mirror of https://github.com/fail2ban/fail2ban
fixed man pages - cross referenced them, placed fail2ban into section 8
added upstream README and TODO, patched with SYSLOG (160:166)debian-releases/etch
parent
61f10ac4cb
commit
1acb0f2648
|
@ -23,6 +23,16 @@ debug = false
|
||||||
#
|
#
|
||||||
logtargets = /var/log/fail2ban.log
|
logtargets = /var/log/fail2ban.log
|
||||||
|
|
||||||
|
# Option: syslog-target
|
||||||
|
# Notes.: where to find syslog facility if logtarget SYSLOG
|
||||||
|
# Values: file(socket) hostname hostname:port Default: /dev/log
|
||||||
|
syslog-target = /dev/log
|
||||||
|
|
||||||
|
# Option: syslog-facility
|
||||||
|
# Notes.: which syslog facility to use if logtarget SYSLOG
|
||||||
|
# Values: NUM Default: 1
|
||||||
|
syslog-facility = 1
|
||||||
|
|
||||||
# Option: pidlock
|
# Option: pidlock
|
||||||
# Notes.: path of the PID lock file (must be able to write to file).
|
# Notes.: path of the PID lock file (must be able to write to file).
|
||||||
# Values: FILE Default: /var/run/fail2ban.pid
|
# Values: FILE Default: /var/run/fail2ban.pid
|
||||||
|
|
|
@ -10,7 +10,11 @@ Currently the main difference with upstream: python libraries are
|
||||||
placed under /usr/share/fail2ban insteadh of /usr/lib/fail2ban to
|
placed under /usr/share/fail2ban insteadh of /usr/lib/fail2ban to
|
||||||
comply with policy regarding architecture independent resources.
|
comply with policy regarding architecture independent resources.
|
||||||
|
|
||||||
See the file TODO.Debian for more details, as well as the Debian Bug
|
Only handling of ssh files is enabled by default. If you want to use
|
||||||
|
fail2ban with apache, please enable apache section manually in
|
||||||
|
/etc/fail2ban.conf.
|
||||||
|
|
||||||
|
See TODO.Debian for more details, as well as the Debian Bug
|
||||||
Tracking system.
|
Tracking system.
|
||||||
|
|
||||||
-- Yaroslav O. Halchenko <debian@onerussian.com>, Sat Jul 23 09:09:51 2005
|
-- Yaroslav O. Halchenko <debian@onerussian.com>, Thu Aug 18 20:53:58 2005
|
||||||
|
|
|
@ -1,4 +1,3 @@
|
||||||
Because this is just a quick hack to package fail2ban it might be missing
|
* Collect more sections for other log files
|
||||||
some crucial parts...
|
|
||||||
|
|
||||||
-- debian@onerussian.com
|
-- debian@onerussian.com
|
||||||
|
|
|
@ -1,7 +1,14 @@
|
||||||
fail2ban (0.5.2-3) unstable; urgency=low
|
fail2ban (0.5.2-3) unstable; urgency=low
|
||||||
|
|
||||||
* Fixed errata in /etc/default/fail2ban. (Closes: #323451)
|
* Fixed errata in /etc/default/fail2ban (closes: #323451)
|
||||||
|
* Fixed handling of SYSLOG logging target. Now it can log to any syslog
|
||||||
|
target and facility as directed by the config (revisions 160:166 patch
|
||||||
|
from syslog branch) (closes: #323543)
|
||||||
|
* Included upstream README and TODO
|
||||||
|
* Mentioned in README.Debian that apache section is disabled by default
|
||||||
|
* Adjusted man pages to cross-reference each other (closes: #323840)
|
||||||
|
* Moved fail2ban man page under section 8 as in upstream
|
||||||
|
|
||||||
-- Yaroslav Halchenko <debian@onerussian.com> Tue, 16 Aug 2005 11:23:28 -1000
|
-- Yaroslav Halchenko <debian@onerussian.com> Tue, 16 Aug 2005 11:23:28 -1000
|
||||||
|
|
||||||
fail2ban (0.5.2-2) unstable; urgency=low
|
fail2ban (0.5.2-2) unstable; urgency=low
|
||||||
|
|
32
fail2ban.py
32
fail2ban.py
|
@ -175,6 +175,8 @@ def main():
|
||||||
# Options
|
# Options
|
||||||
optionValues = (["bool", "background", False],
|
optionValues = (["bool", "background", False],
|
||||||
["str", "logtargets", "/var/log/fail2ban.log"],
|
["str", "logtargets", "/var/log/fail2ban.log"],
|
||||||
|
["str", "syslog-target", "/dev/log"],
|
||||||
|
["int", "syslog-facility", 1],
|
||||||
["bool", "debug", False],
|
["bool", "debug", False],
|
||||||
["str", "pidlock", "/var/run/fail2ban.pid"],
|
["str", "pidlock", "/var/run/fail2ban.pid"],
|
||||||
["int", "maxretry", 3],
|
["int", "maxretry", 3],
|
||||||
|
@ -241,7 +243,35 @@ def main():
|
||||||
if target == "STDERR":
|
if target == "STDERR":
|
||||||
hdlr = logging.StreamHandler(sys.stderr)
|
hdlr = logging.StreamHandler(sys.stderr)
|
||||||
elif target == "SYSLOG":
|
elif target == "SYSLOG":
|
||||||
hdlr = logging.handlers.SysLogHandler()
|
|
||||||
|
# SYSLOG target can be either
|
||||||
|
# a socket (file, so it starts with /)
|
||||||
|
# or hostname
|
||||||
|
# or hostname:port
|
||||||
|
syslogtargets = re.findall("(/[\w/]*)|([^/ ][^: ]*)(:(\d+)){,1}",
|
||||||
|
conf["syslog-target"])
|
||||||
|
# we are waiting for a single match
|
||||||
|
syslogtargets = syslogtargets[0]
|
||||||
|
|
||||||
|
# assign facility if it was defined
|
||||||
|
if conf["syslog-facility"] < 0:
|
||||||
|
facility = handlers.SysLogHandler.LOG_USER
|
||||||
|
else:
|
||||||
|
facility = conf["syslog-facility"]
|
||||||
|
|
||||||
|
if len(syslogtargets) == 0: # everything default
|
||||||
|
hdlr = logging.handlers.SysLogHandler()
|
||||||
|
else:
|
||||||
|
if not ( syslogtargets[0] == "" ): # got socket
|
||||||
|
syslogtarget = syslogtargets[0]
|
||||||
|
else: # got hostname and may be a port
|
||||||
|
if syslogtargets[3] == "": # no port specified
|
||||||
|
port = 514
|
||||||
|
else:
|
||||||
|
port = int(syslogtargets[3])
|
||||||
|
syslogtarget = (syslogtargets[1], port)
|
||||||
|
hdlr = logging.handlers.SysLogHandler(syslogtarget, facility)
|
||||||
|
|
||||||
else:
|
else:
|
||||||
# Target should be a file
|
# Target should be a file
|
||||||
try:
|
try:
|
||||||
|
|
Loading…
Reference in New Issue