Merge branch 'debian' into debian-release

* debian: Added dropbear jail and made formatting of jails consistent (and untabified) ENH: Moving gbp.conf under debian/
2011-03-23 17:22:26 -04:00 · 2011-03-23 17:22:26 -04:00 · 559c76700d
parent 66934d4ed6 a7632c0d2a
commit 559c76700d
2 changed files with 38 additions and 30 deletions
--- a/debian/gbp.conf
+++ b/debian/gbp.conf
--- a/debian/jail.conf
+++ b/debian/jail.conf
@ -92,21 +92,29 @@ action = %(action_)s
 [ssh]
-enabled = true
+enabled  = true
-port	= ssh
+port     = ssh
-filter	= sshd
+filter   = sshd
 logpath  = /var/log/auth.log
 maxretry = 6
 [dropbear]
 enabled  = false
 port     = ssh
 filter   = sshd
 logpath  = /var/log/dropbear
 maxretry = 6
 # Generic filter for pam. Has to be used with action which bans all ports
 # such as iptables-allports, shorewall
 [pam-generic]
-enabled = false
+enabled  = false
 # pam-generic filter can be customized to monitor specific subset of 'tty's
-filter	= pam-generic
+filter   = pam-generic
 # port actually must be irrelevant but lets leave it all for some possible uses
-port = all
+port     = all
 banaction = iptables-allports
 port     = anyport
 logpath  = /var/log/auth.log
@ -124,9 +132,9 @@ maxretry  = 2
 [ssh-ddos]
-enabled = false
+enabled  = false
-port    = ssh
+port     = ssh
-filter  = sshd-ddos
+filter   = sshd-ddos
 logpath  = /var/log/auth.log
 maxretry = 6
@ -136,10 +144,10 @@ maxretry = 6
 [apache]
-enabled = false
+enabled  = false
-port	= http,https
+port     = http,https
-filter	= apache-auth
+filter   = apache-auth
-logpath = /var/log/apache*/*error.log
+logpath  = /var/log/apache*/*error.log
 maxretry = 6
 # default action is now multiport, so apache-multiport jail was left
@ -147,25 +155,25 @@ maxretry = 6
 [apache-multiport]
 enabled   = false
-port	  = http,https
+port      = http,https
-filter	  = apache-auth
+filter    = apache-auth
 logpath   = /var/log/apache*/*error.log
 maxretry  = 6
 [apache-noscript]
-enabled = false
+enabled  = false
-port    = http,https
+port     = http,https
-filter  = apache-noscript
+filter   = apache-noscript
-logpath = /var/log/apache*/*error.log
+logpath  = /var/log/apache*/*error.log
 maxretry = 6
 [apache-overflows]
-enabled = false
+enabled  = false
-port    = http,https
+port     = http,https
-filter  = apache-overflows
+filter   = apache-overflows
-logpath = /var/log/apache*/*error.log
+logpath  = /var/log/apache*/*error.log
 maxretry = 2
 #
@ -175,7 +183,7 @@ maxretry = 2
 [vsftpd]
 enabled  = false
-port	 = ftp,ftp-data,ftps,ftps-data
+port     = ftp,ftp-data,ftps,ftps-data
 filter   = vsftpd
 logpath  = /var/log/vsftpd.log
 # or overwrite it in jails.local to be
@ -188,7 +196,7 @@ maxretry = 6
 [proftpd]
 enabled  = false
-port	 = ftp,ftp-data,ftps,ftps-data
+port     = ftp,ftp-data,ftps,ftps-data
 filter   = proftpd
 logpath  = /var/log/proftpd/proftpd.log
 maxretry = 6
@ -197,7 +205,7 @@ maxretry = 6
 [wuftpd]
 enabled  = false
-port	 = ftp,ftp-data,ftps,ftps-data
+port     = ftp,ftp-data,ftps,ftps-data
 filter   = wuftpd
 logpath  = /var/log/auth.log
 maxretry = 6
@ -210,7 +218,7 @@ maxretry = 6
 [postfix]
 enabled  = false
-port	 = smtp,ssmtp
+port     = smtp,ssmtp
 filter   = postfix
 logpath  = /var/log/mail.log
@ -218,7 +226,7 @@ logpath  = /var/log/mail.log
 [couriersmtp]
 enabled  = false
-port	 = smtp,ssmtp
+port     = smtp,ssmtp
 filter   = couriersmtp
 logpath  = /var/log/mail.log
@ -231,7 +239,7 @@ logpath  = /var/log/mail.log
 [courierauth]
 enabled  = false
-port	 = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
+port     = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
 filter   = courierlogin
 logpath  = /var/log/mail.log
@ -239,7 +247,7 @@ logpath  = /var/log/mail.log
 [sasl]
 enabled  = false
-port	 = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
+port     = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
 filter   = sasl
 # You might consider monitoring /var/log/mail.warn instead if you are
 # running postfix since it would provide the same log lines at the