mirror of https://github.com/fail2ban/fail2ban
- Added cyrus-imap and sieve filters. Thanks to Jan Wagner. Debian bug #513953.
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@727 a942ae1a-1317-0410-a47c-b1dcaea8d605_tent/ipv6_via_aInfo
Cyril Jaquier
parent
376f348823
commit
7fd0300a73
|
|
@ -31,6 +31,8 @@ ver. 0.8.4 (2008/??/??) - stable
|
|||
#2310410.
|
||||
- Added NetBSD ipfilter (ipf command) action. Thanks to Ed
|
||||
Ravin. Tracker #2484115.
|
||||
- Added cyrus-imap and sieve filters. Thanks to Jan Wagner.
|
||||
Debian bug #513953.
|
||||
|
||||
ver. 0.8.3 (2008/07/17) - stable
|
||||
----------
|
||||
|
|
|
|||
2
MANIFEST
2
MANIFEST
|
|
@ -64,6 +64,7 @@ config/filter.d/apache-noscript.conf
|
|||
config/filter.d/apache-overflows.conf
|
||||
config/filter.d/courierlogin.conf
|
||||
config/filter.d/couriersmtp.conf
|
||||
config/filter.d/cyrus-imap.conf
|
||||
config/filter.d/exim.conf
|
||||
config/filter.d/gssftpd.conf
|
||||
config/filter.d/named-refused.conf
|
||||
|
|
@ -73,6 +74,7 @@ config/filter.d/pure-ftpd.conf
|
|||
config/filter.d/qmail.conf
|
||||
config/filter.d/pam-generic.conf
|
||||
config/filter.d/sasl.conf
|
||||
config/filter.d/sieve.conf
|
||||
config/filter.d/sshd.conf
|
||||
config/filter.d/sshd-ddos.conf
|
||||
config/filter.d/vsftpd.conf
|
||||
|
|
|
|||
|
|
@ -0,0 +1,26 @@
|
|||
# Fail2Ban configuration file
|
||||
#
|
||||
# Author: Jan Wagner <waja@cyconet.org>
|
||||
#
|
||||
# $Revision$
|
||||
#
|
||||
|
||||
[Definition]
|
||||
|
||||
# Option: failregex
|
||||
# Notes.: regex to match the password failures messages in the logfile. The
|
||||
# host must be matched by a group named "host". The tag "<HOST>" can
|
||||
# be used for standard IP/hostname matching and is only an alias for
|
||||
# (?:::f{4,6}:)?(?P<host>\S+)
|
||||
# Values: TEXT
|
||||
#
|
||||
failregex = : badlogin: .*\[<HOST>\] plaintext .*SASL\(-13\): authentication failure: checkpass failed$
|
||||
: badlogin: .*\[<HOST>\] LOGIN \[SASL\(-13\): authentication failure: checkpass failed\]$
|
||||
: badlogin: .*\[<HOST>\] (?:CRAM-MD5|NTLM) \[SASL\(-13\): authentication failure: incorrect (?:digest|NTLM) response\]$
|
||||
: badlogin: .*\[<HOST>\] DIGEST-MD5 \[SASL\(-13\): authentication failure: client response doesn't match what we generated\]$
|
||||
|
||||
# Option: ignoreregex
|
||||
# Notes.: regex to ignore. If this regex matches, the line is ignored.
|
||||
# Values: TEXT
|
||||
#
|
||||
ignoreregex =
|
||||
|
|
@ -0,0 +1,22 @@
|
|||
# Fail2Ban configuration file
|
||||
#
|
||||
# Author: Jan Wagner <waja@cyconet.org>
|
||||
#
|
||||
# $Revision$
|
||||
#
|
||||
|
||||
[Definition]
|
||||
|
||||
# Option: failregex
|
||||
# Notes.: regex to match the password failures messages in the logfile. The
|
||||
# host must be matched by a group named "host". The tag "<HOST>" can
|
||||
# be used for standard IP/hostname matching.
|
||||
# Values: TEXT
|
||||
#
|
||||
failregex = : badlogin: .*\[<HOST>\] (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failure$
|
||||
|
||||
# Option: ignoreregex
|
||||
# Notes.: regex to ignore. If this regex matches, the line is ignored.
|
||||
# Values: TEXT
|
||||
#
|
||||
ignoreregex =
|
||||
Loading…
Reference in New Issue