Commit graph

3494 commits

Author SHA1 Message Date
Yaroslav Halchenko
aa0588dd1a Merge pull request #1250 from sebres/_sb/fail2ban-regex-coverage
RF: fail2ban-regex code moved into client/ codebase, unittested
2015-11-10 08:28:56 -05:00
sebres
689dfa1e6a debuggexURL fixed for wrong encoded character; test cases extended; 2015-11-10 13:29:54 +01:00
sebres
38f09b417a fail2ban-regex command line (after fail2ban-regex functionality moved to the client) 2015-11-10 13:26:34 +01:00
sebres
0877d66228 fail2ban-regex moved to the client + test cases for initial coverage added 2015-11-10 11:46:19 +01:00
sebres
46b116e86a filter test cases improved + log captured inside such tests + python 3.x compatibility;
changelog entry;
2015-11-09 22:02:05 +01:00
sebres
a42aa726ab fixed fail2ban-regex reads invalid character (in sense of given encoding); continuing to process line ignoring invalid characters (still has no test cases).
filter test cases added for same issue inside fail2ban-server / fail2ban-testcases;
closes gh-1248
2015-11-09 20:47:15 +01:00
Yaroslav Halchenko
b100ee6302 Merge pull request #1244 from opoplawski/typo
Fix typo
2015-11-02 17:55:30 -05:00
Orion Poplawski
ba76f4ca2f Fix typo 2015-11-02 15:21:14 -07:00
sebres
94cffece12 New interpolation feature for definition config readers - <known/parameter>, as extension to interpolation %(known/parameter)s, that does not works for filter and action init parameters; 2015-11-02 21:45:03 +01:00
Simon Brown
69bb532db0 removed system.log 2015-11-02 09:26:45 -08:00
Simon Brown
3e16f33dbe Removed old svn revision comment 2015-11-02 09:08:47 -08:00
Simon Brown
d16ad80597 removed false matches
For non-screensharingd related messages
2015-11-02 09:06:32 -08:00
Yaroslav Halchenko
b40c6cbd9a ENH: .mailmap file to bring some names together for git shortlog -sn 2015-11-01 11:28:58 -05:00
sebres
5767191988 fixed misleading documentation of banaction 2015-11-01 17:08:00 +01:00
sebres
fcf03790f4 fixed misleading documentation of banaction 2015-11-01 17:05:02 +01:00
Serg G. Brester
eef7771b4e Merge pull request #1238 from sebres/fix/gh-1216
Fixed directly defined banaction for allports jails like pam-generic, recidive, etc
2015-10-31 13:17:04 +01:00
sebres
e825e977cc Nginx log paths extended (prefixed with "*" wildcard)
closes gh-1237
2015-10-30 17:51:30 +01:00
sebres
f359ed8c36 Fixed directly defined banaction for allports jails like pam-generic, recidive, etc with new default variable banaction_allports (+ man entries for both variables added);
closes gh-1216
2015-10-30 15:36:18 +01:00
Simon Brown
5839a3bd80 Removed includes comment for screensharing jail 2015-10-29 16:07:54 -07:00
sebres
53b39162a1 Shortly, much faster and stable version of regexp (possible because expression is start-anchored and does not contains closely to catch-all sub expressions) 2015-10-29 23:55:23 +01:00
sebres
6884593ab8 New filter nginx-limit-req ban hosts, that were failed through nginx by limit request processing rate (ngx_http_limit_req_module) 2015-10-29 23:15:20 +01:00
Orion Poplawski
0661aece46 Merge branch 'master' into journaldefault
Conflicts:
	ChangeLog
2015-10-29 15:22:37 -06:00
Simon Brown
65bc5cf6ba Now using a literal logpath for screensharing jail 2015-10-29 09:03:01 -07:00
Simon Brown
cabd46f069 Fixed blatant typo in regex
However, still failing test, even though ```PYTHONPATH=. fail2ban-regex -v fail2ban/tests/files/logs/screensharingd  /etc/fail2ban/filter.d/screensharingd.conf``` gives desired result
2015-10-28 20:58:25 -07:00
Simon Brown
bed28eaa62 clarified comments on sample log format 2015-10-28 15:32:58 -07:00
Simon Brown
c936d19805 Fixed name (again?) 2015-10-28 15:30:31 -07:00
Simon Brown
acee68a9ee Made screensharing jail off by default
Also added note about requiring paths-osx.conf.
2015-10-28 15:11:11 -07:00
Simon Brown
4b4d5a95b7 Changed regex prequel
Use standard prefix macro instead of literal daemon name.
2015-10-27 21:30:20 -07:00
Simon Brown
3dd1c305ce added entry for new screensharingd filter 2015-10-27 21:20:12 -07:00
Simon Brown
6a5f10ee72 name change & new sample data
changed name to match daemon, log samples with year
2015-10-27 16:27:14 -07:00
Simon Brown
3e4a77a568 Added json metadata 2015-10-27 12:31:51 -07:00
Simon Brown
b3a18631e2 Sample log for test case 2015-10-27 10:43:43 -07:00
Simon Brown
4c3f778b82 Replaced .* with literal
Per Serg's suggestions. Possible I'm missing some auth attempt types, but I couldn't find anything where literal wasn't sufficient.
2015-10-27 10:33:30 -07:00
Simon Brown
d17d837b8c Update jail.conf
Added logencoding to screensharing jail to avoid encoding error messages in fail2ban log
2015-10-27 10:28:07 -07:00
Simon Brown
de14946542 Added new path variable for system.log
Logging location for the majority of Mac OS daemons.
2015-10-26 18:02:07 -07:00
Simon Brown
80546c6164 Added in settings for screensharingd filter 2015-10-26 17:50:49 -07:00
Simon Brown
3ec725a2ba Created file
From https://github.com/beezwax/filemaker-fail2ban/blob/master/fail2ban/filter.d/screensharingd.conf
2015-10-26 17:35:38 -07:00
sebres
eb87638ead ChangeLog entry for OpenHAB home automation filter (gh-1223) 2015-10-26 15:56:01 +01:00
1technophile
2861a957a9 filter for openhab domotic software authentication failure with the rest api and web interface + test cases;
closes gh-1223
2015-10-26 15:48:23 +01:00
Serg G. Brester
26517b0464 Merge pull request #1226 from pablorf-dev/master
Minor fix and enhancement (fake google domains)
2015-10-22 14:23:47 +02:00
Pablo Rodriguez Fernandez
2c576c64f8 Change domain filter regex
Change domain filter regex since there are other Google crawlers.
See "Google crawlers"
<https://support.google.com/webmasters/answer/1061943?hl=en>
2015-10-20 10:46:00 +02:00
Pablo Rodriguez Fernandez
74fcb219ab Enhanced Google domain detection in apache-fakegooglebot
Previously, an attacker could fake a domain like
crawl-1-1-1-1.googlebot.com.fake.net and get resolved. This change
avoids to resolve fake Google domains.
2015-10-20 10:45:53 +02:00
Orion Poplawski
3a9cf2b3da Add and use default_backend to set individual backend defaults to auto 2015-10-19 19:50:03 -06:00
Orion Poplawski
81a26266a9 Add changlog entry for postfix-rbl logpath change 2015-10-19 19:46:43 -06:00
Orion Poplawski
ced7be94b2 Fix postfix_log typo 2015-10-19 19:43:10 -06:00
Orion Poplawski
75d33c0f09 Add *_backend options for services to allow distros to set the default backend
per service.
Set default to systemd for Fedora as appropriate.
2015-10-18 20:18:50 -06:00
Pablo
7e6964dd9d Fix section jail.conf.5 manpage
The section of jail.conf manpage is wrong, should be 5, not 10
2015-10-15 10:40:56 +02:00
Serg G. Brester
3a5d4fdd26 Merge pull request #1221 from pablorf-dev/master
Add check in apache-fakegooglebot to protect against PTR fake record (gh-1221)
2015-10-14 11:33:06 +02:00
Pablo Rodriguez Fernandez
a28e6b442e Add check in apache-fakegooglebot to protect against PTR fake record
An attacker may return a PTR record which fakes a Googlebot's domain
name. This modification resolves the PTR records to verify it.

See "Verifying Googlebot":
<https://support.google.com/webmasters/answer/80553?vid=1-635800030504666679-1963774919>
2015-10-13 17:11:49 +02:00
Yaroslav Halchenko
16443f7b05 Merge pull request #1219 from agentmoller001/patch-1
Updated route.conf to clear warnings (Closes #1026)
2015-10-09 21:26:53 -04:00