- Improved jail.conf

- Removed useless parameter in mail-report.conf git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@335 a942ae1a-1317-0410-a47c-b1dcaea8d605
2006-09-06 21:33:18 +00:00 · 2006-09-06 21:33:18 +00:00 · 7864bdc953
parent 1c3088b267
commit 7864bdc953
2 changed files with 63 additions and 12 deletions
--- a/config/action.d/mail-report.conf
+++ b/config/action.d/mail-report.conf
@ -50,10 +50,6 @@ actionunban =

 [Init]

-# Defaut name of the chain
-#
-name = default
-
 # Destinataire of the mail
 #
 dest = root
--- a/config/jail.conf
+++ b/config/jail.conf
@ -5,12 +5,67 @@
 # $Revision$
 #

-[dummy]
+# This jail corresponds to the standard configuration in Fail2ban 0.6.
+# The mail-whois action send a notification e-mail with a whois request
+# in the body.

-enabled = false
-filter = sshd
-action = hostsdeny[file=/tmp/hosts.deny]
-         mail[name=SSH, dest=cyril.jaquier@bluewin.ch]
-logpath = /home/cyril/workspace/fail2ban-unstable/testcases/files/testcase01.log
-maxretry = 2
-bantime = 10
+[ssh-iptables]
+
+enabled  = false
+filter   = sshd
+action   = iptables[name=SSH, port=ssh, protocol=tcp]
+           mail-whois[name=SSH, dest=yourmail@mail.com]
+logpath  = /var/log/sshd.log
+maxretry = 5
+bantime  = 600
+
+# This one behaves like the previous and sends a report when the jail
+# is stopped.
+
+[ssh-iptables-report]
+
+enabled  = false
+filter   = sshd
+action   = iptables[name=SSH, port=ssh, protocol=tcp]
+           mail-whois[name=SSH, dest=yourmail@mail.com]
+           mail-report[dest=yourmail@mail.com]
+logpath  = /var/log/sshd.log
+maxretry = 5
+bantime  = 600
+
+# Here we use TCP-Wrappers instead of Netfilter/Iptables.
+
+[ssh-tcpwrapper]
+
+enabled  = false
+filter   = sshd
+action   = hostsdeny
+           mail-whois[name=SSH, dest=yourmail@mail.com]
+logpath  = /var/log/sshd.log
+maxretry = 3
+bantime  = 600
+
+# The hosts.deny path can be defined with the "file" argument if it is
+# not in /etc.
+
+[postfix-tcpwrapper]
+
+enabled  = false
+filter   = postfix
+action   = hostsdeny[file=/not/a/standard/path/hosts.deny]
+           mail[name=Postfix, dest=yourmail@mail.com]
+logpath  = /var/log/postfix.log
+maxretry = 6
+bantime  = 300
+
+# Do not ban anybody. Just report information about the remote host.
+# A notification is sent at most every 600 seconds (bantime).
+
+[vsftpd-notification]
+
+enabled  = false
+filter   = vsftpd
+action   = mail-whois[name=VSFTPD, dest=yourmail@mail.com]
+logpath  = /var/log/vsftpd.log
+maxretry = 3
+bantime  = 600