diff --git a/debian/changelog b/debian/changelog index 95550e5d..4454fd97 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +fail2ban (0.7.4~pre2006102-1) experimental; urgency=low + + * Currrent snapshot of trunk + * Removed outdated (applied in 0.7.4 or specific for 0.6.?) patches + from debian/patches + + -- Yaroslav Halchenko Mon, 23 Oct 2006 00:17:55 -0400 + fail2ban (0.7.3-2) experimental; urgency=low * Added wuftpd section diff --git a/debian/patches/00_empty_ip b/debian/patches/00_empty_ip deleted file mode 100644 index 16b81646..00000000 --- a/debian/patches/00_empty_ip +++ /dev/null @@ -1,22 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## 00_empty_ip.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: Filter out empty IPs for ignoreip - -@DPATCH@ - -diff -x '*~' -Naur fail2ban-0.6.1.pre/fail2ban.py fail2ban-0.6.1.post/fail2ban.py ---- fail2ban-0.6.1.pre/fail2ban.py 2006-03-19 00:20:44.000000000 -0500 -+++ fail2ban-0.6.1.post/fail2ban.py 2006-07-03 21:56:10.000000000 -0400 -@@ -356,7 +356,9 @@ - "ONLY DISPLAYED IN THE LOG MESSAGES") - - # Ignores IP list -- ignoreIPList = conf["ignoreip"].split(' ') -+ # and filter out empty entries. Otherwise -+ # WARNING: is not a valid IP address -+ ignoreIPList = filter(None, conf["ignoreip"].split(' ')) - - # Checks for root user. This is necessary because log files - # are owned by root and firewall needs root access. diff --git a/debian/patches/00_proftpd_section.dpatch b/debian/patches/00_proftpd_section.dpatch deleted file mode 100755 index cd4dd824..00000000 --- a/debian/patches/00_proftpd_section.dpatch +++ /dev/null @@ -1,160 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## 00_proftpd_section.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: New section for proftpd - -@DPATCH@ - -diff -x '*~' -Naur fail2ban-0.6.1.pre/config/fail2ban.conf.hostsdeny fail2ban-0.6.1.post/config/fail2ban.conf.hostsdeny ---- fail2ban-0.6.1.pre/config/fail2ban.conf.hostsdeny 2006-05-27 22:57:03.000000000 -0400 -+++ fail2ban-0.6.1.post/config/fail2ban.conf.hostsdeny 2006-05-27 23:01:11.000000000 -0400 -@@ -291,6 +291,47 @@ - failregex = FAIL LOGIN - - -+[PROFTPD] -+# Option: enabled -+# Notes.: enable monitoring for this section. -+# Values: [true | false] Default: false -+# -+enabled = false -+ -+# Option: logfile -+# Notes.: logfile to monitor. -+# Values: FILE Default: /var/log/proftpd/proftpd.log -+# Other.: /var/log/auth.log -+# -+logfile = /var/log/proftpd/proftpd.log -+ -+# Option: port -+# Notes.: specifies port to monitor -+# Values: [ NUM | STRING ] Default: ftp -+# -+port = ftp -+ -+# Option: timeregex -+# Notes.: regex to match timestamp in VSFTPD logfile. -+# Values: [Mar 7 17:53:28] -+# Default: \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2} -+# -+timeregex = \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2} -+ -+# Option: timepattern -+# Notes.: format used in "timeregex" fields definition. Note that '%' must be -+# escaped with '%' (see http://rgruet.free.fr/PQR2.3.html#timeModule) -+# Values: TEXT Default: %%b %%d %%H:%%M:%%S -+# -+timepattern = %%b %%d %%H:%%M:%%S -+ -+# Option: failregex -+# Notes.: regex to match the password failures messages in the logfile. -+# Values: TEXT Default: -+# -+failregex = USER \S+: no such user found from \S* ?