Tags: fail2ban/fail2ban
Tags
ver. 0.9.7 (2017/05/11) - awaiting-victory ----------- 0.9.x line is no longer heavily developed. If you are interested in new features (e.g. IPv6 support), please consider 0.10 branch and its releases. * Fixed a systemd-journal handling in fail2ban-regex (gh-1657) * filter.d/sshd.conf - Fixed non-anchored part of failregex (misleading match of colon inside IPv6 address instead of `: ` in the reason-part by missing space, gh-1658) (0.10th resp. IPv6 relevant only, amend for gh-1479) * config/pathes-freebsd.conf - Fixed filenames for apache and nginx log files (gh-1667) * filter.d/exim.conf - optional part `(...)` after host-name before `[IP]` (gh-1751) - new reason "Unrouteable address" for "rejected RCPT" regex (gh-1762) - match of complex time like `D=2m42s` in regex "no MAIL in SMTP connection" (gh-1766) * filter.d/sshd.conf - new aggressive rules (gh-864): - Connection reset by peer (multi-line rule during authorization process) - No supported authentication methods available - single line and multi-line expression optimized, added optional prefixes and suffix (logged from several ssh versions), according to gh-1206; - fixed expression received disconnect auth fail (optional space after port part, gh-1652) and suffix (logged from several ssh versions), according to gh-1206; * filter.d/suhosin.conf - greedy catch-all before `<HOST>` fixed (potential vulnerability) * filter.d/cyrus-imap.conf - accept entries without login-info resp. hostname before IP address (gh-1707) * Filter tests extended with check of all config-regexp, that contains greedy catch-all before `<HOST>`, that is hard-anchored at end or precise sub expression after `<HOST>` * New Actions: - action.d/netscaler: Block IPs on a Citrix Netscaler ADC (gh-1663) * New Filters: - filter.d/domino-smtp: IBM Domino SMTP task (gh-1603) * Introduced new log-level `MSG` (as INFO-2, equivalent to 18)