diff --git a/config/filter.d/3proxy.conf b/config/filter.d/3proxy.conf index 76c7573c..7b6874ae 100644 --- a/config/filter.d/3proxy.conf +++ b/config/filter.d/3proxy.conf @@ -1,6 +1,9 @@ # Fail2Ban filter for 3proxy # -# +# 3proxy is an open source SOCKSv4/4a/5 proxy, with UDP ASSOCIATE and comprehensive IPv4 support, for Unix, Linux +# and Windows. It also supports chaining and can convert requests between different proxy types. +# https://www.3proxy.ru +# https://github.com/z3APA3A/3proxy [Definition] diff --git a/config/filter.d/apache-modsecurity.conf b/config/filter.d/apache-modsecurity.conf index f7600acf..7a3561ca 100644 --- a/config/filter.d/apache-modsecurity.conf +++ b/config/filter.d/apache-modsecurity.conf @@ -1,5 +1,9 @@ # Fail2Ban apache-modsec filter -# +# +# ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS +# and Nginx. Which is developed by the company SpiderLabs. Which is owned by Trustwave. +# https://www.modsecurity.org +# https://www.trustwave.com [INCLUDES] diff --git a/config/filter.d/asterisk.conf b/config/filter.d/asterisk.conf index 0f801e0b..ebbb296d 100644 --- a/config/filter.d/asterisk.conf +++ b/config/filter.d/asterisk.conf @@ -1,5 +1,13 @@ # Fail2Ban filter for asterisk authentication failures -# +# +# Asterisk is a software implementation of a telephone private branch exchange (PBX). It allows telephones +# interfaced with a variety of hardware technologies to make calls to one another, and to connect to telephony +# services, such as the public switched telephone network (PSTN) and voice over Internet Protocol (VoIP) services. +# +# Homepage: https://www.asterisk.org +# Repository: https://gerrit.asterisk.org +# License: GPLv2 with additional licenses available from Digium, Inc. +# Developer: https://www.digium.com [INCLUDES] diff --git a/config/filter.d/counter-strike.conf b/config/filter.d/counter-strike.conf index 294927bc..bd346a24 100644 --- a/config/filter.d/counter-strike.conf +++ b/config/filter.d/counter-strike.conf @@ -1,6 +1,14 @@ # Fail2Ban filter for failure attempts in Counter Strike-1.6 # -# +# Counter-Strike (CS) is a series of multiplayer first-person shooter video games. Which are published by the for-profit +# corporations: Valve, Sierra Entertainment, Namco, and Nexon. +# +# Homepage archived: https://archive.fo/IvxQO +# Homepage offline: http://www.cstrike-planet.com/faq/6 +# Publisher: http://valvesoftware.com +# Repository: Closed source +# License: Closed source +# Log path: /opt/cstrike/logs/L[0-9]*.log [Definition] diff --git a/config/filter.d/courier-auth.conf b/config/filter.d/courier-auth.conf index d5ba9c50..7f8b6280 100644 --- a/config/filter.d/courier-auth.conf +++ b/config/filter.d/courier-auth.conf @@ -1,5 +1,14 @@ # Fail2Ban filter for courier authentication failures # +# Courier mail transfer agent (MTA) is an integrated mail/groupware server based on open commodity protocols, +# such as ESMTP, IMAP, POP3, LDAP, TLS, and HTTP. Courier provides ESMTP, IMAP, POP3, webmail, and mailing list +# services within a single, consistent, framework. +# +# Homepage: http://www.courier-mta.org +# Repository: http://www.courier-mta.org/repo.html +# License: GNU General Public +# Developer: Double Precision, Inc. +# Wikipedia: https://en.wikipedia.org/wiki/Courier_Mail_Server [INCLUDES] diff --git a/config/filter.d/courier-smtp.conf b/config/filter.d/courier-smtp.conf index 4b2b8d87..dc3d1aa5 100644 --- a/config/filter.d/courier-smtp.conf +++ b/config/filter.d/courier-smtp.conf @@ -1,6 +1,14 @@ # Fail2Ban filter to block relay attempts though a Courier smtp server # -# +# Courier mail