From d12eb2526a4c65fc31e6c7101e87edb7c58a1f00 Mon Sep 17 00:00:00 2001 From: Yaroslav Halchenko Date: Mon, 14 Oct 2013 16:28:19 -0400 Subject: [PATCH 1/2] Fixing up default values in fail2ban.conf + unifying formatting --- config/fail2ban.conf | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/config/fail2ban.conf b/config/fail2ban.conf index 4094c8cd..2c487e51 100644 --- a/config/fail2ban.conf +++ b/config/fail2ban.conf @@ -11,24 +11,24 @@ [Definition] -# Option: loglevel -# Notes.: Set the log level output. -# 1 = ERROR -# 2 = WARN -# 3 = INFO -# 4 = DEBUG -# Values: NUM Default: 3 +# Option: loglevel +# Notes.: Set the log level output. +# 1 = ERROR +# 2 = WARN +# 3 = INFO +# 4 = DEBUG +# Values: [ NUM ] Default: 1 # loglevel = 3 -# Option: logtarget -# Notes.: Set the log target. This could be a file, SYSLOG, STDERR or STDOUT. -# Only one log target can be specified. -# If you change logtarget from the default value and you are -# using logrotate -- also adjust or disable rotation in the -# corresponding configuration file -# (e.g. /etc/logrotate.d/fail2ban on Debian systems) -# Values: STDOUT STDERR SYSLOG file Default: /var/log/fail2ban.log +# Option: logtarget +# Notes.: Set the log target. This could be a file, SYSLOG, STDERR or STDOUT. +# Only one log target can be specified. +# If you change logtarget from the default value and you are +# using logrotate -- also adjust or disable rotation in the +# corresponding configuration file +# (e.g. /etc/logrotate.d/fail2ban on Debian systems) +# Values: [ STDOUT | STDERR | SYSLOG | FILE ] Default: STDERR # logtarget = /var/log/fail2ban.log @@ -36,14 +36,14 @@ logtarget = /var/log/fail2ban.log # Notes.: Set the socket file. This is used to communicate with the daemon. Do # not remove this file when Fail2ban runs. It will not be possible to # communicate with the server afterwards. -# Values: FILE Default: /var/run/fail2ban/fail2ban.sock +# Values: [ FILE ] Default: /var/run/fail2ban/fail2ban.sock # socket = /var/run/fail2ban/fail2ban.sock # Option: pidfile # Notes.: Set the PID file. This is used to store the process ID of the # fail2ban server. -# Values: FILE Default: /var/run/fail2ban/fail2ban.pid +# Values: [ FILE ] Default: /var/run/fail2ban/fail2ban.pid # pidfile = /var/run/fail2ban/fail2ban.pid From 4149c7495d46c2c9673ff573baf5d6626ccf8416 Mon Sep 17 00:00:00 2001 From: Yaroslav Halchenko Date: Mon, 14 Oct 2013 16:29:16 -0400 Subject: [PATCH 2/2] Options in actions to be specified in jails have no "Default"s besides those specified in the files -- thus removing from comments --- config/action.d/complain.conf | 4 ++-- config/action.d/dshield.conf | 22 +++++++++++----------- config/action.d/pf.conf | 2 +- 3 files changed, 14 insertions(+), 14 deletions(-) diff --git a/config/action.d/complain.conf b/config/action.d/complain.conf index 57f19135..ad14a87e 100644 --- a/config/action.d/complain.conf +++ b/config/action.d/complain.conf @@ -78,7 +78,7 @@ logpath = /dev/null # Option: mailcmd # Notes.: Your system mail command. Is passed 2 args: subject and recipient -# Values: CMD Default: mail -s +# Values: CMD # mailcmd = mail -s @@ -89,7 +89,7 @@ mailcmd = mail -s # Appear to come from a different address - the '--' indicates # arguments to be passed to Sendmail: # -- -f me@example.com -# Values: [ STRING ] Default: (empty) +# Values: [ STRING ] # mailargs = diff --git a/config/action.d/dshield.conf b/config/action.d/dshield.conf index 29ed3043..a0041986 100644 --- a/config/action.d/dshield.conf +++ b/config/action.d/dshield.conf @@ -106,7 +106,7 @@ actionunban = if [ -f .first ]; then # Option: port # Notes.: The target port for the attack (numerical). MUST be provided in the # jail config, as it cannot be detected here. -# Values: [ NUM ] Default: ??? +# Values: [ NUM ] # port = ??? @@ -114,7 +114,7 @@ port = ??? # Notes.: Your DShield user ID. Should be provided either in the jail config or # in a .local file. # Register at https://secure.dshield.org/register.html -# Values: [ NUM ] Default: 0 +# Values: [ NUM ] # userid = 0 @@ -137,7 +137,7 @@ protocol = tcp # Notes.: How many lines to buffer before making a report. Regardless of this, # reports are sent a minimum of apart, or if the # buffer contains an event over old, or on shutdown -# Values: [ NUM ] Default: 50 +# Values: [ NUM ] # lines = 50 @@ -145,7 +145,7 @@ lines = 50 # Notes.: Minimum period (in seconds) that must elapse before we submit another # batch of reports. DShield request a minimum of 1 hour (3600 secs) # between reports. -# Values: [ NUM ] Default: 3600 +# Values: [ NUM ] # minreportinterval = 3600 @@ -154,27 +154,27 @@ minreportinterval = 3600 # submit the batch, even if we haven't reached yet. Note that # this is only checked on each ban/unban, and that we always send # anything in the buffer on shutdown. Must be greater than -# Values: [ NUM ] Default: 21600 (6 hours) +# Values: [ NUM ] # maxbufferage = 21600 # Option: srcport # Notes.: The source port of the attack. You're unlikely to have this info, so # you can leave the default -# Values: [ NUM ] Default: ??? +# Values: [ NUM ] # srcport = ??? # Option: tcpflags # Notes.: TCP flags on attack. You're unlikely to have this info, so you can # leave empty -# Values: [ STRING ] Default: (empty) +# Values: [ STRING ] # tcpflags = # Option: mailcmd # Notes.: Your system mail command. Is passed 2 args: subject and recipient -# Values: CMD Default: mail -s +# Values: CMD # mailcmd = mail -s @@ -186,19 +186,19 @@ mailcmd = mail -s # the one configured at DShield - the '--' indicates arguments to be # passed to Sendmail): # -- -f me@example.com -# Values: [ STRING ] Default: (empty) +# Values: [ STRING ] # mailargs = # Option: dest # Notes.: Destination e-mail address for reports -# Values: [ STRING ] Default: reports@dshield.org +# Values: [ STRING ] # dest = reports@dshield.org # Option: tmpfile # Notes.: Base name of temporary files used for buffering -# Values: [ STRING ] Default: /var/run/fail2ban/tmp-dshield +# Values: [ STRING ] # tmpfile = /var/run/fail2ban/tmp-dshield diff --git a/config/action.d/pf.conf b/config/action.d/pf.conf index d82cbb12..edcaa175 100644 --- a/config/action.d/pf.conf +++ b/config/action.d/pf.conf @@ -56,7 +56,7 @@ actionunban = /sbin/pfctl -t -T delete /32 [Init] # Option: tablename # Notes.: The pf table name. -# Values: [ STRING ] Default: fail2ban +# Values: [ STRING ] # tablename = fail2ban