diff --git a/config/fail2ban.conf.default b/config/fail2ban.conf.default index 71a319dd..ee2a3485 100644 --- a/config/fail2ban.conf.default +++ b/config/fail2ban.conf.default @@ -23,6 +23,16 @@ debug = false # logtargets = /var/log/fail2ban.log +# Option: syslog-target +# Notes.: where to find syslog facility if logtarget SYSLOG +# Values: file(socket) hostname hostname:port Default: /dev/log +syslog-target = /dev/log + +# Option: syslog-facility +# Notes.: which syslog facility to use if logtarget SYSLOG +# Values: NUM Default: 1 +syslog-facility = 1 + # Option: pidlock # Notes.: path of the PID lock file (must be able to write to file). # Values: FILE Default: /var/run/fail2ban.pid diff --git a/debian/README.Debian b/debian/README.Debian index ba670859..862cf3a5 100644 --- a/debian/README.Debian +++ b/debian/README.Debian @@ -10,7 +10,11 @@ Currently the main difference with upstream: python libraries are placed under /usr/share/fail2ban insteadh of /usr/lib/fail2ban to comply with policy regarding architecture independent resources. -See the file TODO.Debian for more details, as well as the Debian Bug +Only handling of ssh files is enabled by default. If you want to use +fail2ban with apache, please enable apache section manually in +/etc/fail2ban.conf. + +See TODO.Debian for more details, as well as the Debian Bug Tracking system. - -- Yaroslav O. Halchenko , Sat Jul 23 09:09:51 2005 + -- Yaroslav O. Halchenko , Thu Aug 18 20:53:58 2005 diff --git a/debian/TODO b/debian/TODO index 8439aeb7..7cada7c3 100644 --- a/debian/TODO +++ b/debian/TODO @@ -1,4 +1,3 @@ -Because this is just a quick hack to package fail2ban it might be missing -some crucial parts... +* Collect more sections for other log files -- debian@onerussian.com diff --git a/debian/changelog b/debian/changelog index fff9c872..b7a00b5c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,7 +1,14 @@ fail2ban (0.5.2-3) unstable; urgency=low - * Fixed errata in /etc/default/fail2ban. (Closes: #323451) - + * Fixed errata in /etc/default/fail2ban (closes: #323451) + * Fixed handling of SYSLOG logging target. Now it can log to any syslog + target and facility as directed by the config (revisions 160:166 patch + from syslog branch) (closes: #323543) + * Included upstream README and TODO + * Mentioned in README.Debian that apache section is disabled by default + * Adjusted man pages to cross-reference each other (closes: #323840) + * Moved fail2ban man page under section 8 as in upstream + -- Yaroslav Halchenko Tue, 16 Aug 2005 11:23:28 -1000 fail2ban (0.5.2-2) unstable; urgency=low diff --git a/fail2ban.py b/fail2ban.py index 48b845dd..c9f4e2a4 100755 --- a/fail2ban.py +++ b/fail2ban.py @@ -175,6 +175,8 @@ def main(): # Options optionValues = (["bool", "background", False], ["str", "logtargets", "/var/log/fail2ban.log"], + ["str", "syslog-target", "/dev/log"], + ["int", "syslog-facility", 1], ["bool", "debug", False], ["str", "pidlock", "/var/run/fail2ban.pid"], ["int", "maxretry", 3], @@ -241,7 +243,35 @@ def main(): if target == "STDERR": hdlr = logging.StreamHandler(sys.stderr) elif target == "SYSLOG": - hdlr = logging.handlers.SysLogHandler() + + # SYSLOG target can be either + # a socket (file, so it starts with /) + # or hostname + # or hostname:port + syslogtargets = re.findall("(/[\w/]*)|([^/ ][^: ]*)(:(\d+)){,1}", + conf["syslog-target"]) + # we are waiting for a single match + syslogtargets = syslogtargets[0] + + # assign facility if it was defined + if conf["syslog-facility"] < 0: + facility = handlers.SysLogHandler.LOG_USER + else: + facility = conf["syslog-facility"] + + if len(syslogtargets) == 0: # everything default + hdlr = logging.handlers.SysLogHandler() + else: + if not ( syslogtargets[0] == "" ): # got socket + syslogtarget = syslogtargets[0] + else: # got hostname and may be a port + if syslogtargets[3] == "": # no port specified + port = 514 + else: + port = int(syslogtargets[3]) + syslogtarget = (syslogtargets[1], port) + hdlr = logging.handlers.SysLogHandler(syslogtarget, facility) + else: # Target should be a file try: