CERBERUS/fail2ban
1
0
Fork 0
mirror of https://github.com/fail2ban/fail2ban.git synced 2026-05-13 14:36:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
6228 commits 34 branches 230 tags 18 MiB
Commit graph

6228 commits

This branch
This branch
All branches
Author SHA1 Message Date
Sergey G. Brester
557e7eecf9
Merge pull request #4133 from B1gG/master 
Update jail.conf.5 documentation for action tags
 2026-05-11 10:29:15 +02:00
sebres
adfffe5267 merge gh-4164: new tag <jail.name> available in ignorecommand or actions (same as <name> there) 2026-04-11 14:49:13 +02:00
sebres
8d3f5048ef filter.d/postfix.conf - extended prefregex to capture username in postfix SASL failures; 
closes gh-4165
 2026-04-11 14:42:57 +02:00
sebres
507d0468cd implements RFE #4164: new tag <jail.name> available in ignorecommand or actions (same as <name> there) 2026-04-11 14:25:12 +02:00
Sergey G. Brester
732dc86ef3
simplify timestamp conversion in systemd journal reader; 
also handle DST flag correct, so doesn't mistakenly consider the UTC timestamp as local timestamp, see #2882
 2026-04-10 16:44:43 +02:00
Sergey G. Brester
0a8356dd31
jail.conf: removed dead link in warning comment 
removed dead URL (reference to 690-fail2ban-+-dns-fail.html in blog) from the warning comment about UDP spoofing;
closes gh-4162.
 2026-03-26 21:03:29 +01:00
sebres
8be17b0981 Merge branch 'gh-4142--nginx-ssl-aggressive': extends filter.d/nginx-http-auth.conf - modes fallback and aggressive match more SSL failures by SSL_do_handshake or SSL_read (gh-4142, gh-2881) 2026-02-12 14:04:55 +01:00
sebres
c03a6204c1 ChangeLog update 2026-02-12 14:03:07 +01:00
sebres
eb7ed973ef filter.d/nginx-http-auth.conf: modes fallback and aggressive extended to match more SSL failures, see gh-4142 (amend to gh-2881) 2026-02-12 13:53:57 +01:00
Sergey G. Brester
3b8033b337
Merge pull request #2537 from viiru-/improve-systemd-service 
Improve systemd service
 2026-02-11 15:08:35 +01:00
Sergey G. Brester
243876e60a
Merge pull request #4143 from caronc/apprise-tag-support-v2 
Small amend to #4141, adjust Apprise URL doc source and action comments
 2026-02-02 03:07:01 +01:00
Sergey G. Brester
3bead7c011
Update comments in action 
jail.conf shall be unmodified (jails are ideally in jail.local or jail.d/*.conf)
 2026-02-02 03:04:25 +01:00
Chris Caron
05f6ad4fcc small fix to url for Apprise doc source 2026-02-01 20:52:06 -05:00
Sergey G. Brester
81b906303c
Merge pull request #4141 from caronc/apprise-tag-support 
Improved Apprise integration (support tagging)
 2026-02-02 02:44:46 +01:00
Sergey G. Brester
025adbf485
fixes apprise action configuration examples 2026-02-02 02:37:26 +01:00
Sergey G. Brester
f457cf8131
ChangeLog adjusted 
move from compat to enhancement section
 2026-02-02 02:31:19 +01:00
Chris Caron
1a802bee93 further feedback from PR 2026-02-01 20:18:07 -05:00
Chris Caron
36e28359ed fixed spelling 2026-02-01 19:51:26 -05:00
Chris Caron
8a8afefd70 applied updates based on PR feedback 2026-02-01 19:45:44 -05:00
Chris Caron
8afd0c8956 updated ChangeLog to reflect Apprise updates 2026-01-28 21:55:04 -05:00
Chris Caron
6cdb5738ec improved apprise fail2ban integration (support tagging) 2026-01-28 21:49:42 -05:00
sebres
9887ee4412 CI: bump python version (3.15.0-alpha.5) 2026-01-23 21:28:52 +01:00
sebres
8506e4a41d action.d/nftables.conf - fixed for SELinux without execmem permission, rewrite capturing with grep -P using grep -E or sed; 
(PCRE-JIT by `grep -P` may cause SELinux denial for execmem), closes gh-4137
 2026-01-23 21:23:58 +01:00
Gerardo Gonzalez
481be8790a
Update jail.conf.5 documentation for action tags 
Missing tags added:
family - IP address family string
ip-rev - Reverse DNS PTR record
ip-host - Hostname of the IP
fid - Failure/ticket ID
bantime - Effective ban duration
bancount - Number of times IP has been banned
restored - Flag for restored tickets (0 or 1)
F-* - Free-form filter match tags
raw-ticket - Raw ticket representation
jail.banned - Currently banned count
