github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'debian' into build 

* debian:
  2 new jails: xinetd-fail, apache-overflows added to jails.conf
  minor: adjusted comment for named jails to come closer to upstream
  BF: apache-* jails -- authentication failures are recorded in *error.log files, thus paths were adjusted
debian-releases/squeeze
Yaroslav Halchenko 2008-03-05 23:30:41 -05:00
parent eede41f62b a88fd271c4
commit 21a7928c64
1 changed files with 32 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
debian/jail.conf vendored
View File

@ -109,6 +109,15 @@ port = anyport
logpath = /var/log/auth.log logpath = /var/log/auth.log
maxretry = 6 maxretry = 6
[xinetd-fail]
enabled = false
filter = xinetd-fail
port = all
banaction = iptables-multiport-log
logpath = /var/log/daemon.log
maxretry = 2
[ssh-ddos] [ssh-ddos]
@ -127,7 +136,7 @@ maxretry = 6
enabled = false enabled = false
port = http,https port = http,https
filter = apache-auth filter = apache-auth
logpath = /var/log/apache*/*access.log logpath = /var/log/apache*/*error.log
maxretry = 6 maxretry = 6
# default action is now multiport, so apache-multiport jail was left # default action is now multiport, so apache-multiport jail was left
@ -137,7 +146,7 @@ maxretry = 6
enabled = false enabled = false
port = http,https port = http,https
filter = apache-auth filter = apache-auth
logpath = /var/log/apache*/*access.log logpath = /var/log/apache*/*error.log
maxretry = 6 maxretry = 6
[apache-noscript] [apache-noscript]
@ -148,6 +157,14 @@ filter = apache-noscript
logpath = /var/log/apache*/*error.log logpath = /var/log/apache*/*error.log
maxretry = 6 maxretry = 6
[apache-overflows]
enabled = false
port = http,https
filter = apache-overflows
logpath = /var/log/apache*/*error.log
maxretry = 2
# #
# FTP servers # FTP servers
# #
@ -226,12 +243,21 @@ logpath = /var/log/mail.log
# DNS Servers # DNS Servers
# Mention: by default logging is off with bind installation.
# Need smth like # These jails block attacks against named (bind9). By default, logging is off
# with bind9 installation. You will need something like this:
#
# logging { # logging {
# channel security_file { file "/var/log/named/security.log" versions 3 size 30m; severity dynamic; print-time yes; }; # channel security_file {
# category security { security_file; }; # file "/var/log/named/security.log" versions 3 size 30m;
# severity dynamic;
# print-time yes;
# };
# category security {
# security_file;
# };
# } # }
#
# in your named.conf to provide proper logging # in your named.conf to provide proper logging
# Word of Caution: # Word of Caution: