- Modified for readability. Thanks to Iain Lea

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@108 a942ae1a-1317-0410-a47c-b1dcaea8d605

config/fail2ban.conf.default

@@ -1,51 +1,75 @@
 # Fail2Ban configuration file
 #
 # $Revision$
+#
+# 2005.06.21  modified for readability  Iain Lea  iain@bricbrac.de
 
 [DEFAULT]
-
+# Option:  firewall
-# firewall: select the firewall system to use. Actually,
+# Notes.:  select the firewall system to use.
-# the available options are: iptables, ipfwadm, ipfw
+# Values:  [iptables | ipfwadm | ipfw]  Default:  iptables
+#
 firewall = iptables
 
-# ipfw-start-rule: set the first rule number used by Fail2Ban.
+# Option:  ipfw-start-rule
-# This option is only used if firewall = ipfw.
+# Notes.:  set first firewall rule number used (only used if firewall = ipfw).
+# Values:  NUM  Default:  100
+#
 ipfw-start-rule = 100
 
-# background: true to start fail2ban as a daemon. Output
+# Option:  background
-# is redirect to logfile.
+# Notes.:  start fail2ban as a daemon. Output is redirect to logfile.
+# Values:  [true | false]  Default:  false
+#
 background = false
 
-# debug: true to enable debug mode. More verbose output
+# Option:  debug
-# and bypass root user test.
+# Notes.:  enable debug mode. More verbose output and bypass root user test.
+# Values:  [true | false]  Default:  false
+#
 debug = false
 
-# pidlock: the path of the PID lock file. Fail2Ban must be
+# Option:  pidlock
-# able to write into that file.
+# Notes.:  path of the PID lock file (must be able to write to file).
-#pidlock = /var/run/fail2ban.pid
+# Values:  FILE  Default:  /var/run/fail2ban.pid
+#
+pidlock = /var/run/fail2ban.pid
 
-# logfile: the path of the file for logging messages of
+# Option:  logfile
-# fail2ban.
+# Notes.:  logfile for logging fail2ban messages.
+# Values:  FILE  Default:  /var/log/fail2ban.log
+#
 logfile = /var/log/fail2ban.log
 
-# maxretry: the number of retry before IP gets ban.
+# Option:  maxretry
+# Notes.:  number of retrys before IP gets banned.
+# Values:  NUM  Default:  3
+#
 maxretry = 3
 
-# bantime: the number of seconds an IP will be ban.
+# Option:  bantime
+# Notes.:  number of seconds an IP will be banned.
+# Values:  NUM  Default:  600
+#
 bantime = 600
 
-# ignoreip: a space separated list that contains IP which
+# Option:  ignoreip
-# will be ignore by fail2ban. Example:
+# Notes.:  space separated list of IP's to be ignored by fail2ban
-# ignoreip = 192.168.0.1 123.45.235.65
+#          Example:  ignoreip = 192.168.0.1 123.45.235.65
+# Values:  IP  Default:  
+#
 ignoreip = 
 
-# interface: the interface name on which the IP will be
+# Option:  interface
-# banned.
+# Notes.:  interface name on which the IP will be banned.
+# Values:  INT  Default:  eth0
+#
 interface = eth0
 
-# polltime: the number of seconds that fail2ban sleeps
+# Option:  polltime
-# between two iteration (check for IP to unban - parse
+# Notes.:  number of seconds fail2ban sleeps between iterations.
-# log file). 1 is a good value.
+# Values:  NUM  Default:  1
+#
 polltime = 1
 
 # You can define a new section for each log file to check for
@@ -53,43 +77,67 @@ polltime = 1
 # options: logfile, timeregex, timepattern, failregex.
 
 [Apache]
-# enabled: is this section active ?
+# Option:  enabled
+# Notes.:  enable monitoring for this section.
+# Values:  [true | false]  Default:  false
+#
 enabled = false
 
-# logfile: file to monitor.
+# Option:  logfile
-logfile = log-test/apache
+# Notes.:  logfile to monitor.
+# Values:  FILE  Default:  /var/log/httpd/access_log
+#
+logfile = /var/log/httpd/access_log
 
-# timeregex: regular expression which have to match the
+# Option:  timeregex
-# timestamp of an Apache log event.
+# Notes.:  regex to match timestamp in Apache logfile.
-# [Wed Jan 05 15:08:01 2005]
+# Values:  [Wed Jan 05 15:08:01 2005]  
+# Default  \S{3} \S{3} \d{2} \d{2}:\d{2}:\d{2} \d{4}
+#
 timeregex = \S{3} \S{3} \d{2} \d{2}:\d{2}:\d{2} \d{4}
 
-# timepattern: indicates the "timeregex" fields signification.
+# Option:  timepattern
-# Notice that '%' must be espaced with '%'.
+# Notes.:  format used in "timeregex" fields definition. Note that '%' must be
-# See syntax here: http://rgruet.free.fr/PQR2.3.html#timeModule
+#          escaped with '%' (see http://rgruet.free.fr/PQR2.3.html#timeModule)
+# Values:  TEXT  Default:  %%a %%b %%d %%H:%%M:%%S %%Y
+#
 timepattern = %%a %%b %%d %%H:%%M:%%S %%Y
 
-# failregex: regular expression which have to match the
+# Option:  failregex
-# message written in the log file in case of password failure.
+# Notes.:  regex to match the password failure messages in the logfile.
+# Values:  TEXT  Default:  authentication failure|user .* not found
+#
 failregex = authentication failure|user .* not found
 
 [SSH]
-# enabled: is this section active ?
+# Option:  enabled
-enabled = false
+# Notes.:  enable monitoring for this section.
+# Values:  [true | false]  Default:  true
+#
+enabled = true
 
-# logfile: file to monitor.
+# Option:  logfile
-logfile = log-test/current
+# Notes.:  logfile to monitor.
+# Values:  FILE  Default:  /var/log/secure
+#
+logfile = /var/log/secure
 
-# timeregex: regular expression which have to match the
+# Option:  timeregex
-# timestamp of an Apache log event.
+# Notes.:  regex to match timestamp in SSH logfile.
-# Mar  7 17:53:28
+# Values:  [Mar  7 17:53:28]  
+# Default  \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}
+#
 timeregex = \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}
 
-# timepattern: indicates the "timeregex" fields signification.
+# Option:  timepattern
-# Notice that '%' must be espaced with '%'.
+# Notes.:  format used in "timeregex" fields definition. Note that '%' must be
-# See syntax here: http://rgruet.free.fr/PQR2.3.html#timeModule
+#          escaped with '%' (see http://rgruet.free.fr/PQR2.3.html#timeModule)
+# Values:  TEXT  Default:  %%b %%d %%H:%%M:%%S
+#
 timepattern = %%b %%d %%H:%%M:%%S
 
-# failregex: regular expression which have to match the
+# Option:  failregex
-# message written in the log file in case of password failure.
+# Notes.:  regex to match the password failures messages in the logfile.
+# Values:  TEXT  Default:  Authentication failure|Failed password|Invalid user
+#
 failregex = Authentication failure|Failed password|Invalid user