DuckCorp Projects: Issueshttps://projects.duckcorp.org/https://projects.duckcorp.org/favicon.ico?16699090422021-11-24T14:03:15ZDuckCorp Projects
Redmine DuckCorp Infrastructure - Enhancement #745 (New): ban IPs that try to authenticate with a nonexis...https://projects.duckcorp.org/issues/7452021-11-24T14:03:15ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Fail2ban should block the following attemps:<br /><pre>
Nov 24 15:06:46 Toushirou dovecot[1308700]: auth: ldap(<redacted>,XXX.237.103.19): unknown user
Nov 24 15:07:00 Toushirou dovecot[1308700]: auth: ldap(<redacted>,XXX.237.103.19): unknown user
Nov 24 15:07:20 Toushirou dovecot[1308700]: auth: ldap(<redacted>,XXX.237.103.19): unknown user
Nov 24 15:07:30 Toushirou dovecot[1308700]: auth: ldap(<redacted>,XXX.237.103.19): unknown user
Nov 24 15:07:44 Toushirou dovecot[1308700]: auth: ldap(<redacted>,XXX.237.103.19): unknown user
Nov 24 15:08:04 Toushirou dovecot[1308700]: auth: ldap(<redacted>,XXX.237.103.19): unknown user
</pre></p>
<p>Some numbers in order to support the new filter (the oldest entry in the journal is 7 days old):<br /><pre>
root@Toushirou:~# # count all entries
root@Toushirou:~# journalctl -g '(auth:.*unknown)' | wc -l
5032
root@Toushirou:~# # check the regex
root@Toushirou:~# journalctl -g '(auth:.*unknown)' | sed -n 's/.*ldap([^,]\+,\([^,)]\+\)\(,<[^>]\+>\)\?):.*/\1/p' | sort | uniq -c | sort -nr | awk '{print $1}' | paste -sd+ | bc
5029
root@Toushirou:~# # display the most used IPs
root@Toushirou:~# journalctl -g '(auth:.*unknown)' | sed -n 's/.*ldap([^,]\+,\([^,)]\+\)\(,<[^>]\+>\)\?):.*/\1/p' | sort | uniq -c | sort -nr | awk '{print $1}' | head -n 10
741
566
467
362
307
182
177
174
167
161
# There are 697 different IPs, the twenty most used produce 85% of the login failure.
</pre></p> Bip - Enhancement #715 (New): Backlog one channel onlyhttps://projects.duckcorp.org/issues/7152020-12-17T09:34:26ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>The backlog command only allows to backlog all the channels from one network.</p>
<p>It would be nice to fetch backlog from one channel only.</p>
<p>From: Debian bug <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668420" class="external">#668420</a>.</p> UFWI - Enhancement #417 (New): Add GnuTLS 3.x supporthttps://projects.duckcorp.org/issues/4172014-11-25T22:42:24ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Oleg Blednov</p> UFWI - Enhancement #400 (New): [ntp] Add timezone supporthttps://projects.duckcorp.org/issues/4002014-11-25T22:35:04ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Enhancement #399 (New): Split modules into different projects / packageshttps://projects.duckcorp.org/issues/3992014-11-25T22:34:45ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Enhancement #396 (New): Use git instead of svn to do configuration versionninghttps://projects.duckcorp.org/issues/3962014-11-25T22:33:05ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Enhancement #392 (New): Add libev 4.0 supporthttps://projects.duckcorp.org/issues/3922014-11-25T22:30:17ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Enhancement #391 (New): Add libev 4.0 supporthttps://projects.duckcorp.org/issues/3912014-11-25T22:29:54ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Enhancement #390 (New): Add libev 4.0 supporthttps://projects.duckcorp.org/issues/3902014-11-25T22:29:37ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Enhancement #389 (New): Fix multi_mode pluginhttps://projects.duckcorp.org/issues/3892014-11-25T22:28:44ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>The multi_mode plugin depends on emc source, emc source should be ported first and needs a lib made out of it if necessary</p>
<p>Added by Laurent Defert</p> UFWI - Enhancement #388 (New): SELinux supporthttps://projects.duckcorp.org/issues/3882014-11-25T22:28:16ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Enhancement #387 (New): SELinux supporthttps://projects.duckcorp.org/issues/3872014-11-25T22:28:02ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Enhancement #386 (New): Authentication without Javahttps://projects.duckcorp.org/issues/3862014-11-25T22:27:38ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>The former nufw-emc repository contains code to perform ip based authentication without using a Java agent.<br />The php code to perform this authentication is available in the scripts/auth_mysql/ directory of the nufw-emc repository.</p>
<p>Added by Laurent Defert</p> UFWI - Enhancement #384 (New): Debian packaginghttps://projects.duckcorp.org/issues/3842014-11-25T22:26:05ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Documentation #358 (New): API documentationhttps://projects.duckcorp.org/issues/3582014-11-25T02:03:08ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p>