Update Description of several filters: ModSecurity, 3proxy, Asterisk, Counter Strike, Courier, Cyrus IMAP server, DirectAdmin, Dovecot, Drupal, ejabberd, Exim;

I suggest to clarify what is the corresponding service, and who developed it, and include source of this information. All of the above might be useful for newcomers to F2B and or users not familiar with some service.
pull/2238/head
Francois Carpentier 2018-09-14 06:29:00 +02:00 committed by sebres
parent 43db4411de
commit 71a5181ed0
13 changed files with 116 additions and 31 deletions

View File

@ -1,6 +1,9 @@
# Fail2Ban filter for 3proxy
#
#
# 3proxy is an open source SOCKSv4/4a/5 proxy, with UDP ASSOCIATE and comprehensive IPv4 support, for Unix, Linux
# and Windows. It also supports chaining and can convert requests between different proxy types.
# https://www.3proxy.ru
# https://github.com/z3APA3A/3proxy
[Definition]

View File

@ -1,5 +1,9 @@
# Fail2Ban apache-modsec filter
#
#
# ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS
# and Nginx. Which is developed by the company SpiderLabs. Which is owned by Trustwave.
# https://www.modsecurity.org
# https://www.trustwave.com
[INCLUDES]

View File

@ -1,5 +1,13 @@
# Fail2Ban filter for asterisk authentication failures
#
#
# Asterisk is a software implementation of a telephone private branch exchange (PBX). It allows telephones
# interfaced with a variety of hardware technologies to make calls to one another, and to connect to telephony
# services, such as the public switched telephone network (PSTN) and voice over Internet Protocol (VoIP) services.
#
# Homepage: https://www.asterisk.org
# Repository: https://gerrit.asterisk.org
# License: GPLv2 with additional licenses available from Digium, Inc.
# Developer: https://www.digium.com
[INCLUDES]

View File

@ -1,6 +1,14 @@
# Fail2Ban filter for failure attempts in Counter Strike-1.6
#
#
# Counter-Strike (CS) is a series of multiplayer first-person shooter video games. Which are published by the for-profit
# corporations: Valve, Sierra Entertainment, Namco, and Nexon.
#
# Homepage archived: https://archive.fo/IvxQO
# Homepage offline: http://www.cstrike-planet.com/faq/6
# Publisher: http://valvesoftware.com
# Repository: Closed source
# License: Closed source
# Log path: /opt/cstrike/logs/L[0-9]*.log
[Definition]

View File

@ -1,5 +1,14 @@
# Fail2Ban filter for courier authentication failures
#
# Courier mail transfer agent (MTA) is an integrated mail/groupware server based on open commodity protocols,
# such as ESMTP, IMAP, POP3, LDAP, TLS, and HTTP. Courier provides ESMTP, IMAP, POP3, webmail, and mailing list
# services within a single, consistent, framework.
#
# Homepage: http://www.courier-mta.org
# Repository: http://www.courier-mta.org/repo.html
# License: GNU General Public
# Developer: Double Precision, Inc.
# Wikipedia: https://en.wikipedia.org/wiki/Courier_Mail_Server
[INCLUDES]

View File

@ -1,6 +1,14 @@
# Fail2Ban filter to block relay attempts though a Courier smtp server
#
#
# Courier mail transfer agent (MTA) is an integrated mail/groupware server based on open commodity protocols,
# such as ESMTP, IMAP, POP3, LDAP, TLS, and HTTP. Courier provides ESMTP, IMAP, POP3, webmail, and mailing list
# services within a single, consistent, framework.
#
# Homepage: http://www.courier-mta.org
# Repository: http://www.courier-mta.org/repo.html
# License: GNU General Public
# Developer: Double Precision, Inc.
# Wikipedia: https://en.wikipedia.org/wiki/Courier_Mail_Server
[INCLUDES]

View File

@ -1,7 +1,12 @@
# Fail2Ban filter for authentication failures on Cyrus imap server
#
#
#
# The Cyrus IMAP server is electronic mail server software developed by Carnegie Mellon University
#
# Homepage: https://www.cyrusimap.org
# Repository: https://github.com/cyrusimap/cyrus-imapd
# License: Original BSD license
# Developer: Carnegie Mellon University
# Wikipedia: https://en.wikipedia.org/wiki/Cyrus_IMAP_server
[INCLUDES]

View File

@ -1,7 +1,14 @@
# Fail2Ban configuration file for Directadmin
#
# Fail2Ban configuration file for DirectAdmin
#
# Requires DirectAdmin v1.45.3 or higher
#
# DirectAdmin is a graphical web-based web hosting control panel designed to make administration of websites easier
#
# Homepage: https://www.directadmin.com
# Repository: Closed source
# License: Proprietary
# Developer: JBMC Software
# Wikipedia: https://en.wikipedia.org/wiki/DirectAdmin
[INCLUDES]
@ -16,8 +23,5 @@ ignoreregex =
[Init]
datepattern = ^%%Y:%%m:%%d-%%H:%%M:%%S
#
# Requires Directadmin v1.45.3 or higher. http://www.directadmin.com/features.php?id=1590
#
# Author: Cyril Roos

