github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

BF: maxretry=5 for ssh as per DEVELOP. align = in jail.conf

pull/410/merge
Daniel Black 2013-10-31 00:52:47 +11:00
parent de9977441a
commit 93de46ac72
1 changed files with 28 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
config/jail.conf
View File

@ -436,33 +436,34 @@ logpath = /var/log/exim/mainlog
[exim-spam] [exim-spam]
enabled = false enabled = false
filter = exim-spam filter = exim-spam
action = iptables-multiport[name=exim-spam,port="25,465,587"] action = iptables-multiport[name=exim-spam,port="25,465,587"]
logpath = /var/log/exim/mainlog logpath = /var/log/exim/mainlog
[perdition] [perdition]
enabled = false enabled = false
filter = perdition filter = perdition
action = iptables-multiport[name=perdition,port="110,143,993,995"] action = iptables-multiport[name=perdition,port="110,143,993,995"]
logpath = /var/log/maillog logpath = /var/log/maillog
[uwimap-auth] [uwimap-auth]
enabled = false enabled = false
filter = uwimap-auth filter = uwimap-auth
action = iptables-multiport[name=uwimap-auth,port="110,143,993,995"] action = iptables-multiport[name=uwimap-auth,port="110,143,993,995"]
logpath = /var/log/maillog logpath = /var/log/maillog
[osx-ssh-ipfw] [osx-ssh-ipfw]
enabled = false enabled = false
filter = sshd filter = sshd
action = osx-ipfw action = osx-ipfw
logpath = /var/log/secure.log logpath = /var/log/secure.log
maxretry = 5
[ssh-apf] [ssh-apf]
@ -471,22 +472,24 @@ enabled = false
filter = sshd filter = sshd
action = apf[name=SSH] action = apf[name=SSH]
logpath = /var/log/secure logpath = /var/log/secure
maxretry = 5
[osx-ssh-afctl] [osx-ssh-afctl]
enabled = false enabled = false
filter = sshd filter = sshd
action = osx-afctl[bantime=600] action = osx-afctl[bantime=600]
logpath = /var/log/secure.log logpath = /var/log/secure.log
maxretry = 5
[webmin-auth] [webmin-auth]
enabled = false enabled = false
filter = webmin-auth filter = webmin-auth
action = iptables-multiport[name=webmin,port="10000"] action = iptables-multiport[name=webmin,port="10000"]
logpath = /var/log/auth.log logpath = /var/log/auth.log
# dovecot defaults to logging to the mail syslog facility # dovecot defaults to logging to the mail syslog facility
@ -494,22 +497,22 @@ logpath = /var/log/auth.log
[dovecot] [dovecot]
enabled = false enabled = false
filter = dovecot filter = dovecot
action = iptables-multiport[name=dovecot, port="pop3,pop3s,imap,imaps,submission,smtps,sieve", protocol=tcp] action = iptables-multiport[name=dovecot, port="pop3,pop3s,imap,imaps,submission,smtps,sieve", protocol=tcp]
logpath = /var/log/mail.log logpath = /var/log/mail.log
[dovecot-auth] [dovecot-auth]
enabled = false enabled = false
filter = dovecot filter = dovecot
action = iptables-multiport[name=dovecot-auth, port="pop3,pop3s,imap,imaps,submission,smtps,sieve", protocol=tcp] action = iptables-multiport[name=dovecot-auth, port="pop3,pop3s,imap,imaps,submission,smtps,sieve", protocol=tcp]
logpath = /var/log/secure logpath = /var/log/secure
[selinux-ssh] [selinux-ssh]
enabled = false enabled = false
filter = selinux-ssh filter = selinux-ssh
action = iptables[name=SELINUX-SSH, port=ssh, protocol=tcp] action = iptables[name=SELINUX-SSH, port=ssh, protocol=tcp]
logpath = /var/log/audit/audit.log logpath = /var/log/audit/audit.log
maxretry = 5