transfer agent (MTA) is an integrated mail/groupware server based on open commodity protocols, +# such as ESMTP, IMAP, POP3, LDAP, TLS, and HTTP. Courier provides ESMTP, IMAP, POP3, webmail, and mailing list +# services within a single, consistent, framework. +# +# Homepage: http://www.courier-mta.org +# Repository: http://www.courier-mta.org/repo.html +# License: GNU General Public +# Developer: Double Precision, Inc. +# Wikipedia: https://en.wikipedia.org/wiki/Courier_Mail_Server [INCLUDES] diff --git a/config/filter.d/cyrus-imap.conf b/config/filter.d/cyrus-imap.conf index 31dfda60..363474b8 100644 --- a/config/filter.d/cyrus-imap.conf +++ b/config/filter.d/cyrus-imap.conf @@ -1,7 +1,12 @@ # Fail2Ban filter for authentication failures on Cyrus imap server # -# -# +# The Cyrus IMAP server is electronic mail server software developed by Carnegie Mellon University +# +# Homepage: https://www.cyrusimap.org +# Repository: https://github.com/cyrusimap/cyrus-imapd +# License: Original BSD license +# Developer: Carnegie Mellon University +# Wikipedia: https://en.wikipedia.org/wiki/Cyrus_IMAP_server [INCLUDES] diff --git a/config/filter.d/directadmin.conf b/config/filter.d/directadmin.conf index 87c7802f..44b61c4f 100644 --- a/config/filter.d/directadmin.conf +++ b/config/filter.d/directadmin.conf @@ -1,7 +1,14 @@ -# Fail2Ban configuration file for Directadmin -# +# Fail2Ban configuration file for DirectAdmin # +# Requires DirectAdmin v1.45.3 or higher # +# DirectAdmin is a graphical web-based web hosting control panel designed to make administration of websites easier +# +# Homepage: https://www.directadmin.com +# Repository: Closed source +# License: Proprietary +# Developer: JBMC Software +# Wikipedia: https://en.wikipedia.org/wiki/DirectAdmin [INCLUDES] @@ -15,8 +22,5 @@ ignoreregex = datepattern = ^%%Y:%%m:%%d-%%H:%%M:%%S -# -# Requires Directadmin v1.45.3 or higher. http://www.directadmin.com/features.php?id=1590 -# # Author: Cyril Roos diff --git a/config/filter.d/dovecot.conf b/config/filter.d/dovecot.conf index 66917fc8..f8949c3b 100644 --- a/config/filter.d/dovecot.conf +++ b/config/filter.d/dovecot.conf @@ -1,5 +1,13 @@ # Fail2Ban filter Dovecot authentication and pop3/imap server # +# Dovecot is an open-source IMAP and POP3 server for Linux/UNIX-like systems, +# written primarily with security in mind +# +# Homepage: https://www.dovecot.org +# Repository: https://github.com/dovecot/core +# License: Mostly MIT and LGPLv2 +# Developer: Timo Sirainen and contributors +# Wikipedia: https://en.wikipedia.org/wiki/Dovecot_(software) [INCLUDES] diff --git a/config/filter.d/drupal-auth.conf b/config/filter.d/drupal-auth.conf index 2404cc6d..7ecfdb8b 100644 --- a/config/filter.d/drupal-auth.conf +++ b/config/filter.d/drupal-auth.conf @@ -1,11 +1,22 @@ # Fail2Ban filter to block repeated failed login attempts to Drupal site(s) # +# Requirements: +# 1. Configure Drupal Syslog using this documentation at https://www.drupal.org/documentation/modules/syslog # -# Drupal must be setup to use Syslog, which defaults to the following format: -# -# !base_url|!timestamp|!type|!ip|!request_uri|!referer|!uid|!link|!message -# +# 2. Setup Drupal appropriately to use Syslog. Per documentation above. With this Syslog defaults format: +# !base_url|!timestamp|!type|!ip|!request_uri|!referer|!uid|!link|!message # +# Drupal is a free and open source content-management framework written in PHP. +# As of September 2018, the Drupal community is composed of more than 1.3 million members. +# Drupal provides a back-end framework for web sites ranging from personal blogs