mirror of https://github.com/fail2ban/fail2ban
Merge pull request #1286 from yarikoptic/enh-jail
ENH: harmonize jail.conf + 1 more test that passed bantime is non-degenerate and intpull/1295/head
Yaroslav Halchenko
commit
5d0d96a5cb
|
|
@ -247,7 +247,6 @@ backend = %(dropbear_backend)s
|
|||
|
||||
port = ssh
|
||||
logpath = %(auditd_log)s
|
||||
maxretry = 5
|
||||
|
||||
|
||||
#
|
||||
|
|
@ -273,7 +272,6 @@ maxretry = 1
|
|||
|
||||
port = http,https
|
||||
logpath = %(apache_error_log)s
|
||||
maxretry = 6
|
||||
|
||||
|
||||
[apache-overflows]
|
||||
|
|
@ -311,18 +309,21 @@ port = http,https
|
|||
logpath = %(apache_error_log)s
|
||||
maxretry = 2
|
||||
|
||||
|
||||
[apache-shellshock]
|
||||
|
||||
port = http,https
|
||||
logpath = %(apache_error_log)s
|
||||
maxretry = 1
|
||||
|
||||
|
||||
[openhab-auth]
|
||||
|
||||
filter = openhab
|
||||
action = iptables-allports[name=NoAuthFailures]
|
||||
logpath = /opt/openhab/logs/request.log
|
||||
|
||||
|
||||
[nginx-http-auth]
|
||||
|
||||
port = http,https
|
||||
|
|
@ -342,6 +343,7 @@ port = http,https
|
|||
logpath = %(nginx_error_log)s
|
||||
maxretry = 2
|
||||
|
||||
|
||||
# Ban attackers that try to use PHP's URL-fopen() functionality
|
||||
# through GET/POST variables. - Experimental, with more than a year
|
||||
# of usage in production environments.
|
||||
|
|
@ -406,7 +408,6 @@ logpath = /var/log/sogo/sogo.log
|
|||
|
||||
logpath = /var/log/tine20/tine20.log
|
||||
port = http,https
|
||||
maxretry = 5
|
||||
|
||||
|
||||
#
|
||||
|
|
@ -427,7 +428,6 @@ logpath = /var/log/tomcat*/catalina.out
|
|||
|
||||
[monit]
|
||||
#Ban clients brute-forcing the monit gui login
|
||||
filter = monit
|
||||
port = 2812
|
||||
logpath = /var/log/monit
|
||||
|
||||
|
|
@ -480,7 +480,6 @@ backend = %(proftpd_backend)s
|
|||
port = ftp,ftp-data,ftps,ftps-data
|
||||
logpath = %(pureftpd_log)s
|
||||
backend = %(pureftpd_backend)s
|
||||
maxretry = 6
|
||||
|
||||
|
||||
[gssftpd]
|
||||
|
|
@ -488,7 +487,6 @@ maxretry = 6
|
|||
port = ftp,ftp-data,ftps,ftps-data
|
||||
logpath = %(syslog_daemon)s
|
||||
backend = %(syslog_backend)s
|
||||
maxretry = 6
|
||||
|
||||
|
||||
[wuftpd]
|
||||
|
|
@ -496,7 +494,6 @@ maxretry = 6
|
|||
port = ftp,ftp-data,ftps,ftps-data
|
||||
logpath = %(wuftpd_log)s
|
||||
backend = %(wuftpd_backend)s
|
||||
maxretry = 6
|
||||
|
||||
|
||||
[vsftpd]
|
||||
|
|
@ -731,7 +728,6 @@ maxretry = 10
|
|||
port = 3306
|
||||
logpath = %(mysql_log)s
|
||||
backend = %(mysql_backend)s
|
||||
maxretry = 5
|
||||
|
||||
|
||||
# Jail for more extended banning of persistent abusers
|
||||
|
|
@ -747,7 +743,6 @@ logpath = /var/log/fail2ban.log
|
|||
banaction = %(banaction_allports)s
|
||||
bantime = 604800 ; 1 week
|
||||
findtime = 86400 ; 1 day
|
||||
maxretry = 5
|
||||
|
||||
|
||||
# Generic filter for PAM. Has to be used with action which bans all
|
||||
|
|
@ -793,7 +788,6 @@ action = %(banaction)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp
|
|||
# nobody except your own Nagios server should ever probe nrpe
|
||||
[nagios]
|
||||
|
||||
enabled = false
|
||||
logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility
|
||||
backend = %(syslog_backend)s
|
||||
maxretry = 1
|
||||
|
|
@ -801,18 +795,14 @@ maxretry = 1
|
|||
|
||||
[oracleims]
|
||||
# see "oracleims" filter file for configuration requirement for Oracle IMS v6 and above
|
||||
enabled = false
|
||||
logpath = /opt/sun/comms/messaging64/log/mail.log_current
|
||||
maxretry = 6
|
||||
banaction = %(banaction_allports)s
|
||||
|
||||
[directadmin]
|
||||
enabled = false
|
||||
logpath = /var/log/directadmin/login.log
|
||||
port = 2222
|
||||
|
||||
[portsentry]
|
||||
enabled = false
|
||||
logpath = /var/lib/portsentry/portsentry.history
|
||||
maxretry = 1
|
||||
|
||||
|
|
@ -833,16 +823,12 @@ findtime = 1
|
|||
[murmur]
|
||||
# AKA mumble-server
|
||||
port = 64738
|
||||
filter = murmur
|
||||
action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol=tcp, chain="%(chain)s", actname=%(banaction)s-tcp]
|
||||
%(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol=udp, chain="%(chain)s", actname=%(banaction)s-udp]
|
||||
logpath = /var/log/mumble-server/mumble-server.log
|
||||
|
||||
|
||||
[screensharing]
|
||||
[screensharingd]
|
||||
# For Mac OS Screen Sharing Service (VNC)
|
||||
enabled = false
|
||||
filter = screensharingd
|
||||
logpath = /var/log/system.log
|
||||
logencoding=utf-8
|
||||
maxretry = 4
|
||||
logencoding = utf-8
|
||||
|
|
|
|||
|
|
@ -624,6 +624,12 @@ class JailsReaderTest(LogCaptureTestCase):
|
|||
# by default we have lots of jails ;)
|
||||
self.assertTrue(len(comm_commands))
|
||||
|
||||
# some common sanity checks for commands
|
||||
for command in comm_commands:
|
||||
if len(command) >= 3 and [command[0], command[2]] == ['set', 'bantime']:
|
||||
self.assertTrue(isinstance(command[3], int))
|
||||
self.assertTrue(command[3] > 0)
|
||||
|
||||
# and we know even some of them by heart
|
||||
for j in ['sshd', 'recidive']:
|
||||
# by default we have 'auto' backend ATM
|
||||
|
|
|
|||
Loading…
Reference in New Issue