\[(?P\S+)\] to \S+\s*$ -+ -+ - [SSH] - # Option: enabled - # Notes.: enable monitoring for this section. -diff -x '*~' -Naur fail2ban-0.6.1.pre/config/fail2ban.conf.iptables fail2ban-0.6.1.post/config/fail2ban.conf.iptables ---- fail2ban-0.6.1.pre/config/fail2ban.conf.iptables 2006-05-27 22:57:03.000000000 -0400 -+++ fail2ban-0.6.1.post/config/fail2ban.conf.iptables 2006-05-27 23:01:20.000000000 -0400 -@@ -385,6 +385,48 @@ - # - failregex = FAIL LOGIN - -+ -+[PROFTPD] -+# Option: enabled -+# Notes.: enable monitoring for this section. -+# Values: [true | false] Default: false -+# -+enabled = false -+ -+# Option: logfile -+# Notes.: logfile to monitor. -+# Values: FILE Default: /var/log/proftpd/proftpd.log -+# Other.: /var/log/auth.log -+# -+logfile = /var/log/proftpd/proftpd.log -+ -+# Option: port -+# Notes.: specifies port to monitor -+# Values: [ NUM | STRING ] Default: ftp -+# -+port = ftp -+ -+# Option: timeregex -+# Notes.: regex to match timestamp in VSFTPD logfile. -+# Values: [Mar 7 17:53:28] -+# Default: \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2} -+# -+timeregex = \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2} -+ -+# Option: timepattern -+# Notes.: format used in "timeregex" fields definition. Note that '%' must be -+# escaped with '%' (see http://rgruet.free.fr/PQR2.3.html#timeModule) -+# Values: TEXT Default: %%b %%d %%H:%%M:%%S -+# -+timepattern = %%b %%d %%H:%%M:%%S -+ -+# Option: failregex -+# Notes.: regex to match the password failures messages in the logfile. -+# Values: TEXT Default: -+# -+failregex = USER \S+: no such user found from \S* ?\[(?P\S+)\] to \S+\s*$ -+ -+ - [SSH] - # Option: enabled - # Notes.: enable monitoring for this section. -diff -x '*~' -Naur fail2ban-0.6.1.pre/config/fail2ban.conf.shorewall fail2ban-0.6.1.post/config/fail2ban.conf.shorewall ---- fail2ban-0.6.1.pre/config/fail2ban.conf.shorewall 2006-05-27 22:57:03.000000000 -0400 -+++ fail2ban-0.6.1.post/config/fail2ban.conf.shorewall 2006-05-27 23:00:32.000000000 -0400 -@@ -277,6 +277,45 @@ - # - failregex = FAIL LOGIN - -+[PROFTPD] -+# Option: enabled -+# Notes.: enable monitoring for this section. -+# Values: [true | false] Default: false -+# -+enabled = false -+ -+# Option: logfile -+# Notes.: logfile to monitor. -+# Values: FILE Default: /var/log/proftpd/proftpd.log -+# Other.: /var/log/auth.log -+# -+logfile = /var/log/proftpd/proftpd.log -+ -+# Option: port -+# Notes.: specifies port to monitor -+# Values: [ NUM | STRING ] Default: ftp -+# -+port = ftp -+ -+# Option: timeregex -+# Notes.: regex to match timestamp in VSFTPD logfile. -+# Values: [Mar 7 17:53:28] -+# Default: \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2} -+# -+timeregex = \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2} -+ -+# Option: timepattern -+# Notes.: format used in "timeregex" fields definition. Note that '%' must be -+# escaped with '%' (see http://rgruet.free.fr/PQR2.3.html#timeModule) -+# Values: TEXT Default: %%b %%d %%H:%%M:%%S -+# -+timepattern = %%b %%d %%H:%%M:%%S -+ -+# Option: failregex -+# Notes.: regex to match the password failures messages in the logfile. -+# Values: TEXT Default: -+# -+failregex = USER \S+: no such user found from \S* ?