to corporate, +# political, and government sites. Systems also use Drupal for knowledge management +# and for business collaboration. +# +# Homepage: https://www.drupal.org +# Repository: http://cgit.drupalcode.org/drupal +# License: GPLv2 or later +# Developer: Drupal community. With fostering and support by the Drupal Association. +# Wikipedia: https://en.wikipedia.org/wiki/Drupal [INCLUDES] @@ -18,9 +29,4 @@ failregex = ^%(__prefix_line)s(?:https?:\/\/)[^|]+\|[^|]+\|[^|]+\|\|(?:[^| ignoreregex = - -# DEV Notes: -# -# https://www.drupal.org/documentation/modules/syslog -# -# Author: Lee Clemens +# Original author drupal-auth.conf: Lee Clemens diff --git a/config/filter.d/ejabberd-auth.conf b/config/filter.d/ejabberd-auth.conf index 48e82df5..fcd8f5fd 100644 --- a/config/filter.d/ejabberd-auth.conf +++ b/config/filter.d/ejabberd-auth.conf @@ -1,8 +1,15 @@ -# Fail2Ban configuration file -# -# Author: Steven Hiscocks +# Fail2Ban filter to block repeated failed login attempts to ejabberd # +# ejabberd is an XMPP application server, written mainly in the Erlang programming language +# +# Homepage: https://www.process-one.net/en/ejabberd/ +# Community: https://www.ejabberd.im +# Repository: https://github.com/processone/ejabberd +# License: GNU General Public License +# Developer: ProcessOne +# Wikipedia: https://en.wikipedia.org/wiki/Ejabberd # +# Original author "ejabberd-auth.conf" file: Steven Hiscocks [Definition] diff --git a/config/filter.d/exim-spam.conf b/config/filter.d/exim-spam.conf index a1833157..f9d3157e 100644 --- a/config/filter.d/exim-spam.conf +++ b/config/filter.d/exim-spam.conf @@ -1,4 +1,4 @@ -# Fail2Ban filter for exim the spam rejection messages +# Fail2Ban filter for Exim the spam rejection messages # # Honeypot traps are very useful for fighting spam. You just activate an email # address on your domain that you do not intend to use at all, and that normal @@ -11,12 +11,20 @@ # # honeypot: :blackhole: # -# For the SA: Action: silently tossed message... to be logged exim's SAdevnull option needs to be used. +# For the SA: Action: silently tossed message... to be logged Exim's SAdevnull option needs to be used. # # To this filter use the jail.local should contain in the right jail: # # filter = exim-spam[honeypot=honeypot@yourdomain.com] # +# Exim is a mail transfer agent (MTA) used on Unix-like operating systems. +# Exim 4 is currently the default MTA on Debian GNU/Linux systems. +# +# Homepage: https://www.exim.org +# Repository: https://github.com/Exim/exim +# License: GNU General Public License +# Developer: The Exim Maintainers at http://git.exim.org/exim.git/blob/HEAD:/src/ACKNOWLEDGMENTS +# Wikipedia: https://en.wikipedia.org/wiki/Exim [INCLUDES] diff --git a/config/filter.d/exim.conf b/config/filter.d/exim.conf index 14ceda14..d811252d 100644 --- a/config/filter.d/exim.conf +++ b/config/filter.d/exim.conf @@ -1,9 +1,16 @@ -# Fail2Ban filter for exim +# Fail2Ban filter for Exim # -# This includes the rejection messages of exim. For spam and filter -# related bans use the exim-spam.conf +# This filter includes the rejection messages of exim. For spam and filter +# related bans use the "exim-spam.conf". # - +# Exim is a mail transfer agent (MTA) used on Unix-like operating systems. +# Exim 4 is currently the default MTA on Debian GNU/Linux systems. +# +# Homepage: https://www.exim.org +# Repository: https://github.com/Exim/exim +# License: GNU General Public License +# Developer: The Exim Maintainers at http://git.exim.org/exim.git/blob/HEAD:/src/ACKNOWLEDGMENTS +# Wikipedia: https://en.wikipedia.org/wiki/Exim [INCLUDES]