mirror of https://github.com/fail2ban/fail2ban
* iptables-multiport is default action to take since Debian kernel arrives
with multiport module. That is to address the fact that most services listen on multiple port (for encrypted and non-encrypted connections) * Added [courierauth] jail (First 2 items are to partially address #407404pull/3/head
parent
85d8604209
commit
7a1dd9e98c
|
@ -1,3 +1,12 @@
|
|||
fail2ban (0.7.6-2) unstable; urgency=low
|
||||
|
||||
* iptables-multiport is default action to take since Debian kernel arrives
|
||||
with multiport module. That is to address the fact that most services
|
||||
listen on multiple port (for encrypted and non-encrypted connections)
|
||||
* Added [courierauth] jail (First 2 items are to partially address #407404
|
||||
|
||||
-- Yaroslav Halchenko <debian@onerussian.com> Thu, 18 Jan 2007 10:35:36 -0500
|
||||
|
||||
fail2ban (0.7.6-1) unstable; urgency=low
|
||||
|
||||
* New upstream release, which incorporates fixes introduced in 3~pre
|
||||
|
|
|
@ -41,7 +41,7 @@ destemail = root@localhost
|
|||
# iptables-multiport, shorewall, etc) It is used to define
|
||||
# action_* variables. Can be overriden globally or per
|
||||
# section within jail.local file
|
||||
banaction = iptables
|
||||
banaction = iptables-multiport
|
||||
|
||||
|
||||
#
|
||||
|
@ -82,7 +82,7 @@ action = %(action_)s
|
|||
[ssh]
|
||||
|
||||
enabled = true
|
||||
port = ssh
|
||||
port = ssh,sftp
|
||||
filter = sshd
|
||||
logpath = /var/log/auth.log
|
||||
maxretry = 6
|
||||
|
@ -91,7 +91,7 @@ maxretry = 6
|
|||
[ssh-ddos]
|
||||
|
||||
enabled = false
|
||||
port = ssh
|
||||
port = ssh,sftp
|
||||
filter = sshd-ddos
|
||||
logpath = /var/log/auth.log
|
||||
maxretry = 6
|
||||
|
@ -103,15 +103,16 @@ maxretry = 6
|
|||
[apache]
|
||||
|
||||
enabled = false
|
||||
port = http
|
||||
port = http,https
|
||||
filter = apache-auth
|
||||
logpath = /var/log/apache*/*access.log
|
||||
maxretry = 6
|
||||
|
||||
# default action is now multiport, so apache-multiport jail was left
|
||||
# for compatibility with previous (<0.7.6-2) releases
|
||||
[apache-multiport]
|
||||
|
||||
enabled = false
|
||||
banaction = iptables-multiport
|
||||
port = http,https
|
||||
filter = apache-auth
|
||||
logpath = /var/log/apache*/*access.log
|
||||
|
@ -120,7 +121,7 @@ maxretry = 6
|
|||
[apache-noscript]
|
||||
|
||||
enabled = false
|
||||
port = http
|
||||
port = http,https
|
||||
filter = apache-noscript
|
||||
logpath = /var/log/apache*/*error.log
|
||||
maxretry = 6
|
||||
|
@ -132,7 +133,7 @@ maxretry = 6
|
|||
[vsftpd]
|
||||
|
||||
enabled = false
|
||||
port = ftp
|
||||
port = ftp,ftp-data,ftps,ftps-data
|
||||
filter = vsftpd
|
||||
logpath = /var/log/vsftpd.log
|
||||
# or overwrite it in jails.local to be
|
||||
|
@ -145,7 +146,7 @@ maxretry = 6
|
|||
[proftpd]
|
||||
|
||||
enabled = false
|
||||
port = ftp
|
||||
port = ftp,ftp-data,ftps,ftps-data
|
||||
filter = proftpd
|
||||
logpath = /var/log/proftpd/proftpd.log
|
||||
maxretry = 6
|
||||
|
@ -154,7 +155,7 @@ maxretry = 6
|
|||
[wuftpd]
|
||||
|
||||
enabled = false
|
||||
port = ftp
|
||||
port = ftp,ftp-data,ftps,ftps-data
|
||||
filter = wuftpd
|
||||
logpath = /var/log/auth.log
|
||||
maxretry = 6
|
||||
|
@ -167,7 +168,7 @@ maxretry = 6
|
|||
[postfix]
|
||||
|
||||
enabled = false
|
||||
port = smtp
|
||||
port = smtp,ssmtp
|
||||
filter = postfix
|
||||
logpath = /var/log/mail.log
|
||||
|
||||
|
@ -175,14 +176,27 @@ logpath = /var/log/mail.log
|
|||
[couriersmtp]
|
||||
|
||||
enabled = false
|
||||
port = smtp
|
||||
port = smtp,ssmtp
|
||||
filter = couriersmtp
|
||||
logpath = /var/log/mail.log
|
||||
|
||||
|
||||
#
|
||||
# Mail servers authenticators: might be used for smtp,ftp,imap servers, so
|
||||
# all relevant ports get banned
|
||||
#
|
||||
|
||||
[courierauth]
|
||||
|
||||
enabled = false
|
||||
port = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
|
||||
filter = courierauth
|
||||
logpath = /var/log/mail.log
|
||||
|
||||
|
||||
[sasl]
|
||||
|
||||
enabled = false
|
||||
port = smtp
|
||||
port = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
|
||||
filter = sasl
|
||||
logpath = /var/log/mail.log
|
||||
|
|
Loading…
Reference in New Issue