\[(?P\S+)\] to \S+\s*$ - - [SSH] - # Option: enabled diff --git a/debian/patches/00_vsftpd_regexp.dpatch b/debian/patches/00_vsftpd_regexp.dpatch deleted file mode 100755 index bcb4f92f..00000000 --- a/debian/patches/00_vsftpd_regexp.dpatch +++ /dev/null @@ -1,44 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## 00_vsftpd_regexp.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: Fix of debian bug #366687: strict regexp for vsftpd - -@DPATCH@ - -diff -rNu fail2ban-0.6.1.orig/config/fail2ban.conf.iptables fail2ban-0.6.1.fixed/config/fail2ban.conf.iptables ---- fail2ban-0.6.1.orig/config/fail2ban.conf.iptables 2006-03-27 12:56:38.000000000 -0500 -+++ fail2ban-0.6.1.fixed/config/fail2ban.conf.iptables 2006-05-10 13:47:40.000000000 -0400 -@@ -383,7 +383,7 @@ - # Notes.: regex to match the password failures messages in the logfile. - # Values: TEXT Default: Authentication failure|Failed password|Invalid user - # --failregex = FAIL LOGIN -+failregex = \[.+\] FAIL LOGIN: Client "(?P\S+)"$ - - [PROFTPD] - # Option: enabled -diff -rNu fail2ban-0.6.1.orig/config/fail2ban.conf.shorewall fail2ban-0.6.1.fixed/config/fail2ban.conf.shorewall ---- fail2ban-0.6.1.orig/config/fail2ban.conf.shorewall 2006-03-27 12:56:38.000000000 -0500 -+++ fail2ban-0.6.1.fixed/config/fail2ban.conf.shorewall 2006-05-10 13:47:40.000000000 -0400 -@@ -383,7 +383,7 @@ - # Notes.: regex to match the password failures messages in the logfile. - # Values: TEXT Default: Authentication failure|Failed password|Invalid user - # --failregex = FAIL LOGIN -+failregex = \[.+\] FAIL LOGIN: Client "(?P\S+)"$ - - [PROFTPD] - # Option: enabled -diff -rNu fail2ban-0.6.1.orig/config/fail2ban.conf.hostsdeny fail2ban-0.6.1.fixed/config/fail2ban.conf.hostsdeny ---- fail2ban-0.6.1.orig/config/fail2ban.conf.hostsdeny 2006-03-27 12:56:38.000000000 -0500 -+++ fail2ban-0.6.1.fixed/config/fail2ban.conf.hostsdeny 2006-05-10 13:47:40.000000000 -0400 -@@ -383,7 +383,7 @@ - # Notes.: regex to match the password failures messages in the logfile. - # Values: TEXT Default: Authentication failure|Failed password|Invalid user - # --failregex = FAIL LOGIN -+failregex = \[.+\] FAIL LOGIN: Client "(?P\S+)"$ - - [PROFTPD] - # Option: enabled diff --git a/debian/patches/00list b/debian/patches/00list index fb5ffc9e..0ff7a1d5 100644 --- a/debian/patches/00list +++ b/debian/patches/00list @@ -1,6 +1,3 @@ X00_rigid_python24 -X00_apache_log_failregex 10_dbts_manpages -10_proftpd_section 10_wuftpd_section -10_sasl_section diff --git a/debian/patches/01_apache2_other.dpatch b/debian/patches/01_apache2_other.dpatch index 711d1de7..136a9308 100644 --- a/debian/patches/01_apache2_other.dpatch +++ b/debian/patches/01_apache2_other.dpatch @@ -12,7 +12,7 @@ diff -x '*~' -Naur fail2ban-0.6.1.pre/config/fail2ban.conf.iptables fail2ban-0.6 @@ -270,6 +270,7 @@ # Option: logfile # Notes.: logfile to monitor. - # Values: FILE Default: /var/log/apache/error.log + # Values: FILE +# Other.: /var/log/apache2/error.log # logfile = /var/log/apache/error.log diff --git a/debian/patches/02_sasl_section.dpatch b/debian/patches/02_sasl_section.dpatch deleted file mode 100755 index f4c9fd77..00000000 --- a/debian/patches/02_sasl_section.dpatch +++ /dev/null @@ -1,58 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## 02_sasl_config.