View File

@ -1,5 +1,13 @@
# Fail2Ban filter Dovecot authentication and pop3/imap server
#
# Dovecot is an open-source IMAP and POP3 server for Linux/UNIX-like systems,
# written primarily with security in mind
#
# Homepage: https://www.dovecot.org
# Repository: https://github.com/dovecot/core
# License: Mostly MIT and LGPLv2
# Developer: Timo Sirainen and contributors
# Wikipedia: https://en.wikipedia.org/wiki/Dovecot_(software)
[INCLUDES]

View File

@ -1,11 +1,22 @@
# Fail2Ban filter to block repeated failed login attempts to Drupal site(s)
#
# Requirements:
# 1. Configure Drupal Syslog using this documentation at https://www.drupal.org/documentation/modules/syslog
#
# Drupal must be setup to use Syslog, which defaults to the following format:
#
# !base_url|!timestamp|!type|!ip|!request_uri|!referer|!uid|!link|!message
#
# 2. Setup Drupal appropriately to use Syslog. Per documentation above. With this Syslog defaults format:
# !base_url|!timestamp|!type|!ip|!request_uri|!referer|!uid|!link|!message
#
# Drupal is a free and open source content-management framework written in PHP.
# As of September 2018, the Drupal community is composed of more than 1.3 million members.
# Drupal provides a back-end framework for web sites ranging from personal blogs to corporate,
# political, and government sites. Systems also use Drupal for knowledge management
# and for business collaboration.
#
# Homepage: https://www.drupal.org
# Repository: http://cgit.drupalcode.org/drupal
# License: GPLv2 or later
# Developer: Drupal community. With fostering and support by the Drupal Association.
# Wikipedia: https://en.wikipedia.org/wiki/Drupal
[INCLUDES]
@ -18,9 +29,4 @@ failregex = ^%(__prefix_line)s(https?:\/\/)([\da-z\.-]+)\.([a-z\.]{2,6})(\/[\w\.
ignoreregex =
# DEV Notes:
#
# https://www.drupal.org/documentation/modules/syslog
#
# Author: Lee Clemens
# Original author drupal-auth.conf: Lee Clemens

View File

@ -1,8 +1,15 @@
# Fail2Ban configuration file
#
# Author: Steven Hiscocks
# Fail2Ban filter to block repeated failed login attempts to ejabberd
#
# ejabberd is an XMPP application server, written mainly in the Erlang programming language
#
# Homepage: https://www.process-one.net/en/ejabberd/
# Community: https://www.ejabberd.im
# Repository: https://github.com/processone/ejabberd
# License: GNU General Public License
# Developer: ProcessOne
# Wikipedia: https://en.wikipedia.org/wiki/Ejabberd
#
# Original author "ejabberd-auth.conf" file: Steven Hiscocks
[Definition]

View File

@ -1,4 +1,4 @@
# Fail2Ban filter for exim the spam rejection messages
# Fail2Ban filter for Exim the spam rejection messages
#
# Honeypot traps are very useful for fighting spam. You just activate an email
# address on your domain that you do not intend to use at all, and that normal
@ -11,12 +11,20 @@
#
# honeypot: :blackhole:
#
# For the SA: Action: silently tossed message... to be logged exim's SAdevnull option needs to be used.
# For the SA: Action: silently tossed message... to be logged Exim's SAdevnull option needs to be used.
#
# To this filter use the jail.local should contain in the right jail:
#
# filter = exim-spam[honeypot=honeypot@yourdomain.com]
#
# Exim is a mail transfer agent (MTA) used on Unix-like operating systems.
# Exim 4 is currently the default MTA on Debian GNU/Linux systems.
#
# Homepage: https://www.exim.org
# Repository: https://github.com/Exim/exim
# License: GNU General Public License
# Developer: The Exim Maintainers at http://git.exim.org/exim.git/blob/HEAD:/src/ACKNOWLEDGMENTS
# Wikipedia: https://en.wikipedia.org/wiki/Exim
[INCLUDES]

View File

@ -1,9 +1,16 @@
# Fail2Ban filter for exim
# Fail2Ban filter for Exim
#
# This includes the rejection messages of exim. For spam and filter
# related bans use the exim-spam.conf
# This filter includes the rejection messages of exim. For spam and filter
# related bans use the "exim-spam.conf".
#
# Exim is a mail transfer agent (MTA) used on Unix-like operating systems.
# Exim 4 is currently the default MTA on Debian GNU/Linux systems.
#
# Homepage: https://www.exim.org
# Repository: https://github.com/Exim/exim
# License: GNU General Public License
# Developer: The Exim Maintainers at http://git.exim.org/exim.git/blob/HEAD:/src/ACKNOWLEDGMENTS
# Wikipedia: https://en.wikipedia.org/wiki/Exim
[INCLUDES]