mirror of https://github.com/fail2ban/fail2ban
BF: use standard/reserved example.com instead of mail.com
Adapted from fail2ban-0.8.4-examplemail.patch in Fedora: http://sophie.zarb.org/sources/fail2ban/fail2ban-0.8.4-examplemail.patch git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@777 a942ae1a-1317-0410-a47c-b1dcaea8d605debian-upstream^2
Yaroslav Halchenko
parent
6d25310e28
commit
02be7d03b2
|
|
@ -45,7 +45,7 @@ backend = auto
|
|||
enabled = false
|
||||
filter = sshd
|
||||
action = iptables[name=SSH, port=ssh, protocol=tcp]
|
||||
sendmail-whois[name=SSH, dest=you@mail.com, sender=fail2ban@mail.com]
|
||||
sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com]
|
||||
logpath = /var/log/sshd.log
|
||||
maxretry = 5
|
||||
|
||||
|
|
@ -54,7 +54,7 @@ maxretry = 5
|
|||
enabled = false
|
||||
filter = proftpd
|
||||
action = iptables[name=ProFTPD, port=ftp, protocol=tcp]
|
||||
sendmail-whois[name=ProFTPD, dest=you@mail.com]
|
||||
sendmail-whois[name=ProFTPD, dest=you@example.com]
|
||||
logpath = /var/log/proftpd/proftpd.log
|
||||
maxretry = 6
|
||||
|
||||
|
|
@ -66,7 +66,7 @@ enabled = false
|
|||
filter = sasl
|
||||
backend = polling
|
||||
action = iptables[name=sasl, port=smtp, protocol=tcp]
|
||||
sendmail-whois[name=sasl, dest=you@mail.com]
|
||||
sendmail-whois[name=sasl, dest=you@example.com]
|
||||
logpath = /var/log/mail.log
|
||||
|
||||
# Here we use TCP-Wrappers instead of Netfilter/Iptables. "ignoreregex" is
|
||||
|
|
@ -77,7 +77,7 @@ logpath = /var/log/mail.log
|
|||
enabled = false
|
||||
filter = sshd
|
||||
action = hostsdeny
|
||||
sendmail-whois[name=SSH, dest=you@mail.com]
|
||||
sendmail-whois[name=SSH, dest=you@example.com]
|
||||
ignoreregex = for myuser from
|
||||
logpath = /var/log/sshd.log
|
||||
|
||||
|
|
@ -101,7 +101,7 @@ maxretry = 6
|
|||
enabled = false
|
||||
filter = postfix
|
||||
action = hostsdeny[file=/not/a/standard/path/hosts.deny]
|
||||
sendmail[name=Postfix, dest=you@mail.com]
|
||||
sendmail[name=Postfix, dest=you@example.com]
|
||||
logpath = /var/log/postfix.log
|
||||
bantime = 300
|
||||
|
||||
|
|
@ -112,7 +112,7 @@ bantime = 300
|
|||
|
||||
enabled = false
|
||||
filter = vsftpd
|
||||
action = sendmail-whois[name=VSFTPD, dest=you@mail.com]
|
||||
action = sendmail-whois[name=VSFTPD, dest=you@example.com]
|
||||
logpath = /var/log/vsftpd.log
|
||||
maxretry = 5
|
||||
bantime = 1800
|
||||
|
|
@ -124,7 +124,7 @@ bantime = 1800
|
|||
enabled = false
|
||||
filter = vsftpd
|
||||
action = iptables[name=VSFTPD, port=ftp, protocol=tcp]
|
||||
sendmail-whois[name=VSFTPD, dest=you@mail.com]
|
||||
sendmail-whois[name=VSFTPD, dest=you@example.com]
|
||||
logpath = /var/log/vsftpd.log
|
||||
maxretry = 5
|
||||
bantime = 1800
|
||||
|
|
@ -137,7 +137,7 @@ bantime = 1800
|
|||
enabled = false
|
||||
filter = apache-badbots
|
||||
action = iptables-multiport[name=BadBots, port="http,https"]
|
||||
sendmail-buffered[name=BadBots, lines=5, dest=you@mail.com]
|
||||
sendmail-buffered[name=BadBots, lines=5, dest=you@example.com]
|
||||
logpath = /var/www/*/logs/access_log
|
||||
bantime = 172800
|
||||
maxretry = 1
|
||||
|
|
@ -149,7 +149,7 @@ maxretry = 1
|
|||
enabled = false
|
||||
filter = apache-noscript
|
||||
action = shorewall
|
||||
sendmail[name=Postfix, dest=you@mail.com]
|
||||
sendmail[name=Postfix, dest=you@example.com]
|
||||
logpath = /var/log/apache2/error_log
|
||||
|
||||
# Ban attackers that try to use PHP's URL-fopen() functionality
|
||||
|
|
@ -190,7 +190,7 @@ maxretry = 2
|
|||
enabled = false
|
||||
filter = sshd
|
||||
action = ipfw[localhost=192.168.0.1]
|
||||
sendmail-whois[name="SSH,IPFW", dest=you@mail.com]
|
||||
sendmail-whois[name="SSH,IPFW", dest=you@example.com]
|
||||
logpath = /var/log/auth.log
|
||||
ignoreip = 168.192.0.1
|
||||
|
||||
|
|
@ -224,7 +224,7 @@ ignoreip = 168.192.0.1
|
|||
# enabled = false
|
||||
# filter = named-refused
|
||||
# action = iptables-multiport[name=Named, port="domain,953", protocol=udp]
|
||||
# sendmail-whois[name=Named, dest=you@mail.com]
|
||||
# sendmail-whois[name=Named, dest=you@example.com]
|
||||
# logpath = /var/log/named/security.log
|
||||
# ignoreip = 168.192.0.1
|
||||
|
||||
|
|
@ -235,7 +235,7 @@ ignoreip = 168.192.0.1
|
|||
enabled = false
|
||||
filter = named-refused
|
||||
action = iptables-multiport[name=Named, port="domain,953", protocol=tcp]
|
||||
sendmail-whois[name=Named, dest=you@mail.com]
|
||||
sendmail-whois[name=Named, dest=you@example.com]
|
||||
logpath = /var/log/named/security.log
|
||||
ignoreip = 168.192.0.1
|
||||
|
||||
|
|
|
|||
|
|
@ -99,7 +99,7 @@ elif [ $final_exit -ne "0" ]; then
|
|||
# put a txt file on your server and describe how to fix the issue, this
|
||||
# could be attached to the mail.
|
||||
######################################################################
|
||||
# mutt -s "FAIL2BAN NOT WORKING" your@email.com < /home/f2ban.txt
|
||||
# mutt -s "FAIL2BAN NOT WORKING" your@example.com < /home/f2ban.txt
|
||||
|
||||
exitstatus=$STATE_CRITICAL
|
||||
fi
|
||||
|
|
|
|||
Loading…
Reference in New Issue