added new sample jails definitions for ssh-route, ssh-iptables-ipset{4,6}, roundcube-auth, sogo-auth, mysqld-auth

pull/808/head
Yaroslav Halchenko 2013-05-13 11:18:23 -04:00
parent 4361f4c869
commit 30adad2029
2 changed files with 69 additions and 1 deletions

4
debian/changelog vendored
View File

@ -8,10 +8,12 @@ fail2ban (0.8.9-1) unstable; urgency=low
* debian/jail.conf:
- added findtime and documentation on those basic options from jail.conf
(Closes: #704568)
- added new sample jails definitions for ssh-route, ssh-iptables-ipset{4,6},
roundcube-auth, sogo-auth, mysqld-auth
* debian/control:
- suggest system-log-daemon (Closes: #691001)
-- Yaroslav Halchenko <debian@onerussian.com> Mon, 13 May 2013 11:03:44 -0400
-- Yaroslav Halchenko <debian@onerussian.com> Mon, 13 May 2013 11:18:20 -0400
fail2ban (0.8.8-1+lucid0) UNRELEASED; urgency=low

66
debian/jail.conf vendored
View File

@ -161,6 +161,42 @@ filter = sshd-ddos
logpath = /var/log/auth.log
maxretry = 6
# Here we use blackhole routes for not requiring any additional kernel support
# to store large volumes of banned IPs
[ssh-route]
enabled = false
filter = sshd
action = route
logpath = /var/log/sshd.log
maxretry = 6
# Here we use a combination of Netfilter/Iptables and IPsets
# for storing large volumes of banned IPs
#
# IPset comes in two versions. See ipset -V for which one to use
# requires the ipset package and kernel support.
[ssh-iptables-ipset4]
enabled = false
port = ssh
filter = sshd
banaction = iptables-ipset-proto4
logpath = /var/log/sshd.log
maxretry = 6
[ssh-iptables-ipset6]
enabled = false
port = ssh
filter = sshd
banaction = iptables-ipset-proto6
logpath = /var/log/sshd.log
maxretry = 6
#
# HTTP servers
#
@ -233,6 +269,25 @@ port = http,https
filter = lighttpd-auth
logpath = /var/log/lighttpd/error.log
# Monitor roundcube server
[roundcube-auth]
enabled = false
filter = roundcube-auth
port = http,https
logpath = /var/log/roundcube/userlogins
[sogo-auth]
enabled = false
filter = sogo-auth
port = http, https
# without proxy this would be:
# port = 20000
logpath = /var/log/sogo/sogo.log
#
# FTP servers
@ -328,6 +383,17 @@ port = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
filter = dovecot
logpath = /var/log/mail.log
# To log wrong MySQL access attempts add to /etc/my.cnf:
# log-error=/var/log/mysqld.log
# log-warning = 2
[mysqld-auth]
enabled = false
filter = mysqld-auth
port = 3306
logpath = /var/log/mysqld.log
# DNS Servers