jail.banned_total - Total ban count
jail.found - Current failure count
jail.found_total - Total failure count
 2026-01-07 19:31:21 +01:00
sebres
948e923589 Merge fix for #4126 (branch 'gh-4126--py-3.15') 
refactor module loading to use exec_module: deprecated load_module is removed in py-3.15;
closes gh-4126
 2026-01-01 21:56:15 +01:00
Sergey G. Brester
247667c9c2
refactor loading of SMTP action module in tests (deprecated load_module removed in v.3.15) 2026-01-01 21:49:12 +01:00
Sergey G. Brester
7528fce11b
refactor module loading to use exec_module: load_module is deprecated; 
closes gh-4126
 2026-01-01 21:43:27 +01:00
Sergey G. Brester
edaf8ef19f
GHA-CI: update python 3.14 + added 3.15 2026-01-01 21:26:22 +01:00
Sergey G. Brester
74981e4c13
Merge pull request #3254 from evanlinde/master 
New filter for XRDP
 2025-12-07 01:19:01 +01:00
Sergey G. Brester
45453826a3
small amend with missing newline 2025-12-07 01:18:04 +01:00
Sergey G. Brester
2f0e05a0d7
Merge branch 'master' into master 2025-12-07 01:14:39 +01:00
sebres
ef65652671 filter.d/apache-badbots.conf, filter.d/apache-fakegooglebot.conf - regexs fixed to match lines with vhost in accesslog; 
closes gh-1594
 2025-11-28 22:27:06 +01:00
sebres
bfafd12c59 filter.d/apache-badbots.conf, filter.d/apache-fakegooglebot.conf - rewrite apache access-log REs more strict (remove catch-alls) 2025-11-28 22:16:23 +01:00
Sergey G. Brester
7c2bda4977
Fix image size for IPv6 logo in README 
Updated image tag in README to use 'style' attribute.
 2025-11-24 23:14:47 +01:00
sebres
3f78f1520b fixed typo in comparison by build of stream from filter options (see #4066) 2025-10-28 21:34:00 +01:00
Sergey G. Brester
7bac839603
Merge pull request #4069 from sebres/init-param-to-cond-section 
Setting of blocktype="DROP" via jail doesn't apply for IPv6 chain
 2025-09-24 18:23:44 +02:00
Sergey G. Brester
d0b94c147e
Update ChangeLog 2025-09-24 18:22:06 +02:00
Sergey G. Brester
070d49e09c
man/jail.conf.5 - update docu 2025-09-24 18:18:38 +02:00
Sergey G. Brester
dda4aa7d2d
Merge pull request #4075 from para-do-x/froxlor-auth 
Froxlor auth update
 2025-09-24 16:58:27 +02:00
para-do-x
ad9aba5871
Update ChangeLog gh4075 2025-09-24 18:43:39 +04:00
sebres
13563fd09b combine both REs to single RE, no prefregex needed here 2025-09-24 16:23:05 +02:00
sebres
a9401233dd code review, make it backwards compatible to logging type=1 (as suggested in https://github.com/fail2ban/fail2ban/issues/2926#issuecomment-774780120); use by default type=2 2025-09-24 16:09:42 +02:00
para-do-x
1379a262f6 Update froxlor-auth testfile 2025-09-24 15:59:19 +02:00
para-do-x
abdd0d4b25 Update jail.conf for froxlor-auth 
Changed logpath to syslog_user for froxlor-auth
 2025-09-24 15:59:18 +02:00
para-do-x
897b21a4c5 Update froxlor-auth.conf 
updated the regex to the new logging situation for froxlor.
 2025-09-24 15:59:17 +02:00
sebres
65668b8ed8 filter.d/postfix.conf - modes ddos and aggressive extended to match rate limit exceeded for connection or message delivery request rates; 
closes gh-3265;
closes gh-4073;
 2025-09-23 12:18:45 +02:00
sebres
2856092709 filter.d/postfix.conf - use common prefix instead of NOQUEUE for all modes, outside of mdpr-<mode> in prefregex (amend to gh-4072) 2025-09-18 15:01:05 +02:00
Sergey G. Brester
2ac7e1284f
Merge pull request #4072 from ulm/postfix-ddos 
filter.d/postfix.conf: Add optional "NOQUEUE:" to mdpr-ddos
 2025-09-18 14:35:35 +02:00
Ulrich Müller
0fee8dbe92 filter.d/postfix.conf: Add optional "NOQUEUE:" to mdpr-ddos 
The current regex doesn't match the following log entry, seen with
Postfix 3.10.2:

Sep 17 18:19:20 mxhost postfix/smtpd[12345]: NOQUEUE: lost connection after CONNECT from unknown[192.0.2.25]
Sep 17 18:19:20 mxhost postfix/smtpd[12345]: disconnect from unknown[192.0.2.25] commands=0/0
 2025-09-18 08:23:45 +02:00
Sergey G. Brester
6c47bf6461
Merge pull request #4068 from billfor/xarf 
fix `dig` to filter out warnings and prevent them from being injected as emails
 2025-09-15 17:23:32 +02:00