github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

- Added "shorewall" action 

- Use glob in setup.py

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@413 a942ae1a-1317-0410-a47c-b1dcaea8d605
0.x
Cyril Jaquier 2006-10-17 21:13:11 +00:00
parent 9a96428bd2
commit 15a4634c38
5 changed files with 70 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG
View File

@ -15,6 +15,7 @@ ver. 0.7.4 (2006/??/??) - beta
- Added "-s" option to specify the socket path and "socket" - Added "-s" option to specify the socket path and "socket"
option in "fail2ban.conf" option in "fail2ban.conf"
- Added "backend" option in "jail.conf" - Added "backend" option in "jail.conf"
- Added more filters/actions and jail samples
ver. 0.7.3 (2006/09/28) - beta ver. 0.7.3 (2006/09/28) - beta
---------- ----------

1
MANIFEST
View File

@ -62,6 +62,7 @@ config/action.d/iptables.conf
config/action.d/mail-whois.conf config/action.d/mail-whois.conf
config/action.d/mail.conf config/action.d/mail.conf
config/action.d/hostsdeny.conf config/action.d/hostsdeny.conf
config/action.d/shorewall.conf
config/fail2ban.conf config/fail2ban.conf
man/fail2ban-client.1 man/fail2ban-client.1
man/fail2ban-client.h2m man/fail2ban-client.h2m

47
config/action.d/shorewall.conf Normal file
View File

@ -0,0 +1,47 @@
# Fail2Ban configuration file
#
# Author: Cyril Jaquier
#
# $Revision: 394 $
#
[Definition]
# Option: fwstart
# Notes.: command executed once at the start of Fail2Ban.
# Values: CMD
#
actionstart =
# Option: fwend
# Notes.: command executed once at the end of Fail2Ban
# Values: CMD
#
actionstop =
# Option: fwcheck
# Notes.: command executed once before each fwban command
# Values: CMD
#
actioncheck =
# Option: fwban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: <ip> IP address
# <failures> number of failures
# <failtime> unix timestamp of the last failure
# <bantime> unix timestamp of the ban time
# Values: CMD
#
actionban = shorewall reject <ip>
# Option: fwunban
# Notes.: command executed when unbanning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: <ip> IP address
# <bantime> unix timestamp of the ban time
# <unbantime> unix timestamp of the unban time
# Values: CMD
#
actionunban = shorewall allow <ip>

17
config/jail.conf
View File

@ -15,6 +15,10 @@ ignoreip = 127.0.0.1
bantime = 600 bantime = 600
maxretry = 3 maxretry = 3
# "backend" specifies the backend used to get files modification. Available
# options are "gamin", "polling" and "auto".
backend = auto
# This jail corresponds to the standard configuration in Fail2ban 0.6. # This jail corresponds to the standard configuration in Fail2ban 0.6.
# The mail-whois action send a notification e-mail with a whois request # The mail-whois action send a notification e-mail with a whois request
@ -38,10 +42,13 @@ action = iptables[name=ProFTPD, port=ftp, protocol=tcp]
logpath = /var/log/proftpd/proftpd.log logpath = /var/log/proftpd/proftpd.log
maxretry = 6 maxretry = 6
# This jail forces the backend to "polling".
[sasl-iptables] [sasl-iptables]
enabled = false enabled = false
filter = sasl filter = sasl
backend = polling
action = iptables[name=sasl, port=smtp, protocol=tcp] action = iptables[name=sasl, port=smtp, protocol=tcp]
mail-whois[name=sasl, dest=yourmail@mail.com] mail-whois[name=sasl, dest=yourmail@mail.com]
logpath = /var/log/mail.log logpath = /var/log/mail.log
@ -104,3 +111,13 @@ action = mail-whois[name=VSFTPD, dest=yourmail@mail.com]
logpath = /var/log/vsftpd.log logpath = /var/log/vsftpd.log
maxretry = 5 maxretry = 5
bantime = 1800 bantime = 1800
# Use shorewall instead of iptables.
[apache-shorewall]
enabled = false
filter = apache-noscript
action = shorewall
mail[name=Postfix, dest=yourmail@mail.com]
logpath = /var/log/apache2/error_log

25
setup.py
View File

@ -30,6 +30,7 @@ from distutils.core import setup
from version import version from version import version
from os.path import isfile, join from os.path import isfile, join
from sys import exit, argv from sys import exit, argv
from glob import glob
longdesc = ''' longdesc = '''
Fail2Ban scans log files like /var/log/pwdfail or Fail2Ban scans log files like /var/log/pwdfail or
@ -60,31 +61,13 @@ setup(
], ],
data_files = [ data_files = [
('/etc/fail2ban', ('/etc/fail2ban',
[ glob("config/*.conf")
'config/fail2ban.conf',
'config/jail.conf'
]
), ),
('/etc/fail2ban/filter.d', ('/etc/fail2ban/filter.d',
[ glob("config/filter.d/*.conf")
'config/filter.d/vsftpd.conf',
'config/filter.d/apache-auth.conf',
'config/filter.d/apache-noscript.conf',
'config/filter.d/proftpd.conf',
'config/filter.d/sasl.conf',
'config/filter.d/sshd.conf',
'config/filter.d/couriersmtp.conf',
'config/filter.d/postfix.conf',
'config/filter.d/qmail.conf'
]
), ),
('/etc/fail2ban/action.d', ('/etc/fail2ban/action.d',
[ glob("config/action.d/*.conf")
'config/action.d/iptables.conf',
'config/action.d/mail-whois.conf',
'config/action.d/mail.conf',
'config/action.d/hostsdeny.conf'
]
) )
] ]
) )