deb1f8ddc Merge pull request #578 from dozepih/asterisk-acl
ENH: Support ACL-events without AccountID. Typically happens when a registration from unknown domain
2014-01-11 18:32:53 -08:00
Tomas Pihl
b52a4441fd Support ACL-events without AccountID. Typically happens when a registration
from an unknown domain is performed.

Add credits
2014-01-12 01:28:55 +01:00
Steven Hiscocks
0dd6533680 BF: Add ejabberd-auth to jail.conf 2014-01-09 23:22:12 +00:00
Steven Hiscocks
e73090d040 Merge pull request #577 from grooverdan/rel-imports
ENH: fix test case imports to relative
2014-01-09 15:14:20 -08:00
Daniel Black
e9752d8d29 ENH: fix test case imports to relative 2014-01-10 10:04:05 +11:00
Daniel Black
928f566d19 Merge pull request #576 from kwirk/ejabberd-filter
ENH: ejabberd filter
2014-01-09 14:52:18 -08:00
Steven Hiscocks
62cfad3c2d Merge pull request #575 from grooverdan/no-dot-filters
ENH: dont run samples on filter filenames beginning with .
2014-01-09 14:49:47 -08:00
Steven Hiscocks
6a6139f1e1 Merge pull request #574 from grooverdan/master-tag-subst
TST: for tag substition, multiple on same line
2014-01-09 14:49:08 -08:00
Steven Hiscocks
128112d51c ENH: ejabberd filter 2014-01-09 22:47:17 +00:00
Daniel Black
8e8c80d980 ENH: dont run samples on filter filenames beginning with . 2014-01-10 09:44:30 +11:00
Daniel Black
cd5aab5ff1 TST: for tag substition, multiple on same line 2014-01-10 09:20:56 +11:00
Daniel Black
8333abe420 Merge pull request #557 from grooverdan/apache-botsearch
ENH: Apache botsearch + BF: tag substition
2014-01-09 14:11:00 -08:00
Daniel Black
b0baab3a0e ENH: more test cases and wider regex 2014-01-10 08:40:24 +11:00
Daniel Black
9e358541b7 BF: fix multiple tag substitutions on the same line 2014-01-10 08:39:39 +11:00
Daniel Black
4b33f96db4 DOC: fix comment regarding apache version in apache-noscript 2014-01-10 08:35:37 +11:00
Daniel Black
8e5366a7e9 DOC: for apache-botsearch and apache-botsearch 2014-01-10 07:34:01 +11:00
Steven Hiscocks
7e8da15fc6 Merge pull request #572 from grooverdan/counterstrike
ENH: Counter Strike filter
2014-01-08 12:47:10 -08:00
Daniel Black
4d4060930b DOC: spelling + GPL2+ for license 2014-01-08 21:46:32 +11:00
Daniel Black
932a952096 Merge branch 'enh/jail-manpage' of https://github.com/yarikoptic/fail2ban into y-man-fix 2014-01-08 18:08:13 +11:00
Daniel Black
b6676dbadc DOC: spelling of Counter Strike 2014-01-08 07:45:26 +11:00
Yaroslav Halchenko
e6627185b0 DOC: fixing formatting in the section names of the manpage - \fB to return into bold 2014-01-07 13:41:16 -05:00
Yaroslav Halchenko
6532a2e2f7 Merge pull request #548 from grooverdan/exim-honeypot
Exim honeypot
2014-01-07 06:14:42 -08:00
Daniel Black
d94efe719d ENH: jail.conf for counter-strike 2014-01-07 20:50:50 +11:00
Daniel Black
7e44257e7e Merge pull request #569 from grooverdan/master_to_0.9
MRG: Master to 0.9
2014-01-07 01:36:54 -08:00
Daniel Black
0fb6bc7188 ENH: add filter for Counter Strike 1.6. Closes gh-347 2014-01-07 20:33:57 +11:00
Daniel Black
a115297ebd TST: add datepattern for samplestestcases 2014-01-07 20:32:55 +11:00
Daniel Black
aabdc51e87 BF: revert separate jail for exim-honeypot as only exim-spam exists. 2014-01-07 16:26:29 +11:00
Daniel Black
9e087b508d MRG: from 0.9 2014-01-07 16:11:40 +11:00
Daniel Black
58ebf659e4 MRG: from 0.9 to make history cleaner 2014-01-07 16:07:58 +11:00
Yaroslav Halchenko
9a8b449086 DOC: some typos, fixes from Vincent Lefevre 2014-01-06 23:38:52 -05:00