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: Added saslauthd section from martin f krafft - -@DPATCH@ - -diff -x '*~' -Naur fail2ban-0.6.1.pre/config/fail2ban.conf.iptables fail2ban-0.6.1.post/config/fail2ban.conf.iptables ---- fail2ban-0.6.1.pre/config/fail2ban.conf.iptables 2006-05-30 10:03:16.000000000 -0400 -+++ fail2ban-0.6.1.post/config/fail2ban.conf.iptables 2006-05-30 10:13:56.000000000 -0400 -@@ -260,6 +260,46 @@ - # failregex. - - -+[SASL] -+# Option: enabled -+# Notes.: enable monitoring for this section. -+# Values: [true | false] Default: true -+# -+enabled = false -+ -+# Option: port -+# Notes.: specifies port to monitor -+# Values: [ NUM | STRING ] Default: -+# -+port = smtp -+ -+# Option: logfile -+# Notes.: logfile to monitor. -+# Values: FILE Default: /var/log/auth.log -+# -+logfile = /var/log/mail.log -+ -+# Option: timeregex -+# Notes.: regex to match timestamp -+# Values: [Mar 7 17:53:28] -+# Default: \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2} -+# -+timeregex = \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2} -+ -+# Option: timepattern -+# Notes.: format used in "timeregex" fields definition. Note that '%' must be -+# escaped with '%' (see http://rgruet.free.fr/PQR2.3.html#timeModule) -+# Values: TEXT Default: %%b %%d %%H:%%M:%%S -+# -+timepattern = %%b %%d %%H:%%M:%%S -+ -+# Option: failregex -+# Notes.: regex to match the password failures messages in the logfile. -+# Values: TEXT Default: -+# -+failregex = : warning: [-._\w]+\[(?P[.\d]+)\]: SASL (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed$ -+ -+ - [Apache] - # Option: enabled - # Notes.: enable monitoring for this section. diff --git a/debian/patches/03_fail2ban_conf_5_manpage.dpatch b/debian/patches/03_fail2ban_conf_5_manpage.dpatch deleted file mode 100755 index c8b2de69..00000000 --- a/debian/patches/03_fail2ban_conf_5_manpage.dpatch +++ /dev/null @@ -1,39 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## fail2ban_conf_5_manpage.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: Adjusts manpage for configuration file to reflect Debian specific -## DP: changes - -@DPATCH@ - -diff -Naur fail2ban-0.6.1.orig/man/fail2ban.conf.5 fail2ban-0.6.1.mod/man/fail2ban.conf.5 ---- fail2ban-0.6.1.orig/man/fail2ban.conf.5 2006-08-16 00:30:19.000000000 +0300 -+++ fail2ban-0.6.1.mod/man/fail2ban.conf.5 2006-08-16 00:28:44.000000000 +0300 -@@ -5,7 +5,7 @@ - .SH "DESCRIPTION" - \fB/etc/fail2ban.conf\fR contains data about the general configuration of fail2ban, the mail notification and services to monitor. - .SH "VARIABLES" --Please look at the file itself -+Please look at the file itself. Had you modified it and kept modified version during upgrades, please look at fail2ban.conf.iptables.gz file at /usr/share/doc/fail2ban/examples, which provides full version of the shipped configuration file. - .SH "FILES" - .I /etc/fail2ban.conf - .SH "REPORTING BUGS" -@@ -13,8 +13,16 @@ - via bug tracker - .SH "AUTHOR" - Cyril Jaquier -+.br -+Modified by -+.br -+ - Yaroslav O. Halchenko . -+.br -+Sponsored for Debian by -+.br -+ - Barak A. Pearlmutter . - .SH "SEE ALSO" --.BR fail2ban (8) -+.BR fail2ban(8) - .TP - See - .BR "http://fail2ban.sourceforge.net/". diff --git a/debian/patches/10_proftpd_section.dpatch b/debian/patches/10_proftpd_section.dpatch deleted file mode 100755 index f0db4497..00000000 --- a/debian/patches/10_proftpd_section.dpatch +++ /dev/null @@ -1,25 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## 10_proftpd_section.