mirror of https://github.com/fail2ban/fail2ban
Use anchored failregex for filters to avoid possible DoS -- postfix.conf
Manually picked up from the 0.8 branch limiting lines only to the existing failregexpull/757/head
parent
264e7813d9
commit
aff0f8233f
|
@ -5,6 +5,12 @@
|
|||
# $Revision$
|
||||
#
|
||||
|
||||
[INCLUDES]
|
||||
|
||||
# Read common prefixes. If any customizations available -- read them from
|
||||
# common.local
|
||||
before = common.conf
|
||||
|
||||
[Definition]
|
||||
|
||||
# Option: failregex
|
||||
|
@ -14,7 +20,9 @@
|
|||
# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
|
||||
# Values: TEXT
|
||||
#
|
||||
failregex = reject: RCPT from (.*)\[<HOST>\]: 554
|
||||
_daemon = postfix/smtpd
|
||||
|
||||
failregex = ^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 554 5\.7\.1 .*$
|
||||
|
||||
# Option: ignoreregex
|
||||
# Notes.: regex to ignore. If this regex matches, the line is ignored.
|
||||
|
|
|
@ -1,3 +1,11 @@
|
|||
fail2ban (0.8.6-3wheezy3) wheezy-security; urgency=high
|
||||
|
||||
* Use anchored failregex for filters to avoid possible DoS
|
||||
- CVE-2013-7176: postfix.conf - anchored on the front, expects
|
||||
"postfix/smtpd" prefix in the log line
|
||||
|
||||
--
|
||||
|
||||
fail2ban (0.8.6-3wheezy2) wheezy-security; urgency=high
|
||||
|
||||
* Anchor apache- filters failregexes to avoid possible DoS on servers
|
||||
|
|
Loading…
Reference in New Issue