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: No description. - -@DPATCH@ -diff -urNad fail2ban-0.7.3~/config/filter.d/proftpd.conf fail2ban-0.7.3/config/filter.d/proftpd.conf ---- fail2ban-0.7.3~/config/filter.d/proftpd.conf 1969-12-31 19:00:00.000000000 -0500 -+++ fail2ban-0.7.3/config/filter.d/proftpd.conf 2006-09-29 00:11:33.000000000 -0400 -@@ -0,0 +1,14 @@ -+# Fail2Ban configuration file -+# -+# Author: Yaroslav Halchenko -+# -+# $Revision: 331 $ -+# -+ -+[Definition] -+ -+# Option: failregex -+# Notes.: regex to match the password failures messages in the logfile. -+# Values: TEXT Default: Authentication failure|Failed password|Invalid user -+# -+failregex = USER \S+: no such user found from \S* ?\[(?P\S+)\] to \S+\s*$ diff --git a/debian/patches/10_sasl_section.dpatch b/debian/patches/10_sasl_section.dpatch deleted file mode 100755 index 89f5443f..00000000 --- a/debian/patches/10_sasl_section.dpatch +++ /dev/null @@ -1,25 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## 10_sasl_section.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: No description. - -@DPATCH@ -diff -urNad fail2ban-0.7.3~/config/filter.d/sasl.conf fail2ban-0.7.3/config/filter.d/sasl.conf ---- fail2ban-0.7.3~/config/filter.d/sasl.conf 1969-12-31 19:00:00.000000000 -0500 -+++ fail2ban-0.7.3/config/filter.d/sasl.conf 2006-09-29 00:18:19.000000000 -0400 -@@ -0,0 +1,14 @@ -+# Fail2Ban configuration file -+# -+# Author: Yaroslav Halchenko -+# -+# $Revision: 331 $ -+# -+ -+[Definition] -+ -+# Option: failregex -+# Notes.: regex to match the password failures messages in the logfile. -+# Values: TEXT Default: Authentication failure|Failed password|Invalid user -+# -+failregex = : warning: [-._\w]+\[(?P[.\d]+)\]: SASL (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed$ diff --git a/debian/patches/10_wuftpd_section.dpatch b/debian/patches/10_wuftpd_section.dpatch index d34f1718..c4a98ee1 100755 --- a/debian/patches/10_wuftpd_section.dpatch +++ b/debian/patches/10_wuftpd_section.dpatch @@ -20,6 +20,6 @@ diff -urNad fail2ban-0.7.3~/config/filter.d/wuftpd.conf fail2ban-0.7.3/config/fi + +# Option: failregex +# Notes.: regex to match the password failures messages in the logfile. -+# Values: TEXT Default: ++# Values: TEXT +# +failregex = wu-ftpd\[\d+\]:\s+\(pam_unix\)\s+authentication failure.* rhost=(?P\S*) diff --git a/debian/patches/X00_apache_log_failregex.dpatch b/debian/patches/X00_apache_log_failregex.dpatch deleted file mode 100755 index 27a3f2e4..00000000 --- a/debian/patches/X00_apache_log_failregex.dpatch +++ /dev/null @@ -1,17 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## apache_log_failregex.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: Fixed apache failregex - -@DPATCH@ - -diff -Naur -x '*~' fail2ban-0.7.1/config/filter.d/apache-auth.conf fail2ban-0.7.1.modified/config/filter.d/apache-auth.conf ---- fail2ban-0.7.1/config/filter.d/apache-auth.conf 2006-09-05 11:13:54.000000000 -0400 -+++ fail2ban-0.7.1.modified/config/filter.d/apache-auth.conf 2006-09-05 11:12:19.000000000 -0400 -@@ -39,4 +39,4 @@ - # Notes.: regex to match the password failure messages in the logfile. - # Values: TEXT Default: authentication failure|user .* not found - # --failregex = authentication failure|user .* not found -+failregex = [[]client (?P\S*)[]] user .*(?:: authentication failure|not found) diff --git a/debian/patches/X00_apache_log_path.dpatch b/debian/patches/X00_apache_log_path.dpatch deleted file mode 100755 index 67ff1a46..00000000 --- a/debian/patches/X00_apache_log_path.dpatch +++ /dev/null @@ -1,20 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## apache_log_path.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: Fixed apache path to the default in debian - -@DPATCH@ - -diff -Naur -x '*~' fail2ban-0.7.1/config/filter.d/apache-auth.conf fail2ban-0.7.1.modified/config/filter.d/apache-auth.conf ---- fail2ban-0.7.1/config/filter.d/apache-auth.conf 2006-07-17 15:25:03.000000000 -0400 -+++ fail2ban-0.7.1.modified/config/filter.d/apache-auth.conf 2006-09-05 10:59:07.000000000 -0400 -@@ -17,7 +17,7 @@ - # Notes.: logfile to monitor. - # Values: FILE Default: /var/log/httpd/access_log - # --logfile = /var/log/httpd/access_log -+logfile = /var/log/apache/error.log - - # Option: timeregex - # Notes.: regex to match timestamp in Apache logfile. For TAI64N format, diff --git a/debian/patches/X00_default_jails.dpatch b/debian/patches/X00_default_jails.dpatch deleted file mode 100755 index 467cd6d9..00000000 --- a/debian/patches/X00_default_jails.dpatch +++ /dev/null @@ -1,38 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## debian_jail.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: Default debian jails - -@DPATCH@ - -diff -Naur -x '*~' fail2ban-0.7.1/config/jail.conf fail2ban-0.7.1.modified/config/jail.conf ---- fail2ban-0.7.1/config/jail.conf 2006-08-20 17:33:11.000000000 -0400 -+++ fail2ban-0.7.1.modified/config/jail.conf 2006-09-05 11:27:50.000000000 -0400 -@@ -5,11 +5,20 @@ - # $Revision: 281 $ - # - --[dummy] -+[SSH] - --enabled = false -+enabled = true - filter = sshd --action = hostsdeny[file=/tmp/hosts.deny] -- mail[name=SSH, dest=cyril.jaquier@bluewin.ch] --maxretry = 2 --bantime = 10 -+action = iptables -+ mail[name=SSH, dest=root@localhost] -+maxretry = 5 -+bantime = 600 -+ -+[Apache] -+ -+enabled = false -+filter = apache-auth -+action = iptables -+ mail[name=Apache, dest=root@localhost] -+maxretry = 5 -+bantime = 600 diff --git a/debian/patches/X00_ssh_path.dpatch b/debian/patches/X00_ssh_path.dpatch deleted file mode 100755 index 3626f33d..00000000 --- a/debian/patches/X00_ssh_path.dpatch +++ /dev/null @@ -1,28 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## ssh_path.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: Debian specific ssh path - -@DPATCH@ -diff -urNad fail2ban-0.7.3~/config/jail.conf fail2ban-0.7.3/config/jail.conf ---- fail2ban-0.7.3~/config/jail.conf 2006-09-27 16:30:27.000000000 -0400 -+++ fail2ban-0.7.3/config/jail.conf 2006-09-28 22:26:35.000000000 -0400 -@@ -26,7 +26,7 @@ - filter = sshd - action = iptables[name=SSH, port=ssh, protocol=tcp] - mail-whois[name=SSH, dest=yourmail@mail.com] --logpath = /var/log/sshd.log -+logpath = /var/log/auth.log - maxretry = 5 - - # This one behaves like the previous and sends a report when the jail -@@ -39,7 +39,7 @@ - action = iptables[name=SSH, port=ssh, protocol=tcp] - mail-whois[name=SSH, dest=yourmail@mail.com] - mail-report[dest=yourmail@mail.com] --logpath = /var/log/sshd.log -+logpath = /var/log/auth.log - maxretry = 5 - - # Here we use TCP-Wrappers instead of Netfilter/Iptables.